Warning: Permanently added '10.128.0.185' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program [ 64.710503][ T8487] BTRFS: device fsid 3b7b29a3-d79d-449e-8760-f5c6064562ef devid 0 transid 5 /dev/loop5 scanned by syz-executor520 (8487) executing program executing program executing program [ 64.999698][ T8487] BTRFS: device fsid 3b7b29a3-d79d-449e-8760-f5c6064562ef devid 1 transid 5 /dev/loop5 scanned by syz-executor520 (8487) [ 65.034989][ T8486] BTRFS warning (device ): duplicate device /dev/loop2 devid 1 generation 5 scanned by syz-executor520 (8486) executing program executing program [ 65.059642][ T8488] BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 5 scanned by syz-executor520 (8488) [ 65.074152][ T8487] BTRFS info (device loop5): disk space caching is enabled [ 65.090227][ T8491] BTRFS warning (device ): duplicate device /dev/loop4 devid 1 generation 5 scanned by syz-executor520 (8491) [ 65.108157][ T8487] BTRFS info (device loop5): has skinny extents [ 65.117251][ T8487] BTRFS info (device loop5): flagging fs with big metadata feature executing program executing program executing program executing program executing program [ 65.258281][ T8493] BTRFS warning (device ): duplicate device /dev/loop3 devid 1 generation 5 scanned by syz-executor520 (8493) [ 65.286379][ T8510] BTRFS warning (device ): duplicate device /dev/loop2 devid 1 generation 5 scanned by systemd-udevd (8510) executing program executing program executing program [ 65.338819][ T27] BTRFS warning (device loop5): loop5 checksum verify failed on 30556160 wanted 0x8ba6b786 found 0x07dec81f level 0 executing program [ 65.387922][ T8487] BTRFS info (device loop5): read error corrected: ino 0 off 30556160 (dev /dev/loop5 sector 76064) [ 65.426955][ T8487] BTRFS info (device loop5): read error corrected: ino 0 off 30560256 (dev /dev/loop5 sector 76072) executing program [ 65.460954][ T8487] BTRFS info (device loop5): read error corrected: ino 0 off 30564352 (dev /dev/loop5 sector 76080) [ 65.473507][ T8487] BTRFS info (device loop5): read error corrected: ino 0 off 30568448 (dev /dev/loop5 sector 76088) [ 65.500049][ T27] BTRFS error (device loop5): bad tree block start, want 30474240 have 0 [ 65.524519][ T27] BTRFS error (device loop5): bad tree block start, want 30474240 have 0 [ 65.534116][ T8487] BTRFS warning (device loop5): failed to read root (objectid=7): -5 [ 65.582924][ T8487] BTRFS error (device loop5): open_ctree failed [ 65.626603][ T8540] BTRFS info (device loop5): disk space caching is enabled [ 65.634087][ T8540] BTRFS info (device loop5): has skinny extents [ 65.641048][ T8540] BTRFS info (device loop5): flagging fs with big metadata feature executing program executing program executing program [ 65.721192][ T8] BTRFS error (device loop5): bad tree block start, want 30474240 have 0 [ 65.741291][ T8] BTRFS error (device loop5): bad tree block start, want 30474240 have 0 executing program executing program [ 65.768491][ T8540] BTRFS warning (device loop5): failed to read root (objectid=7): -5 executing program executing program executing program [ 65.810351][ T8540] BTRFS error (device loop5): open_ctree failed [ 65.821271][ T8542] BTRFS info (device loop5): disk space caching is enabled [ 65.833552][ T8542] BTRFS info (device loop5): has skinny extents [ 65.842680][ T8542] BTRFS info (device loop5): flagging fs with big metadata feature executing program [ 65.902262][ T27] BTRFS error (device loop5): bad tree block start, want 30474240 have 0 [ 65.914581][ T27] BTRFS error (device loop5): bad tree block start, want 