./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3873451126

<...>
forked to background, child pid 4650
no interfaces have a carrier
[   23.848026][ T4651] 8021q: adding VLAN 0 to HW filter on device bond0
[   23.857531][ T4651] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.113' (ECDSA) to the list of known hosts.
execve("./syz-executor3873451126", ["./syz-executor3873451126"], 0x7fffa8d88090 /* 10 vars */) = 0
brk(NULL)                               = 0x5555569bd000
brk(0x5555569bdc40)                     = 0x5555569bdc40
arch_prctl(ARCH_SET_FS, 0x5555569bd300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x5555569bd5d0)         = 5071
set_robust_list(0x5555569bd5e0, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7fc06823c770, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fc06823ce40}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7fc06823c810, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc06823ce40}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3873451126", 4096) = 28
brk(0x5555569dec40)                     = 0x5555569dec40
brk(0x5555569df000)                     = 0x5555569df000
mprotect(0x7fc068302000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
sendto(4, [{nlmsg_len=36, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=784, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=5071}, "\x01\x02\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00\x06\x00\x01\x00\x1d\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x2e\x00\x00\x00\x98\x02\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x05\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00"...], 4096, 0, NULL, NULL) = 784
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5071}, {error=0, msg={nlmsg_len=36, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
access("/proc/net", R_OK)               = 0
access("/proc/net/unix", R_OK)          = 0
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5)                                = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x06\x00\x0a\x00\xa0\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5071}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5)                                = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0c\x00\x01\x00\x02\x00\xaa\xaa\xaa\xaa\xaa\xaa"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5071}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
sendto(3, [{nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, [[{nla_len=11, nla_type=IFLA_IFNAME}, "lowpan0"...], [{nla_len=16, nla_type=IFLA_LINKINFO}, [{nla_len=10, nla_type=IFLA_INFO_KIND}, "lowpan"...]], [{nla_len=8, nla_type=IFLA_LINK}, 11]]], 68, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 68
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5071}, {error=0, msg={nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5)                                = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x06\x00\x0a\x00\xa1\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5071}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5)                                = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wpan1"), ifi_flags=IFF_UP, ifi_change=0x1}, [{nla_len=12, nla_type=IFLA_ADDRESS}, 02:01:aa:aa:aa:aa:aa]], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5071}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
close(3)                                = 0
close(4)                                = 0
futex(0x7fc0683086ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc06820b000
mprotect(0x7fc06820c000, 131072, PROT_READ|PROT_WRITE) = 0
clone(child_stack=0x7fc06822b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5074 attached
, parent_tid=[5074], tls=0x7fc06822b700, child_tidptr=0x7fc06822b9d0) = 5074
[pid  5074] set_robust_list(0x7fc06822b9e0, 24) = 0
