Warning: Permanently added '10.128.0.75' (ED25519) to the list of known hosts.
2025/02/26 14:08:16 ignoring optional flag "sandboxArg"="0"
2025/02/26 14:08:17 parsed 1 programs
[   55.773498][   T24] kauditd_printk_skb: 31 callbacks suppressed
[   55.773512][   T24] audit: type=1400 audit(1740578898.140:107): avc:  denied  { unlink } for  pid=443 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   55.808932][  T443] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   56.186826][   T24] audit: type=1400 audit(1740578898.550:108): avc:  denied  { create } for  pid=449 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   56.700388][   T24] audit: type=1401 audit(1740578899.070:109): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   56.860960][  T491] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.867814][  T491] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.875491][  T491] device bridge_slave_0 entered promiscuous mode
[   56.882346][  T491] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.889205][  T491] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.896896][  T491] device bridge_slave_1 entered promiscuous mode
[   56.933040][  T491] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.940061][  T491] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.947113][  T491] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.953966][  T491] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.971739][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   56.979170][  T340] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.986246][  T340] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.995489][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   57.003577][  T340] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.010554][  T340] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.019206][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   57.027544][  T340] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.034742][  T340] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.046371][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   57.056129][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   57.069448][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   57.081561][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   57.089410][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   57.097067][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   57.105378][  T491] device veth0_vlan entered promiscuous mode
[   57.115251][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   57.124084][  T491] device veth1_macvtap entered promiscuous mode
[   57.133321][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   57.148365][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2025/02/26 14:08:19 executed programs: 0
[   57.414789][  T506] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.421878][  T506] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.429124][  T506] device bridge_slave_0 entered promiscuous mode
[   57.436057][  T506] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.442957][  T506] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.450554][  T506] device bridge_slave_1 entered promiscuous mode
[   57.501668][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.509144][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.524361][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   57.532528][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   57.540947][  T340] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.547785][  T340] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.556456][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   57.564205][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   57.572411][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   57.580717][  T340] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.587544][  T340] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.598851][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   57.613978][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   57.627385][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   57.639000][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   57.647362][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   57.654896][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   57.663273][  T506] device veth0_vlan entered promiscuous mode
[   57.675119][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   57.684632][  T506] device veth1_macvtap entered promiscuous mode
[   57.694830][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   57.708422][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   57.772039][  T518] EXT4-fs (loop2): 1 orphan inode deleted
[   57.777683][  T518] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,bsddf,lazytime,
