Warning: Permanently added '10.128.1.113' (ED25519) to the list of known hosts.
2026/02/01 05:40:57 parsed 1 programs
[ 45.969668][ T28] audit: type=1400 audit(1769924458.493:106): avc: denied { unlink } for pid=402 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 46.010952][ T402] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 47.033443][ T28] audit: type=1401 audit(1769924459.553:107): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 47.077462][ T428] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.084667][ T428] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.092343][ T428] device bridge_slave_0 entered promiscuous mode
[ 47.099225][ T428] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.106365][ T428] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.113840][ T428] device bridge_slave_1 entered promiscuous mode
[ 47.155274][ T428] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.162422][ T428] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.169785][ T428] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.176898][ T428] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.194562][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 47.202190][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.209689][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.219609][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 47.228019][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.235079][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.243593][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 47.252011][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.259405][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.271555][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 47.280712][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 47.294669][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 47.306525][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 47.314684][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 47.322301][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 47.330427][ T428] device veth0_vlan entered promiscuous mode
[ 47.340325][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 47.349815][ T428] device veth1_macvtap entered promiscuous mode
[ 47.360586][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 47.371582][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 47.518529][ T28] audit: type=1400 audit(1769924460.033:108): avc: denied { create } for pid=457 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
2026/02/01 05:41:00 executed programs: 0
[ 47.985018][ T472] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.992594][ T472] bridge0: port 1(bridge_slave_0) entered disabled state
[ 48.000229][ T472] device bridge_slave_0 entered promiscuous mode
[ 48.010929][ T472] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.018045][ T472] bridge0: port 2(bridge_slave_1) entered disabled state
[ 48.025544][ T472] device bridge_slave_1 entered promiscuous mode
[ 48.087236][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 48.094761][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 48.103922][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 48.112323][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 48.121032][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.128253][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 48.135955][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 48.148022][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 48.156630][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 48.164976][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.172118][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 48.183637][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 48.193164][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 48.202283][ T43] device bridge_slave_1 left promiscuous mode
[ 48.208411][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 48.216015][ T43] device bridge_slave_0 left promiscuous mode
[ 48.222448][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 48.230751][ T43] device veth1_macvtap left promiscuous mode
[ 48.236928][ T43] device veth0_vlan left promiscuous mode
[ 48.320923][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 48.332694][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 48.340764][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 48.348094][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 48.358493][ T472] device veth0_vlan entered promiscuous mode
[ 48.368252][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 48.377932][ T472] device veth1_macvtap entered promiscuous mode
[ 48.387478][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 48.397312][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 48.424396][ T483] loop2: detected capacity change from 0 to 1024
[ 48.431379][ T483] =======================================================
[ 48.431379][ T483] WARNING: The mand mount option has been deprecated and
