[  127.069451][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  127.069461][   T40] audit: type=1400 audit(1774200658.553:105): avc:  denied  { transition } for  pid=6025 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  127.078648][   T40] audit: type=1400 audit(1774200658.563:106): avc:  denied  { noatsecure } for  pid=6025 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  127.085335][   T40] audit: type=1400 audit(1774200658.563:107): avc:  denied  { rlimitinh } for  pid=6025 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  127.093032][   T40] audit: type=1400 audit(1774200658.563:108): avc:  denied  { siginh } for  pid=6025 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '[localhost]:27663' (ED25519) to the list of known hosts.
[  130.632056][   T40] audit: type=1400 audit(1774200662.113:109): avc:  denied  { execute } for  pid=6040 comm="sh" name="syz-execprog" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  130.639702][   T40] audit: type=1400 audit(1774200662.113:110): avc:  denied  { execute_no_trans } for  pid=6040 comm="sh" path="/syz-execprog" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
2026/03/22 17:31:02 ignoring optional flag "type"="qemu"
2026/03/22 17:31:02 parsed 1 programs
[  131.035829][   T40] audit: type=1400 audit(1774200662.513:111): avc:  denied  { read } for  pid=6040 comm="syz-execprog" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  131.045296][   T40] audit: type=1400 audit(1774200662.513:112): avc:  denied  { open } for  pid=6040 comm="syz-execprog" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  131.090561][   T40] audit: type=1400 audit(1774200662.573:113): avc:  denied  { unlink } for  pid=6048 comm="syz-executor" name="swap-file" dev="sda1" ino=2027 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  132.037872][ T6048] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
2026/03/22 17:31:03 executed programs: 0
[  132.074474][   T40] audit: type=1400 audit(1774200663.553:114): avc:  denied  { write } for  pid=6053 comm="syz-executor.0" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  132.078802][ T5965] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  132.088493][ T5965] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  132.092015][ T5965] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  132.095751][ T5965] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  132.099280][ T5965] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  132.202776][ T6053] chnl_net:caif_netlink_parms(): no params data found
[  132.271033][ T6053] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.273757][ T6053] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.276053][ T6053] bridge_slave_0: entered allmulticast mode
[  132.278922][ T6053] bridge_slave_0: entered promiscuous mode
[  132.281949][ T6053] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.284204][ T6053] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.286533][ T6053] bridge_slave_1: entered allmulticast mode
[  132.289245][ T6053] bridge_slave_1: entered promiscuous mode
[  132.320441][ T6053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  132.324947][ T6053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  132.355918][ T6053] team0: Port device team_slave_0 added
[  132.360636][ T6053] team0: Port device team_slave_1 added
[  132.388535][ T6053] batman_adv: batadv0: Adding interface: batadv_slave_0
[  132.390732][ T6053] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  132.398904][ T6053] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  132.403153][ T6053] batman_adv: batadv0: Adding interface: batadv_slave_1
[  132.405356][ T6053] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  132.413415][ T6053] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  132.452097][ T6053] hsr_slave_0: entered promiscuous mode
[  132.454340][ T6053] hsr_slave_1: entered promiscuous mode
[  132.894508][ T6053] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  132.899948][ T6053] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  132.904789][ T6053] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  132.909651][ T6053] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  132.922966][ T6053] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.925261][ T6053] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.927747][ T6053] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.929958][ T6053] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.962483][ T6053] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.971535][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.974173][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.984045][ T6053] 8021q: adding VLAN 0 to HW filter on device team0
[  132.991788][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.994061][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.996888][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.999194][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  133.140249][ T6053] 8021q: adding VLAN 0 to HW filter on device batadv0
