./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor583241511

<...>
Warning: Permanently added '10.128.1.140' (ECDSA) to the list of known hosts.
execve("./syz-executor583241511", ["./syz-executor583241511"], 0x7ffcae7e1620 /* 10 vars */) = 0
brk(NULL)                               = 0x555556a68000
brk(0x555556a68c40)                     = 0x555556a68c40
arch_prctl(ARCH_SET_FS, 0x555556a68300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor583241511", 4096) = 27
brk(0x555556a89c40)                     = 0x555556a89c40
brk(0x555556a8a000)                     = 0x555556a8a000
mprotect(0x7fc58322d000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556a685d0) = 5001
./strace-static-x86_64: Process 5001 attached
[pid  5001] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5001] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5001] setsid()                    = 1
[pid  5001] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5001] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5001] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5001] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5001] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5001] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5001] unshare(CLONE_NEWNS)        = 0
[pid  5001] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5001] unshare(CLONE_NEWIPC)       = 0
[pid  5001] unshare(CLONE_NEWCGROUP)    = 0
[pid  5001] unshare(CLONE_NEWUTS)       = 0
[pid  5001] unshare(CLONE_SYSVSEM)      = 0
[pid  5001] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5001] write(3, "16777216", 8)     = 8
[pid  5001] close(3)                    = 0
[pid  5001] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5001] write(3, "536870912", 9)    = 9
[pid  5001] close(3)                    = 0
[pid  5001] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5001] write(3, "1024", 4)         = 4
[pid  5001] close(3)                    = 0
[pid  5001] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5001] write(3, "8192", 4)         = 4
[pid  5001] close(3)                    = 0
[pid  5001] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5001] write(3, "1024", 4)         = 4
[pid  5001] close(3)                    = 0
[pid  5001] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5001] write(3, "1024", 4)         = 4
[pid  5001] close(3)                    = 0
[pid  5001] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5001] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5001] close(3)                    = 0
[pid  5001] getpid()                    = 1
[pid  5001] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5001] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5001] unshare(CLONE_NEWNET)       = 0
[pid  5001] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5001] write(3, "0 65535", 7)      = 7
[pid  5001] close(3)                    = 0
[pid  5001] mkdir("/dev/binderfs", 0777) = 0
[pid  5001] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5001] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5001] memfd_create("syzkaller", 0) = 3
[pid  5001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc57ad66000
syzkaller login: [   55.155555][ T5001] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5001 'syz-executor583'
[pid  5001] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xac\xfe\xbf\xcd\x08\x06\x4e\x27\x97\x77\x0a\xc4\xff\x5d\xdf\x54\x00\x00\x00\x00\x00\x00\x20\x04\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x11\x00\x00\x00\x00\x00\x00\x00\x12\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x02\xf4"..., 33554432) = 33554432
[pid  5001] munmap(0x7fc57ad66000, 33554432) = 0
[pid  5001] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5001] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5001] close(3)                    = 0
[pid  5001] mkdir("./file0", 0777)      = 0
[   55.337465][ T5001] loop0: detected capacity change from 0 to 65536
[   55.349782][ T5001] XFS (loop0): Deprecated V4 format (crc=0) will not be supported after September 2030.
[   55.360211][ T5001] XFS (loop0): Mounting V4 Filesystem acfebfcd-0806-4e27-9777-0ac4ff5ddf54
[   55.370374][ T5001] XFS (loop0): Log size 756 blocks too small, minimum size is 2220 blocks
[   55.378917][ T5001] XFS (loop0): Log size out of supported range.
[   55.385180][ T5001] XFS (loop0): Continuing onwards, but if log hangs are experienced then please report this message in the bug report.
[   55.404302][ T5001] XFS (loop0): Torn write (CRC failure) detected at log block 0x10. Truncating head block from 0x20.
[   55.424180][ T5001] XFS (loop0): Ending clean mount
[pid  5001] mount("/dev/loop0", "./file0", "xfs", MS_DIRSYNC|MS_SILENT|MS_I_VERSION, ",nouuid") = 0
[pid  5001] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5001] chdir("./file0")            = 0
[pid  5001] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5001] close(4)                    = 0
[pid  5001] exit_group(1)               = ?
