Warning: Permanently added '10.128.1.102' (ED25519) to the list of known hosts.
2025/10/12 18:50:01 parsed 1 programs
[   97.390052][   T50] cfg80211: failed to load regulatory.db
[   98.335239][ T5831] cgroup: Unknown subsys name 'net'
[   98.473290][ T5831] cgroup: Unknown subsys name 'cpuset'
[   98.482893][ T5831] cgroup: Unknown subsys name 'rlimit'
[  100.296834][ T5831] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  103.544142][ T5844] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  104.195390][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  104.206669][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  104.216009][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  104.226578][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  104.235883][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  105.841906][ T5889] chnl_net:caif_netlink_parms(): no params data found
[  105.933613][ T5889] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.942486][ T5889] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.949893][ T5889] bridge_slave_0: entered allmulticast mode
[  105.957654][ T5889] bridge_slave_0: entered promiscuous mode
[  105.967911][ T5889] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.975612][ T5889] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.983798][ T5889] bridge_slave_1: entered allmulticast mode
[  105.991643][ T5889] bridge_slave_1: entered promiscuous mode
[  106.035516][ T5889] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.050708][ T5889] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.100543][ T5889] team0: Port device team_slave_0 added
[  106.109899][ T5889] team0: Port device team_slave_1 added
[  106.142928][ T5889] batman_adv: batadv0: Adding interface: batadv_slave_0
[  106.150889][ T5889] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  106.177989][ T5889] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  106.193074][ T5889] batman_adv: batadv0: Adding interface: batadv_slave_1
[  106.200566][ T5889] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  106.228513][ T5889] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.281453][ T5889] hsr_slave_0: entered promiscuous mode
[  106.288977][ T5889] hsr_slave_1: entered promiscuous mode
[  106.463154][ T5889] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  106.477519][ T5889] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  106.490860][ T5889] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  106.503954][ T5889] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.543160][ T5889] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.550811][ T5889] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.559860][ T5889] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.567319][ T5889] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.644915][ T5889] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.670774][ T1218] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.681190][ T1218] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.702160][ T5889] 8021q: adding VLAN 0 to HW filter on device team0
[  106.717518][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.725696][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.741538][ T1218] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.749764][ T1218] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.947486][ T5889] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.011523][ T5889] veth0_vlan: entered promiscuous mode
[  107.024161][ T5889] veth1_vlan: entered promiscuous mode
[  107.057648][ T5889] veth0_macvtap: entered promiscuous mode
[  107.071243][ T5889] veth1_macvtap: entered promiscuous mode
[  107.096402][ T5889] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.113334][ T5889] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.133364][ T1218] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.143759][ T1218] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.153874][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.164891][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.313810][   T61] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.396810][   T61] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.477813][   T61] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.567360][   T61] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.358473][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.381247][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.469854][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.479739][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/10/12 18:50:16 executed programs: 0
