Warning: Permanently added '10.128.0.243' (ED25519) to the list of known hosts.
2024/11/21 14:28:32 ignoring optional flag "sandboxArg"="0"
2024/11/21 14:28:32 ignoring optional flag "type"="gce"
2024/11/21 14:28:32 parsed 1 programs
[   54.644245][   T24] kauditd_printk_skb: 16 callbacks suppressed
[   54.644258][   T24] audit: type=1400 audit(1732199312.900:92): avc:  denied  { unlink } for  pid=444 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   54.694643][  T444] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   54.740465][   T24] audit: type=1400 audit(1732199312.990:93): avc:  denied  { mounton } for  pid=460 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=509 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   55.248839][  T498] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.255995][  T498] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.263572][  T498] device bridge_slave_0 entered promiscuous mode
[   55.270582][  T498] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.277468][  T498] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.284768][  T498] device bridge_slave_1 entered promiscuous mode
[   55.321427][  T498] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.328433][  T498] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.335665][  T498] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.342843][  T498] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.359880][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.367369][  T397] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.374825][  T397] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.383681][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   55.391652][  T397] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.398510][  T397] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.408963][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   55.416956][  T397] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.423803][  T397] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.434327][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   55.443526][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   55.457176][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   55.468205][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   55.476452][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   55.484454][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   55.492451][  T498] device veth0_vlan entered promiscuous mode
[   55.502355][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   55.512105][  T498] device veth1_macvtap entered promiscuous mode
2024/11/21 14:28:33 executed programs: 0
[   55.521715][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   55.531673][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   55.610699][  T506] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.618148][  T506] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.625846][  T506] device bridge_slave_0 entered promiscuous mode
[   55.632886][  T506] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.639864][  T506] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.647348][  T506] device bridge_slave_1 entered promiscuous mode
[   55.689591][  T506] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.696627][  T506] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.703752][  T506] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.710622][  T506] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.728090][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.736014][  T397] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.742979][  T397] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.757143][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   55.765215][  T397] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.772048][  T397] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.781236][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   55.789375][  T397] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.796265][  T397] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.812276][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   55.821755][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   55.841740][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   55.852888][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   55.861306][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   55.869185][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   55.877761][  T506] device veth0_vlan entered promiscuous mode
[   55.893526][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   55.902385][  T506] device veth1_macvtap entered promiscuous mode
[   55.911709][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   55.921815][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   55.951377][  T511] ======================================================
[   55.951377][  T511] WARNING: the mand mount option is being deprecated and
[   55.951377][  T511]          will be removed in v5.15!
[   55.951377][  T511] ======================================================
[   55.951389][   T24] audit: type=1400 audit(1732199314.200:94): avc:  denied  { mounton } for  pid=510 comm="syz-executor" path="/root/syzkaller-testdir705388407/syzkaller.6Lez4p/0/file1" dev="sda1" ino=1938 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   56.035940][  T511] EXT4-fs (loop0): 1 orphan inode deleted
