Warning: Permanently added '10.128.0.154' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
[  674.026074][ T5059] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5059 'syz-executor166'
[  674.178841][ T5061] loop4: detected capacity change from 0 to 4096
[  674.184360][ T5060] loop2: detected capacity change from 0 to 4096
[  674.187046][ T5062] loop3: detected capacity change from 0 to 4096
[  674.192427][ T5058] loop0: detected capacity change from 0 to 4096
[  674.207979][ T5063] loop5: detected capacity change from 0 to 4096
[  674.233677][ T5059] loop1: detected capacity change from 0 to 4096
[  674.261924][ T5067] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  674.269411][ T5065] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  674.273494][ T5066] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  674.297243][ T5068] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  674.320670][ T5069] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  674.326962][ T5070] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  674.783091][ T5062] syz-executor166 (5062) used greatest stack depth: 19120 bytes left
[  674.862577][ T5061] syz-executor166 (5061) used greatest stack depth: 18832 bytes left
[  674.900993][ T5060] syz-executor166 (5060) used greatest stack depth: 18608 bytes left
executing program
executing program
executing program
executing program
executing program
executing program
[  675.127531][ T5078] loop4: detected capacity change from 0 to 4096
[  675.130049][ T5077] loop3: detected capacity change from 0 to 4096
[  675.145714][ T5080] loop5: detected capacity change from 0 to 4096
[  675.163405][ T5081] loop2: detected capacity change from 0 to 4096
[  675.171184][ T5079] loop1: detected capacity change from 0 to 4096
[  675.180926][ T5082] loop0: detected capacity change from 0 to 4096
[  675.199918][ T5083] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  675.217192][ T5084] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  675.235337][ T5085] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  675.248991][ T5086] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  675.267249][ T5087] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  675.305954][ T5088] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  675.552254][ T5078] syz-executor166 (5078) used greatest stack depth: 18216 bytes left
executing program
executing program
[  675.780460][ T5089] loop4: detected capacity change from 0 to 4096
executing program
executing program
[  675.853125][ T5092] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  675.943260][ T5090] loop0: detected capacity change from 0 to 4096
[  675.951577][ T5091] loop1: detected capacity change from 0 to 4096
executing program
executing program
[  676.032048][ T5097] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  676.043532][ T5096] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  676.080535][ T5093] loop5: detected capacity change from 0 to 4096
[  676.142957][ T5098] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  676.156590][ T5095] loop2: detected capacity change from 0 to 4096
[  676.208552][ T5094] loop3: detected capacity change from 0 to 4096
[  676.222921][ T5099] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  676.280124][ T5100] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
executing program
[  676.567227][ T5101] loop4: detected capacity change from 0 to 4096
[  676.630308][ T5104] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  676.707305][ T5103] loop0: detected capacity change from 0 to 4096
[  676.736383][ T5106] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
executing program
[  676.929511][ T5107] loop3: detected capacity change from 0 to 4096
executing program
executing program
[  676.980937][ T5108] loop2: detected capacity change from 0 to 4096