[  109.762642][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  109.777221][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  109.790832][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  109.799783][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  109.809438][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  109.819042][   T61] bridge_slave_1: left allmulticast mode
[  109.825536][   T61] bridge_slave_1: left promiscuous mode
[  109.840546][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.861254][   T61] bridge_slave_0: left allmulticast mode
[  109.867525][   T61] bridge_slave_0: left promiscuous mode
[  109.873943][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.165353][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  110.178361][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  110.191036][   T61] bond0 (unregistering): Released all slaves
[  110.309027][   T61] hsr_slave_0: left promiscuous mode
[  110.316542][   T61] hsr_slave_1: left promiscuous mode
[  110.325277][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  110.333697][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  110.342873][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  110.351153][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  110.376476][   T61] veth1_macvtap: left promiscuous mode
[  110.384596][   T61] veth0_macvtap: left promiscuous mode
[  110.391175][   T61] veth1_vlan: left promiscuous mode
[  110.397035][   T61] veth0_vlan: left promiscuous mode
[  110.947632][   T61] team0 (unregistering): Port device team_slave_1 removed
[  110.987844][   T61] team0 (unregistering): Port device team_slave_0 removed
[  111.477837][ T5940] chnl_net:caif_netlink_parms(): no params data found
[  111.809437][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.817405][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.827184][ T5940] bridge_slave_0: entered allmulticast mode
[  111.839984][ T5940] bridge_slave_0: entered promiscuous mode
[  111.854453][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.862332][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.870988][ T5147] Bluetooth: hci0: command tx timeout
[  111.878757][ T5940] bridge_slave_1: entered allmulticast mode
[  111.887351][ T5940] bridge_slave_1: entered promiscuous mode
[  112.193721][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  112.216942][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  112.355860][ T5940] team0: Port device team_slave_0 added
[  112.365261][ T5940] team0: Port device team_slave_1 added
[  112.433809][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0
[  112.445924][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  112.475078][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  112.520820][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1
[  112.529629][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  112.557620][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  112.694412][ T5940] hsr_slave_0: entered promiscuous mode
[  112.705799][ T5940] hsr_slave_1: entered promiscuous mode
[  113.368435][ T5940] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  113.382013][ T5940] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  113.399821][ T5940] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  113.426074][ T5940] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  113.570951][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.606868][ T5940] 8021q: adding VLAN 0 to HW filter on device team0
[  113.625277][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.633388][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.666268][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.674201][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.950533][ T5147] Bluetooth: hci0: command tx timeout
[  113.985394][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.061400][ T5940] veth0_vlan: entered promiscuous mode
[  114.077567][ T5940] veth1_vlan: entered promiscuous mode
[  114.129180][ T5940] veth0_macvtap: entered promiscuous mode
[  114.142024][ T5940] veth1_macvtap: entered promiscuous mode