[  133.168314][ T6053] veth0_vlan: entered promiscuous mode
[  133.174885][ T6053] veth1_vlan: entered promiscuous mode
[  133.194462][ T6053] veth0_macvtap: entered promiscuous mode
[  133.201009][ T6053] veth1_macvtap: entered promiscuous mode
[  133.216208][ T6053] batman_adv: batadv0: Interface activated: batadv_slave_0
[  133.225159][ T6053] batman_adv: batadv0: Interface activated: batadv_slave_1
[  133.232869][   T46] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  133.237247][   T46] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  133.242683][   T46] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  133.246747][   T46] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  133.452015][ T6111] loop0: detected capacity change from 0 to 32768
[  133.468527][ T6111] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6111)
[  133.488211][ T6111] BTRFS info (device loop0): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  133.492674][ T6111] BTRFS info (device loop0): using sha256 checksum algorithm
[  133.526770][ T6111] BTRFS info (device loop0): enabling ssd optimizations
[  133.530998][ T6111] BTRFS info (device loop0): turning on async discard
[  133.533156][ T6111] BTRFS info (device loop0): enabling free space tree
[  133.539550][   T40] audit: type=1400 audit(1774200665.023:115): avc:  denied  { mount } for  pid=6110 comm="syz-executor.0" name="/" dev="loop0" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  133.548732][   T40] audit: type=1400 audit(1774200665.023:116): avc:  denied  { add_name } for  pid=6110 comm="syz-executor.0" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  133.557527][   T40] audit: type=1400 audit(1774200665.023:117): avc:  denied  { create } for  pid=6110 comm="syz-executor.0" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  133.566325][   T40] audit: type=1400 audit(1774200665.023:118): avc:  denied  { read write open } for  pid=6110 comm="syz-executor.0" path="/syzkaller-testdir1964623229/syzkaller.1ZzhJS/0/file0/bus" dev="loop0" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  133.577929][   T40] audit: type=1800 audit(1774200665.023:119): pid=6111 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=263 res=0 errno=0
[  133.586849][   T40] audit: type=1800 audit(1774200665.023:120): pid=6111 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=263 res=0 errno=0
[  133.610823][ T6138] BTRFS info (device loop0): balance: start 
[  133.613141][ T6138] BTRFS info (device loop0): balance: ended with status: 0
[  134.130544][   T40] audit: type=1400 audit(1774200665.613:121): avc:  denied  { unmount } for  pid=6053 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  134.138756][ T5965] Bluetooth: hci0: command tx timeout
[  134.157154][ T6053] BTRFS info (device loop0): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  134.376959][ T6155] loop0: detected capacity change from 0 to 32768
[  134.380705][ T6155] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6155)
[  134.393035][ T6155] BTRFS info (device loop0): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  134.396769][ T6155] BTRFS info (device loop0): using sha256 checksum algorithm
[  134.414491][ T6155] BTRFS info (device loop0): enabling ssd optimizations
[  134.417898][ T6155] BTRFS info (device loop0): turning on async discard
[  134.420990][ T6155] BTRFS info (device loop0): enabling free space tree
[  134.427137][   T40] audit: type=1800 audit(1774200665.903:122): pid=6155 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=263 res=0 errno=0
[  134.449082][   T40] audit: type=1800 audit(1774200665.913:123): pid=6155 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=263 res=0 errno=0
[  134.499660][ T6171] BTRFS info (device loop0): balance: start 
[  134.502272][ T6171] BTRFS info (device loop0): balance: ended with status: 0
[  135.122756][ T6053] BTRFS info (device loop0): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  135.339501][ T6174] loop0: detected capacity change from 0 to 32768
[  135.348117][ T6174] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6174)
[  135.356461][ T6174] BTRFS info (device loop0): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  135.360038][ T6174] BTRFS info (device loop0): using sha256 checksum algorithm
[  135.381942][ T6174] BTRFS info (device loop0): enabling ssd optimizations
[  135.384241][ T6174] BTRFS info (device loop0): turning on async discard
[  135.386405][ T6174] BTRFS info (device loop0): enabling free space tree
[  135.393016][   T40] audit: type=1800 audit(1774200666.873:124): pid=6174 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=263 res=0 errno=0
[  135.451791][ T6190] BTRFS info (device loop0): balance: start 
[  135.454008][ T6190] BTRFS info (device loop0): balance: ended with status: 0
[  136.071757][ T6053] BTRFS info (device loop0): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  136.217652][ T5965] Bluetooth: hci0: command tx timeout
[  136.298101][ T6193] loop0: detected capacity change from 0 to 32768