[   56.041549][  T511] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[   56.060664][  T511] ext4 filesystem being mounted at /root/syzkaller-testdir705388407/syzkaller.6Lez4p/0/file1 supports timestamps until 2038 (0x7fffffff)
[   56.060977][   T24] audit: type=1400 audit(1732199314.310:95): avc:  denied  { mount } for  pid=510 comm="syz-executor" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   56.096579][   T24] audit: type=1400 audit(1732199314.350:96): avc:  denied  { write } for  pid=510 comm="syz-executor" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   56.101897][  T515] EXT4-fs error (device loop0): ext4_ext_remove_space:2835: inode #16: comm syz-executor: path[1].p_hdr == NULL
[   56.118745][   T24] audit: type=1400 audit(1732199314.350:97): avc:  denied  { add_name } for  pid=510 comm="syz-executor" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   56.130978][  T515] EXT4-fs (loop0): Remounting filesystem read-only
[   56.151157][   T24] audit: type=1400 audit(1732199314.350:98): avc:  denied  { create } for  pid=510 comm="syz-executor" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   56.158064][  T515] EXT4-fs error (device loop0): __ext4_get_inode_loc:4437: comm syz-executor: Invalid inode table block 0 in block_group 0
[   56.178119][   T24] audit: type=1400 audit(1732199314.350:99): avc:  denied  { write open } for  pid=510 comm="syz-executor" path="/root/syzkaller-testdir705388407/syzkaller.6Lez4p/0/file1/bus" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   56.190595][  T515] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5897: Corrupt filesystem
[   56.216820][   T24] audit: type=1400 audit(1732199314.350:100): avc:  denied  { read } for  pid=510 comm="syz-executor" name="bus" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   56.226536][  T515] EXT4-fs error (device loop0): ext4_punch_hole:4229: inode #16: comm syz-executor: mark_inode_dirty error
[   56.248532][   T24] audit: type=1400 audit(1732199314.350:101): avc:  denied  { mounton } for  pid=510 comm="syz-executor" path="/root/syzkaller-testdir705388407/syzkaller.6Lez4p/0/file1/bus" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   56.292448][  T506] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[   56.421453][  T527] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.428536][  T527] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.435912][  T527] device bridge_slave_0 entered promiscuous mode
[   56.445374][  T527] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.452523][  T527] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.459921][  T527] device bridge_slave_1 entered promiscuous mode
[   56.498942][  T527] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.505909][  T527] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.513096][  T527] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.519940][  T527] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.538445][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   56.546384][  T353] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.553984][  T353] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.562763][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   56.571369][  T353] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.578224][  T353] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.587936][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   56.595970][  T353] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.602793][  T353] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.616724][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   56.626203][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   56.640239][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   56.654099][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   56.662071][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   56.669959][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   56.677695][  T527] device veth0_vlan entered promiscuous mode
[   56.689311][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   56.698403][  T527] device veth1_macvtap entered promiscuous mode
[   56.707893][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   56.719758][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   56.825430][  T532] EXT4-fs (loop0): 1 orphan inode deleted
[   56.830984][  T532] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[   56.849976][  T532] ext4 filesystem being mounted at /root/syzkaller-testdir3859137103/syzkaller.3NDexl/0/file1 supports timestamps until 2038 (0x7fffffff)
[   56.864928][   T49] device bridge_slave_1 left promiscuous mode
[   56.870985][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.878328][  T536] EXT4-fs error (device loop0): ext4_free_blocks:5687: comm syz-executor: Freeing blocks not in datazone - block = 41, count = 1
[   56.891804][  T536] EXT4-fs (loop0): Remounting filesystem read-only
[   56.891920][   T49] device bridge_slave_0 left promiscuous mode
[   56.898584][  T536] ==================================================================
[   56.904349][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.912051][  T536] BUG: KASAN: out-of-bounds in ext4_ext_remove_space+0x1fbc/0x4e10