30474240 have 0 [ 65.925758][ T8542] BTRFS warning (device loop5): failed to read root (objectid=7): -5 executing program executing program [ 65.949417][ T8540] BTRFS warning (device loop5): duplicate device /dev/loop1 devid 1 generation 5 scanned by syz-executor520 (8540) [ 65.987807][ T8542] BTRFS error (device loop5): open_ctree failed executing program [ 66.010157][ T8543] BTRFS info (device loop5): disk space caching is enabled [ 66.019283][ T8543] BTRFS info (device loop5): has skinny extents [ 66.025967][ T8543] BTRFS info (device loop5): flagging fs with big metadata feature executing program [ 66.060827][ T8542] BTRFS warning (device (efault)): duplicate device /dev/loop4 devid 1 generation 5 scanned by syz-executor520 (8542) executing program executing program executing program [ 66.120517][ T27] BTRFS error (device loop5): bad tree block start, want 30474240 have 0 [ 66.130296][ T27] BTRFS error (device loop5): bad tree block start, want 30474240 have 0 [ 66.141085][ T8543] BTRFS warning (device loop5): failed to read root (objectid=7): -5 executing program executing program executing program [ 66.205140][ T8543] BTRFS error (device loop5): open_ctree failed [ 66.221991][ T8551] BTRFS info (device loop5): disk space caching is enabled [ 66.231858][ T8551] BTRFS info (device loop5): has skinny extents [ 66.247157][ T8551] BTRFS info (device loop5): flagging fs with big metadata feature executing program executing program executing program [ 66.296667][ T27] BTRFS error (device loop5): bad tree block start, want 30474240 have 0 [ 66.306131][ T27] BTRFS error (device loop5): bad tree block start, want 30474240 have 0 [ 66.317379][ T8551] BTRFS warning (device loop5): failed to read root (objectid=7): -5 executing program executing program [ 66.368679][ T8551] BTRFS error (device loop5): open_ctree failed [ 66.381518][ T8558] BTRFS info (device loop5): disk space caching is enabled [ 66.390853][ T8558] BTRFS info (device loop5): has skinny extents [ 66.397302][ T8558] BTRFS info (device loop5): flagging fs with big metadata feature executing program executing program [ 66.419447][ T8551] BTRFS warning (device (efault)): duplicate device /dev/loop3 devid 1 generation 5 scanned by syz-executor520 (8551) executing program executing program executing program executing program [ 66.526689][ T8558] BTRFS warning (device loop5): failed to read root (objectid=7): -5 executing program [ 66.573396][ T8558] BTRFS error (device loop5): open_ctree failed [ 66.585770][ T8638] BTRFS info (device loop5): disk space caching is enabled [ 66.596443][ T8638] BTRFS info (device loop5): has skinny extents [ 66.605523][ T8638] BTRFS info (device loop5): flagging fs with big metadata feature executing program executing program [ 66.618282][ T8558] BTRFS warning (device (efault)): duplicate device /dev/loop2 devid 1 generation 5 scanned by syz-executor520 (8558) [ 66.652815][ T8638] BTRFS warning (device loop5): failed to read root (objectid=7): -5 executing program executing program executing program executing program [ 66.741048][ T8638] BTRFS error (device loop5): open_ctree failed [ 66.751765][ T8665] BTRFS info (device loop5): disk space caching is enabled executing program executing program [ 66.801720][ T8665] BTRFS info (device loop5): has skinny extents [ 66.820448][ T8665] BTRFS info (device loop5): flagging fs with big metadata feature executing program executing program executing program [ 66.905765][ T8665] BTRFS warning (device loop5): failed to read root (objectid=7): -5 executing program executing program