[  676.993664][ T5109] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  677.069060][ T5110] loop4: detected capacity change from 0 to 4096
[  677.079154][ T5112] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  677.111351][ T5111] loop0: detected capacity change from 0 to 4096
[  677.143769][ T5114] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  677.173896][ T5113] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
executing program
[  677.444956][ T5115] loop3: detected capacity change from 0 to 4096
[  677.469077][ T5116] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
executing program
[  677.629636][ T5117] loop2: detected capacity change from 0 to 4096
[  677.645387][ T5118] loop0: detected capacity change from 0 to 4096
[  677.663446][ T5120] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  677.703254][ T5119] loop4: detected capacity change from 0 to 4096
[  677.716961][ T5121] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  677.774156][ T5122] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
[  677.946970][ T5123] loop3: detected capacity change from 0 to 4096
[  678.004589][ T5124] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
executing program
executing program
[  678.218577][ T5127] loop4: detected capacity change from 0 to 4096
[  678.234284][ T5126] loop0: detected capacity change from 0 to 4096
[  678.247280][ T5125] loop2: detected capacity change from 0 to 4096
[  678.257107][ T5129] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  678.295517][ T5128] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  678.300234][ T5130] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
[  678.510366][ T5132] loop3: detected capacity change from 0 to 4096
executing program
[  678.569746][ T5133] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
[  678.692020][ T5134] loop4: detected capacity change from 0 to 4096
executing program
[  678.746618][ T5137] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  678.765105][ T5135] loop0: detected capacity change from 0 to 4096
[  678.798277][ T5138] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  678.878252][ T5136] loop2: detected capacity change from 0 to 4096
executing program
[  678.956803][ T5139] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
executing program
[  679.108634][ T5140] loop3: detected capacity change from 0 to 4096
[  679.160147][ T5143] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  679.189320][ T5141] loop4: detected capacity change from 0 to 4096
[  679.218681][ T5144] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  679.262592][ T5142] loop0: detected capacity change from 0 to 4096
executing program
[  679.333113][ T5145] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  679.447001][ T5146] loop2: detected capacity change from 0 to 4096
[  679.490679][ T5147] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
executing program
executing program
[  679.683301][ T5150] loop4: detected capacity change from 0 to 4096
[  679.705100][ T5148] loop3: detected capacity change from 0 to 4096
[  679.711925][ T5151] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  679.721057][ T5149] loop0: detected capacity change from 0 to 4096
[  679.770894][ T5152] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  679.804321][ T5153] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
[  679.966540][ T5154] loop2: detected capacity change from 0 to 4096
executing program
[  680.017505][ T5155] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
executing program
[  680.144970][ T5156] loop4: detected capacity change from 0 to 4096
[  680.208494][ T5159] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  680.251124][ T5158] loop0: detected capacity change from 0 to 4096
[  680.279554][ T5160] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
[  680.324089][ T5157] loop3: detected capacity change from 0 to 4096