[   57.796183][   T24] audit: type=1400 audit(1740578900.160:110): avc:  denied  { mount } for  pid=517 comm="syz.2.16" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   57.796205][  T518] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.828439][   T24] audit: type=1400 audit(1740578900.180:111): avc:  denied  { write } for  pid=517 comm="syz.2.16" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   57.849929][   T24] audit: type=1400 audit(1740578900.180:112): avc:  denied  { add_name } for  pid=517 comm="syz.2.16" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   57.870210][   T24] audit: type=1400 audit(1740578900.180:113): avc:  denied  { create } for  pid=517 comm="syz.2.16" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   57.892876][   T24] audit: type=1400 audit(1740578900.190:114): avc:  denied  { write open } for  pid=517 comm="syz.2.16" path="/0/file1/bus" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   57.916605][   T24] audit: type=1400 audit(1740578900.190:115): avc:  denied  { read } for  pid=517 comm="syz.2.16" name="bus" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   57.937782][  T522] ==================================================================
[   57.939161][   T24] audit: type=1400 audit(1740578900.200:116): avc:  denied  { mounton } for  pid=517 comm="syz.2.16" path="/0/file1/bus" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   57.945596][  T522] BUG: KASAN: use-after-free in ext4_ext_insert_extent+0x2a72/0x4c30
[   57.945608][  T522] Read of size 324636 at addr ffff8881254f8a88 by task syz.2.16/522
[   57.945610][  T522] 
[   57.945638][  T522] CPU: 0 PID: 522 Comm: syz.2.16 Not tainted 5.10.234-syzkaller-1006652-g3f5f2283d684 #0
[   57.996138][  T522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   58.006084][  T522] Call Trace:
[   58.009259][  T522]  dump_stack_lvl+0x1e2/0x24b
[   58.013773][  T522]  ? bfq_pos_tree_add_move+0x43b/0x43b
[   58.019186][  T522]  ? panic+0x812/0x812
[   58.023166][  T522]  ? schedule+0x154/0x1d0
[   58.027335][  T522]  print_address_description+0x81/0x3b0
[   58.032715][  T522]  kasan_report+0x179/0x1c0
[   58.037056][  T522]  ? ext4_ext_insert_extent+0x2a72/0x4c30
[   58.042608][  T522]  ? ext4_ext_insert_extent+0x2a72/0x4c30
[   58.048165][  T522]  kasan_check_range+0x293/0x2a0
[   58.052941][  T522]  ? ext4_ext_insert_extent+0x2a72/0x4c30
[   58.058488][  T522]  memmove+0x2d/0x70
[   58.062493][  T522]  ext4_ext_insert_extent+0x2a72/0x4c30
[   58.067966][  T522]  ? __sync_dirty_buffer+0x2e9/0x330
[   58.073259][  T522]  ? __kasan_check_read+0x11/0x20
[   58.078107][  T522]  ? __ext4_handle_dirty_metadata+0x36e/0x810
[   58.084022][  T522]  ? ext4_ext_next_allocated_block+0x310/0x310
[   58.089999][  T522]  ? __ext4_ext_dirty+0x1b6/0x1f0
[   58.094949][  T522]  ext4_split_extent_at+0x84a/0x1240
[   58.100078][  T522]  ? ext4_ext_try_to_merge_right+0x7e0/0x7e0
[   58.105882][  T522]  ext4_ext_remove_space+0x719/0x4e10
[   58.111182][  T522]  ? _raw_spin_trylock_bh+0x190/0x190
[   58.116385][  T522]  ? __kasan_check_write+0x14/0x20
[   58.121342][  T522]  ? _raw_write_lock+0xa4/0x170
[   58.126031][  T522]  ? _raw_write_trylock+0x1a0/0x1a0
[   58.131051][  T522]  ? ext4_discard_preallocations+0xd0e/0xef0
[   58.136954][  T522]  ? ext4_ext_index_trans_blocks+0x120/0x120
[   58.142965][  T522]  ? ext4_es_remove_extent+0x297/0x460
[   58.148329][  T522]  ? ext4_zero_partial_blocks+0x1e5/0x220
[   58.153884][  T522]  ext4_punch_hole+0x720/0xb10
[   58.158480][  T522]  ext4_fallocate+0x2e8/0x1cc0
[   58.163168][  T522]  ? ext4_ext_truncate+0x200/0x200
[   58.168111][  T522]  ? fsnotify_perm+0x67/0x4e0
[   58.172630][  T522]  ? security_file_permission+0x7b/0xb0
[   58.178017][  T522]  ? preempt_count_add+0x92/0x1a0
[   58.182953][  T522]  vfs_fallocate+0x492/0x570
[   58.187376][  T522]  __x64_sys_fallocate+0xc0/0x110
[   58.192244][  T522]  do_syscall_64+0x34/0x70
[   58.196489][  T522]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   58.202228][  T522] RIP: 0033:0x7f815d563de9
[   58.206480][  T522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.226135][  T522] RSP: 002b:00007f815cfb5038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   58.234375][  T522] RAX: ffffffffffffffda RBX: 00007f815d77d080 RCX: 00007f815d563de9
[   58.242263][  T522] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[   58.250071][  T522] RBP: 00007f815d5e52a0 R08: 0000000000000000 R09: 0000000000000000
[   58.258268][  T522] R10: 0000000000001a00 R11: 0000000000000246 R12: 0000000000000000
[   58.266078][  T522] R13: 0000000000000000 R14: 00007f815d77d080 R15: 00007fff5b5bfc28
[   58.273974][  T522] 
[   58.276232][  T522] The buggy address belongs to the page:
[   58.281918][  T522] page:ffffea0004953e00 refcount:1 mapcount:1 mapping:0000000000000000 index:0x400000033 pfn:0x1254f8
[   58.292754][  T522] anon flags: 0x4000000000080014(uptodate|lru|swapbacked)
[   58.299690][  T522] raw: 4000000000080014 ffffea0004953d08 ffffea0004953e48 ffff88810e3e0451
[   58.308111][  T522] raw: 0000000400000033 0000000000000000 0000000100000000 ffff88810ef3a000
[   58.316648][  T522] page dumped because: kasan: bad access detected