[   55.429472][ T5001] xfs filesystem being mounted at /root/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.473342][ T5001] XFS (loop0): Unmounting Filesystem acfebfcd-0806-4e27-9777-0ac4ff5ddf54
[   55.484053][ T5001] ==================================================================
[   55.492099][ T5001] BUG: KASAN: slab-out-of-bounds in xlog_pack_data+0x501/0x570
[   55.499636][ T5001] Read of size 4 at addr ffff888075ce4e00 by task syz-executor583/5001
[   55.507939][ T5001] 
[   55.510246][ T5001] CPU: 0 PID: 5001 Comm: syz-executor583 Not tainted 6.4.0-rc6-syzkaller-00026-gfb054096aea0 #0
[   55.520634][ T5001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   55.530717][ T5001] Call Trace:
[   55.534075][ T5001]  <TASK>
[   55.537003][ T5001]  dump_stack_lvl+0xd9/0x150
[   55.541595][ T5001]  print_address_description.constprop.0+0x2c/0x3c0
[   55.548192][ T5001]  ? xlog_pack_data+0x501/0x570
[   55.553046][ T5001]  kasan_report+0x11c/0x130
[   55.557544][ T5001]  ? xlog_pack_data+0x501/0x570
[   55.562383][ T5001]  xlog_pack_data+0x501/0x570
[   55.567045][ T5001]  xlog_sync+0x189/0xa50
[   55.571359][ T5001]  xlog_state_release_iclog+0x42e/0x7f0
[   55.576889][ T5001]  ? xlog_state_switch_iclogs+0x419/0x690
[   55.582593][ T5001]  xlog_force_lsn+0x5d1/0x910
[   55.587276][ T5001]  ? xlog_write_get_more_iclog_space+0x470/0x470
[   55.593590][ T5001]  ? lockdep_hardirqs_on+0x7d/0x100
[   55.598772][ T5001]  ? slab_free_freelist_hook+0x8b/0x1c0
[   55.604300][ T5001]  xfs_log_force_seq+0x22b/0x630
[   55.609247][ T5001]  ? __xfs_trans_commit+0xac5/0xe20
[   55.614438][ T5001]  __xfs_trans_commit+0xac5/0xe20
[   55.619446][ T5001]  ? xfs_trans_free_items+0x340/0x340
[   55.624801][ T5001]  xfs_sync_sb+0xfd/0x140
[   55.629110][ T5001]  ? xfs_log_sb+0x230/0x230
[   55.633677][ T5001]  ? _raw_spin_unlock+0x28/0x40
[   55.638516][ T5001]  ? xfs_log_need_covered.isra.0+0x2e/0x1d0
[   55.644743][ T5001]  xfs_log_quiesce+0x24d/0x320
[   55.649511][ T5001]  xfs_log_unmount+0x22/0x270
[   55.654179][ T5001]  xfs_unmountfs+0x151/0x290
[   55.658748][ T5001]  ? xfs_default_resblks+0x60/0x60
[   55.663839][ T5001]  ? kvfree+0x46/0x50
[   55.667833][ T5001]  ? xfs_mru_cache_destroy+0x172/0x200
[   55.673378][ T5001]  xfs_fs_put_super+0x7b/0x3b0
[   55.678126][ T5001]  ? xfs_fs_free+0xc0/0xc0
[   55.682547][ T5001]  generic_shutdown_super+0x158/0x480
[   55.687905][ T5001]  kill_block_super+0xa1/0x100
[   55.692652][ T5001]  deactivate_locked_super+0x98/0x160
[   55.698009][ T5001]  deactivate_super+0xb1/0xd0
[   55.702668][ T5001]  cleanup_mnt+0x2ae/0x3d0
[   55.707238][ T5001]  task_work_run+0x16f/0x270
[   55.711807][ T5001]  ? task_work_cancel+0x30/0x30
[   55.716636][ T5001]  do_exit+0xaa3/0x29b0
[   55.720794][ T5001]  ? lock_downgrade+0x690/0x690
[   55.725632][ T5001]  ? do_raw_spin_lock+0x124/0x2b0
[   55.730649][ T5001]  ? mm_update_next_owner+0x7b0/0x7b0
[   55.736000][ T5001]  ? spin_bug+0x1c0/0x1c0
[   55.740310][ T5001]  ? _raw_spin_unlock_irq+0x23/0x50
[   55.745492][ T5001]  do_group_exit+0xd4/0x2a0
[   55.750065][ T5001]  __x64_sys_exit_group+0x3e/0x50
[   55.755172][ T5001]  do_syscall_64+0x39/0xb0
[   55.759573][ T5001]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.765448][ T5001] RIP: 0033:0x7fc5831b1999
[   55.769839][ T5001] Code: Unable to access opcode bytes at 0x7fc5831b196f.