[ 48.431379][ T483] and is ignored by this kernel. Remove the mand
[ 48.431379][ T483] option from the mount to silence this warning.
[ 48.431379][ T483] =======================================================
[ 48.467403][ T483] EXT4-fs: Ignoring removed bh option
[ 48.474004][ T483] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 48.495703][ T483] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 48.504878][ T28] audit: type=1400 audit(1769924461.033:109): avc: denied { mount } for pid=482 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 48.514894][ T483] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.17: Allocating blocks 497-513 which overlap fs metadata
[ 48.540650][ T28] audit: type=1400 audit(1769924461.033:110): avc: denied { write } for pid=482 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 48.546465][ T483] EXT4-fs (loop2): pa ffff888123666498: logic 64, phys. 193, len 20
[ 48.562477][ T28] audit: type=1400 audit(1769924461.033:111): avc: denied { add_name } for pid=482 comm="syz.2.17" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 48.570223][ T483] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 48.590922][ T28] audit: type=1400 audit(1769924461.033:112): avc: denied { create } for pid=482 comm="syz.2.17" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 48.621233][ T28] audit: type=1400 audit(1769924461.033:113): avc: denied { read write } for pid=482 comm="syz.2.17" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 48.621578][ T484] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 48.644039][ T28] audit: type=1400 audit(1769924461.033:114): avc: denied { open } for pid=482 comm="syz.2.17" path="/0/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 48.657818][ T484] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 48.657818][ T484]
[ 48.679700][ T28] audit: type=1400 audit(1769924461.063:115): avc: denied { setattr } for pid=482 comm="syz.2.17" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 48.696575][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 48.727957][ T489] loop2: detected capacity change from 0 to 1024
[ 48.735126][ T489] EXT4-fs: Ignoring removed bh option
[ 48.741142][ T489] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 48.760413][ T489] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 48.780612][ T489] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.18: Allocating blocks 497-513 which overlap fs metadata
[ 48.795238][ T489] EXT4-fs (loop2): pa ffff888123666bd0: logic 64, phys. 193, len 20
[ 48.803497][ T489] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 48.815651][ T484] ==================================================================
[ 48.823820][ T484] BUG: KASAN: use-after-free in ext4_find_extent+0xbeb/0xe20
[ 48.831275][ T484] Read of size 4 at addr ffff88811cb4bc94 by task kworker/u4:4/484
[ 48.839239][ T484]
[ 48.841549][ T484] CPU: 1 PID: 484 Comm: kworker/u4:4 Not tainted syzkaller #0
[ 48.848993][ T484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 48.859031][ T484] Workqueue: writeback wb_workfn (flush-7:2)
[ 48.865017][ T484] Call Trace:
[ 48.868312][ T484]
[ 48.871235][ T484] __dump_stack+0x21/0x24
[ 48.875916][ T484] dump_stack_lvl+0x110/0x170
[ 48.880583][ T484] ? __cfi_dump_stack_lvl+0x8/0x8
[ 48.885628][ T484] ? ext4_find_extent+0xbeb/0xe20
[ 48.890654][ T484] print_address_description+0x71/0x200
[ 48.896380][ T484] print_report+0x4a/0x60
[ 48.900697][ T484] kasan_report+0x122/0x150
[ 48.905191][ T484] ? ext4_find_extent+0xbeb/0xe20
[ 48.910207][ T484] __asan_report_load4_noabort+0x14/0x20
[ 48.916010][ T484] ext4_find_extent+0xbeb/0xe20
[ 48.920848][ T484] ext4_ext_map_blocks+0x207/0x61d0
[ 48.926146][ T484] ? kasan_set_track+0x60/0x70
[ 48.930896][ T484] ? kasan_set_track+0x4b/0x70
[ 48.935643][ T484] ? kasan_save_alloc_info+0x25/0x30
[ 48.941009][ T484] ? __kasan_slab_alloc+0x72/0x80
[ 48.946025][ T484] ? slab_post_alloc_hook+0x4f/0x2d0
[ 48.951298][ T484] ? kmem_cache_alloc+0x16e/0x330
[ 48.956311][ T484] ? ext4_alloc_io_end_vec+0x2a/0x160
[ 48.961762][ T484] ? ext4_writepages+0x10e9/0x30e0
[ 48.967041][ T484] ? do_writepages+0x3a4/0x5f0
[ 48.971807][ T484] ? __writeback_single_inode+0xc6/0xad0
[ 48.977429][ T484] ? writeback_sb_inodes+0xa10/0x15d0
[ 48.982874][ T484] ? wb_writeback+0x40b/0x9d0
[ 48.987639][ T484] ? wb_workfn+0x378/0xeb0
[ 48.992130][ T484] ? process_one_work+0x71f/0xc40
[ 48.997144][ T484] ? worker_thread+0xa29/0x11e0
[ 49.001978][ T484] ? kthread+0x281/0x320
[ 49.006227][ T484] ? ret_from_fork+0x1f/0x30
[ 49.010812][ T484] ? __cfi_ext4_ext_map_blocks+0x10/0x10
[ 49.016529][ T484] ? ext4_es_lookup_extent+0x54c/0x900
[ 49.021991][ T484] ext4_map_blocks+0x9d8/0x1b70
[ 49.026838][ T484] ? __cfi_ext4_map_blocks+0x10/0x10
[ 49.032294][ T484] ? ext4_inode_journal_mode+0x19a/0x480
[ 49.037927][ T484] ext4_writepages+0x1409/0x30e0
[ 49.042875][ T484] ? enqueue_task_fair+0xbee/0x1d40
[ 49.048073][ T484] ? __cfi_ext4_writepages+0x10/0x10
[ 49.053528][ T484] ? __cfi____update_load_sum+0x10/0x10