[   58.323411][  T522] page->mem_cgroup:ffff88810ef3a000
[   58.328449][  T522] page_owner tracks the page as allocated
[   58.334104][  T522] page last allocated via order 0, migratetype Movable, gfp_mask 0x8100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x8000000), pid 518, ts 57832084301, free_ts 35385655033
[   58.350239][  T522]  prep_new_page+0x166/0x180
[   58.354736][  T522]  get_page_from_freelist+0x2d8c/0x2f30
[   58.360196][  T522]  __alloc_pages_nodemask+0x435/0xaf0
[   58.365407][  T522]  handle_pte_fault+0x175a/0x3e10
[   58.370365][  T522]  handle_mm_fault+0x11d6/0x1a10
[   58.375142][  T522]  exc_page_fault+0x2a6/0x5b0
[   58.379648][  T522]  asm_exc_page_fault+0x1e/0x30
[   58.384329][  T522] page last free stack trace:
[   58.388856][  T522]  free_unref_page_prepare+0x2ae/0x2d0
[   58.394147][  T522]  free_unref_page_list+0x122/0xb20
[   58.399193][  T522]  release_pages+0xea0/0xef0
[   58.403610][  T522]  free_pages_and_swap_cache+0x8a/0xa0
[   58.408901][  T522]  tlb_flush_mmu+0xd0/0x180
[   58.413262][  T522]  unmap_page_range+0x1f34/0x23b0
[   58.418109][  T522]  unmap_vmas+0x37f/0x4f0
[   58.422271][  T522]  exit_mmap+0x2e6/0x560
[   58.426403][  T522]  __mmput+0x95/0x2d0
[   58.430168][  T522]  mmput+0x59/0x170
[   58.433823][  T522]  do_exit+0xbda/0x2a50
[   58.437901][  T522]  do_group_exit+0x141/0x310
[   58.442494][  T522]  get_signal+0x10a0/0x1410
[   58.446827][  T522]  arch_do_signal_or_restart+0xbd/0x17c0
[   58.452296][  T522]  exit_to_user_mode_loop+0x9b/0xd0
[   58.457415][  T522]  syscall_exit_to_user_mode+0xa2/0x1a0
[   58.462793][  T522] 
[   58.464956][  T522] Memory state around the buggy address:
[   58.470524][  T522]  ffff888125529f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   58.478659][  T522]  ffff888125529f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   58.486621][  T522] >ffff88812552a000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   58.494510][  T522]                    ^
[   58.498419][  T522]  ffff88812552a080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   58.506537][  T522]  ffff88812552a100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   58.514423][  T522] ==================================================================
[   58.522408][  T522] Disabling lock debugging due to kernel taint
[   58.572788][  T522] EXT4-fs error (device loop2): ext4_free_blocks:5685: comm syz.2.16: Freeing blocks not in datazone - block = 72728140209669, count = 1
[   58.608390][  T522] EXT4-fs (loop2): Remounting filesystem read-only
[   58.615497][  T522] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5900: Corrupt filesystem
[   58.625319][  T522] EXT4-fs error (device loop2): ext4_punch_hole:4229: inode #16: comm syz.2.16: mark_inode_dirty error
[   58.642877][  T506] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[   58.648577][   T95] udevd[95]: worker [453] terminated by signal 11 (Segmentation fault)
[   58.665245][   T95] udevd[95]: worker [453] failed while handling '/devices/virtual/block/loop2'
[   58.792308][  T525] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.799337][  T525] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.807049][  T525] device bridge_slave_0 entered promiscuous mode
[   58.814061][  T525] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.821193][  T525] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.828574][  T525] device bridge_slave_1 entered promiscuous mode
[   58.869287][  T525] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.876258][  T525] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.883361][  T525] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.890204][  T525] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.912878][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.921061][  T516] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.928138][  T516] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.939710][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.947845][  T516] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.954708][  T516] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.965071][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.973730][  T516] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.980633][  T516] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.991852][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   59.003529][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   59.017013][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   59.026262][    T7] device bridge_slave_1 left promiscuous mode
[   59.032373][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.039651][    T7] device bridge_slave_0 left promiscuous mode
[   59.045902][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.054040][    T7] device veth1_macvtap left promiscuous mode
[   59.059906][    T7] device veth0_vlan left promiscuous mode