[   55.777167][ T5001] RSP: 002b:00007ffd0dbc6fd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   55.785560][ T5001] RAX: ffffffffffffffda RBX: 00007fc583233330 RCX: 00007fc5831b1999
[   55.793513][ T5001] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   55.801460][ T5001] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 000000000000c157
[   55.809412][ T5001] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc583233330
[   55.817361][ T5001] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[   55.825315][ T5001]  </TASK>
[   55.828315][ T5001] 
[   55.830615][ T5001] The buggy address belongs to the physical page:
[   55.837001][ T5001] page:ffffea0001d73000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x75cc0
[   55.847303][ T5001] head:ffffea0001d73000 order:6 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   55.856216][ T5001] flags: 0xfff00000010000(head|node=0|zone=1|lastcpupid=0x7ff)
[   55.863732][ T5001] page_type: 0xffffffff()
[   55.868055][ T5001] raw: 00fff00000010000 0000000000000000 dead000000000122 0000000000000000
[   55.876619][ T5001] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   55.885177][ T5001] page dumped because: kasan: bad access detected
[   55.891562][ T5001] page_owner tracks the page as allocated
[   55.897251][ T5001] page last allocated via order 6, migratetype Unmovable, gfp_mask 0x46dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_COMP|__GFP_ZERO), pid 5001, tgid 5001 (syz-executor583), ts 55368962889, free_ts 21790870644
[   55.918350][ T5001]  post_alloc_hook+0x2db/0x350
[   55.923103][ T5001]  get_page_from_freelist+0xf41/0x2c00
[   55.928546][ T5001]  __alloc_pages+0x1cb/0x4a0
[   55.933117][ T5001]  __kmalloc_large_node+0x94/0x1d0
[   55.938226][ T5001]  __kmalloc_node+0x10b/0x1a0
[   55.942879][ T5001]  kvmalloc_node+0x76/0x1a0
[   55.947363][ T5001]  xlog_alloc_log+0x755/0x1450
[   55.952300][ T5001]  xfs_log_mount+0xef/0x700
[   55.957308][ T5001]  xfs_mountfs+0x11e1/0x1f60
[   55.961875][ T5001]  xfs_fs_fill_super+0x1490/0x1fc0
[   55.966966][ T5001]  get_tree_bdev+0x44a/0x770
[   55.971538][ T5001]  vfs_get_tree+0x8d/0x350
[   55.975936][ T5001]  path_mount+0x134b/0x1e40
[   55.980439][ T5001]  __x64_sys_mount+0x283/0x300
[   55.985214][ T5001]  do_syscall_64+0x39/0xb0
[   55.989637][ T5001]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.995528][ T5001] page last free stack trace:
[   56.000186][ T5001]  free_unref_page_prepare+0x62e/0xcb0
[   56.005641][ T5001]  free_unref_page+0x33/0x370
[   56.010330][ T5001]  __unfreeze_partials+0x17c/0x1a0
[   56.015430][ T5001]  qlist_free_all+0x6a/0x170
[   56.020001][ T5001]  kasan_quarantine_reduce+0x195/0x220
[   56.025529][ T5001]  __kasan_slab_alloc+0x63/0x90
[   56.030366][ T5001]  kmem_cache_alloc_node+0x185/0x3e0
[   56.035642][ T5001]  __alloc_skb+0x288/0x330
[   56.040054][ T5001]  alloc_skb_with_frags+0x9a/0x6c0
[   56.045504][ T5001]  sock_alloc_send_pskb+0x7a7/0x930
[   56.050707][ T5001]  unix_dgram_sendmsg+0x41b/0x1950
[   56.055816][ T5001]  sock_sendmsg+0xde/0x190
[   56.060233][ T5001]  sock_write_iter+0x295/0x3d0
[   56.064985][ T5001]  do_iter_readv_writev+0x20b/0x3b0
[   56.070180][ T5001]  do_iter_write+0x185/0x7e0
[   56.074840][ T5001]  vfs_writev+0x1aa/0x670
[   56.079156][ T5001] 
[   56.081458][ T5001] Memory state around the buggy address:
[   56.087061][ T5001]  ffff888075ce4d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   56.095184][ T5001]  ffff888075ce4d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   56.103397][ T5001] >ffff888075ce4e00: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   56.111464][ T5001]                    ^
[   56.115504][ T5001]  ffff888075ce4e80: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   56.123540][ T5001]  ffff888075ce4f00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   56.131660][ T5001] ==================================================================