[pid  5074] futex(0x7fc0683086e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5071] futex(0x7fc0683086e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5074] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5071] <... futex resumed>)        = 0
[pid  5071] futex(0x7fc0683086ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5074] memfd_create("syzkaller", 0) = 3
[pid  5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc05fe0b000
[pid  5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5074] munmap(0x7fc05fe0b000, 16777216) = 0
[pid  5074] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5074] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5074] close(3)                    = 0
[pid  5074] mkdir("./file0", 0777)      = 0
syzkaller login: [   41.477222][ T5074] loop0: detected capacity change from 0 to 32768
[   41.488399][ T5074] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop0 scanned by syz-executor387 (5074)
[   41.506997][ T5074] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[   41.515584][ T5074] BTRFS info (device loop0): using free space tree
[pid  5074] mount("/dev/loop0", "./file0", "btrfs", 0, "") = 0
[pid  5074] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5074] chdir("./file0")            = 0
[pid  5074] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5074] close(4)                    = 0
[pid  5074] futex(0x7fc0683086ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5071] <... futex resumed>)        = 0
[pid  5071] futex(0x7fc0683086e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5071] futex(0x7fc0683086ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5074] <... futex resumed>)        = 1
[   41.534295][ T5074] BTRFS info (device loop0): enabling ssd optimizations
[   41.541289][ T5074] BTRFS info (device loop0): auto enabling async discard
[pid  5074] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4
[pid  5074] futex(0x7fc0683086ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5071] <... futex resumed>)        = 0
[pid  5071] futex(0x7fc0683086e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5071] futex(0x7fc0683086ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5074] <... futex resumed>)        = 1
[pid  5074] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 5
[pid  5074] futex(0x7fc0683086ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5071] <... futex resumed>)        = 0
[pid  5071] futex(0x7fc0683086e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5071] futex(0x7fc0683086ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5074] <... futex resumed>)        = 1
[pid  5074] creat("./bus", 000)         = 6
[pid  5074] futex(0x7fc0683086ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5071] <... futex resumed>)        = 0
[pid  5071] futex(0x7fc0683086e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5071] futex(0x7fc0683086ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5074] <... futex resumed>)        = 1
[pid  5074] fallocate(5, 0, 0, 1048816) = 0
[pid  5074] futex(0x7fc0683086ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5071] <... futex resumed>)        = 0
[pid  5071] futex(0x7fc0683086e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5071] futex(0x7fc0683086ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5074] <... futex resumed>)        = 1
[pid  5074] sendfile(4, 5, NULL, 142606348 <unfinished ...>
[pid  5071] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5071] futex(0x7fc0683086fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5071] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc060dea000
[pid  5071] mprotect(0x7fc060deb000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5071] clone(child_stack=0x7fc060e0a3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5092], tls=0x7fc060e0a700, child_tidptr=0x7fc060e0a9d0) = 5092
[pid  5071] futex(0x7fc0683086f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5071] futex(0x7fc0683086fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5092 attached
 <unfinished ...>
[pid  5092] set_robust_list(0x7fc060e0a9e0, 24) = 0
