./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3370055693

<...>
Warning: Permanently added '10.128.15.198' (ECDSA) to the list of known hosts.
execve("./syz-executor3370055693", ["./syz-executor3370055693"], 0x7fff0d2a6f00 /* 10 vars */) = 0
brk(NULL)                               = 0x555556253000
brk(0x555556253c40)                     = 0x555556253c40
arch_prctl(ARCH_SET_FS, 0x555556253300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3370055693", 4096) = 28
brk(0x555556274c40)                     = 0x555556274c40
brk(0x555556275000)                     = 0x555556275000
mprotect(0x7f470acc2000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555562535d0) = 4998
./strace-static-x86_64: Process 4998 attached
[pid  4998] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  4998] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  4998] setsid()                    = 1
[pid  4998] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  4998] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  4998] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  4998] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  4998] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  4998] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  4998] unshare(CLONE_NEWNS)        = 0
[pid  4998] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  4998] unshare(CLONE_NEWIPC)       = 0
[pid  4998] unshare(CLONE_NEWCGROUP)    = 0
[pid  4998] unshare(CLONE_NEWUTS)       = 0
[pid  4998] unshare(CLONE_SYSVSEM)      = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "16777216", 8)     = 8
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "536870912", 9)    = 9
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "1024", 4)         = 4
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "8192", 4)         = 4
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "1024", 4)         = 4
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "1024", 4)         = 4
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "1024 1048576 500 1024", 21) = 21
[pid  4998] close(3)                    = 0
[pid  4998] getpid()                    = 1
[pid  4998] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  4998] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  4998] unshare(CLONE_NEWNET)       = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "0 65535", 7)      = 7
[pid  4998] close(3)                    = 0
[pid  4998] mkdir("/dev/binderfs", 0777) = 0
[pid  4998] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  4998] symlink("/dev/binderfs", "./binderfs") = 0
[pid  4998] memfd_create("syzkaller", 0) = 3
[pid  4998] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f47027fc000
[   42.182062][ T4998] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4998 'syz-executor337'
[pid  4998] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432
[pid  4998] munmap(0x7f47027fc000, 33554432) = 0
[pid  4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  4998] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  4998] close(3)                    = 0
[pid  4998] mkdir("./file0", 0777)      = 0
[   42.355772][ T4998] loop0: detected capacity change from 0 to 65536
[   42.364465][ T4998] XFS: attr2 mount option is deprecated.
[   42.373643][ T4998] XFS (loop0): Deprecated V4 format (crc=0) will not be supported after September 2030.
[   42.384042][ T4998] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261
[pid  4998] mount("/dev/loop0", "./file0", "xfs", 0, "filestreams,swidth=0x0000000000000000,nodiscard,logbufs=00000000000000000006,attr2,,nouuid") = 0
[pid  4998] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  4998] chdir("./file0")            = 0
[pid  4998] ioctl(4, LOOP_CLR_FD)       = 0
[pid  4998] close(4)                    = 0
[pid  4998] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4
[pid  4998] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid  4998] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5
[pid  4998] openat(AT_FDCWD, "memory.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[   42.406251][ T4998] XFS (loop0): Ending clean mount
[   42.411702][ T4998] xfs filesystem being mounted at /root/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.429733][   T27] audit: type=1800 audit(1686107942.539:2): pid=4998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor337" name="bus" dev="loop0" ino=41 res=0 errno=0
[pid  4998] write(6, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 16777216
[pid  4998] write(5, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 16777024
[pid  4998] exit_group(1)               = ?
[   43.512249][ T1756] XFS (loop0): Metadata corruption detected at xfs_agf_verify+0x72a/0xaa0, xfs_agf block 0x1 
[   43.522723][ T1756] XFS (loop0): Unmount and run xfs_repair
[   43.528634][ T1756] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[   43.536011][ T1756] 00000000: 66 69 6c 65 73 74 72 65 61 6d 73 2c 73 77 69 64  filestreams,swid
[   43.544970][ T1756] 00000010: 74 68 3d 30 78 30 30 30 30 30 30 30 30 30 30 30  th=0x00000000000
[   43.553841][ T1756] 00000020: 30 30 30 30 30 2c 6e 6f 64 69 73 63 61 72 64 2c  00000,nodiscard,
[   43.562702][ T1756] 00000030: 6c 6f 67 62 75 66 73 3d 30 30 30 30 30 30 30 30  logbufs=00000000
[   43.571559][ T1756] 00000040: 30 30 30 30 30 30 30 30 30 30 30 36 2c 61 74 74  000000000006,att
[   43.580427][ T1756] 00000050: 72 32 2c 00 47 ba 76 39 f2 50 ff 99 2f fb b8 b1  r2,.G.v9.P../...