[  680.383835][ T5162] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  680.441805][ T5161] loop2: detected capacity change from 0 to 4096
[  680.464616][ T5163] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
executing program
[  680.657554][ T5164] loop4: detected capacity change from 0 to 4096
[  680.704040][ T5166] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
[  680.780942][ T5165] loop0: detected capacity change from 0 to 4096
executing program
[  680.842299][ T5168] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  680.891846][ T5167] loop3: detected capacity change from 0 to 4096
[  680.945443][ T5170] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  680.961625][ T5169] loop2: detected capacity change from 0 to 4096
executing program
[  681.039677][ T5171] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
[  681.174271][ T5172] loop4: detected capacity change from 0 to 4096
[  681.201065][ T5174] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  681.219804][ T5173] loop0: detected capacity change from 0 to 4096
[  681.250516][ T5175] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program
executing program
executing program
[  681.493036][ T5176] loop2: detected capacity change from 0 to 4096
[  681.526187][ T5179] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  681.556812][ T5177] loop3: detected capacity change from 0 to 4096
executing program
[  681.604499][ T5180] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  681.640609][ T5178] loop4: detected capacity change from 0 to 4096
[  681.689612][ T5182] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  681.709889][    C0] ==================================================================
[  681.718010][    C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x11c/0x7f70
[  681.725865][    C0] Read of size 8 at addr ffff88802243c580 by task syz-executor166/5181
[  681.734115][    C0] 
[  681.736454][    C0] CPU: 0 PID: 5181 Comm: syz-executor166 Not tainted 6.5.0-rc5-syzkaller-00362-ga785fd28d31f #0
[  681.747291][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[  681.757336][    C0] Call Trace:
[  681.760606][    C0]  <TASK>
[  681.763532][    C0]  dump_stack_lvl+0x1e7/0x2d0
[  681.768314][    C0]  ? irq_work_queue+0xca/0x150
[  681.773099][    C0]  ? nf_tcp_handle_invalid+0x650/0x650
[  681.778554][    C0]  ? panic+0x770/0x770
[  681.782638][    C0]  ? _printk+0xd5/0x120
[  681.786804][    C0]  print_report+0x163/0x540
[  681.791346][    C0]  ? is_bpf_text_address+0x253/0x270
[  681.796635][    C0]  ? __virt_addr_valid+0x22f/0x2e0
[  681.801762][    C0]  ? __phys_addr+0xba/0x170
[  681.806266][    C0]  ? __lock_acquire+0x11c/0x7f70
[  681.811727][    C0]  kasan_report+0x175/0x1b0
[  681.816239][    C0]  ? __lock_acquire+0x11c/0x7f70
[  681.821204][    C0]  ? mark_lock_irq+0x6e4/0xba0
[  681.825967][    C0]  __lock_acquire+0x11c/0x7f70
[  681.830728][    C0]  ? save_trace+0xb40/0xb40
[  681.835225][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  681.840857][    C0]  ? lockdep_lock+0x123/0x2b0
[  681.845533][    C0]  ? verify_lock_unused+0x140/0x140
[  681.850752][    C0]  ? lockdep_unlock+0x169/0x300
[  681.855613][    C0]  ? lockdep_lock+0x2b0/0x2b0
[  681.860301][    C0]  ? mark_lock+0x9a/0x340
[  681.864635][    C0]  ? _find_first_zero_bit+0xd4/0x100
[  681.870004][    C0]  ? __lock_acquire+0x3683/0x7f70
[  681.875044][    C0]  lock_acquire+0x1e3/0x520
[  681.879554][    C0]  ? try_to_wake_up+0xb2/0x1160
[  681.884414][    C0]  ? verify_lock_unused+0x140/0x140
[  681.889614][    C0]  ? read_lock_is_recursive+0x20/0x20
[  681.895072][    C0]  ? verify_lock_unused+0x140/0x140
[  681.900266][    C0]  ? __lock_acquire+0x1345/0x7f70
[  681.905291][    C0]  _raw_spin_lock_irqsave+0xd5/0x120
[  681.910635][    C0]  ? try_to_wake_up+0xb2/0x1160
[  681.915481][    C0]  ? _raw_spin_lock+0x40/0x40
[  681.920165][    C0]  try_to_wake_up+0xb2/0x1160