[pid  5092] open(".", O_RDONLY)         = 7
[pid  5092] futex(0x7fc0683086fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5071] <... futex resumed>)        = 0
[pid  5071] futex(0x7fc0683086f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5071] futex(0x7fc0683086fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5092] <... futex resumed>)        = 1
[   41.571625][   T27] audit: type=1800 audit(1677097472.823:2): pid=5074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor387" name="bus" dev="loop0" ino=263 res=0 errno=0
[   41.595813][   T27] audit: type=1800 audit(1677097472.823:3): pid=5074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor387" name="bus" dev="loop0" ino=263 res=0 errno=0
[   41.668997][ T5092] BTRFS info (device loop0): balance: start 
[   41.676878][ T5074] ------------[ cut here ]------------
[   41.682507][ T5074] BTRFS: Transaction aborted (error -28)
[   41.688637][ T5074] WARNING: CPU: 0 PID: 5074 at fs/btrfs/extent-tree.c:3076 __btrfs_free_extent+0x15c1/0x27f0
[   41.688869][ T5092] BTRFS info (device loop0: state A): balance: ended with status: 0
[   41.698918][ T5074] Modules linked in:
[   41.710911][ T5074] CPU: 0 PID: 5074 Comm: syz-executor387 Not tainted 6.2.0-syzkaller-05251-g5b7c4cabbb65 #0
[   41.721111][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   41.731284][ T5074] RIP: 0010:__btrfs_free_extent+0x15c1/0x27f0
[   41.737472][ T5074] Code: e8 b4 a5 18 fe 0f 1f 44 00 00 41 bc 01 00 00 00 e9 98 fd ff ff e8 9f a5 18 fe 8b 74 24 60 48 c7 c7 a0 61 94 8a e8 ef 21 e0 fd <0f> 0b 41 bc 01 00 00 00 e9 93 f0 ff ff e8 7d a5 18 fe bf ea ff ff
[   41.757238][ T5074] RSP: 0018:ffffc90003eeefd0 EFLAGS: 00010282
[pid  5092] ioctl(7, BTRFS_IOC_BALANCE_V2, {flags=0} <unfinished ...>
[pid  5071] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   41.763434][ T5074] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[   41.771475][ T5074] RDX: ffff8880293ad7c0 RSI: ffffffff814c2c17 RDI: 0000000000000001
[   41.779564][ T5074] RBP: ffff888075f336e0 R08: 0000000000000001 R09: 0000000000000000
[   41.787616][ T5074] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   41.796260][ T5074] R13: 0000000000000100 R14: 0000000000500000 R15: 0000000000000007
[   41.804423][ T5074] FS:  00007fc06822b700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   41.813454][ T5074] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   41.820057][ T5074] CR2: 00007fc060e0a718 CR3: 000000007da9a000 CR4: 0000000000350ef0
[   41.828113][ T5074] Call Trace:
[   41.831412][ T5074]  <TASK>
[   41.834438][ T5074]  ? lookup_extent_backref+0x110/0x110
[   41.839948][ T5074]  ? __btrfs_run_delayed_refs+0x591/0x3dc0
[   41.845835][ T5074]  ? lock_downgrade+0x690/0x690
[   41.850710][ T5074]  ? _raw_read_unlock+0x28/0x40
[   41.855650][ T5074]  ? btrfs_tree_mod_log_lowest_seq+0x86/0xb0
[   41.861861][ T5074]  __btrfs_run_delayed_refs+0x160c/0x3dc0
[   41.867682][ T5074]  ? __lock_acquire+0x18bc/0x5d40
[   41.872732][ T5074]  ? check_ref_cleanup+0x3e0/0x3e0
[   41.877987][ T5074]  ? lock_release+0x780/0x780
[   41.882731][ T5074]  btrfs_run_delayed_refs+0x19a/0x540
[   41.888195][ T5074]  btrfs_commit_transaction+0xd6c/0x4410
[   41.893908][ T5074]  ? spin_bug+0x1c0/0x1c0
[   41.898254][ T5074]  ? create_pending_snapshots+0x2c0/0x2c0
[   41.904042][ T5074]  ? start_transaction+0x2aa/0x1450
[   41.909307][ T5074]  btrfs_sync_file+0xedc/0x1460
[   41.914257][ T5074]  ? start_ordered_ops.constprop.0+0x110/0x110
[pid  5071] exit_group(0)               = ?
[   41.920433][ T5074]  ? find_held_lock+0x2d/0x110
[   41.925272][ T5074]  ? lock_downgrade+0x690/0x690
[   41.930153][ T5074]  ? do_raw_spin_lock+0x124/0x2b0
[   41.935315][ T5074]  ? start_ordered_ops.constprop.0+0x110/0x110
[   41.941518][ T5074]  vfs_fsync_range+0x13e/0x230
[   41.946381][ T5074]  btrfs_do_write_iter+0x67d/0x1470
[   41.951608][ T5074]  ? btrfs_fdatawrite_range+0x110/0x110
[   41.957260][ T5074]  do_iter_readv_writev+0x20b/0x3b0