[ 49.059179][ T484] ? xas_start+0x317/0x3e0
[ 49.063706][ T484] ? __kasan_check_write+0x14/0x20
[ 49.068813][ T484] ? __cfi_ext4_writepages+0x10/0x10
[ 49.074092][ T484] do_writepages+0x3a4/0x5f0
[ 49.078773][ T484] ? __update_load_avg_cfs_rq+0xaf/0x2f0
[ 49.084411][ T484] ? __cfi_do_writepages+0x10/0x10
[ 49.089605][ T484] ? __kasan_check_write+0x14/0x20
[ 49.094727][ T484] ? _raw_spin_lock+0x94/0xf0
[ 49.099420][ T484] __writeback_single_inode+0xc6/0xad0
[ 49.104877][ T484] ? inode_io_list_move_locked+0x366/0x3d0
[ 49.110679][ T484] writeback_sb_inodes+0xa10/0x15d0
[ 49.116235][ T484] ? queue_io+0x4c0/0x4c0
[ 49.120630][ T484] ? __kasan_check_read+0x11/0x20
[ 49.125693][ T484] ? queue_io+0x382/0x4c0
[ 49.130103][ T484] wb_writeback+0x40b/0x9d0
[ 49.134599][ T484] ? inode_cgwb_move_to_attached+0x3e0/0x3e0
[ 49.140574][ T484] ? set_worker_desc+0x1ba/0x1f0
[ 49.145501][ T484] ? __kasan_check_write+0x14/0x20
[ 49.150608][ T484] ? kvm_sched_clock_read+0x18/0x40
[ 49.155821][ T484] ? sched_clock+0x9/0x10
[ 49.160244][ T484] ? sched_clock_cpu+0x6e/0x260
[ 49.165171][ T484] wb_workfn+0x378/0xeb0
[ 49.169533][ T484] ? __cfi_wb_workfn+0x10/0x10
[ 49.174308][ T484] ? kthread_data+0x50/0xc0
[ 49.178892][ T484] ? _raw_spin_unlock+0x4c/0x70
[ 49.183737][ T484] ? finish_task_switch+0x16b/0x7b0
[ 49.188924][ T484] ? __switch_to_asm+0x3a/0x60
[ 49.193860][ T484] ? __schedule+0xbae/0x1500
[ 49.198526][ T484] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 49.204153][ T484] process_one_work+0x71f/0xc40
[ 49.208999][ T484] worker_thread+0xa29/0x11e0
[ 49.213684][ T484] ? _raw_spin_lock_irqsave+0xc2/0x130
[ 49.219143][ T484] ? __kthread_parkme+0x142/0x180
[ 49.224156][ T484] kthread+0x281/0x320
[ 49.228382][ T484] ? __cfi_worker_thread+0x10/0x10
[ 49.233482][ T484] ? __cfi_kthread+0x10/0x10
[ 49.238087][ T484] ret_from_fork+0x1f/0x30
[ 49.242524][ T484]
[ 49.245529][ T484]
[ 49.247839][ T484] The buggy address belongs to the physical page:
[ 49.254232][ T484] page:ffffea000472d2c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11cb4b
[ 49.264557][ T484] flags: 0x4000000000000000(zone=1)
[ 49.269917][ T484] raw: 4000000000000000 0000000000000000 ffffea000472d2c8 0000000000000000
[ 49.278683][ T484] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 49.287336][ T484] page dumped because: kasan: bad access detected
[ 49.293744][ T484] page_owner tracks the page as freed
[ 49.299099][ T484] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 113, tgid 113 (udevd), ts 5558250136, free_ts 48313406349
[ 49.319772][ T484] post_alloc_hook+0x1f5/0x210
[ 49.324545][ T484] prep_new_page+0x1c/0x110
[ 49.329069][ T484] get_page_from_freelist+0x2d12/0x2d80
[ 49.334619][ T484] __alloc_pages+0x1d9/0x480
[ 49.339200][ T484] alloc_slab_page+0x6e/0xf0
[ 49.343783][ T484] new_slab+0x98/0x3d0
[ 49.347853][ T484] ___slab_alloc+0x6bd/0xb20
[ 49.352607][ T484] __slab_alloc+0x5e/0xa0
[ 49.357012][ T484] kmem_cache_alloc+0x1b0/0x330
[ 49.361855][ T484] getname_flags+0xb9/0x500
[ 49.366351][ T484] __x64_sys_symlink+0x6e/0x90
[ 49.371108][ T484] x64_sys_call+0x369/0x9a0
[ 49.375598][ T484] do_syscall_64+0x4c/0xa0
[ 49.380015][ T484] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 49.385932][ T484] page last free stack trace:
[ 49.390783][ T484] free_unref_page_prepare+0x742/0x750
[ 49.396509][ T484] free_unref_page+0x95/0x540
[ 49.401178][ T484] __free_pages+0x67/0x100
[ 49.405583][ T484] __free_slab+0xca/0x1a0
[ 49.409910][ T484] __unfreeze_partials+0x160/0x190
[ 49.415034][ T484] put_cpu_partial+0xa9/0x100
[ 49.419792][ T484] __slab_free+0x1c4/0x280
[ 49.424366][ T484] ___cache_free+0xbf/0xd0
[ 49.428875][ T484] qlist_free_all+0xc6/0x140
[ 49.433618][ T484] kasan_quarantine_reduce+0x14a/0x170
[ 49.439093][ T484] __kasan_slab_alloc+0x24/0x80
[ 49.444024][ T484] slab_post_alloc_hook+0x4f/0x2d0
[ 49.449210][ T484] kmem_cache_alloc_node+0x181/0x340
[ 49.454485][ T484] __alloc_skb+0xea/0x4b0
[ 49.458885][ T484] rtmsg_ifa+0xfa/0x1e0
[ 49.463123][ T484] __inet_del_ifa+0x80b/0xd90
[ 49.467878][ T484]
[ 49.470217][ T484] Memory state around the buggy address:
[ 49.476005][ T484] ffff88811cb4bb80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 49.484057][ T484] ffff88811cb4bc00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 49.492285][ T484] >ffff88811cb4bc80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 49.500325][ T484] ^
[ 49.504893][ T484] ffff88811cb4bd00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 49.512942][ T484] ffff88811cb4bd80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 49.521006][ T484] ==================================================================
[ 49.534512][ T484] Disabling lock debugging due to kernel taint
[ 49.540972][ T484] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 49.553565][ T484] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 49.553565][ T484]
[ 49.565145][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 49.581581][ T493] loop2: detected capacity change from 0 to 1024
[ 49.588505][ T493] EXT4-fs: Ignoring removed bh option