executing program [ 66.990301][ T8665] BTRFS error (device loop5): open_ctree failed [ 67.001747][ T8676] BTRFS info (device loop5): disk space caching is enabled [ 67.012470][ T8676] BTRFS info (device loop5): has skinny extents [ 67.020593][ T8676] BTRFS info (device loop5): flagging fs with big metadata feature [ 67.041911][ T8676] BTRFS warning (device loop5): failed to read root (objectid=7): -5 [ 67.081910][ T8676] BTRFS error (device loop5): open_ctree failed [ 67.094245][ T8757] BTRFS info (device loop5): disk space caching is enabled [ 67.104295][ T8757] BTRFS info (device loop5): has skinny extents [ 67.113477][ T8757] BTRFS info (device loop5): flagging fs with big metadata feature executing program executing program [ 67.141807][ T8665] BTRFS warning (device (efault)): duplicate device /dev/loop4 devid 1 generation 5 scanned by syz-executor520 (8665) [ 67.169847][ T8676] BTRFS warning (device (efault)): duplicate device /dev/loop0 devid 1 generation 5 scanned by syz-executor520 (8676) [ 67.184126][ T8757] BTRFS warning (device loop5): failed to read root (objectid=7): -5 executing program executing program executing program executing program [ 67.248609][ T8757] BTRFS error (device loop5): open_ctree failed [ 67.267937][ T8720] BTRFS info (device loop5): disk space caching is enabled [ 67.275162][ T8720] BTRFS info (device loop5): has skinny extents executing program executing program executing program [ 67.307823][ T8720] BTRFS info (device loop5): flagging fs with big metadata feature [ 67.337591][ T8757] ================================================================== [ 67.345894][ T8757] BUG: KASAN: use-after-free in btrfs_printk+0x38b/0x40c executing program executing program executing program executing program executing program [ 67.353018][ T8757] Read of size 8 at addr ffff8880220146a0 by task syz-executor520/8757 [ 67.361253][ T8757] [ 67.363598][ T8757] CPU: 1 PID: 8757 Comm: syz-executor520 Not tainted 5.10.0-rc1-next-20201030-syzkaller #0 [ 67.373576][ T8757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.383769][ T8757] Call Trace: [ 67.387170][ T8757] dump_stack+0x107/0x163 [ 67.391519][ T8757] ? btrfs_printk+0x38b/0x40c [ 67.396208][ T8757] ? btrfs_printk+0x38b/0x40c [ 67.400903][ T8757] print_address_description.constprop.0.cold+0xae/0x4c8 executing program executing program [ 67.407940][ T8757] ? _raw_spin_lock_irqsave+0x4e/0x50 [ 67.413953][ T8757] ? vprintk_func+0x95/0x1e0 [ 67.418564][ T8757] ? btrfs_printk+0x38b/0x40c [ 67.423252][ T8757] ? btrfs_printk+0x38b/0x40c [ 67.429551][ T8757] kasan_report.cold+0x1f/0x37 [ 67.434334][ T8757] ? btrfs_printk+0x38b/0x40c [ 67.439028][ T8757] btrfs_printk+0x38b/0x40c [ 67.443555][ T8757] ? btrfs_put_super+0x38/0x38 [ 67.448341][ T8757] ? lock_release+0x710/0x710 [ 67.453030][ T8757] ? __mutex_unlock_slowpath+0xe2/0x610 [ 67.458589][ T8757] ? mntput+0x67/0x90 [ 67.462604][ T8757] ? wait_for_completion_io+0x260/0x260 [ 67.468350][ T8757] device_list_add.cold+0x99/0x31e [ 67.473482][ T8757] ? btrfs_alloc_device+0x5d0/0x5d0 [ 67.478699][ T8757] ? do_read_cache_page+0xe6/0x1390 [ 67.483919][ T8757] btrfs_scan_one_device+0x339/0x4a0 [ 67.489222][ T8757] ? device_list_add+0x1400/0x1400 [ 67.494349][ T8757] ? btrfs_mount_root+0x73d/0xbb0 [ 67.499382][ T8757] ? kfree+0xdb/0x360 [ 67.503383][ T8757] btrfs_mount_root+0x4d5/0xbb0 [ 67.508261][ T8757] ? parse_rescue_options+0x250/0x250 [ 67.513689][ T8757] ? rcu_read_lock_sched_held+0x3a/0x70 [ 67.519247][ T8757] ? kfree+0x2d3/0x360 [ 67.523344][ T8757] ? vfs_parse_fs_string+0xf8/0x150 [ 