[  114.175581][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.197768][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.224308][ T1218] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.245922][ T1218] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.262580][ T1218] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.275015][ T1218] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.362631][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.377105][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.421981][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.432443][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.520639][ T6035] loop0: detected capacity change from 0 to 1024
[  114.538373][ T6035] =======================================================
[  114.538373][ T6035] WARNING: The mand mount option has been deprecated and
[  114.538373][ T6035]          and is ignored by this kernel. Remove the mand
[  114.538373][ T6035]          option from the mount to silence this warning.
[  114.538373][ T6035] =======================================================
[  114.637341][ T6035] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.654707][   T30] audit: type=1800 audit(1760295021.713:2): pid=6035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.17" name="file1" dev="loop0" ino=15 res=0 errno=0
[  114.767540][ T6035] ==================================================================
[  114.775990][ T6035] BUG: KASAN: use-after-free in ext4_find_extent+0xae6/0xcc0
[  114.783423][ T6035] Read of size 4 at addr ffff888070207018 by task syz.0.17/6035
[  114.791698][ T6035] 
[  114.794076][ T6035] CPU: 0 UID: 0 PID: 6035 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  114.794103][ T6035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  114.794125][ T6035] Call Trace:
[  114.794134][ T6035]  <TASK>
[  114.794143][ T6035]  dump_stack_lvl+0x189/0x250
[  114.794170][ T6035]  ? __virt_addr_valid+0x1c8/0x5c0
[  114.794191][ T6035]  ? rcu_is_watching+0x15/0xb0
[  114.794221][ T6035]  ? __pfx_dump_stack_lvl+0x10/0x10
[  114.794241][ T6035]  ? rcu_is_watching+0x15/0xb0
[  114.794270][ T6035]  ? lock_release+0x4b/0x3e0
[  114.794295][ T6035]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  114.794318][ T6035]  ? __virt_addr_valid+0x1c8/0x5c0
[  114.794338][ T6035]  ? __virt_addr_valid+0x4a5/0x5c0
[  114.794360][ T6035]  print_report+0xca/0x240
[  114.794384][ T6035]  ? ext4_find_extent+0xae6/0xcc0
[  114.794412][ T6035]  kasan_report+0x118/0x150
[  114.794447][ T6035]  ? ext4_find_extent+0xae6/0xcc0
[  114.794479][ T6035]  ext4_find_extent+0xae6/0xcc0
[  114.794512][ T6035]  ext4_ext_map_blocks+0x288/0x6ac0
[  114.794555][ T6035]  ? __lock_acquire+0xab9/0xd20
[  114.794586][ T6035]  ? __pfx_ext4_ext_map_blocks+0x10/0x10
[  114.794625][ T6035]  ? ext4_es_lookup_extent+0x622/0xa70
[  114.794652][ T6035]  ext4_map_blocks+0x860/0x1740
[  114.794680][ T6035]  ? __pfx_ext4_map_blocks+0x10/0x10
[  114.794703][ T6035]  ? __pfx_invalidate_inode_pages2_range+0x10/0x10
[  114.794730][ T6035]  ? __ext4_journal_start_sb+0x27e/0x5c0
[  114.794760][ T6035]  ext4_iomap_begin+0xe2b/0x1900
[  114.794793][ T6035]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  114.794825][ T6035]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  114.794848][ T6035]  iomap_iter+0x534/0xde0
[  114.794875][ T6035]  __iomap_dio_rw+0xc57/0x1e50
[  114.794913][ T6035]  ? __pfx___iomap_dio_rw+0x10/0x10
[  114.794938][ T6035]  ? seqcount_lockdep_reader_access+0x122/0x1c0
[  114.794959][ T6035]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.794980][ T6035]  ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[  114.795002][ T6035]  ? seqcount_lockdep_reader_access+0x174/0x1c0
[  114.795034][ T6035]  ? current_time+0x222/0x370
[  114.795070][ T6035]  iomap_dio_rw+0x45/0xb0
[  114.795096][ T6035]  ext4_file_write_iter+0x16a2/0x1bc0
[  114.795132][ T6035]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  114.795157][ T6035]  ? __asan_memset+0x22/0x50
[  114.795179][ T6035]  iter_file_splice_write+0x975/0x10e0
[  114.795232][ T6035]  ? __pfx_iter_file_splice_write+0x10/0x10
[  114.795259][ T6035]  ? rcu_read_lock_any_held+0xb3/0x120
[  114.795293][ T6035]  ? direct_splice_actor+0x10c/0x160
[  114.795320][ T6035]  ? __pfx_iter_file_splice_write+0x10/0x10
[  114.795344][ T6035]  direct_splice_actor+0x101/0x160
[  114.795371][ T6035]  splice_direct_to_actor+0x5a8/0xcc0
[  114.795405][ T6035]  ? __pfx_direct_splice_actor+0x10/0x10
[  114.795436][ T6035]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  114.795465][ T6035]  do_splice_direct+0x181/0x270
[  114.795490][ T6035]  ? __pfx_do_splice_direct+0x10/0x10
[  114.795514][ T6035]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  114.795543][ T6035]  ? rw_verify_area+0x255/0x4d0
