Warning: Permanently added '10.128.0.66' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   37.836885] BTRFS: device fsid f90cac8b-044b-4fa8-8bee-4b8d3da88dc2 devid 0 transid 7 /dev/loop0
executing program
executing program
[   38.072250] BTRFS: device fsid f90cac8b-044b-4fa8-8bee-4b8d3da88dc2 devid 1 transid 7 /dev/loop5
executing program
executing program
[   38.114079] BTRFS warning (device <unknown>): duplicate device /dev/loop4 devid 1 generation 7 scanned by syz-executor209 (8141)
[   38.129411] BTRFS warning (device <unknown>): duplicate device /dev/loop5 devid 1 generation 7 scanned by syz-executor209 (8143)
[   38.142267] BTRFS info (device loop3): disk space caching is enabled
[   38.148889] BTRFS info (device loop3): has skinny extents
executing program
executing program
[   38.205982] BTRFS warning (device <unknown>): duplicate device /dev/loop2 devid 1 generation 7 scanned by syz-executor209 (8145)
[   38.223624] BTRFS warning (device <unknown>): duplicate device /dev/loop1 devid 1 generation 7 scanned by syz-executor209 (8146)
[   38.244413] BTRFS warning (device <unknown>): duplicate device /dev/loop1 devid 1 generation 7 scanned by systemd-udevd (8176)
executing program
executing program
[   38.284232] BTRFS error (device loop3): bad tree block start, want 5267456 have 0
[   38.294854] BTRFS warning (device loop3): failed to read root (objectid=7): -5
[   38.322197] BTRFS error (device loop3): open_ctree failed
executing program
executing program
[   38.329918] BTRFS info (device loop3): disk space caching is enabled
[   38.338952] BTRFS info (device loop3): has skinny extents
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   38.499582] BTRFS error (device loop3): bad tree block start, want 5267456 have 0
[   38.526582] BTRFS warning (device loop3): failed to read root (objectid=7): -5
[   38.542145] BTRFS error (device loop3): open_ctree failed
[   38.550367] BTRFS info (device loop3): disk space caching is enabled
[   38.560124] BTRFS info (device loop3): has skinny extents
[   38.584942] BTRFS error (device loop3): bad tree block start, want 5267456 have 0
executing program
[   38.596176] BTRFS warning (device loop3): failed to read root (objectid=7): -5
[   38.615668] BTRFS warning (device loop3): duplicate device /dev/loop0 devid 1 generation 7 scanned by syz-executor209 (8184)
[   38.636225] BTRFS error (device loop3): open_ctree failed
executing program
[   38.647261] BTRFS info (device loop3): disk space caching is enabled
[   38.658601] BTRFS info (device loop3): has skinny extents
[   38.674101] BTRFS error (device loop3): bad tree block start, want 5267456 have 0
[   38.681882] BTRFS warning (device loop3): failed to read root (objectid=7): -5
[   38.693722] BTRFS error (device loop3): open_ctree failed
[   38.703055] BTRFS info (device loop3): disk space caching is enabled
[   38.715236] BTRFS info (device loop3): has skinny extents
executing program
[   38.747786] ==================================================================
[   38.755327] BUG: KASAN: use-after-free in btrfs_printk+0x34f/0x3d0
[   38.761669] Read of size 8 at addr ffff8880af10d960 by task syz-executor209/8211