[   56.912071][  T536] Read of size 18446744073709551604 at addr ffff88812314b018 by task syz-executor/536
[   56.936174][  T536] 
[   56.938356][  T536] CPU: 0 PID: 536 Comm: syz-executor Not tainted 5.10.226-syzkaller-1003479-gb14940b90491 #0
[   56.948499][  T536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   56.958405][  T536] Call Trace:
[   56.961527][  T536]  dump_stack_lvl+0x1e2/0x24b
[   56.966038][  T536]  ? bfq_pos_tree_add_move+0x43b/0x43b
[   56.971354][  T536]  ? panic+0x812/0x812
[   56.975350][  T536]  print_address_description+0x81/0x3b0
[   56.980706][  T536]  kasan_report+0x179/0x1c0
[   56.985045][  T536]  ? ext4_ext_remove_space+0x1fbc/0x4e10
[   56.990598][  T536]  ? ext4_ext_remove_space+0x1fbc/0x4e10
[   56.996066][  T536]  kasan_check_range+0x293/0x2a0
[   57.000942][  T536]  ? ext4_ext_remove_space+0x1fbc/0x4e10
[   57.006421][  T536]  memmove+0x2d/0x70
[   57.010143][  T536]  ext4_ext_remove_space+0x1fbc/0x4e10
[   57.015664][  T536]  ? _raw_spin_trylock_bh+0x190/0x190
[   57.020868][  T536]  ? _raw_write_lock+0xa4/0x170
[   57.025564][  T536]  ? ext4_ext_index_trans_blocks+0x120/0x120
[   57.031446][  T536]  ? ext4_es_remove_extent+0x297/0x460
[   57.036760][  T536]  ? ext4_zero_partial_blocks+0x1e5/0x220
[   57.042304][  T536]  ext4_punch_hole+0x720/0xb10
[   57.046910][  T536]  ext4_fallocate+0x2e8/0x1ca0
[   57.051693][  T536]  ? _copy_from_user+0x96/0xd0
[   57.056284][  T536]  ? ext4_ext_truncate+0x200/0x200
[   57.061224][  T536]  ? fsnotify_perm+0x67/0x4e0
[   57.065728][  T536]  ? security_file_permission+0x7b/0xb0
[   57.071110][  T536]  ? preempt_count_add+0x92/0x1a0
[   57.075969][  T536]  vfs_fallocate+0x492/0x570
[   57.080392][  T536]  __x64_sys_fallocate+0xc0/0x110
[   57.085267][  T536]  do_syscall_64+0x34/0x70
[   57.089521][  T536]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   57.095244][  T536] RIP: 0033:0x7fb9d28eff69
[   57.099578][  T536] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   57.119282][  T536] RSP: 002b:00007fb9d24510c8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   57.127607][  T536] RAX: ffffffffffffffda RBX: 00007fb9d2a27050 RCX: 00007fb9d28eff69
[   57.135606][  T536] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[   57.143415][  T536] RBP: 00007fb9d294d6fe R08: 0000000000000000 R09: 0000000000000000
[   57.151324][  T536] R10: 0000000000001a00 R11: 0000000000000246 R12: 0000000000000000
[   57.159314][  T536] R13: 000000000000000b R14: 00007fb9d2a27050 R15: 00007ffd852062b8
[   57.167653][  T536] 
[   57.169886][  T536] The buggy address belongs to the page:
[   57.175379][  T536] page:ffffea00048c52c0 refcount:2 mapcount:0 mapping:ffff888109195c10 index:0x27 pfn:0x12314b
[   57.185616][  T536] aops:def_blk_aops ino:0
[   57.189865][  T536] flags: 0x4000000000002036(referenced|uptodate|lru|active|private)
[   57.197757][  T536] raw: 4000000000002036 ffffea00048c5248 ffffea00045c6948 ffff888109195c10
[   57.206180][  T536] raw: 0000000000000027 ffff888122d48738 00000002ffffffff ffff888120c5a000
[   57.214583][  T536] page dumped because: kasan: bad access detected
[   57.220840][  T536] page->mem_cgroup:ffff888120c5a000
[   57.225979][  T536] page_owner tracks the page as allocated
[   57.231659][  T536] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 532, ts 56871645778, free_ts 56742920812
[   57.248486][  T536]  prep_new_page+0x166/0x180
[   57.253084][  T536]  get_page_from_freelist+0x2d8c/0x2f30
[   57.258481][  T536]  __alloc_pages_nodemask+0x435/0xaf0
[   57.263766][  T536]  pagecache_get_page+0x669/0x950
[   57.268627][  T536]  __getblk_gfp+0x221/0x7e0
[   57.272966][  T536]  ext4_ext_insert_extent+0xf88/0x4d20
[   57.278251][  T536]  ext4_split_extent_at+0x812/0x1110
[   57.283370][  T536]  ext4_split_extent+0x1bd/0x4e0
[   57.288139][  T536]  ext4_ext_map_blocks+0x2206/0x6ee0
[   57.293273][  T536]  ext4_map_blocks+0xa65/0x1d10
[   57.298487][  T536]  _ext4_get_block+0x21b/0x610
[   57.303162][  T536]  ext4_get_block_unwritten+0x2a/0x40
[   57.308450][  T536]  ext4_block_write_begin+0x61e/0x13b0
[   57.313744][  T536]  ext4_write_begin+0x6fa/0x1730
[   57.318520][  T536]  ext4_da_write_begin+0x49d/0xf60
[   57.323467][  T536]  generic_perform_write+0x2cd/0x570
[   57.328790][  T536] page last free stack trace:
[   57.333300][  T536]  free_unref_page_prepare+0x2ae/0x2d0
[   57.338744][  T536]  free_unref_page_list+0x122/0xb20
[   57.343752][  T536]  release_pages+0xea0/0xef0
[   57.348350][  T536]  free_pages_and_swap_cache+0x8a/0xa0
[   57.353830][  T536]  tlb_finish_mmu+0x177/0x320
[   57.358340][  T536]  unmap_region+0x31c/0x370
[   57.362824][  T536]  __do_munmap+0x699/0x8c0
[   57.367226][  T536]  __se_sys_munmap+0x120/0x1a0
[   57.371923][  T536]  __x64_sys_munmap+0x5b/0x70
[   57.376507][  T536]  do_syscall_64+0x34/0x70
[   57.380768][  T536]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   57.386492][  T536] 
[   57.388651][  T536] Memory state around the buggy address:
[   57.394128][  T536]  ffff88812314af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   57.402022][  T536]  ffff88812314af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   57.409926][  T536] >ffff88812314b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   57.417903][  T536]                             ^