[ 49.595003][ T493] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 49.610901][ T493] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 49.630260][ T493] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.19: Allocating blocks 497-513 which overlap fs metadata
[ 49.644712][ T493] EXT4-fs (loop2): pa ffff8881236660a8: logic 64, phys. 193, len 20
[ 49.652735][ T493] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 49.664714][ T484] EXT4-fs error (device loop2): ext4_map_blocks:745: inode #15: block 6193342840851: comm kworker/u4:4: lblock 36 mapped to illegal pblock 6193342840851 (length 1)
[ 49.681822][ T484] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 49.694391][ T484] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 49.694391][ T484]
[ 49.705995][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 49.724697][ T497] loop2: detected capacity change from 0 to 1024
[ 49.731517][ T497] EXT4-fs: Ignoring removed bh option
[ 49.737449][ T497] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 49.760306][ T497] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 49.782562][ T497] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.20: Allocating blocks 497-513 which overlap fs metadata
[ 49.797145][ T497] EXT4-fs (loop2): pa ffff888128508f18: logic 64, phys. 193, len 20
[ 49.805214][ T497] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 49.816848][ T10] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 49.829552][ T10] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 49.829552][ T10]
[ 49.842902][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 49.860062][ T501] loop2: detected capacity change from 0 to 1024
[ 49.866861][ T501] EXT4-fs: Ignoring removed bh option
[ 49.872840][ T501] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 49.892992][ T501] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 49.911715][ T501] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.21: Allocating blocks 497-513 which overlap fs metadata
[ 49.926414][ T501] EXT4-fs (loop2): pa ffff8881285085e8: logic 64, phys. 193, len 20
[ 49.934500][ T501] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 49.947717][ T8] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 37 with max blocks 3 with error 117
[ 49.960268][ T8] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 49.960268][ T8]
[ 49.971099][ T8] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4872: inode #15: block 36: len 1: ext4_ext_map_blocks returned -117
[ 49.986608][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 50.004581][ T505] loop2: detected capacity change from 0 to 1024
[ 50.011432][ T505] EXT4-fs: Ignoring removed bh option
[ 50.017255][ T505] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 50.040328][ T505] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 50.062896][ T505] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.22: Allocating blocks 497-513 which overlap fs metadata
[ 50.077632][ T505] EXT4-fs (loop2): pa ffff888128474348: logic 64, phys. 193, len 20
[ 50.085798][ T505] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 50.097752][ T8] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 50.110282][ T8] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 50.110282][ T8]
[ 50.121960][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 50.137142][ T509] loop2: detected capacity change from 0 to 1024
[ 50.143989][ T509] EXT4-fs: Ignoring removed bh option
[ 50.155966][ T509] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 50.170284][ T509] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 50.188900][ T509] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.23: Allocating blocks 497-513 which overlap fs metadata
[ 50.203480][ T509] EXT4-fs (loop2): pa ffff88812853ddc8: logic 64, phys. 193, len 20
[ 50.211636][ T509] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 50.224067][ T10] EXT4-fs error (device loop2): ext4_map_blocks:745: inode #15: block 676: comm kworker/u4:1: lblock 36 mapped to illegal pblock 676 (length 1)
[ 50.239364][ T10] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 50.251960][ T10] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 50.251960][ T10]
[ 50.263927][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 50.290590][ T513] loop2: detected capacity change from 0 to 1024
[ 50.298433][ T513] EXT4-fs: Ignoring removed bh option
[ 50.306079][ T513] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 50.331030][ T513] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 50.355037][ T513] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.24: Allocating blocks 497-513 which overlap fs metadata
[ 50.369523][ T513] EXT4-fs (loop2): pa ffff88812853d150: logic 64, phys. 193, len 20
[ 50.377628][ T513] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 50.389544][ T313] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 50.402114][ T313] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 50.402114][ T313]
[ 50.413663][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 50.429403][ T517] loop2: detected capacity change from 0 to 1024