[   56.140436][ T5001] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   56.147660][ T5001] CPU: 1 PID: 5001 Comm: syz-executor583 Not tainted 6.4.0-rc6-syzkaller-00026-gfb054096aea0 #0
[   56.158061][ T5001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   56.168093][ T5001] Call Trace:
[   56.171440][ T5001]  <TASK>
[   56.174349][ T5001]  dump_stack_lvl+0xd9/0x150
[   56.178920][ T5001]  panic+0x686/0x730
[   56.182805][ T5001]  ? panic_smp_self_stop+0xa0/0xa0
[   56.187898][ T5001]  ? preempt_schedule_thunk+0x1a/0x20
[   56.193252][ T5001]  ? preempt_schedule_common+0x45/0xb0
[   56.198694][ T5001]  check_panic_on_warn+0xb1/0xc0
[   56.203612][ T5001]  end_report+0xe9/0x120
[   56.207839][ T5001]  ? xlog_pack_data+0x501/0x570
[   56.212757][ T5001]  kasan_report+0xf9/0x130
[   56.217156][ T5001]  ? xlog_pack_data+0x501/0x570
[   56.221991][ T5001]  xlog_pack_data+0x501/0x570
[   56.226666][ T5001]  xlog_sync+0x189/0xa50
[   56.230891][ T5001]  xlog_state_release_iclog+0x42e/0x7f0
[   56.236509][ T5001]  ? xlog_state_switch_iclogs+0x419/0x690
[   56.242214][ T5001]  xlog_force_lsn+0x5d1/0x910
[   56.246881][ T5001]  ? xlog_write_get_more_iclog_space+0x470/0x470
[   56.253206][ T5001]  ? lockdep_hardirqs_on+0x7d/0x100
[   56.258395][ T5001]  ? slab_free_freelist_hook+0x8b/0x1c0
[   56.263928][ T5001]  xfs_log_force_seq+0x22b/0x630
[   56.268855][ T5001]  ? __xfs_trans_commit+0xac5/0xe20
[   56.274163][ T5001]  __xfs_trans_commit+0xac5/0xe20
[   56.279184][ T5001]  ? xfs_trans_free_items+0x340/0x340
[   56.284552][ T5001]  xfs_sync_sb+0xfd/0x140
[   56.288867][ T5001]  ? xfs_log_sb+0x230/0x230
[   56.293356][ T5001]  ? _raw_spin_unlock+0x28/0x40
[   56.298220][ T5001]  ? xfs_log_need_covered.isra.0+0x2e/0x1d0
[   56.304122][ T5001]  xfs_log_quiesce+0x24d/0x320
[   56.308888][ T5001]  xfs_log_unmount+0x22/0x270
[   56.313569][ T5001]  xfs_unmountfs+0x151/0x290
[   56.318169][ T5001]  ? xfs_default_resblks+0x60/0x60
[   56.323271][ T5001]  ? kvfree+0x46/0x50
[   56.327246][ T5001]  ? xfs_mru_cache_destroy+0x172/0x200
[   56.332694][ T5001]  xfs_fs_put_super+0x7b/0x3b0
[   56.337448][ T5001]  ? xfs_fs_free+0xc0/0xc0
[   56.341859][ T5001]  generic_shutdown_super+0x158/0x480
[   56.347228][ T5001]  kill_block_super+0xa1/0x100
[   56.351985][ T5001]  deactivate_locked_super+0x98/0x160
[   56.357349][ T5001]  deactivate_super+0xb1/0xd0
[   56.362041][ T5001]  cleanup_mnt+0x2ae/0x3d0
[   56.366448][ T5001]  task_work_run+0x16f/0x270
[   56.371024][ T5001]  ? task_work_cancel+0x30/0x30
[   56.375859][ T5001]  do_exit+0xaa3/0x29b0
[   56.380003][ T5001]  ? lock_downgrade+0x690/0x690
[   56.384843][ T5001]  ? do_raw_spin_lock+0x124/0x2b0
[   56.389858][ T5001]  ? mm_update_next_owner+0x7b0/0x7b0
[   56.395217][ T5001]  ? spin_bug+0x1c0/0x1c0
[   56.399542][ T5001]  ? _raw_spin_unlock_irq+0x23/0x50
[   56.404738][ T5001]  do_group_exit+0xd4/0x2a0
[   56.409251][ T5001]  __x64_sys_exit_group+0x3e/0x50
[   56.414260][ T5001]  do_syscall_64+0x39/0xb0
[   56.418701][ T5001]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   56.424588][ T5001] RIP: 0033:0x7fc5831b1999
[   56.428992][ T5001] Code: Unable to access opcode bytes at 0x7fc5831b196f.
[   56.435992][ T5001] RSP: 002b:00007ffd0dbc6fd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   56.444392][ T5001] RAX: ffffffffffffffda RBX: 00007fc583233330 RCX: 00007fc5831b1999
[   56.452367][ T5001] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   56.460323][ T5001] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 000000000000c157
[   56.468282][ T5001] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc583233330
[   56.476240][ T5001] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[   56.484204][ T5001]  </TASK>
[   56.487953][ T5001] Kernel Offset: disabled
[   56.492353][ T5001] Rebooting in 86400 seconds..