[   57.422810][  T536]  ffff88812314b080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   57.430714][  T536]  ffff88812314b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   57.438733][  T536] ==================================================================
[   57.446615][  T536] Disabling lock debugging due to kernel taint
[   57.454717][   T49] device veth1_macvtap left promiscuous mode
[   57.456502][  T536] EXT4-fs error (device loop0): __ext4_get_inode_loc:4437: comm syz-executor: Invalid inode table block 0 in block_group 0
[   57.461747][   T49] device veth0_vlan left promiscuous mode
[   57.474090][  T536] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5897: Corrupt filesystem
[   57.489752][  T536] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #16: comm syz-executor: mark_inode_dirty error
[   57.502846][  T536] EXT4-fs error (device loop0): __ext4_get_inode_loc:4437: comm syz-executor: Invalid inode table block 0 in block_group 0
[   57.516436][  T536] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5897: Corrupt filesystem
[   57.525869][  T536] EXT4-fs error (device loop0): ext4_punch_hole:4229: inode #16: comm syz-executor: mark_inode_dirty error
[   57.546625][  T527] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[   57.802106][  T539] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.809059][  T539] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.816364][  T539] device bridge_slave_0 entered promiscuous mode
[   57.822989][  T539] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.829980][  T539] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.837374][  T539] device bridge_slave_1 entered promiscuous mode
[   57.875737][  T539] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.882911][  T539] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.890046][  T539] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.896864][  T539] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.914857][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.922359][  T397] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.929812][  T397] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.945752][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   57.953991][  T397] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.960856][  T397] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.968249][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   57.977004][  T397] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.984217][  T397] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.999707][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   58.007930][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   58.017888][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   58.030585][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   58.038499][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   58.046170][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   58.054871][  T539] device veth0_vlan entered promiscuous mode
[   58.065311][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   58.074524][  T539] device veth1_macvtap entered promiscuous mode
[   58.084460][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.094597][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.135375][  T544] EXT4-fs (loop0): 1 orphan inode deleted
[   58.141491][  T544] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[   58.160318][  T544] ext4 filesystem being mounted at /root/syzkaller-testdir2071058275/syzkaller.K4QYrA/0/file1 supports timestamps until 2038 (0x7fffffff)
[   58.181655][  T548] EXT4-fs error (device loop0): ext4_ext_remove_space:2835: inode #16: comm syz-executor: path[1].p_hdr == NULL
[   58.193748][  T548] EXT4-fs (loop0): Remounting filesystem read-only
[   58.200096][  T548] EXT4-fs error (device loop0): __ext4_get_inode_loc:4437: comm syz-executor: Invalid inode table block 0 in block_group 0
[   58.213422][  T548] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5897: Corrupt filesystem
[   58.222900][  T548] EXT4-fs error (device loop0): ext4_punch_hole:4229: inode #16: comm syz-executor: mark_inode_dirty error
[   58.238635][  T539] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[   58.446142][  T550] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.453009][  T550] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.460355][  T550] device bridge_slave_0 entered promiscuous mode
[   58.467308][  T550] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.474690][  T550] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.481966][  T550] device bridge_slave_1 entered promiscuous mode
[   58.522151][  T550] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.529025][  T550] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.536411][  T550] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.543367][  T550] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.564233][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.571855][  T397] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.579203][  T397] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.590818][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.598949][  T397] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.605836][  T397] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.615794][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   58.624054][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.631954][  T397] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.638740][  T397] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.651261][   T49] device bridge_slave_1 left promiscuous mode