[   43.589276][ T1756] 00000060: 4c 3a 9b c2 e1 81 d0 9c 24 97 6b 33 7f 55 f4 90  L:......$.k3.U..
[   43.598136][ T1756] 00000070: 15 4c b3 65 d3 52 86 f0 51 c3 11 75 df a1 cc f1  .L.e.R..Q..u....
[   43.607126][   T66] XFS (loop0): metadata I/O error in "xfs_read_agf+0x27c/0x500" at daddr 0x1 len 1 error 117
[   43.617609][   T66] XFS (loop0): page discard on page ffffea0001cbc2c0, inode 0x2a, pos 0.
[   43.626990][   T66] ==================================================================
[   43.635026][   T66] BUG: KASAN: null-ptr-deref in xfs_filestream_select_ag+0x188b/0x1cc0
[   43.643241][   T66] Write of size 4 at addr 00000000000001c0 by task kworker/u4:4/66
[   43.651198][   T66] 
[   43.653500][   T66] CPU: 1 PID: 66 Comm: kworker/u4:4 Not tainted 6.4.0-rc5-syzkaller-00016-ga4d7d7011219 #0
[   43.663454][   T66] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   43.673578][   T66] Workqueue: writeback wb_workfn (flush-7:0)
[   43.679637][   T66] Call Trace:
[   43.682892][   T66]  <TASK>
[   43.685803][   T66]  dump_stack_lvl+0xd9/0x150
[   43.690388][   T66]  ? xfs_filestream_select_ag+0x188b/0x1cc0
[   43.696267][   T66]  kasan_report+0xec/0x130
[   43.700762][   T66]  ? xfs_filestream_select_ag+0x188b/0x1cc0
[   43.706646][   T66]  kasan_check_range+0x141/0x190
[   43.711567][   T66]  xfs_filestream_select_ag+0x188b/0x1cc0
[   43.717269][   T66]  xfs_bmap_btalloc+0xe58/0x1c10
[   43.722195][   T66]  ? xfs_bmap_btalloc_low_space+0x260/0x260
[   43.728165][   T66]  ? xfs_iext_prev+0x1dc/0x2c0
[   43.732913][   T66]  xfs_bmapi_allocate+0x597/0x1200
[   43.738033][   T66]  ? xfs_bmap_btalloc+0x1c10/0x1c10
[   43.743215][   T66]  ? xfs_iext_prev+0x1dc/0x2c0
[   43.748140][   T66]  xfs_bmapi_convert_delalloc+0x3e7/0xd20
[   43.753846][   T66]  ? lock_sync+0x190/0x190
[   43.758255][   T66]  ? xfs_bmapi_write+0xbe0/0xbe0
[   43.763176][   T66]  ? find_held_lock+0x2d/0x110
[   43.768011][   T66]  ? xfs_map_blocks+0x5cb/0xf80
[   43.772848][   T66]  ? rcu_is_watching+0x12/0xb0
[   43.777602][   T66]  xfs_map_blocks+0x74c/0xf80
[   43.782263][   T66]  ? xfs_imap_valid.part.0+0x540/0x540
[   43.787702][   T66]  ? print_usage_bug.part.0+0x660/0x660
[   43.793232][   T66]  ? folio_flags.constprop.0+0x53/0x150
[   43.798764][   T66]  ? iomap_page_create+0x1a9/0x3e0
[   43.803855][   T66]  iomap_do_writepage+0xa1e/0x23d0
[   43.808948][   T66]  ? percpu_counter_add_batch+0x199/0x1e0
[   43.814826][   T66]  ? lockdep_hardirqs_on+0x7d/0x100
[   43.820007][   T66]  ? iomap_write_end+0x9e0/0x9e0
[   43.824923][   T66]  ? folio_clear_dirty_for_io+0x10f/0x770
[   43.830713][   T66]  write_cache_pages+0x4a2/0xd30
[   43.835632][   T66]  ? iomap_write_end+0x9e0/0x9e0
[   43.840556][   T66]  ? folio_clear_dirty_for_io+0x770/0x770
[   43.846256][   T66]  ? do_raw_spin_lock+0x124/0x2b0
[   43.851351][   T66]  ? spin_bug+0x1c0/0x1c0
[   43.855666][   T66]  iomap_writepages+0x4f/0xb0
[   43.860339][   T66]  xfs_vm_writepages+0x138/0x1c0
[   43.865258][   T66]  ? xfs_vm_read_folio+0x20/0x20
[   43.870182][   T66]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   43.876249][   T66]  ? xfs_vm_read_folio+0x20/0x20