[  114.795565][ T6035]  do_sendfile+0x4da/0x7e0
[  114.795597][ T6035]  ? __pfx_do_sendfile+0x10/0x10
[  114.795627][ T6035]  ? __se_sys_futex+0x36f/0x400
[  114.795652][ T6035]  __se_sys_sendfile64+0x13e/0x190
[  114.795679][ T6035]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  114.795707][ T6035]  ? do_syscall_64+0xbe/0xfa0
[  114.795732][ T6035]  do_syscall_64+0xfa/0xfa0
[  114.795754][ T6035]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.795776][ T6035]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.795797][ T6035]  ? clear_bhb_loop+0x60/0xb0
[  114.795819][ T6035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.795839][ T6035] RIP: 0033:0x7f56d278eec9
[  114.795865][ T6035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.795881][ T6035] RSP: 002b:00007f56d3637038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  114.795903][ T6035] RAX: ffffffffffffffda RBX: 00007f56d29e5fa0 RCX: 00007f56d278eec9
[  114.795918][ T6035] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[  114.795929][ T6035] RBP: 00007f56d2811f91 R08: 0000000000000000 R09: 0000000000000000
[  114.795941][ T6035] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000000
[  114.795953][ T6035] R13: 00007f56d29e6038 R14: 00007f56d29e5fa0 R15: 00007ffe41cf87b8
[  114.795977][ T6035]  </TASK>
[  114.795984][ T6035] 
[  115.241569][ T6035] The buggy address belongs to the physical page:
[  115.248266][ T6035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7 pfn:0x70207
[  115.257051][ T6035] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  115.264464][ T6035] raw: 00fff00000000000 ffffea0001c07e08 ffffea0001c18908 0000000000000000
[  115.273382][ T6035] raw: 0000000000000007 0000000000000000 00000000ffffffff 0000000000000000
[  115.282160][ T6035] page dumped because: kasan: bad access detected
[  115.288977][ T6035] page_owner tracks the page as freed
[  115.294452][ T6035] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 6038, tgid 6038 (sed), ts 114654494627, free_ts 114670459028
[  115.312342][ T6035]  post_alloc_hook+0x240/0x2a0
[  115.317399][ T6035]  get_page_from_freelist+0x2365/0x2440
[  115.323261][ T6035]  __alloc_frozen_pages_noprof+0x181/0x370
[  115.330123][ T6035]  alloc_pages_mpol+0x232/0x4a0
[  115.335280][ T6035]  vma_alloc_folio_noprof+0xe4/0x200
[  115.340622][ T6035]  folio_prealloc+0x30/0x180
[  115.345261][ T6035]  __handle_mm_fault+0x16fd/0x5400
[  115.350937][ T6035]  handle_mm_fault+0x40a/0x8e0
[  115.355743][ T6035]  do_user_addr_fault+0xa7c/0x1380
[  115.361016][ T6035]  exc_page_fault+0x82/0x100
[  115.366120][ T6035]  asm_exc_page_fault+0x26/0x30
[  115.370986][ T6035] page last free pid 6038 tgid 6038 stack trace:
[  115.377802][ T6035]  free_unref_folios+0xdb3/0x14f0
[  115.383062][ T6035]  folios_put_refs+0x584/0x670
[  115.387885][ T6035]  free_pages_and_swap_cache+0x277/0x520
[  115.393918][ T6035]  tlb_flush_mmu+0x3a0/0x680
[  115.398551][ T6035]  tlb_finish_mmu+0xc3/0x1d0
[  115.403317][ T6035]  exit_mmap+0x444/0xb40
[  115.407594][ T6035]  __mmput+0x118/0x430
[  115.411697][ T6035]  exit_mm+0x1da/0x2c0
[  115.416313][ T6035]  do_exit+0x648/0x2300
[  115.420950][ T6035]  do_group_exit+0x21c/0x2d0
[  115.425965][ T6035]  __x64_sys_exit_group+0x3f/0x40
[  115.431369][ T6035]  x64_sys_call+0x21f7/0x2200
[  115.436332][ T6035]  do_syscall_64+0xfa/0xfa0
[  115.440954][ T6035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.446960][ T6035] 
[  115.449294][ T6035] Memory state around the buggy address:
[  115.454950][ T6035]  ffff888070206f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  115.463767][ T6035]  ffff888070206f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  115.473076][ T6035] >ffff888070207000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  115.481422][ T6035]                             ^
[  115.486767][ T6035]  ffff888070207080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  115.495366][ T6035]  ffff888070207100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  115.503793][ T6035] ==================================================================
[  115.530091][ T6035] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  115.537712][ T6035] CPU: 0 UID: 0 PID: 6035 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  115.546947][ T6035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  115.557301][ T6035] Call Trace:
[  115.560618][ T6035]  <TASK>
[  115.563853][ T6035]  dump_stack_lvl+0x99/0x250