[  681.924837][    C0]  ? read_lock_is_recursive+0x20/0x20
[  681.930215][    C0]  ? cpu_curr_snapshot+0xd0/0xd0
[  681.935148][    C0]  ? call_timer_fn+0xb1/0x580
[  681.939934][    C0]  call_timer_fn+0x178/0x580
[  681.944527][    C0]  ? nilfs_iput_work_func+0x70/0x70
[  681.949771][    C0]  ? __run_timers+0x860/0x860
[  681.954445][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  681.959639][    C0]  ? nilfs_iput_work_func+0x70/0x70
[  681.964833][    C0]  ? lockdep_hardirqs_on+0x98/0x140
[  681.970027][    C0]  ? nilfs_iput_work_func+0x70/0x70
[  681.975227][    C0]  __run_timers+0x64f/0x860
[  681.979728][    C0]  ? detach_timer+0x2f0/0x2f0
[  681.984424][    C0]  ? print_irqtrace_events+0x220/0x220
[  681.989908][    C0]  ? do_raw_spin_unlock+0x13b/0x8b0
[  681.995120][    C0]  run_timer_softirq+0x67/0xf0
[  681.999890][    C0]  __do_softirq+0x2ab/0x908
[  682.004489][    C0]  ? __irq_exit_rcu+0xf1/0x1b0
[  682.009251][    C0]  ? __lock_text_end+0xc/0xc
[  682.013839][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[  682.019038][    C0]  __irq_exit_rcu+0xf1/0x1b0
[  682.023709][    C0]  ? irq_exit_rcu+0x20/0x20
[  682.028206][    C0]  irq_exit_rcu+0x9/0x20
[  682.032443][    C0]  sysvec_apic_timer_interrupt+0x47/0xb0
[  682.038084][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  682.044115][    C0] RIP: 0033:0x7f0248ad5b70
[  682.048524][    C0] Code: 49 8b 47 10 48 39 f0 72 6e 48 63 cd 48 01 c1 49 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 <49> 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 45 88 0c 00 49 8b
[  682.068119][    C0] RSP: 002b:00007ffe4553a340 EFLAGS: 00000212
[  682.074178][    C0] RAX: 0000000000052480 RBX: 00007ffe4553a3e0 RCX: 000000000000008b
[  682.082141][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007ffe4553a480
[  682.090102][    C0] RBP: 0000000000000102 R08: 00007f02406cc000 R09: 0000000000000000
[  682.098062][    C0] R10: 0000000000000000 R11: 00007ffe4553a3f0 R12: 0000000000000001
[  682.106195][    C0] R13: 00007f0248b551a0 R14: 0000000000000000 R15: 00007ffe4553a480
[  682.114169][    C0]  </TASK>
[  682.117214][    C0] 
[  682.119526][    C0] Allocated by task 5052:
[  682.123926][    C0]  kasan_set_track+0x4f/0x70
[  682.128513][    C0]  __kasan_slab_alloc+0x66/0x70
[  682.133356][    C0]  slab_post_alloc_hook+0x6c/0x3b0
[  682.138468][    C0]  kmem_cache_alloc_node+0x149/0x330
[  682.143751][    C0]  dup_task_struct+0x57/0x7d0
[  682.148419][    C0]  copy_process+0x5c8/0x4290
[  682.153000][    C0]  kernel_clone+0x222/0x800
[  682.157490][    C0]  __x64_sys_clone+0x258/0x2a0
[  682.162245][    C0]  do_syscall_64+0x41/0xc0
[  682.166651][    C0]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  682.172586][    C0] 
[  682.174895][    C0] Freed by task 5105:
[  682.178861][    C0]  kasan_set_track+0x4f/0x70
[  682.183447][    C0]  kasan_save_free_info+0x28/0x40
[  682.188470][    C0]  ____kasan_slab_free+0xd6/0x120
[  682.193487][    C0]  kmem_cache_free+0x292/0x500
[  682.198247][    C0]  rcu_core+0xaaa/0x1740
[  682.202514][    C0]  __do_softirq+0x2ab/0x908
[  682.207013][    C0] 
[  682.209323][    C0] Last potentially related work creation:
[  682.215023][    C0]  kasan_save_stack+0x3f/0x60
[  682.219689][    C0]  __kasan_record_aux_stack+0xad/0xc0
[  682.225074][    C0]  call_rcu+0x167/0xa70
[  682.229303][    C0]  release_task+0x15ad/0x16f0
[  682.233976][    C0]  wait_consider_task+0x1a43/0x2e20
[  682.239164][    C0]  do_wait+0x312/0xb00
[  682.243229][    C0]  kernel_wait4+0x2a2/0x3e0
[  682.247725][    C0]  __x64_sys_wait4+0x134/0x1e0
[  682.252484][    C0]  do_syscall_64+0x41/0xc0
[  682.256891][    C0]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  682.262782][    C0] 
[  682.265097][    C0] Second to last potentially related work creation:
[  682.271666][    C0]  kasan_save_stack+0x3f/0x60