67.528557][ T8757] ? vfs_parse_fs_param+0x550/0x550 [ 67.533772][ T8757] ? parse_rescue_options+0x250/0x250 [ 67.539163][ T8757] legacy_get_tree+0x105/0x220 [ 67.543948][ T8757] vfs_get_tree+0x89/0x2f0 [ 67.548383][ T8757] vfs_kern_mount.part.0+0xd3/0x170 [ 67.553601][ T8757] vfs_kern_mount+0x3c/0x60 [ 67.558204][ T8757] btrfs_mount+0x234/0xa60 [ 67.562643][ T8757] ? btrfs_show_options+0x1080/0x1080 [ 67.568036][ T8757] ? rcu_read_lock_sched_held+0x3a/0x70 [ 67.573590][ T8757] ? kfree+0x2d3/0x360 [ 67.577668][ T8757] ? logfc+0x590/0x590 [ 67.581755][ T8757] ? apparmor_capable+0x1d8/0x460 [ 67.587658][ T8757] ? btrfs_show_options+0x1080/0x1080 [ 67.593037][ T8757] legacy_get_tree+0x105/0x220 [ 67.597817][ T8757] vfs_get_tree+0x89/0x2f0 [ 67.602244][ T8757] path_mount+0x12ae/0x1e70 [ 67.606767][ T8757] ? strncpy_from_user+0x29e/0x3a0 [ 67.611887][ T8757] ? finish_automount+0xac0/0xac0 [ 67.616928][ T8757] ? getname_flags.part.0+0x1dd/0x4f0 [ 67.622334][ T8757] __x64_sys_mount+0x27f/0x300 [ 67.627110][ T8757] ? copy_mnt_ns+0xae0/0xae0 [ 67.631722][ T8757] ? syscall_enter_from_user_mode+0x1d/0x50 [ 67.637637][ T8757] do_syscall_64+0x2d/0x70 [ 67.642068][ T8757] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.647970][ T8757] RIP: 0033:0x44961a [ 67.651877][ T8757] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd a2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 aa a2 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 67.671492][ T8757] RSP: 002b:00007ffd457f0ab8 EFLAGS: 00000293 ORIG_RAX: 00000000000000a5 [ 67.679925][ T8757] RAX: ffffffffffffffda RBX: 00007ffd457f0b10 RCX: 000000000044961a [ 67.687936][ T8757] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffd457f0ad0 [ 67.695915][ T8757] RBP: 00007ffd457f0ad0 R08: 00007ffd457f0b10 R09: 0000000000000000 [ 67.703899][ T8757] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000004d [ 67.711883][ T8757] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 67.719887][ T8757] [ 67.722224][ T8757] The buggy address belongs to the page: [ 67.728429][ T8757] page:0000000025de7c4e refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x22014 [ 67.738842][ T8757] flags: 0xfff00000000000() [ 67.743366][ T8757] raw: 00fff00000000000 ffffea00004a6d08 ffff88813fffb910 0000000000000000 [ 67.751998][ T8757] raw: 0000000000000000 0000000000000002 00000000ffffff7f 0000000000000000 [ 67.760596][ T8757] page dumped because: kasan: bad access detected [ 67.767009][ T8757] [ 67.769339][ T8757] Memory state around the buggy address: [ 67.774977][ T8757] ffff888022014580: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 67.783135][ T8757] ffff888022014600: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 67.791209][ T8757] >ffff888022014680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 67.799281][ T8757] ^ executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 67.804403][ T8757] ffff888022014700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 67.812472][ T8757] ffff888022014780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 67.820546][ T8757] ================================================================== [ 67.828612][ T8757] Disabling lock debugging due to kernel taint executing program executing program executing program [ 67.885676][ T8757] Kernel panic - not syncing: panic_on_warn set ... [ 67.892316][ T8757] CPU: 0 PID: 8757 Comm: syz-executor520 Tainted: G B 5.10.0-rc1-next-20201030-syzkaller #0 [ 67.903672][ T8757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.913738][ T8757] Call Trace: [ 67.917063][ T8757] dump_stack+0x107/0x163 [ 67.921401][ T8757] ? btrfs_printk+0x351/0x40c [ 67.926163][ T8757] panic+0x306/0x73d [ 67.930053][ T8757] ? __warn_printk+0xf3/0xf3 [ 67.934639][ T8757] ? preempt_schedule_common+0x59/0xc0 [ 67.940095][ T8757] ? btrfs_printk+0x38b/0x40c [ 67.944767][ T8757] ? preempt_schedule_thunk+0x16/0x18 [ 67.950135][ T8757] ? trace_hardirqs_on+0x51/0x1c0 [ 67.955160][ T8757] ? btrfs_printk+0x38b/0x40c [ 67.959842][ T8757] ? btrfs_printk+0x38b/0x40c [ 67.964530][ T8757] end_report+0x58/0x5e [ 67.968682][ T8757] kasan_report.cold+0xd/0x37 [ 67.973355][ T8757] ? btrfs_printk+0x38b/0x40c [ 67.978026][ T8757] btrfs_printk+0x38b/0x40c [ 67.982527][ T8757] ? btrfs_put_super+0x38/0x38 [ 67.987282][ T8757] ? lock_release+0x710/0x710 [ 67.991955][ T8757] ? __mutex_unlock_slowpath+0xe2/0x610 [ 67.997492][ T8757] ? mntput+0x67/0x90 [ 68.001474][ T8757] ? wait_for_completion_io+0x260/0x260 [ 68.007023][ T8757] device_list_add.cold+0x99/0x31e [ 68.012160][ T8757] ? btrfs_alloc_device+0x5d0/0x5d0 [ 68.017355][ T8757] ? do_read_cache_page+0xe6/0x1390 [ 68.022551][ T8757] btrfs_scan_one_device+0x339/0x4a0 [ 68.027835][ T8757] ? device_list_add+0x1400/0x1400 [ 68.032943][ T8757] ? btrfs_mount_root+0x73d/0xbb0 [ 68.037965][ T8757] ? kfree+0xdb/0x360 [ 68.041942][ T8757] btrfs_mount_root+0x4d5/0xbb0 [ 68.046786][ T8757] ? parse_rescue_options+0x250/0x250 [ 68.052153][ T8757] ? rcu_read_lock_sched_held+0x3a/0x70 [ 68.057686][ T8757] ? kfree+0x2d3/0x360 [ 68.061752][ T8757] ? vfs_parse_fs_string+0xf8/0x150 [ 68.066941][ T8757] ? vfs_parse_fs_param+0x550/0x550 [ 68.072134][ T8757] ? parse_rescue_options+0x250/0x250 [ 68.077516][ T8757] legacy_get_tree+0x105/0x220 [ 68.082277][ T8757] vfs_get_tree+0x89/0x2f0 [ 68.086693][ T8757] vfs_kern_mount.part.0+0xd3/0x170 [ 68.091893][ T8757] vfs_kern_mount+0x3c/0x60 [ 68.096394][ T8757] btrfs_mount+0x234/0xa60 [ 68.100808][ T8757] ? btrfs_show_options+0x1080/0x1080 [ 68.106169][ T8757] ? rcu_read_lock_sched_held+0x3a/0x70 [ 68.111703][ T8757] ? kfree+0x2d3/0x360 [ 68.115766][ T8757] ? logfc+0x590/0x590 [ 68.119998][ T8757] ? apparmor_capable+0x1d8/0x460 [ 68.125121][ T8757] ? btrfs_show_options+0x1080/0x1080 [ 68.131119][ T8757] legacy_get_tree+0x105/0x220 [ 68.135876][ T8757] vfs_get_tree+0x89/0x2f0 [ 68.140289][ T8757] path_mount+0x12ae/0x1e70 [ 68.144792][ T8757] ? strncpy_from_user+0x29e/0x3a0 [ 68.149897][ T8757] ? finish_automount+0xac0/0xac0 [ 68.154917][ T8757] ? getname_flags.part.0+0x1dd/0x4f0 [ 68.160372][ T8757] __x64_sys_mount+0x27f/0x300 [ 68.165127][ T8757] ? copy_mnt_ns+0xae0/0xae0 [ 68.169716][ T8757] ? syscall_enter_from_user_mode+0x1d/0x50 [ 68.175608][ T8757] do_syscall_64+0x2d/0x70 [ 68.180025][ T8757] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.185922][ T8757] RIP: 0033:0x44961a [ 68.189816][ T8757] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd a2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 aa a2 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 68.209417][ T8757] RSP: 002b:00007ffd457f0ab8 EFLAGS: 00000293 ORIG_RAX: 00000000000000a5 [ 68.217830][ T8757] RAX: ffffffffffffffda RBX: 00007ffd457f0b10 RCX: 000000000044961a [ 68.226399][ T8757] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffd457f0ad0 [ 68.234400][ T8757] RBP: 00007ffd457f0ad0 R08: 00007ffd457f0b10 R09: 0000000000000000 [ 68.242366][ T8757] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000004d [ 68.250421][ T8757] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 68.259358][ T8757] Kernel Offset: disabled [ 68.263683][ T8757] Rebooting in 86400 seconds..