[ 50.437168][ T517] EXT4-fs: Ignoring removed bh option
[ 50.443178][ T517] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 50.461001][ T517] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 50.480290][ T517] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.25: Allocating blocks 497-513 which overlap fs metadata
[ 50.494696][ T517] EXT4-fs (loop2): pa ffff88812853dd20: logic 64, phys. 193, len 20
[ 50.502759][ T517] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 50.514364][ T43] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 50.526773][ T43] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 50.526773][ T43]
[ 50.538289][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 50.557389][ T521] loop2: detected capacity change from 0 to 1024
[ 50.564507][ T521] EXT4-fs: Ignoring removed bh option
[ 50.570500][ T521] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 50.590778][ T521] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 50.609573][ T521] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.26: Allocating blocks 497-513 which overlap fs metadata
[ 50.624243][ T521] EXT4-fs (loop2): pa ffff88812853d2a0: logic 64, phys. 193, len 20
[ 50.632341][ T521] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 50.647131][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 50.668118][ T525] EXT4-fs: Ignoring removed bh option
[ 50.674168][ T525] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 50.700211][ T525] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 50.725577][ T525] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.27: Allocating blocks 497-513 which overlap fs metadata
[ 50.740042][ T525] EXT4-fs (loop2): pa ffff8881284741f8: logic 64, phys. 193, len 20
[ 50.748047][ T525] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 50.760506][ T313] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 50.772940][ T313] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 50.772940][ T313]
[ 50.784649][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 50.800527][ T529] EXT4-fs: Ignoring removed bh option
[ 50.806350][ T529] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 50.820618][ T529] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 50.843651][ T529] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.28: Allocating blocks 497-513 which overlap fs metadata
[ 50.858037][ T529] EXT4-fs (loop2): pa ffff8881285750a8: logic 64, phys. 193, len 20
[ 50.866165][ T529] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 50.878035][ T43] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4872: inode #15: block 36: len 1: ext4_ext_map_blocks returned -28
[ 50.894150][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 50.909341][ T533] EXT4-fs: Ignoring removed bh option
[ 50.915181][ T533] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 50.930281][ T533] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 50.950185][ T533] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.29: Allocating blocks 497-513 which overlap fs metadata
[ 50.964677][ T533] EXT4-fs (loop2): pa ffff8881285751f8: logic 64, phys. 193, len 20
[ 50.972786][ T533] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 50.984446][ T313] EXT4-fs error (device loop2): ext4_map_blocks:745: inode #15: block 76017701: comm kworker/u4:3: lblock 37 mapped to illegal pblock 76017701 (length 3)
[ 51.000219][ T313] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 37 with max blocks 3 with error 117
[ 51.012583][ T313] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 51.012583][ T313]
[ 51.023327][ T313] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #15: block 76017700: comm kworker/u4:3: lblock 36 mapped to illegal pblock 76017700 (length 1)
[ 51.039372][ T313] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4872: inode #15: block 36: len 1: ext4_ext_map_blocks returned -117
[ 51.054129][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 51.061891][ T407] context_struct_compute_av: 7 callbacks suppressed
[ 51.061907][ T407] SELinux: Invalid class 0
[ 51.073596][ T407] ------------[ cut here ]------------
[ 51.079286][ T407] WARNING: CPU: 1 PID: 407 at security/selinux/avc.c:785 slow_avc_audit+0x229/0x240
[ 51.079581][ T537] EXT4-fs: Ignoring removed bh option
[ 51.088793][ T407] Modules linked in:
[ 51.098100][ T407] CPU: 1 PID: 407 Comm: udevd Tainted: G B syzkaller #0
[ 51.098407][ T537] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 51.106583][ T407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 51.106598][ T407] RIP: 0010:slow_avc_audit+0x229/0x240
[ 51.106630][ T407] Code: 00 00 00 65 48 8b 0c 25 28 00 00 00 48 3b 8c 24 e0 00 00 00 75 1d 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 67 65 38 ff <0f> 0b b8 ea ff ff ff eb 94 e8 89 97 c0 02 66 0f 1f 84 00 00 00 00
[ 51.106645][ T407] RSP: 0018:ffffc90000b97640 EFLAGS: 00010293
[ 51.106662][ T407] RAX: ffffffff823906a9 RBX: ffffffff87bd6c80 RCX: ffff888118569440