[  682.276336][    C0]  __kasan_record_aux_stack+0xad/0xc0
[  682.281700][    C0]  task_work_add+0x8b/0x3a0
[  682.286196][    C0]  scheduler_tick+0x2e2/0x6d0
[  682.290863][    C0]  update_process_times+0x17f/0x1b0
[  682.296058][    C0]  tick_sched_timer+0x379/0x550
[  682.300901][    C0]  __hrtimer_run_queues+0x562/0xd10
[  682.306093][    C0]  hrtimer_interrupt+0x396/0x980
[  682.311024][    C0]  __sysvec_apic_timer_interrupt+0x13f/0x480
[  682.316995][    C0]  sysvec_apic_timer_interrupt+0x90/0xb0
[  682.322620][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  682.328588][    C0] 
[  682.330899][    C0] The buggy address belongs to the object at ffff88802243bb80
[  682.330899][    C0]  which belongs to the cache task_struct of size 7360
[  682.345115][    C0] The buggy address is located 2560 bytes inside of
[  682.345115][    C0]  freed 7360-byte region [ffff88802243bb80, ffff88802243d840)
[  682.359072][    C0] 
[  682.361393][    C0] The buggy address belongs to the physical page:
[  682.367787][    C0] page:ffffea0000890e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22438
[  682.377942][    C0] head:ffffea0000890e00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  682.386870][    C0] anon flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  682.395270][    C0] page_type: 0xffffffff()
[  682.399588][    C0] raw: 00fff00000010200 ffff888014674500 0000000000000000 dead000000000001
[  682.408188][    C0] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[  682.416842][    C0] page dumped because: kasan: bad access detected
[  682.423255][    C0] page_owner tracks the page as allocated
[  682.428972][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1133, tgid 1133 (kworker/u4:5), ts 7585628797, free_ts 0
[  682.449384][    C0]  post_alloc_hook+0x1e6/0x210
[  682.454153][    C0]  get_page_from_freelist+0x31e8/0x3370
[  682.459693][    C0]  __alloc_pages+0x255/0x670
[  682.464277][    C0]  alloc_slab_page+0x6a/0x160
[  682.468943][    C0]  new_slab+0x84/0x2f0
[  682.473008][    C0]  ___slab_alloc+0xade/0x1100
[  682.477766][    C0]  kmem_cache_alloc_node+0x1e2/0x330
[  682.483048][    C0]  dup_task_struct+0x57/0x7d0
[  682.487713][    C0]  copy_process+0x5c8/0x4290
[  682.492292][    C0]  kernel_clone+0x222/0x800
[  682.496786][    C0]  user_mode_thread+0x132/0x190
[  682.501629][    C0]  call_usermodehelper_exec_work+0x5c/0x220
[  682.507598][    C0]  process_one_work+0x92c/0x12c0
[  682.512572][    C0]  worker_thread+0xa63/0x1210
[  682.517257][    C0]  kthread+0x2b8/0x350
[  682.521320][    C0]  ret_from_fork+0x2e/0x60
[  682.525732][    C0] page_owner free stack trace missing
[  682.531085][    C0] 
[  682.533405][    C0] Memory state around the buggy address:
[  682.539024][    C0]  ffff88802243c480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  682.547083][    C0]  ffff88802243c500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  682.555847][    C0] >ffff88802243c580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  682.563903][    C0]                    ^
[  682.567969][    C0]  ffff88802243c600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  682.576019][    C0]  ffff88802243c680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  682.584590][    C0] ==================================================================
[  682.592812][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  682.599995][    C0] CPU: 0 PID: 5181 Comm: syz-executor166 Not tainted 6.5.0-rc5-syzkaller-00362-ga785fd28d31f #0
[  682.610397][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[  682.620455][    C0] Call Trace:
[  682.623733][    C0]  <TASK>
[  682.626660][    C0]  dump_stack_lvl+0x1e7/0x2d0
[  682.631356][    C0]  ? nf_tcp_handle_invalid+0x650/0x650
[  682.636819][    C0]  ? panic+0x770/0x770
[  682.640893][    C0]  ? lock_release+0xbf/0x9d0
[  682.645483][    C0]  ? vscnprintf+0x5d/0x80
[  682.649839][    C0]  panic+0x30f/0x770