[   59.165547][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   59.173460][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   59.180843][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   59.189465][  T525] device veth0_vlan entered promiscuous mode
[   59.199812][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   59.208704][  T525] device veth1_macvtap entered promiscuous mode
[   59.218223][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   59.228994][  T516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   59.301962][  T530] EXT4-fs (loop3): 1 orphan inode deleted
[   59.307543][  T530] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,bsddf,lazytime,
[   59.326326][  T530] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.400623][  T534] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5900: Corrupt filesystem
[   59.410631][  T534] EXT4-fs (loop3): Remounting filesystem read-only
[   59.417112][  T534] EXT4-fs error (device loop3): ext4_dirty_inode:6110: inode #16: comm syz.3.19: mark_inode_dirty error
[   59.428919][  T534] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.19: Invalid block bitmap block 0 in block_group 0
[   59.442516][  T534] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5900: Corrupt filesystem
[   59.456473][  T534] EXT4-fs error (device loop3): ext4_punch_hole:4229: inode #16: comm syz.3.19: mark_inode_dirty error
[   59.801044][    T7] device bridge_slave_1 left promiscuous mode
[   59.807200][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.815187][    T7] device bridge_slave_0 left promiscuous mode
[   59.821304][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.829515][    T7] device veth1_macvtap left promiscuous mode
[   59.836123][    T7] device veth0_vlan left promiscuous mode
[   60.110672][  T525] EXT4-fs error (device loop3): ext4_map_blocks:629: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[   60.245772][  T537] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.253622][  T537] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.261023][  T537] device bridge_slave_0 entered promiscuous mode
[   60.270393][  T537] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.277256][  T537] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.284612][  T537] device bridge_slave_1 entered promiscuous mode
[   60.323260][  T537] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.330309][  T537] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.337522][  T537] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.344407][  T537] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.361784][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   60.369182][  T340] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.376895][  T340] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.387365][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   60.395453][  T340] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.402315][  T340] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.411331][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   60.419357][  T340] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.426215][  T340] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.439606][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   60.448684][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   60.465331][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   60.476889][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   60.485207][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   60.492774][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   60.501517][  T537] device veth0_vlan entered promiscuous mode
[   60.512953][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   60.521853][  T537] device veth1_macvtap entered promiscuous mode
[   60.531583][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   60.541941][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   60.550348][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   60.611889][  T543] EXT4-fs (loop4): 1 orphan inode deleted
[   60.617522][  T543] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,bsddf,lazytime,
[   60.636338][  T543] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.706279][  T547] ------------[ cut here ]------------
[   60.712109][  T547] kernel BUG at fs/ext4/extents.c:3180!
[   60.717513][  T547] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   60.723473][  T547] CPU: 0 PID: 547 Comm: syz.4.22 Tainted: G    B             5.10.234-syzkaller-1006652-g3f5f2283d684 #0
[   60.734657][  T547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   60.744566][  T547] RIP: 0010:ext4_split_extent_at+0x121c/0x1240
[   60.750774][  T547] Code: fe c1 38 c1 0f 8c 16 fa ff ff e8 cf b7 cf ff 48 8b 54 24 58 48 8b 74 24 40 e9 02 fa ff ff e8 1b 18 92 ff 0f 0b e8 14 18 92 ff <0f> 0b e8 0d 18 92 ff 0f 0b e8 66 4f d5 02 e8 01 18 92 ff 0f 0b e8
[   60.770449][  T547] RSP: 0018:ffffc900030a7820 EFLAGS: 00010293
[   60.776324][  T547] RAX: ffffffff81d8a74c RBX: 0000000000000000 RCX: ffff88811c0093c0