[   38.769195] 
[   38.770832] CPU: 1 PID: 8211 Comm: syz-executor209 Not tainted 4.19.155-syzkaller #0
[   38.778732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   38.788085] Call Trace:
[   38.790685]  dump_stack+0x1fc/0x2fe
[   38.794332]  print_address_description.cold+0x54/0x219
[   38.799624]  kasan_report_error.cold+0x8a/0x1c7
[   38.804305]  ? btrfs_printk+0x34f/0x3d0
[   38.808321]  __asan_report_load8_noabort+0x88/0x90
[   38.813251]  ? btrfs_printk+0x34f/0x3d0
[   38.817210]  btrfs_printk+0x34f/0x3d0
[   38.820996]  ? btrfs_show_devname.cold+0x18/0x18
[   38.825740]  ? __mutex_unlock_slowpath+0xea/0x610
[   38.830567]  ? lock_acquire+0x170/0x3c0
[   38.834575]  ? device_list_add+0x77d/0xdd0
[   38.838798]  device_list_add.cold+0x1a0/0x376
[   38.843281]  ? btrfs_rm_dev_replace_free_srcdev+0x450/0x450
[   38.848983]  btrfs_scan_one_device+0x33f/0xd00
[   38.853556]  ? _raw_spin_unlock_irqrestore+0x66/0xe0
[   38.858643]  ? debug_check_no_obj_freed+0x201/0x482
[   38.863806]  ? device_list_add+0xdd0/0xdd0
[   38.868032]  ? kfree+0x110/0x210
[   38.871435]  ? btrfs_mount_root+0x107a/0x1830
[   38.875922]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[   38.880503]  btrfs_mount_root+0x9df/0x1830
[   38.884736]  ? btrfs_decode_error+0x70/0x70
[   38.889072]  ? __mutex_unlock_slowpath+0xea/0x610
[   38.893902]  ? check_preemption_disabled+0x41/0x280
[   38.898935]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[   38.903942]  ? pcpu_alloc+0xc9/0x1190
[   38.907778]  ? __lockdep_init_map+0x100/0x5a0
[   38.912320]  mount_fs+0xa3/0x30c
[   38.915698]  vfs_kern_mount.part.0+0x68/0x470
[   38.920177]  ? kfree+0x110/0x210
[   38.923550]  vfs_kern_mount+0x3c/0x60
[   38.927336]  btrfs_mount+0x23a/0xa93
[   38.931058]  ? btrfs_show_options+0xfd0/0xfd0
[   38.935557]  ? __mutex_unlock_slowpath+0xea/0x610
[   38.940406]  ? check_preemption_disabled+0x41/0x280
[   38.945430]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[   38.950446]  ? pcpu_alloc+0xc9/0x1190
[   38.954292]  ? __lockdep_init_map+0x100/0x5a0
[   38.958780]  mount_fs+0xa3/0x30c
[   38.962161]  vfs_kern_mount.part.0+0x68/0x470
[   38.966768]  do_mount+0x113c/0x2f10
[   38.970414]  ? rcu_nmi_exit+0xb3/0x180
[   38.974346]  ? retint_kernel+0x2d/0x2d
[   38.978270]  ? copy_mount_string+0x40/0x40
[   38.982505]  ? copy_mount_options+0x1cd/0x380
[   38.986992]  ? copy_mount_options+0x1da/0x380
[   38.991472]  ? __sanitizer_cov_trace_pc+0x22/0x50
[   38.996303]  ? copy_mount_options+0x26f/0x380
[   39.000783]  ksys_mount+0xcf/0x130
[   39.004311]  __x64_sys_mount+0xba/0x150
[   39.008324]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[   39.012895]  do_syscall_64+0xf9/0x620
[   39.016701]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   39.021948] RIP: 0033:0x448c2a
[   39.025157] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd a2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 aa a2 fb ff c3 66 0f 1f 84 00 00 00 00 00
[   39.044047] RSP: 002b:00007ffd025fb968 EFLAGS: 00000293 ORIG_RAX: 00000000000000a5
[   39.051752] RAX: ffffffffffffffda RBX: 00007ffd025fb9c0 RCX: 0000000000448c2a