[   41.962507][ T5074]  ? generic_copy_file_range+0x1d0/0x1d0
[   41.968235][ T5074]  ? bpf_lsm_file_permission+0x9/0x10
[   41.973677][ T5074]  ? security_file_permission+0xaf/0xd0
[   41.979231][ T5074]  do_iter_write+0x182/0x700
[   41.983908][ T5074]  vfs_iter_write+0x74/0xa0
[   41.988449][ T5074]  iter_file_splice_write+0x743/0xc80
[   41.993933][ T5074]  ? page_cache_pipe_buf_confirm+0x5b0/0x5b0
[   41.999953][ T5074]  ? add_to_pipe+0x3b0/0x3b0
[   42.004628][ T5074]  ? security_file_permission+0xaf/0xd0
[   42.010192][ T5074]  ? page_cache_pipe_buf_confirm+0x5b0/0x5b0
[   42.016278][ T5074]  direct_splice_actor+0x114/0x180
[   42.021430][ T5074]  splice_direct_to_actor+0x335/0x8a0
[   42.026905][ T5074]  ? do_splice_direct+0x280/0x280
[   42.031969][ T5074]  ? folio_flags.constprop.0+0x150/0x150
[   42.037700][ T5074]  ? bpf_lsm_file_permission+0x9/0x10
[   42.043087][ T5074]  ? security_file_permission+0xaf/0xd0
[   42.048706][ T5074]  do_splice_direct+0x1ab/0x280
[   42.053682][ T5074]  ? splice_direct_to_actor+0x8a0/0x8a0
[   42.059260][ T5074]  do_sendfile+0xb19/0x12c0
[   42.063839][ T5074]  ? vfs_iocb_iter_write+0x480/0x480
[   42.069182][ T5074]  ? ptrace_notify+0xfe/0x140
[   42.073986][ T5074]  __x64_sys_sendfile64+0x1d0/0x210
[   42.079212][ T5074]  ? _raw_spin_unlock_irq+0x23/0x50
[   42.084475][ T5074]  ? __ia32_sys_sendfile+0x220/0x220
[   42.089785][ T5074]  ? lockdep_hardirqs_on+0x7d/0x100
[   42.095071][ T5074]  ? _raw_spin_unlock_irq+0x2e/0x50
[   42.100300][ T5074]  ? ptrace_notify+0xfe/0x140
[   42.105049][ T5074]  do_syscall_64+0x39/0xb0
[   42.109496][ T5074]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   42.115493][ T5074] RIP: 0033:0x7fc06827ee29
[   42.119927][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   42.139658][ T5074] RSP: 002b:00007fc06822b2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   42.148187][ T5074] RAX: ffffffffffffffda RBX: 00007fc0683086e0 RCX: 00007fc06827ee29
[   42.156280][ T5074] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[   42.164307][ T5074] RBP: 00007fc0682d560c R08: 0000000000000000 R09: 0000000000000000
[   42.172277][ T5074] R10: 000000000880000c R11: 0000000000000246 R12: 0000000020000600
[   42.180359][ T5074] R13: 0030656c69662f2e R14: 0000000000000000 R15: 00007fc0683086e8
[   42.188451][ T5074]  </TASK>
[   42.191482][ T5074] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   42.198752][ T5074] CPU: 0 PID: 5074 Comm: syz-executor387 Not tainted 6.2.0-syzkaller-05251-g5b7c4cabbb65 #0
[   42.208809][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   42.218857][ T5074] Call Trace:
[   42.222125][ T5074]  <TASK>
[   42.225045][ T5074]  dump_stack_lvl+0xd9/0x150
[   42.229629][ T5074]  panic+0x61b/0x6c0
[   42.233517][ T5074]  ? panic_smp_self_stop+0x90/0x90
[   42.238621][ T5074]  ? show_trace_log_lvl+0x285/0x390
[   42.243829][ T5074]  ? __btrfs_free_extent+0x15c1/0x27f0
[   42.249294][ T5074]  check_panic_on_warn+0xb1/0xc0
[   42.254257][ T5074]  __warn+0xf2/0x4f0
[   42.258149][ T5074]  ? __btrfs_free_extent+0x15c1/0x27f0
[   42.263609][ T5074]  report_bug+0x2da/0x500
[   42.267960][ T5074]  handle_bug+0x3c/0x70
[   42.272107][ T5074]  exc_invalid_op+0x18/0x50
[   42.276610][ T5074]  asm_exc_invalid_op+0x1a/0x20
[   42.281513][ T5074] RIP: 0010:__btrfs_free_extent+0x15c1/0x27f0
[   42.287597][ T5074] Code: e8 b4 a5 18 fe 0f 1f 44 00 00 41 bc 01 00 00 00 e9 98 fd ff ff e8 9f a5 18 fe 8b 74 24 60 48 c7 c7 a0 61 94 8a e8 ef 21 e0 fd <0f> 0b 41 bc 01 00 00 00 e9 93 f0 ff ff e8 7d a5 18 fe bf ea ff ff
[   42.307218][ T5074] RSP: 0018:ffffc90003eeefd0 EFLAGS: 00010282
[   42.313289][ T5074] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[   42.321266][ T5074] RDX: ffff8880293ad7c0 RSI: ffffffff814c2c17 RDI: 0000000000000001
[   42.329238][ T5074] RBP: ffff888075f336e0 R08: 0000000000000001 R09: 0000000000000000