[  115.568596][ T6035]  ? __asan_memcpy+0x40/0x70
[  115.573405][ T6035]  ? __pfx_dump_stack_lvl+0x10/0x10
[  115.578671][ T6035]  ? __pfx__printk+0x10/0x10
[  115.583489][ T6035]  vpanic+0x237/0x6d0
[  115.587769][ T6035]  ? __pfx_vpanic+0x10/0x10
[  115.592814][ T6035]  ? preempt_schedule+0xae/0xc0
[  115.598395][ T6035]  ? __pfx_preempt_schedule+0x10/0x10
[  115.604445][ T6035]  panic+0xb9/0xc0
[  115.608204][ T6035]  ? __pfx_panic+0x10/0x10
[  115.612914][ T6035]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  115.619267][ T6035]  ? is_module_address+0x17/0xf0
[  115.624490][ T6035]  ? ext4_find_extent+0xae6/0xcc0
[  115.629925][ T6035]  check_panic_on_warn+0x89/0xb0
[  115.634994][ T6035]  ? ext4_find_extent+0xae6/0xcc0
[  115.640162][ T6035]  end_report+0x78/0x160
[  115.644626][ T6035]  kasan_report+0x129/0x150
[  115.649461][ T6035]  ? ext4_find_extent+0xae6/0xcc0
[  115.654804][ T6035]  ext4_find_extent+0xae6/0xcc0
[  115.659927][ T6035]  ext4_ext_map_blocks+0x288/0x6ac0
[  115.665182][ T6035]  ? __lock_acquire+0xab9/0xd20
[  115.670178][ T6035]  ? __pfx_ext4_ext_map_blocks+0x10/0x10
[  115.676039][ T6035]  ? ext4_es_lookup_extent+0x622/0xa70
[  115.682590][ T6035]  ext4_map_blocks+0x860/0x1740
[  115.687670][ T6035]  ? __pfx_ext4_map_blocks+0x10/0x10
[  115.693454][ T6035]  ? __pfx_invalidate_inode_pages2_range+0x10/0x10
[  115.701178][ T6035]  ? __ext4_journal_start_sb+0x27e/0x5c0
[  115.707207][ T6035]  ext4_iomap_begin+0xe2b/0x1900
[  115.712720][ T6035]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  115.719176][ T6035]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  115.725664][ T6035]  iomap_iter+0x534/0xde0
[  115.730506][ T6035]  __iomap_dio_rw+0xc57/0x1e50
[  115.736460][ T6035]  ? __pfx___iomap_dio_rw+0x10/0x10
[  115.742316][ T6035]  ? seqcount_lockdep_reader_access+0x122/0x1c0
[  115.750749][ T6035]  ? lockdep_hardirqs_on+0x9c/0x150
[  115.756684][ T6035]  ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[  115.763784][ T6035]  ? seqcount_lockdep_reader_access+0x174/0x1c0
[  115.771243][ T6035]  ? current_time+0x222/0x370
[  115.777024][ T6035]  iomap_dio_rw+0x45/0xb0
[  115.781780][ T6035]  ext4_file_write_iter+0x16a2/0x1bc0
[  115.787927][ T6035]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  115.793951][ T6035]  ? __asan_memset+0x22/0x50
[  115.798833][ T6035]  iter_file_splice_write+0x975/0x10e0
[  115.804692][ T6035]  ? __pfx_iter_file_splice_write+0x10/0x10
[  115.811145][ T6035]  ? rcu_read_lock_any_held+0xb3/0x120
[  115.817002][ T6035]  ? direct_splice_actor+0x10c/0x160
[  115.822848][ T6035]  ? __pfx_iter_file_splice_write+0x10/0x10
[  115.829508][ T6035]  direct_splice_actor+0x101/0x160
[  115.835460][ T6035]  splice_direct_to_actor+0x5a8/0xcc0
[  115.841309][ T6035]  ? __pfx_direct_splice_actor+0x10/0x10
[  115.847516][ T6035]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  115.854013][ T6035]  do_splice_direct+0x181/0x270
[  115.859267][ T6035]  ? __pfx_do_splice_direct+0x10/0x10
[  115.865111][ T6035]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  115.871590][ T6035]  ? rw_verify_area+0x255/0x4d0
[  115.877158][ T6035]  do_sendfile+0x4da/0x7e0
[  115.882265][ T6035]  ? __pfx_do_sendfile+0x10/0x10
[  115.888127][ T6035]  ? __se_sys_futex+0x36f/0x400
[  115.893641][ T6035]  __se_sys_sendfile64+0x13e/0x190
[  115.899586][ T6035]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  115.905774][ T6035]  ? do_syscall_64+0xbe/0xfa0
[  115.910584][ T6035]  do_syscall_64+0xfa/0xfa0
[  115.915585][ T6035]  ? lockdep_hardirqs_on+0x9c/0x150
[  115.921094][ T6035]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.928411][ T6035]  ? clear_bhb_loop+0x60/0xb0
[  115.933915][ T6035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.940618][ T6035] RIP: 0033:0x7f56d278eec9
[  115.945707][ T6035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.969588][ T6035] RSP: 002b:00007f56d3637038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  115.979987][ T6035] RAX: ffffffffffffffda RBX: 00007f56d29e5fa0 RCX: 00007f56d278eec9
[  115.989485][ T6035] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[  115.998468][ T6035] RBP: 00007f56d2811f91 R08: 0000000000000000 R09: 0000000000000000
[  116.007857][ T6035] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000000
[  116.016226][ T6035] R13: 00007f56d29e6038 R14: 00007f56d29e5fa0 R15: 00007ffe41cf87b8
[  116.025127][ T6035]  </TASK>
[  116.046105][ T6035] Kernel Offset: disabled
[  116.052642][ T6035] Rebooting in 86400 seconds..