[   39.059057] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffd025fb980
[   39.066312] RBP: 00007ffd025fb980 R08: 00007ffd025fb9c0 R09: 0000000000000000
[   39.073587] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000002b
[   39.080974] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003
[   39.088243] 
[   39.089865] Allocated by task 8212:
[   39.093480]  __kmalloc_node+0x4c/0x70
[   39.097269]  kvmalloc_node+0xb4/0xf0
[   39.100978]  btrfs_mount_root+0x13f/0x1830
[   39.105276]  mount_fs+0xa3/0x30c
[   39.108648]  vfs_kern_mount.part.0+0x68/0x470
[   39.113327]  vfs_kern_mount+0x3c/0x60
[   39.117146]  btrfs_mount+0x23a/0xa93
[   39.120903]  mount_fs+0xa3/0x30c
[   39.124262]  vfs_kern_mount.part.0+0x68/0x470
[   39.128744]  do_mount+0x113c/0x2f10
[   39.132355]  ksys_mount+0xcf/0x130
[   39.135880]  __x64_sys_mount+0xba/0x150
[   39.139836]  do_syscall_64+0xf9/0x620
[   39.143620]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   39.148792] 
[   39.150402] Freed by task 8212:
[   39.153665]  kfree+0xcc/0x210
[   39.156751]  kvfree+0x59/0x60
[   39.159854]  deactivate_locked_super+0x94/0x160
[   39.164550]  btrfs_mount_root+0x10a0/0x1830
[   39.168908]  mount_fs+0xa3/0x30c
[   39.172308]  vfs_kern_mount.part.0+0x68/0x470
[   39.176797]  vfs_kern_mount+0x3c/0x60
[   39.180613]  btrfs_mount+0x23a/0xa93
[   39.184310]  mount_fs+0xa3/0x30c
[   39.187660]  vfs_kern_mount.part.0+0x68/0x470
[   39.192144]  do_mount+0x113c/0x2f10
[   39.195811]  ksys_mount+0xcf/0x130
[   39.199331]  __x64_sys_mount+0xba/0x150
[   39.203296]  do_syscall_64+0xf9/0x620
[   39.207129]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   39.212297] 
[   39.213916] The buggy address belongs to the object at ffff8880af10d340
[   39.213916]  which belongs to the cache kmalloc-8192 of size 8192
[   39.226752] The buggy address is located 1568 bytes inside of
[   39.226752]  8192-byte region [ffff8880af10d340, ffff8880af10f340)
[   39.238783] The buggy address belongs to the page:
[   39.243696] page:ffffea0002bc4300 count:1 mapcount:0 mapping:ffff88813bff2080 index:0x0 compound_mapcount: 0
[   39.253646] flags: 0xfff00000008100(slab|head)
[   39.258233] raw: 00fff00000008100 ffffea0002bc9308 ffffea0002bd8708 ffff88813bff2080
[   39.266121] raw: 0000000000000000 ffff8880af10d340 0000000100000001 0000000000000000
[   39.274002] page dumped because: kasan: bad access detected
[   39.279694] 
[   39.281308] Memory state around the buggy address:
[   39.286217]  ffff8880af10d800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
executing program
[   39.293560]  ffff8880af10d880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   39.300901] >ffff8880af10d900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   39.308261]                                                        ^
[   39.314753]  ffff8880af10d980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   39.322117]  ffff8880af10da00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   39.329474] ==================================================================
[   39.336814] Disabling lock debugging due to kernel taint
[   39.352321] Kernel panic - not syncing: panic_on_warn set ...