[   60.784250][  T547] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   60.792097][  T547] RBP: ffffc900030a7990 R08: ffffffff81d897b2 R09: ffffc900030a7920
[   60.799973][  T547] R10: fffff52000614f25 R11: dffffc0000000001 R12: 0000000000000000
[   60.807855][  T547] R13: 0000000000000000 R14: 1ffff11024aa1657 R15: 0000000000000000
[   60.815978][  T547] FS:  00007f06806476c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   60.824819][  T547] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   60.831332][  T547] CR2: 000040000003207f CR3: 0000000119f8b000 CR4: 00000000003506b0
[   60.839150][  T547] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   60.846964][  T547] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   60.854760][  T547] Call Trace:
[   60.857978][  T547]  ? __die_body+0x62/0xb0
[   60.862142][  T547]  ? die+0x88/0xb0
[   60.866325][  T547]  ? do_trap+0x1a4/0x310
[   60.870400][  T547]  ? ext4_split_extent_at+0x121c/0x1240
[   60.875891][  T547]  ? handle_invalid_op+0x95/0xc0
[   60.880655][  T547]  ? ext4_split_extent_at+0x121c/0x1240
[   60.886049][  T547]  ? exc_invalid_op+0x32/0x50
[   60.890549][  T547]  ? asm_exc_invalid_op+0x12/0x20
[   60.895437][  T547]  ? ext4_split_extent_at+0x282/0x1240
[   60.900717][  T547]  ? ext4_split_extent_at+0x121c/0x1240
[   60.906089][  T547]  ? ext4_split_extent_at+0x121c/0x1240
[   60.911490][  T547]  ? ext4_ext_try_to_merge_right+0x7e0/0x7e0
[   60.917287][  T547]  ext4_ext_remove_space+0x719/0x4e10
[   60.922764][  T547]  ? _raw_spin_trylock_bh+0x190/0x190
[   60.927960][  T547]  ? __kasan_check_write+0x14/0x20
[   60.933014][  T547]  ? _raw_write_lock+0xa4/0x170
[   60.937683][  T547]  ? _raw_write_trylock+0x1a0/0x1a0
[   60.942805][  T547]  ? ext4_discard_preallocations+0xd0e/0xef0
[   60.948708][  T547]  ? ext4_ext_index_trans_blocks+0x120/0x120
[   60.954526][  T547]  ? ext4_es_remove_extent+0x297/0x460
[   60.960030][  T547]  ? ext4_zero_partial_blocks+0x1e5/0x220
[   60.965590][  T547]  ext4_punch_hole+0x720/0xb10
[   60.970180][  T547]  ext4_fallocate+0x2e8/0x1cc0
[   60.974877][  T547]  ? ext4_ext_truncate+0x200/0x200
[   60.979823][  T547]  ? fsnotify_perm+0x67/0x4e0
[   60.984326][  T547]  ? security_file_permission+0x7b/0xb0
[   60.989717][  T547]  ? preempt_count_add+0x92/0x1a0
[   60.994677][  T547]  vfs_fallocate+0x492/0x570
[   60.999083][  T547]  __x64_sys_fallocate+0xc0/0x110
[   61.003947][  T547]  do_syscall_64+0x34/0x70
[   61.008199][  T547]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   61.013926][  T547] RIP: 0033:0x7f0680bf5de9
[   61.018187][  T547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.037709][  T547] RSP: 002b:00007f0680647038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   61.045952][  T547] RAX: ffffffffffffffda RBX: 00007f0680e0f080 RCX: 00007f0680bf5de9
[   61.053857][  T547] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[   61.061705][  T547] RBP: 00007f0680c772a0 R08: 0000000000000000 R09: 0000000000000000
[   61.069482][  T547] R10: 0000000000001a00 R11: 0000000000000246 R12: 0000000000000000
[   61.077511][  T547] R13: 0000000000000000 R14: 00007f0680e0f080 R15: 00007ffd7c7e5898
[   61.085791][  T547] Modules linked in:
[   61.097566][    T7] device bridge_slave_1 left promiscuous mode
[   61.103860][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.111729][    T7] device bridge_slave_0 left promiscuous mode
[   61.112223][  T547] ---[ end trace 219cab425b563372 ]---
[   61.117955][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.131723][    T7] device veth1_macvtap left promiscuous mode
[   61.137409][  T547] RIP: 0010:ext4_split_extent_at+0x121c/0x1240
[   61.137650][    T7] device veth0_vlan left promiscuous mode
[   61.151552][  T547] Code: fe c1 38 c1 0f 8c 16 fa ff ff e8 cf b7 cf ff 48 8b 54 24 58 48 8b 74 24 40 e9 02 fa ff ff e8 1b 18 92 ff 0f 0b e8 14 18 92 ff <0f> 0b e8 0d 18 92 ff 0f 0b e8 66 4f d5 02 e8 01 18 92 ff 0f 0b e8
[   61.199970][  T547] RSP: 0018:ffffc900030a7820 EFLAGS: 00010293
[   61.206186][  T547] RAX: ffffffff81d8a74c RBX: 0000000000000000 RCX: ffff88811c0093c0
[   61.214438][  T547] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   61.222866][  T547] RBP: ffffc900030a7990 R08: ffffffff81d897b2 R09: ffffc900030a7920
[   61.233675][  T547] R10: fffff52000614f25 R11: dffffc0000000001 R12: 0000000000000000
[   61.242205][  T547] R13: 0000000000000000 R14: 1ffff11024aa1657 R15: 0000000000000000
[   61.250191][  T547] FS:  00007f06806476c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   61.258902][  T547] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   61.265408][  T547] CR2: 000040000003207f CR3: 0000000119f8b000 CR4: 00000000003506b0
[   61.273710][  T547] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   61.282743][  T547] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   61.290707][  T547] Kernel panic - not syncing: Fatal exception
[   61.296869][  T547] Kernel Offset: disabled
[   61.301002][  T547] Rebooting in 86400 seconds..