[ 51.120557][ T537] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 51.128338][ T407] RDX: 0000000000000000 RSI: 000000000000ff9e RDI: 000000000000ff9f
[ 51.145786][ T537] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.30: Allocating blocks 497-513 which overlap fs metadata
[ 51.153631][ T407] RBP: ffffc90000b97778 R08: ffffc90000b976df R09: ffffc90000b976c8
[ 51.160670][ T537] EXT4-fs (loop2): pa ffff888117fdf738: logic 64, phys. 193, len 20
[ 51.167630][ T407] R10: dffffc0000000000 R11: fffff52000172edc R12: dffffc0000000000
[ 51.176537][ T537] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 51.184544][ T407] R13: 1ffff92000172ecc R14: 000000000000ff9e R15: ffffc90000b97680
[ 51.184561][ T407] FS: 00007f37db840880(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 51.184577][ T407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 51.255884][ T407] CR2: 000000c006f70000 CR3: 0000000122804000 CR4: 00000000003506a0
[ 51.264155][ T407] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 51.272343][ T407] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 51.280707][ T407] Call Trace:
[ 51.283991][ T407]
[ 51.286909][ T407] ? __cfi_slow_avc_audit+0x10/0x10
[ 51.292140][ T407] ? avc_has_perm_noaudit+0x30b/0x490
[ 51.297527][ T407] ? update_load_avg+0x4bf/0x13f0
[ 51.302566][ T407] ? __this_cpu_preempt_check+0x13/0x20
[ 51.308120][ T407] avc_has_perm+0x1fb/0x250
[ 51.312641][ T407] ? __cfi_avc_has_perm+0x10/0x10
[ 51.317871][ T407] selinux_socket_recvmsg+0x22f/0x340
[ 51.323360][ T407] ? __cfi_selinux_socket_recvmsg+0x10/0x10
[ 51.329302][ T407] ? finish_task_switch+0x16b/0x7b0
[ 51.334579][ T407] security_socket_recvmsg+0x89/0xc0
[ 51.339879][ T407] ____sys_recvmsg+0x230/0x5f0
[ 51.344677][ T407] ? __sys_recvmsg_sock+0x50/0x50
[ 51.349800][ T407] ? import_iovec+0x7c/0xb0
[ 51.354413][ T407] ___sys_recvmsg+0x212/0x590
[ 51.359123][ T407] ? __sys_recvmsg+0x280/0x280
[ 51.363899][ T407] ? __cfi_vfs_write+0x10/0x10
[ 51.368653][ T407] ? __kasan_check_read+0x11/0x20
[ 51.373698][ T407] ? __fdget+0x15b/0x220
[ 51.378046][ T407] __x64_sys_recvmsg+0x202/0x2d0
[ 51.383000][ T407] ? __cfi___x64_sys_recvmsg+0x10/0x10
[ 51.388591][ T407] ? __kasan_check_write+0x14/0x20
[ 51.393729][ T407] ? fpregs_restore_userregs+0x128/0x260
[ 51.399398][ T407] ? switch_fpu_return+0xe/0x10
[ 51.404322][ T407] x64_sys_call+0x75/0x9a0
[ 51.408727][ T407] do_syscall_64+0x4c/0xa0
[ 51.413155][ T407] ? clear_bhb_loop+0x30/0x80
[ 51.417931][ T407] ? clear_bhb_loop+0x30/0x80
[ 51.422621][ T407] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 51.428554][ T407] RIP: 0033:0x7f37db0a7407
[ 51.432997][ T407] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 51.452726][ T407] RSP: 002b:00007ffd35e179e0 EFLAGS: 00000202 ORIG_RAX: 000000000000002f
[ 51.461209][ T407] RAX: ffffffffffffffda RBX: 00007f37db840880 RCX: 00007f37db0a7407
[ 51.469391][ T407] RDX: 0000000000000000 RSI: 00007ffd35e17a70 RDI: 000000000000000c
[ 51.477531][ T407] RBP: 000056416f9372c0 R08: 0000000000000000 R09: 0000000000000000
[ 51.485612][ T407] R10: 0000000000000000 R11: 0000000000000202 R12: 000056416fb90210
[ 51.493823][ T407] R13: 00007ffd35e17b30 R14: 00007ffd35e17a7c R15: 0000000000000000
[ 51.501925][ T407]
[ 51.504962][ T407] ---[ end trace 0000000000000000 ]---
[ 51.516036][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 51.518206][ T407] ------------[ cut here ]------------
[ 51.527603][ T407] WARNING: CPU: 0 PID: 407 at security/selinux/avc.c:785 slow_avc_audit+0x229/0x240
[ 51.536990][ T541] EXT4-fs: Ignoring removed bh option
[ 51.537633][ T407] Modules linked in:
[ 51.543260][ T541] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 51.546869][ T407] CPU: 0 PID: 407 Comm: udevd Tainted: G B W syzkaller #0
[ 51.566723][ T407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 51.570870][ T541] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 51.576967][ T407] RIP: 0010:slow_avc_audit+0x229/0x240
[ 51.591393][ T407] Code: 00 00 00 65 48 8b 0c 25 28 00 00 00 48 3b 8c 24 e0 00 00 00 75 1d 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 67 65 38 ff <0f> 0b b8 ea ff ff ff eb 94 e8 89 97 c0 02 66 0f 1f 84 00 00 00 00
[ 51.597866][ T541] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.31: Allocating blocks 497-513 which overlap fs metadata
[ 51.611087][ T407] RSP: 0018:ffffc90000b97620 EFLAGS: 00010293
[ 51.611109][ T407] RAX: ffffffff823906a9 RBX: ffffffff87bd6c80 RCX: ffff888118569440
[ 51.639354][ T407] RDX: 0000000000000000 RSI: 000000000000ff9e RDI: 000000000000ff9f
[ 51.647482][ T407] RBP: ffffc90000b97758 R08: ffffc90000b976bf R09: ffffc90000b976a8
[ 51.648998][ T545] EXT4-fs (loop2): pa ffff8881285753f0: logic 64, phys. 193, len 20
[ 51.655526][ T407] R10: dffffc0000000000 R11: fffff52000172ed8 R12: dffffc0000000000
[ 51.655549][ T407] R13: 1ffff92000172ec8 R14: 000000000000ff9e R15: ffffc90000b97660
[ 51.663547][ T545] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0,
[ 51.671971][ T407] FS: 00007f37db840880(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 51.679946][ T545] free 0, pa_free 1