[   39.352321] 
[   39.359715] CPU: 0 PID: 8211 Comm: syz-executor209 Tainted: G    B             4.19.155-syzkaller #0
[   39.369023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   39.378405] Call Trace:
[   39.381003]  dump_stack+0x1fc/0x2fe
[   39.384645]  panic+0x26a/0x50e
[   39.387818]  ? __warn_printk+0xf3/0xf3
[   39.391703]  ? preempt_schedule_common+0x45/0xc0
[   39.396460]  ? ___preempt_schedule+0x16/0x18
executing program
[   39.400858]  ? trace_hardirqs_on+0x55/0x210
[   39.405170]  kasan_end_report+0x43/0x49
[   39.409132]  kasan_report_error.cold+0xa7/0x1c7
[   39.413804]  ? btrfs_printk+0x34f/0x3d0
[   39.417765]  __asan_report_load8_noabort+0x88/0x90
[   39.422679]  ? btrfs_printk+0x34f/0x3d0
[   39.426638]  btrfs_printk+0x34f/0x3d0
[   39.430431]  ? btrfs_show_devname.cold+0x18/0x18
[   39.435179]  ? __mutex_unlock_slowpath+0xea/0x610
[   39.440010]  ? lock_acquire+0x170/0x3c0
[   39.443972]  ? device_list_add+0x77d/0xdd0
[   39.448193]  device_list_add.cold+0x1a0/0x376
[   39.452677]  ? btrfs_rm_dev_replace_free_srcdev+0x450/0x450
[   39.458395]  btrfs_scan_one_device+0x33f/0xd00
[   39.462973]  ? _raw_spin_unlock_irqrestore+0x66/0xe0
[   39.468061]  ? debug_check_no_obj_freed+0x201/0x482
[   39.473061]  ? device_list_add+0xdd0/0xdd0
[   39.477276]  ? kfree+0x110/0x210
[   39.480654]  ? btrfs_mount_root+0x107a/0x1830
[   39.485162]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[   39.489754]  btrfs_mount_root+0x9df/0x1830
[   39.493974]  ? btrfs_decode_error+0x70/0x70
[   39.498278]  ? __mutex_unlock_slowpath+0xea/0x610
[   39.503104]  ? check_preemption_disabled+0x41/0x280
[   39.508103]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[   39.513145]  ? pcpu_alloc+0xc9/0x1190
[   39.516926]  ? __lockdep_init_map+0x100/0x5a0
[   39.521404]  mount_fs+0xa3/0x30c
[   39.524751]  vfs_kern_mount.part.0+0x68/0x470
[   39.529241]  ? kfree+0x110/0x210
[   39.532590]  vfs_kern_mount+0x3c/0x60
[   39.536370]  btrfs_mount+0x23a/0xa93
[   39.540080]  ? btrfs_show_options+0xfd0/0xfd0
[   39.544557]  ? __mutex_unlock_slowpath+0xea/0x610
[   39.549381]  ? check_preemption_disabled+0x41/0x280
[   39.554380]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[   39.559374]  ? pcpu_alloc+0xc9/0x1190
[   39.563155]  ? __lockdep_init_map+0x100/0x5a0
[   39.567634]  mount_fs+0xa3/0x30c
[   39.571001]  vfs_kern_mount.part.0+0x68/0x470
[   39.575494]  do_mount+0x113c/0x2f10
[   39.579122]  ? rcu_nmi_exit+0xb3/0x180
[   39.582992]  ? retint_kernel+0x2d/0x2d
[   39.586865]  ? copy_mount_string+0x40/0x40
[   39.591080]  ? copy_mount_options+0x1cd/0x380
[   39.595569]  ? copy_mount_options+0x1da/0x380
[   39.600057]  ? __sanitizer_cov_trace_pc+0x22/0x50
[   39.604879]  ? copy_mount_options+0x26f/0x380
[   39.609373]  ksys_mount+0xcf/0x130
[   39.612920]  __x64_sys_mount+0xba/0x150
[   39.616875]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[   39.621446]  do_syscall_64+0xf9/0x620
[   39.625228]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   39.630414] RIP: 0033:0x448c2a
[   39.633602] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd a2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 aa a2 fb ff c3 66 0f 1f 84 00 00 00 00 00
[   39.652483] RSP: 002b:00007ffd025fb968 EFLAGS: 00000293 ORIG_RAX: 00000000000000a5
[   39.660170] RAX: ffffffffffffffda RBX: 00007ffd025fb9c0 RCX: 0000000000448c2a
[   39.667433] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffd025fb980
[   39.674682] RBP: 00007ffd025fb980 R08: 00007ffd025fb9c0 R09: 0000000000000000
[   39.681932] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000002b
[   39.689181] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003
[   39.696974] Kernel Offset: disabled
[   39.700589] Rebooting in 86400 seconds..