[   43.881171][   T66]  do_writepages+0x1a8/0x640
[   43.885745][   T66]  ? writeback_set_ratelimit+0x150/0x150
[   43.891356][   T66]  ? lock_downgrade+0x690/0x690
[   43.896194][   T66]  ? writeback_sb_inodes+0x3b6/0xe70
[   43.901461][   T66]  ? lock_downgrade+0x690/0x690
[   43.906299][   T66]  __writeback_single_inode+0x121/0xdb0
[   43.911833][   T66]  ? wbc_attach_and_unlock_inode+0x4a3/0x910
[   43.917804][   T66]  writeback_sb_inodes+0x54d/0xe70
[   43.922906][   T66]  ? sync_inode_metadata+0xe0/0xe0
[   43.928096][   T66]  ? rcu_is_watching+0x12/0xb0
[   43.932850][   T66]  ? queue_io+0x386/0x4e0
[   43.937163][   T66]  wb_writeback+0x294/0xa50
[   43.941651][   T66]  ? __writeback_inodes_wb+0x280/0x280
[   43.947101][   T66]  ? lock_downgrade+0x690/0x690
[   43.951933][   T66]  ? mark_held_locks+0x9f/0xe0
[   43.956682][   T66]  ? _raw_spin_unlock_irq+0x23/0x50
[   43.961865][   T66]  wb_workfn+0x2a5/0xfc0
[   43.966094][   T66]  ? inode_wait_for_writeback+0x40/0x40
[   43.971628][   T66]  ? lock_sync+0x190/0x190
[   43.976026][   T66]  ? lock_downgrade+0x690/0x690
[   43.980864][   T66]  ? _raw_spin_unlock_irq+0x23/0x50
[   43.986046][   T66]  process_one_work+0x99a/0x15e0
[   43.990975][   T66]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   43.996332][   T66]  ? spin_bug+0x1c0/0x1c0
[   44.000643][   T66]  ? _raw_spin_lock_irq+0x45/0x50
[   44.005652][   T66]  worker_thread+0x67d/0x10c0
[   44.010330][   T66]  ? process_one_work+0x15e0/0x15e0
[   44.015514][   T66]  kthread+0x344/0x440
[   44.019580][   T66]  ? kthread_complete_and_exit+0x40/0x40
[   44.025196][   T66]  ret_from_fork+0x1f/0x30
[   44.029604][   T66]  </TASK>
[   44.032608][   T66] ==================================================================
[   44.041732][   T66] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   44.048921][   T66] CPU: 1 PID: 66 Comm: kworker/u4:4 Not tainted 6.4.0-rc5-syzkaller-00016-ga4d7d7011219 #0
[   44.058876][   T66] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   44.068919][   T66] Workqueue: writeback wb_workfn (flush-7:0)
[   44.074892][   T66] Call Trace:
[   44.078157][   T66]  <TASK>
[   44.081065][   T66]  dump_stack_lvl+0xd9/0x150
[   44.085691][   T66]  panic+0x686/0x730
[   44.089575][   T66]  ? panic_smp_self_stop+0xa0/0xa0
[   44.094680][   T66]  ? preempt_schedule_thunk+0x1a/0x20
[   44.100044][   T66]  ? preempt_schedule_common+0x45/0xb0
[   44.105533][   T66]  check_panic_on_warn+0xb1/0xc0
[   44.110460][   T66]  end_report+0xe9/0x120
[   44.114687][   T66]  ? xfs_filestream_select_ag+0x188b/0x1cc0
[   44.120648][   T66]  kasan_report+0xf9/0x130
[   44.125048][   T66]  ? xfs_filestream_select_ag+0x188b/0x1cc0
[   44.130937][   T66]  kasan_check_range+0x141/0x190
[   44.135860][   T66]  xfs_filestream_select_ag+0x188b/0x1cc0
[   44.141562][   T66]  xfs_bmap_btalloc+0xe58/0x1c10
[   44.146499][   T66]  ? xfs_bmap_btalloc_low_space+0x260/0x260
[   44.152379][   T66]  ? xfs_iext_prev+0x1dc/0x2c0
[   44.157146][   T66]  xfs_bmapi_allocate+0x597/0x1200
[   44.162244][   T66]  ? xfs_bmap_btalloc+0x1c10/0x1c10
[   44.167428][   T66]  ? xfs_iext_prev+0x1dc/0x2c0
[   44.172175][   T66]  xfs_bmapi_convert_delalloc+0x3e7/0xd20