[ 51.688346][ T407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 51.707655][ T407] CR2: 00007f37db831000 CR3: 0000000122804000 CR4: 00000000003506b0
[ 51.715670][ T407] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 51.723674][ T407] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 51.731684][ T407] Call Trace:
[ 51.734966][ T407]
[ 51.737895][ T407] ? __cfi_slow_avc_audit+0x10/0x10
[ 51.743205][ T407] ? avc_has_perm_noaudit+0x30b/0x490
[ 51.748594][ T407] avc_has_perm+0x1fb/0x250
[ 51.753220][ T407] ? __cfi_avc_has_perm+0x10/0x10
[ 51.758362][ T407] ? kernel_text_address+0xa0/0xd0
[ 51.763494][ T407] ? __kernel_text_address+0xd/0x30
[ 51.768728][ T407] ? unwind_get_return_address+0x4d/0x90
[ 51.774382][ T407] selinux_socket_sendmsg+0x22f/0x340
[ 51.779870][ T407] ? __cfi_selinux_socket_sendmsg+0x10/0x10
[ 51.785851][ T407] security_socket_sendmsg+0x83/0xb0
[ 51.791158][ T407] ____sys_sendmsg+0x525/0x990
[ 51.796024][ T407] ? __sys_sendmsg_sock+0x40/0x40
[ 51.801160][ T407] ? import_iovec+0x7c/0xb0
[ 51.805937][ T407] ___sys_sendmsg+0x2a2/0x360
[ 51.810640][ T407] ? __sys_sendmsg+0x290/0x290
[ 51.815529][ T407] ? __kasan_check_read+0x11/0x20
[ 51.820672][ T407] ? call_rcu+0xb90/0xf90
[ 51.825020][ T407] ? __cfi_call_rcu+0x10/0x10
[ 51.829733][ T407] ? security_file_free+0xd8/0xf0
[ 51.834821][ T407] ? __kasan_check_read+0x11/0x20
[ 51.839885][ T407] ? __fdget+0x15b/0x220
[ 51.844148][ T407] __x64_sys_sendmsg+0x205/0x2d0
[ 51.849168][ T407] ? __cfi___x64_sys_sendmsg+0x10/0x10
[ 51.854738][ T407] ? task_work_run+0x208/0x250
[ 51.859707][ T407] ? fpregs_assert_state_consistent+0xb1/0xe0
[ 51.865788][ T407] x64_sys_call+0x171/0x9a0
[ 51.870316][ T407] do_syscall_64+0x4c/0xa0
[ 51.874751][ T407] ? clear_bhb_loop+0x30/0x80
[ 51.879518][ T407] ? clear_bhb_loop+0x30/0x80
[ 51.884218][ T407] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 51.890194][ T407] RIP: 0033:0x7f37db0a7407
[ 51.894618][ T407] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 51.914863][ T407] RSP: 002b:00007ffd35e19a80 EFLAGS: 00000202 ORIG_RAX: 000000000000002e
[ 51.923312][ T407] RAX: ffffffffffffffda RBX: 00007f37db840880 RCX: 00007f37db0a7407
[ 51.931391][ T407] RDX: 0000000000000000 RSI: 00007ffd35e19ae0 RDI: 000000000000000c
[ 51.939478][ T407] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 51.947534][ T407] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000014a
[ 51.955570][ T407] R13: 000056416fb90210 R14: 0000000000000000 R15: 000056416fba3f00
[ 51.963565][ T407]
[ 51.966593][ T407] ---[ end trace 0000000000000000 ]---
[ 51.972759][ T10] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 51.985183][ T10] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 51.985183][ T10]
[ 51.998312][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 52.017478][ T547] EXT4-fs: Ignoring removed bh option
[ 52.023945][ T547] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 52.040285][ T547] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 52.058984][ T547] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.32: Allocating blocks 497-513 which overlap fs metadata
[ 52.073540][ T547] EXT4-fs (loop2): pa ffff888117dba7e0: logic 64, phys. 193, len 20
[ 52.081586][ T547] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 52.093160][ T10] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 52.105592][ T10] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 52.105592][ T10]
[ 52.117220][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 52.132727][ T551] EXT4-fs: Ignoring removed bh option
[ 52.138699][ T551] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 52.161378][ T551] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 52.180156][ T551] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.33: Allocating blocks 497-513 which overlap fs metadata
[ 52.194572][ T551] EXT4-fs (loop2): pa ffff888117fdf690: logic 64, phys. 193, len 20
[ 52.202848][ T551] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 52.214430][ T10] ------------[ cut here ]------------
[ 52.220281][ T10] kernel BUG at fs/ext4/extents.c:3187!
[ 52.226231][ T10] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 52.232414][ T10] CPU: 0 PID: 10 Comm: kworker/u4:1 Tainted: G B W syzkaller #0
[ 52.241447][ T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 52.251852][ T10] Workqueue: writeback wb_workfn (flush-7:2)
[ 52.257929][ T10] RIP: 0010:ext4_split_extent_at+0xf50/0xf70
[ 52.263901][ T10] Code: ff ff 44 89 f1 80 e1 07 fe c1 38 c1 0f 8c 45 fb ff ff 4c 89 f7 49 89 f7 e8 7d c3 cf ff 4c 89 fe e9 32 fb ff ff e8 f0 95 8a ff <0f> 0b e8 e9 95 8a ff 0f 0b e8 e2 95 8a ff 0f 0b e8 db 95 8a ff 0f
[ 52.283936][ T10] RSP: 0018:ffffc900000a6aa0 EFLAGS: 00010293
[ 52.290162][ T10] RAX: ffffffff81e6d620 RBX: 0000000000000000 RCX: ffff88810029d100
[ 52.298236][ T10] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000024
[ 52.306207][ T10] RBP: ffffc900000a6c18 R08: 0000000000000010 R09: 000000000000043b
[ 52.314181][ T10] R10: dffffc0000000000 R11: ffffed1021ab6d4a R12: dffffc0000000000