[  682.653734][    C0]  ? check_panic_on_warn+0x21/0xa0
[  682.658840][    C0]  ? __memcpy_flushcache+0x2b0/0x2b0
[  682.664121][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  682.670011][    C0]  ? _raw_spin_unlock+0x40/0x40
[  682.674860][    C0]  ? print_report+0x4fb/0x540
[  682.679530][    C0]  check_panic_on_warn+0x82/0xa0
[  682.684462][    C0]  ? __lock_acquire+0x11c/0x7f70
[  682.689420][    C0]  end_report+0x6e/0x130
[  682.693676][    C0]  kasan_report+0x186/0x1b0
[  682.698178][    C0]  ? __lock_acquire+0x11c/0x7f70
[  682.703117][    C0]  ? mark_lock_irq+0x6e4/0xba0
[  682.707886][    C0]  __lock_acquire+0x11c/0x7f70
[  682.712657][    C0]  ? save_trace+0xb40/0xb40
[  682.717246][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  682.722376][    C0]  ? lockdep_lock+0x123/0x2b0
[  682.727070][    C0]  ? verify_lock_unused+0x140/0x140
[  682.732266][    C0]  ? lockdep_unlock+0x169/0x300
[  682.737117][    C0]  ? lockdep_lock+0x2b0/0x2b0
[  682.741796][    C0]  ? mark_lock+0x9a/0x340
[  682.746124][    C0]  ? _find_first_zero_bit+0xd4/0x100
[  682.751412][    C0]  ? __lock_acquire+0x3683/0x7f70
[  682.756437][    C0]  lock_acquire+0x1e3/0x520
[  682.760938][    C0]  ? try_to_wake_up+0xb2/0x1160
[  682.765784][    C0]  ? verify_lock_unused+0x140/0x140
[  682.770984][    C0]  ? read_lock_is_recursive+0x20/0x20
[  682.776352][    C0]  ? verify_lock_unused+0x140/0x140
[  682.781554][    C0]  ? __lock_acquire+0x1345/0x7f70
[  682.786581][    C0]  _raw_spin_lock_irqsave+0xd5/0x120
[  682.791863][    C0]  ? try_to_wake_up+0xb2/0x1160
[  682.796714][    C0]  ? _raw_spin_lock+0x40/0x40
[  682.801569][    C0]  try_to_wake_up+0xb2/0x1160
[  682.806238][    C0]  ? read_lock_is_recursive+0x20/0x20
[  682.811610][    C0]  ? cpu_curr_snapshot+0xd0/0xd0
[  682.816544][    C0]  ? call_timer_fn+0xb1/0x580
[  682.821306][    C0]  call_timer_fn+0x178/0x580
[  682.825894][    C0]  ? nilfs_iput_work_func+0x70/0x70
[  682.831088][    C0]  ? __run_timers+0x860/0x860
[  682.835765][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  682.840982][    C0]  ? nilfs_iput_work_func+0x70/0x70
[  682.846199][    C0]  ? lockdep_hardirqs_on+0x98/0x140
[  682.851396][    C0]  ? nilfs_iput_work_func+0x70/0x70
[  682.856594][    C0]  __run_timers+0x64f/0x860
[  682.861109][    C0]  ? detach_timer+0x2f0/0x2f0
[  682.865784][    C0]  ? print_irqtrace_events+0x220/0x220
[  682.871236][    C0]  ? do_raw_spin_unlock+0x13b/0x8b0
[  682.876608][    C0]  run_timer_softirq+0x67/0xf0
[  682.881387][    C0]  __do_softirq+0x2ab/0x908
[  682.885904][    C0]  ? __irq_exit_rcu+0xf1/0x1b0
[  682.890672][    C0]  ? __lock_text_end+0xc/0xc
[  682.895282][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[  682.900492][    C0]  __irq_exit_rcu+0xf1/0x1b0
[  682.905082][    C0]  ? irq_exit_rcu+0x20/0x20
[  682.909587][    C0]  irq_exit_rcu+0x9/0x20
[  682.913840][    C0]  sysvec_apic_timer_interrupt+0x47/0xb0
[  682.919475][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  682.925450][    C0] RIP: 0033:0x7f0248ad5b70
[  682.930208][    C0] Code: 49 8b 47 10 48 39 f0 72 6e 48 63 cd 48 01 c1 49 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 <49> 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 45 88 0c 00 49 8b
[  682.950090][    C0] RSP: 002b:00007ffe4553a340 EFLAGS: 00000212
[  682.956189][    C0] RAX: 0000000000052480 RBX: 00007ffe4553a3e0 RCX: 000000000000008b
[  682.964262][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007ffe4553a480
[  682.972235][    C0] RBP: 0000000000000102 R08: 00007f02406cc000 R09: 0000000000000000
[  682.980223][    C0] R10: 0000000000000000 R11: 00007ffe4553a3f0 R12: 0000000000000001
[  682.988212][    C0] R13: 00007f0248b551a0 R14: 0000000000000000 R15: 00007ffe4553a480
[  682.996202][    C0]  </TASK>
[  682.999463][    C0] Kernel Offset: disabled
[  683.003782][    C0] Rebooting in 86400 seconds..