[   58.657279][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.664557][   T49] device bridge_slave_0 left promiscuous mode
[   58.670459][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.678547][   T49] device bridge_slave_1 left promiscuous mode
[   58.685210][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.692464][   T49] device bridge_slave_0 left promiscuous mode
[   58.698464][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.706277][   T49] device veth1_macvtap left promiscuous mode
[   58.712069][   T49] device veth0_vlan left promiscuous mode
[   58.718154][   T49] device veth1_macvtap left promiscuous mode
[   58.724132][   T49] device veth0_vlan left promiscuous mode
[   58.859434][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   58.867882][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   58.878508][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   58.886634][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   58.899096][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   58.907897][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   58.919276][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   58.927238][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   58.935694][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   58.943130][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   58.951398][  T550] device veth0_vlan entered promiscuous mode
[   58.960992][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   58.969362][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   58.978669][  T550] device veth1_macvtap entered promiscuous mode
[   58.987693][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   58.995257][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   59.003612][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   59.012690][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   59.020838][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   59.075541][  T556] EXT4-fs (loop0): 1 orphan inode deleted
[   59.081296][  T556] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[   59.100139][  T556] ext4 filesystem being mounted at /root/syzkaller-testdir2808099220/syzkaller.YsV5Uk/0/file1 supports timestamps until 2038 (0x7fffffff)
[   59.119975][  T560] EXT4-fs error (device loop0): ext4_ext_remove_space:2835: inode #16: comm syz-executor: path[1].p_hdr == NULL
[   59.132443][  T560] EXT4-fs (loop0): Remounting filesystem read-only
[   59.139234][  T560] EXT4-fs error (device loop0): __ext4_get_inode_loc:4437: comm syz-executor: Invalid inode table block 0 in block_group 0
[   59.152278][  T560] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5897: Corrupt filesystem
[   59.161739][  T560] EXT4-fs error (device loop0): ext4_punch_hole:4229: inode #16: comm syz-executor: mark_inode_dirty error
[   59.183631][  T550] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[   59.364691][  T563] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.371543][  T563] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.379116][  T563] device bridge_slave_0 entered promiscuous mode
[   59.387545][  T563] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.394558][  T563] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.401688][  T563] device bridge_slave_1 entered promiscuous mode
[   59.440785][  T563] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.447778][  T563] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.455065][  T563] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.462108][  T563] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.481400][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   59.489101][  T397] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.496535][  T397] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.505580][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   59.513759][  T397] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.520584][  T397] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.544689][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   59.553004][  T397] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.559987][  T397] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.567839][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   59.577124][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   59.594857][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   59.603094][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   59.611526][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   59.619698][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   59.631013][  T563] device veth0_vlan entered promiscuous mode
[   59.641621][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   59.649826][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   59.659467][  T563] device veth1_macvtap entered promiscuous mode
[   59.669569][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   59.677391][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   59.685762][  T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   59.696455][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   59.704814][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   59.763948][   T49] device bridge_slave_1 left promiscuous mode