[ 52.322237][ T10] R13: 0000000000000000 R14: 0000000000000010 R15: ffff88810d5b6a00
[ 52.330594][ T10] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 52.339699][ T10] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 52.346374][ T10] CR2: 000000c006f72000 CR3: 0000000110037000 CR4: 00000000003506b0
[ 52.354347][ T10] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 52.362482][ T10] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 52.370546][ T10] Call Trace:
[ 52.373820][ T10]
[ 52.376759][ T10] ? ext4_ext_try_to_merge_right+0x820/0x820
[ 52.382827][ T10] ext4_split_extent+0x363/0x4c0
[ 52.388065][ T10] ext4_ext_map_blocks+0x10e5/0x61d0
[ 52.393376][ T10] ? kasan_set_track+0x60/0x70
[ 52.398222][ T10] ? kasan_set_track+0x4b/0x70
[ 52.403240][ T10] ? kasan_save_alloc_info+0x25/0x30
[ 52.408519][ T10] ? __kasan_slab_alloc+0x72/0x80
[ 52.413636][ T10] ? kmem_cache_alloc+0x16e/0x330
[ 52.418847][ T10] ? ext4_alloc_io_end_vec+0x2a/0x160
[ 52.424385][ T10] ? ext4_writepages+0x10e9/0x30e0
[ 52.429574][ T10] ? do_writepages+0x3a4/0x5f0
[ 52.434424][ T10] ? __writeback_single_inode+0xc6/0xad0
[ 52.440044][ T10] ? writeback_sb_inodes+0xa10/0x15d0
[ 52.445405][ T10] ? wb_writeback+0x40b/0x9d0
[ 52.450066][ T10] ? wb_workfn+0x378/0xeb0
[ 52.454470][ T10] ? process_one_work+0x71f/0xc40
[ 52.459481][ T10] ? worker_thread+0xa29/0x11e0
[ 52.464402][ T10] ? kthread+0x281/0x320
[ 52.468815][ T10] ? ret_from_fork+0x1f/0x30
[ 52.473512][ T10] ? __cfi_ext4_ext_map_blocks+0x10/0x10
[ 52.479141][ T10] ? ext4_es_lookup_extent+0x54c/0x900
[ 52.484590][ T10] ext4_map_blocks+0x9d8/0x1b70
[ 52.489603][ T10] ? __cfi_ext4_map_blocks+0x10/0x10
[ 52.494911][ T10] ? ext4_inode_journal_mode+0x19a/0x480
[ 52.500531][ T10] ext4_writepages+0x1409/0x30e0
[ 52.505467][ T10] ? enqueue_task_fair+0xbee/0x1d40
[ 52.510750][ T10] ? __cfi_ext4_writepages+0x10/0x10
[ 52.516170][ T10] ? xas_start+0x317/0x3e0
[ 52.520861][ T10] ? __kasan_check_write+0x14/0x20
[ 52.525980][ T10] ? __cfi_ext4_writepages+0x10/0x10
[ 52.531262][ T10] do_writepages+0x3a4/0x5f0
[ 52.535845][ T10] ? __update_load_avg_cfs_rq+0xaf/0x2f0
[ 52.541585][ T10] ? __cfi_do_writepages+0x10/0x10
[ 52.546687][ T10] ? __kasan_check_write+0x14/0x20
[ 52.551782][ T10] ? _raw_spin_lock+0x94/0xf0
[ 52.556455][ T10] __writeback_single_inode+0xc6/0xad0
[ 52.561990][ T10] ? inode_io_list_move_locked+0x366/0x3d0
[ 52.567792][ T10] writeback_sb_inodes+0xa10/0x15d0
[ 52.572977][ T10] ? queue_io+0x4c0/0x4c0
[ 52.577307][ T10] ? __kasan_check_read+0x11/0x20
[ 52.582339][ T10] ? queue_io+0x382/0x4c0
[ 52.586662][ T10] wb_writeback+0x40b/0x9d0
[ 52.591158][ T10] ? inode_cgwb_move_to_attached+0x3e0/0x3e0
[ 52.597129][ T10] ? set_worker_desc+0x1ba/0x1f0
[ 52.602242][ T10] ? __kasan_check_write+0x14/0x20
[ 52.607356][ T10] ? kvm_sched_clock_read+0x18/0x40
[ 52.612725][ T10] ? sched_clock+0x9/0x10
[ 52.617044][ T10] ? sched_clock_cpu+0x6e/0x260
[ 52.621884][ T10] wb_workfn+0x378/0xeb0
[ 52.626131][ T10] ? __cfi_wb_workfn+0x10/0x10
[ 52.630891][ T10] ? kthread_data+0x50/0xc0
[ 52.635381][ T10] ? _raw_spin_unlock+0x4c/0x70
[ 52.640471][ T10] ? finish_task_switch+0x16b/0x7b0
[ 52.645654][ T10] ? __switch_to_asm+0x3a/0x60
[ 52.650403][ T10] ? __schedule+0xbae/0x1500
[ 52.654983][ T10] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 52.660515][ T10] process_one_work+0x71f/0xc40
[ 52.665352][ T10] worker_thread+0xa29/0x11e0
[ 52.670123][ T10] ? __kthread_parkme+0x142/0x180
[ 52.675139][ T10] kthread+0x281/0x320
[ 52.679195][ T10] ? __cfi_worker_thread+0x10/0x10
[ 52.684380][ T10] ? __cfi_kthread+0x10/0x10
[ 52.688973][ T10] ret_from_fork+0x1f/0x30
[ 52.693559][ T10]
[ 52.696594][ T10] Modules linked in:
[ 52.702132][ T10] ---[ end trace 0000000000000000 ]---
[ 52.707662][ T10] RIP: 0010:ext4_split_extent_at+0xf50/0xf70
[ 52.713782][ T10] Code: ff ff 44 89 f1 80 e1 07 fe c1 38 c1 0f 8c 45 fb ff ff 4c 89 f7 49 89 f7 e8 7d c3 cf ff 4c 89 fe e9 32 fb ff ff e8 f0 95 8a ff <0f> 0b e8 e9 95 8a ff 0f 0b e8 e2 95 8a ff 0f 0b e8 db 95 8a ff 0f
[ 52.733757][ T10] RSP: 0018:ffffc900000a6aa0 EFLAGS: 00010293
[ 52.740099][ T10] RAX: ffffffff81e6d620 RBX: 0000000000000000 RCX: ffff88810029d100
[ 52.748093][ T10] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000024
[ 52.756181][ T10] RBP: ffffc900000a6c18 R08: 0000000000000010 R09: 000000000000043b
[ 52.764197][ T10] R10: dffffc0000000000 R11: ffffed1021ab6d4a R12: dffffc0000000000
[ 52.772380][ T10] R13: 0000000000000000 R14: 0000000000000010 R15: ffff88810d5b6a00
[ 52.780447][ T10] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 52.789403][ T10] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 52.796093][ T10] CR2: 000000c006f76000 CR3: 00000001162c5000 CR4: 00000000003506b0
[ 52.804091][ T10] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 52.812085][ T10] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 52.820242][ T10] Kernel panic - not syncing: Fatal exception
[ 52.826798][ T10] Kernel Offset: disabled
[ 52.831120][ T10] Rebooting in 86400 seconds..