[   44.177881][   T66]  ? lock_sync+0x190/0x190
[   44.182286][   T66]  ? xfs_bmapi_write+0xbe0/0xbe0
[   44.187215][   T66]  ? find_held_lock+0x2d/0x110
[   44.191963][   T66]  ? xfs_map_blocks+0x5cb/0xf80
[   44.196795][   T66]  ? rcu_is_watching+0x12/0xb0
[   44.201552][   T66]  xfs_map_blocks+0x74c/0xf80
[   44.206212][   T66]  ? xfs_imap_valid.part.0+0x540/0x540
[   44.211652][   T66]  ? print_usage_bug.part.0+0x660/0x660
[   44.217194][   T66]  ? folio_flags.constprop.0+0x53/0x150
[   44.222720][   T66]  ? iomap_page_create+0x1a9/0x3e0
[   44.227814][   T66]  iomap_do_writepage+0xa1e/0x23d0
[   44.232909][   T66]  ? percpu_counter_add_batch+0x199/0x1e0
[   44.238610][   T66]  ? lockdep_hardirqs_on+0x7d/0x100
[   44.243791][   T66]  ? iomap_write_end+0x9e0/0x9e0
[   44.248710][   T66]  ? folio_clear_dirty_for_io+0x10f/0x770
[   44.254414][   T66]  write_cache_pages+0x4a2/0xd30
[   44.259332][   T66]  ? iomap_write_end+0x9e0/0x9e0
[   44.264252][   T66]  ? folio_clear_dirty_for_io+0x770/0x770
[   44.269953][   T66]  ? do_raw_spin_lock+0x124/0x2b0
[   44.274963][   T66]  ? spin_bug+0x1c0/0x1c0
[   44.279277][   T66]  iomap_writepages+0x4f/0xb0
[   44.283936][   T66]  xfs_vm_writepages+0x138/0x1c0
[   44.288856][   T66]  ? xfs_vm_read_folio+0x20/0x20
[   44.293780][   T66]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   44.299748][   T66]  ? xfs_vm_read_folio+0x20/0x20
[   44.304669][   T66]  do_writepages+0x1a8/0x640
[   44.309328][   T66]  ? writeback_set_ratelimit+0x150/0x150
[   44.314944][   T66]  ? lock_downgrade+0x690/0x690
[   44.319780][   T66]  ? writeback_sb_inodes+0x3b6/0xe70
[   44.325056][   T66]  ? lock_downgrade+0x690/0x690
[   44.329891][   T66]  __writeback_single_inode+0x121/0xdb0
[   44.335423][   T66]  ? wbc_attach_and_unlock_inode+0x4a3/0x910
[   44.341386][   T66]  writeback_sb_inodes+0x54d/0xe70
[   44.346578][   T66]  ? sync_inode_metadata+0xe0/0xe0
[   44.351678][   T66]  ? rcu_is_watching+0x12/0xb0
[   44.356428][   T66]  ? queue_io+0x386/0x4e0
[   44.360742][   T66]  wb_writeback+0x294/0xa50
[   44.365229][   T66]  ? __writeback_inodes_wb+0x280/0x280
[   44.370671][   T66]  ? lock_downgrade+0x690/0x690
[   44.375522][   T66]  ? mark_held_locks+0x9f/0xe0
[   44.380271][   T66]  ? _raw_spin_unlock_irq+0x23/0x50
[   44.385459][   T66]  wb_workfn+0x2a5/0xfc0
[   44.389696][   T66]  ? inode_wait_for_writeback+0x40/0x40
[   44.395232][   T66]  ? lock_sync+0x190/0x190
[   44.399717][   T66]  ? lock_downgrade+0x690/0x690
[   44.404550][   T66]  ? _raw_spin_unlock_irq+0x23/0x50
[   44.409747][   T66]  process_one_work+0x99a/0x15e0
[   44.414683][   T66]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   44.420058][   T66]  ? spin_bug+0x1c0/0x1c0
[   44.424374][   T66]  ? _raw_spin_lock_irq+0x45/0x50
[   44.429475][   T66]  worker_thread+0x67d/0x10c0
[   44.434137][   T66]  ? process_one_work+0x15e0/0x15e0
[   44.439321][   T66]  kthread+0x344/0x440
[   44.443374][   T66]  ? kthread_complete_and_exit+0x40/0x40
[   44.449008][   T66]  ret_from_fork+0x1f/0x30
[   44.453418][   T66]  </TASK>
[   44.457410][   T66] Kernel Offset: disabled
[   44.461729][   T66] Rebooting in 86400 seconds..