[   59.770017][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.777726][   T49] device bridge_slave_0 left promiscuous mode
[   59.783822][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.791495][   T49] device veth1_macvtap left promiscuous mode
[   59.797466][   T49] device veth0_vlan left promiscuous mode
[   59.805732][  T569] EXT4-fs (loop0): 1 orphan inode deleted
[   59.811366][  T569] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[   59.830557][  T569] ext4 filesystem being mounted at /root/syzkaller-testdir3158366374/syzkaller.zssb4G/0/file1 supports timestamps until 2038 (0x7fffffff)
[   59.855704][  T573] EXT4-fs error (device loop0): ext4_free_blocks:5687: comm syz-executor: Freeing blocks not in datazone - block = 41, count = 1
[   59.869355][  T573] EXT4-fs (loop0): Remounting filesystem read-only
[   59.903675][    C1] general protection fault, probably for non-canonical address 0x174ff82000000000: 0000 [#1] PREEMPT SMP KASAN
[   59.915575][    C1] CPU: 1 PID: 19 Comm: ksoftirqd/1 Tainted: G    B             5.10.226-syzkaller-1003479-gb14940b90491 #0
[   59.926900][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   59.936910][    C1] RIP: 0010:rcu_do_batch+0x594/0xc40
[   59.942020][    C1] Code: 8b 75 00 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 49 89 c7 74 08 4c 89 ef e8 37 f4 4f 00 48 c7 43 08 00 00 00 00 48 89 df <41> ff d6 65 8b 05 1e 19 aa 7e a9 00 01 00 00 75 73 e8 36 fa ff ff
[   59.961627][    C1] RSP: 0018:ffffc90000147a40 EFLAGS: 00010246
[   59.967632][    C1] RAX: dffffc0000000000 RBX: ffff888123458c00 RCX: ffffc900001479c8
[   59.975442][    C1] RDX: ffff8881170a9340 RSI: ffffc900001479d0 RDI: ffff888123458c00
[   59.983576][    C1] RBP: ffffc90000147bf0 R08: 0000000000000001 R09: ffffc90000147714
[   59.991513][    C1] R10: 000000004e19791e R11: 000000001c31c411 R12: ffffc90000147b60
[   59.999317][    C1] R13: ffff888123458c08 R14: 174ff82000000000 R15: dffffc0000000000
[   60.007217][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   60.015987][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   60.022403][    C1] CR2: 00007f1b7845d000 CR3: 0000000115770000 CR4: 00000000003506a0
[   60.030216][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   60.038030][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   60.045837][    C1] Call Trace:
[   60.048977][    C1]  ? __die_body+0x62/0xb0
[   60.053138][    C1]  ? die_addr+0x9f/0xd0
[   60.057124][    C1]  ? exc_general_protection+0x3ff/0x490
[   60.062495][    C1]  ? slab_free_freelist_hook+0xc0/0x190
[   60.067874][    C1]  ? asm_exc_general_protection+0x1e/0x30
[   60.073446][    C1]  ? rcu_do_batch+0x594/0xc40
[   60.077959][    C1]  ? local_bh_enable+0x20/0x20
[   60.082546][    C1]  rcu_core+0x5ad/0xe40
[   60.086781][    C1]  ? finish_task_switch+0x130/0x5a0
[   60.091796][    C1]  ? rcu_cpu_kthread_park+0x90/0x90
[   60.096847][    C1]  ? __this_cpu_preempt_check+0x13/0x20
[   60.102210][    C1]  ? rcu_softirq_qs+0xd7/0x1f0
[   60.106848][    C1]  ? rcu_get_gp_kthreads_prio+0x10/0x10
[   60.112186][    C1]  rcu_core_si+0x9/0x10
[   60.116178][    C1]  __do_softirq+0x268/0x5bb
[   60.120529][    C1]  ? ksoftirqd_should_run+0x20/0x20
[   60.125573][    C1]  run_ksoftirqd+0x23/0x30
[   60.129852][    C1]  smpboot_thread_fn+0x545/0x930
[   60.134774][    C1]  ? release_firmware_map_entry+0x18d/0x18d
[   60.140693][    C1]  ? cpu_report_death+0x1a0/0x1a0
[   60.145523][    C1]  ? schedule+0x154/0x1d0
[   60.149700][    C1]  ? __kasan_check_read+0x11/0x20
[   60.154761][    C1]  ? __kthread_parkme+0x186/0x1c0
[   60.159613][    C1]  kthread+0x34b/0x3d0
[   60.163520][    C1]  ? cpu_report_death+0x1a0/0x1a0
[   60.168380][    C1]  ? kthread_blkcg+0xd0/0xd0
[   60.172807][    C1]  ret_from_fork+0x1f/0x30
[   60.177055][    C1] Modules linked in:
[   60.180921][    C1] ---[ end trace 604644b1b4507fa2 ]---
[   60.186298][    C1] RIP: 0010:rcu_do_batch+0x594/0xc40
[   60.191321][    C1] Code: 8b 75 00 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 49 89 c7 74 08 4c 89 ef e8 37 f4 4f 00 48 c7 43 08 00 00 00 00 48 89 df <41> ff d6 65 8b 05 1e 19 aa 7e a9 00 01 00 00 75 73 e8 36 fa ff ff
[   60.210804][    C1] RSP: 0018:ffffc90000147a40 EFLAGS: 00010246
[   60.216694][    C1] RAX: dffffc0000000000 RBX: ffff888123458c00 RCX: ffffc900001479c8
[   60.224510][    C1] RDX: ffff8881170a9340 RSI: ffffc900001479d0 RDI: ffff888123458c00
[   60.232289][    C1] RBP: ffffc90000147bf0 R08: 0000000000000001 R09: ffffc90000147714
[   60.240237][    C1] R10: 000000004e19791e R11: 000000001c31c411 R12: ffffc90000147b60
[   60.248127][    C1] R13: ffff888123458c08 R14: 174ff82000000000 R15: dffffc0000000000
[   60.255948][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   60.264711][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   60.271100][    C1] CR2: 00007f1b7845d000 CR3: 0000000115770000 CR4: 00000000003506a0
[   60.279121][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   60.286924][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   60.294841][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[   60.302036][    C1] Kernel Offset: disabled
[   60.306175][    C1] Rebooting in 86400 seconds..