[   42.337211][ T5074] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   42.345179][ T5074] R13: 0000000000000100 R14: 0000000000500000 R15: 0000000000000007
[   42.353154][ T5074]  ? __warn_printk+0x187/0x310
[   42.357937][ T5074]  ? lookup_extent_backref+0x110/0x110
[   42.363401][ T5074]  ? __btrfs_run_delayed_refs+0x591/0x3dc0
[   42.369215][ T5074]  ? lock_downgrade+0x690/0x690
[   42.374067][ T5074]  ? _raw_read_unlock+0x28/0x40
[   42.378914][ T5074]  ? btrfs_tree_mod_log_lowest_seq+0x86/0xb0
[   42.384992][ T5074]  __btrfs_run_delayed_refs+0x160c/0x3dc0
[   42.390728][ T5074]  ? __lock_acquire+0x18bc/0x5d40
[   42.395756][ T5074]  ? check_ref_cleanup+0x3e0/0x3e0
[   42.400883][ T5074]  ? lock_release+0x780/0x780
[   42.405565][ T5074]  btrfs_run_delayed_refs+0x19a/0x540
[   42.410999][ T5074]  btrfs_commit_transaction+0xd6c/0x4410
[   42.416809][ T5074]  ? spin_bug+0x1c0/0x1c0
[   42.421155][ T5074]  ? create_pending_snapshots+0x2c0/0x2c0
[   42.426875][ T5074]  ? start_transaction+0x2aa/0x1450
[   42.432082][ T5074]  btrfs_sync_file+0xedc/0x1460
[   42.436938][ T5074]  ? start_ordered_ops.constprop.0+0x110/0x110
[   42.443088][ T5074]  ? find_held_lock+0x2d/0x110
[   42.447864][ T5074]  ? lock_downgrade+0x690/0x690
[   42.452710][ T5074]  ? do_raw_spin_lock+0x124/0x2b0
[   42.457734][ T5074]  ? start_ordered_ops.constprop.0+0x110/0x110
[   42.463980][ T5074]  vfs_fsync_range+0x13e/0x230
[   42.468790][ T5074]  btrfs_do_write_iter+0x67d/0x1470
[   42.474002][ T5074]  ? btrfs_fdatawrite_range+0x110/0x110
[   42.479555][ T5074]  do_iter_readv_writev+0x20b/0x3b0
[   42.484762][ T5074]  ? generic_copy_file_range+0x1d0/0x1d0
[   42.490405][ T5074]  ? bpf_lsm_file_permission+0x9/0x10
[   42.495775][ T5074]  ? security_file_permission+0xaf/0xd0
[   42.501374][ T5074]  do_iter_write+0x182/0x700
[   42.505977][ T5074]  vfs_iter_write+0x74/0xa0
[   42.510487][ T5074]  iter_file_splice_write+0x743/0xc80
[   42.515878][ T5074]  ? page_cache_pipe_buf_confirm+0x5b0/0x5b0
[   42.521911][ T5074]  ? add_to_pipe+0x3b0/0x3b0
[   42.526522][ T5074]  ? security_file_permission+0xaf/0xd0
[   42.532071][ T5074]  ? page_cache_pipe_buf_confirm+0x5b0/0x5b0
[   42.538060][ T5074]  direct_splice_actor+0x114/0x180
[   42.543176][ T5074]  splice_direct_to_actor+0x335/0x8a0
[   42.548568][ T5074]  ? do_splice_direct+0x280/0x280
[   42.553608][ T5074]  ? folio_flags.constprop.0+0x150/0x150
[   42.559247][ T5074]  ? bpf_lsm_file_permission+0x9/0x10
[   42.564614][ T5074]  ? security_file_permission+0xaf/0xd0
[   42.570164][ T5074]  do_splice_direct+0x1ab/0x280
[   42.575021][ T5074]  ? splice_direct_to_actor+0x8a0/0x8a0
[   42.580581][ T5074]  do_sendfile+0xb19/0x12c0
[   42.585093][ T5074]  ? vfs_iocb_iter_write+0x480/0x480
[   42.590383][ T5074]  ? ptrace_notify+0xfe/0x140
[   42.595059][ T5074]  __x64_sys_sendfile64+0x1d0/0x210
[   42.600250][ T5074]  ? _raw_spin_unlock_irq+0x23/0x50
[   42.605447][ T5074]  ? __ia32_sys_sendfile+0x220/0x220
[   42.610751][ T5074]  ? lockdep_hardirqs_on+0x7d/0x100
[   42.615947][ T5074]  ? _raw_spin_unlock_irq+0x2e/0x50
[   42.621142][ T5074]  ? ptrace_notify+0xfe/0x140
[   42.625824][ T5074]  do_syscall_64+0x39/0xb0
[   42.630254][ T5074]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   42.636147][ T5074] RIP: 0033:0x7fc06827ee29
[   42.640554][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   42.660162][ T5074] RSP: 002b:00007fc06822b2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   42.668582][ T5074] RAX: ffffffffffffffda RBX: 00007fc0683086e0 RCX: 00007fc06827ee29
[   42.676560][ T5074] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[   42.684536][ T5074] RBP: 00007fc0682d560c R08: 0000000000000000 R09: 0000000000000000
[   42.692534][ T5074] R10: 000000000880000c R11: 0000000000000246 R12: 0000000020000600
[   42.700516][ T5074] R13: 0030656c69662f2e R14: 0000000000000000 R15: 00007fc0683086e8
[   42.708503][ T5074]  </TASK>
[   42.712170][ T5074] Kernel Offset: disabled
[   42.716615][ T5074] Rebooting in 86400 seconds..