el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
------------[ cut here ]------------
kernel BUG at fs/btrfs/extent-tree.c:3299!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 5183 Comm: syz.3.146 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
pc : btrfs_free_tree_block+0x9e4/0xa1c fs/btrfs/extent-tree.c:3299
lr : btrfs_free_tree_block+0x9e4/0xa1c fs/btrfs/extent-tree.c:3299
sp : ffff8000210d6e80
x29: ffff8000210d6f80 x28: ffff0000d491ed90 x27: ffff000000000005
x26: ffff8000210d6ee0 x25: 00000000fffffff4 x24: ffff0000d491eeb0
x23: 0000000000000001 x22: 1fffe0001a923dd6 x21: ffff0000d491ed98
x20: dfff800000000000 x19: ffff0000d491ed90 x18: 0000000000000000
x17: 0000000000000000 x16: ffff8000082d25ac x15: ffff800008a3289c
x14: ffff800008a349fc x13: ffff800008a3289c x12: 0000000000ff0100
x11: ff00800009f0226c x10: 0000000000000000 x9 : ffff800009f0226c
x8 : ffff0000d4cd1bc0 x7 : ffff8000080594c0 x6 : ffff8000080596d0
x5 : ffff0000f95ccf70 x4 : ffff8000210d6b28 x3 : 0000000000000000
x2 : 0000000000000006 x1 : 00000000fffffff4 x0 : 0000000000000000
Call trace:
 btrfs_free_tree_block+0x9e4/0xa1c fs/btrfs/extent-tree.c:3299
 btrfs_force_cow_block+0xb20/0x187c fs/btrfs/ctree.c:505
 btrfs_cow_block+0x2d0/0x710 fs/btrfs/ctree.c:623
 btrfs_search_slot+0xa54/0x2364 fs/btrfs/ctree.c:2087
 btrfs_insert_empty_items+0xa4/0x178 fs/btrfs/ctree.c:4185
 btrfs_insert_empty_item fs/btrfs/ctree.h:3137 [inline]
 insert_with_overflow+0xf4/0x2ec fs/btrfs/dir-item.c:32
 btrfs_insert_xattr_item+0x160/0x2dc fs/btrfs/dir-item.c:75
 btrfs_setxattr+0x294/0x704 fs/btrfs/xattr.c:132
 btrfs_setxattr_trans+0xfc/0x2f0 fs/btrfs/xattr.c:258
 __btrfs_set_acl+0x13c/0x2c0 fs/btrfs/acl.c:102
 btrfs_set_acl+0x104/0x1b8 fs/btrfs/acl.c:125
 set_posix_acl fs/posix_acl.c:1160 [inline]
 posix_acl_xattr_set+0x2f8/0x398 fs/posix_acl.c:1189
 __vfs_setxattr+0x388/0x3a4 fs/xattr.c:182
 __vfs_setxattr_noperm+0x120/0x564 fs/xattr.c:216
 __vfs_setxattr_locked+0x1ec/0x218 fs/xattr.c:277
 vfs_setxattr+0x158/0x2ac fs/xattr.c:309
 do_setxattr fs/xattr.c:594 [inline]
 setxattr+0x228/0x28c fs/xattr.c:617
 __do_sys_fsetxattr fs/xattr.c:673 [inline]
 __se_sys_fsetxattr fs/xattr.c:662 [inline]
 __arm64_sys_fsetxattr+0x1a8/0x224 fs/xattr.c:662
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x138 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
Code: 17fffea4 97967e88 d4210000 97967e86 (d4210000) 
---[ end trace 0000000000000000 ]---