[  136.302883][ T6193] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6193)
[  136.310962][ T6193] BTRFS info (device loop0): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  136.314221][ T6193] BTRFS info (device loop0): using sha256 checksum algorithm
[  136.326802][ T6193] BTRFS info (device loop0): enabling ssd optimizations
[  136.329164][ T6193] BTRFS info (device loop0): turning on async discard
[  136.331388][ T6193] BTRFS info (device loop0): enabling free space tree
[  136.401492][ T6209] BTRFS info (device loop0): balance: start 
[  136.404069][ T6209] BTRFS info (device loop0): balance: ended with status: 0
[  137.006565][ T6053] BTRFS info (device loop0): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  137.272777][ T6211] loop0: detected capacity change from 0 to 32768
[  137.275983][ T6211] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6211)
[  137.286863][ T6211] BTRFS info (device loop0): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  137.290161][ T6211] BTRFS info (device loop0): using sha256 checksum algorithm
[  137.318916][ T6211] BTRFS info (device loop0): enabling ssd optimizations
[  137.321144][ T6211] BTRFS info (device loop0): turning on async discard
[  137.323269][ T6211] BTRFS info (device loop0): enabling free space tree
[  137.385228][ T6227] BTRFS info (device loop0): balance: start 
[  137.386649][ T6211] ------------[ cut here ]------------
[  137.388123][ T6227] BTRFS info (device loop0 state A): balance: ended with status: 0
[  137.391062][ T6211] BTRFS: Transaction aborted (error -28)
[  137.393622][ T6211] WARNING: fs/btrfs/extent-tree.c:3425 at __btrfs_free_extent.isra.0+0xc79/0x2bb0, CPU#1: syz-executor.0/6211
[  137.397229][ T6211] Modules linked in:
[  137.398797][ T6211] CPU: 1 UID: 0 PID: 6211 Comm: syz-executor.0 Not tainted syzkaller #0 PREEMPT(full) 
[  137.401792][ T6211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  137.405022][ T6211] RIP: 0010:__btrfs_free_extent.isra.0+0xc7d/0x2bb0
[  137.407111][ T6211] Code: 00 00 48 c7 c7 a0 c1 03 8c c6 05 ba c7 93 0c 01 e8 08 94 b6 fd e9 64 47 00 fd e8 de be da fd 48 8d 3d 07 4f b4 0c 8b 74 24 38 <67> 48 0f b9 3a bb 01 00 00 00 e9 4d 44 00 fd e8 bf be da fd 48 8b
[  137.413800][ T6211] RSP: 0000:ffffc900046bf138 EFLAGS: 00010293
[  137.416261][ T6211] RAX: 0000000000000000 RBX: ffffffffffffffe4 RCX: ffffffff842e1cce
[  137.419986][ T6211] RDX: ffff8880320e24c0 RSI: 00000000ffffffe4 RDI: ffffffff90e27030
[  137.423294][ T6211] RBP: 0000000000622000 R08: 0000000000000005 R09: fffffffffffffffb
[  137.426176][ T6211] R10: ffffffffffffffe4 R11: 0000000000000000 R12: ffff888037448c60
[  137.429938][ T6211] R13: ffff88802e48d0f0 R14: ffff8880290b4000 R15: 00000000ffffffe4
[  137.433251][ T6211] FS:  00007fc6d5fc66c0(0000) GS:ffff8880d643f000(0000) knlGS:0000000000000000
[  137.436965][ T6211] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  137.439704][ T6211] CR2: 00007f6bbe6d7010 CR3: 000000002b9bf000 CR4: 0000000000352ef0
[  137.442184][ T6211] Call Trace:
[  137.443336][ T6211]  <TASK>
[  137.444287][ T6211]  ? __pfx___btrfs_free_extent.isra.0+0x10/0x10
[  137.446247][ T6211]  ? do_raw_read_unlock+0x3f/0x70
[  137.448061][ T6211]  ? btrfs_tree_mod_log_lowest_seq+0x50/0xb0
[  137.449958][ T6211]  ? btrfs_merge_delayed_refs+0x102/0xad0
[  137.451777][ T6211]  ? find_held_lock+0x2b/0x80
[  137.453338][ T6211]  ? __btrfs_run_delayed_refs+0x548/0x3d20
[  137.455230][ T6211]  ? __btrfs_run_delayed_refs+0x548/0x3d20
[  137.457061][ T6211]  __btrfs_run_delayed_refs+0x910/0x3d20
[  137.459043][ T6211]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  137.460989][ T6211]  ? lockdep_unlock+0x5a/0xc0
[  137.462489][ T6211]  ? __lock_acquire+0xd73/0x2630
[  137.464110][ T6211]  ? __lock_acquire+0x4a5/0x2630
[  137.465680][ T6211]  btrfs_run_delayed_refs+0x1a4/0x3c0
[  137.467381][ T6211]  btrfs_commit_transaction+0x1f4d/0x3860
[  137.469354][ T6211]  ? lockdep_init_map_type+0x5c/0x250
[  137.471172][ T6211]  ? __raw_spin_lock_init+0x3a/0x110
[  137.473441][ T6211]  ? btrfs_find_space_info+0xc8/0x100
[  137.475755][ T6211]  ? btrfs_record_root_in_trans+0x15b/0x1b0
[  137.478321][ T6211]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  137.480924][ T6211]  ? start_transaction+0x27f/0x1ac0
[  137.483066][ T6211]  btrfs_sync_file+0xa2a/0x1010
[  137.485167][ T6211]  ? __pfx_btrfs_sync_file+0x10/0x10
[  137.487445][ T6211]  ? do_raw_spin_lock+0x128/0x260
[  137.489627][ T6211]  ? find_held_lock+0x2b/0x80
[  137.491617][ T6211]  ? btrfs_do_write_iter+0x43f/0x930
[  137.493899][ T6211]  ? __pfx_btrfs_sync_file+0x10/0x10
[  137.496127][ T6211]  vfs_fsync_range+0x9b/0x190
[  137.498233][ T6211]  btrfs_do_write_iter+0x6c8/0x930
[  137.500449][ T6211]  ? trace_kmalloc+0x101/0x130
[  137.502100][ T6211]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  137.503924][ T6211]  ? splice_from_pipe_next+0x1ec/0x5a0
[  137.505636][ T6211]  iter_file_splice_write+0x830/0x10a0
[  137.507364][ T6211]  ? __pfx_iter_file_splice_write+0x10/0x10
[  137.509280][ T6211]  ? __pfx_copy_splice_read+0x10/0x10
[  137.510973][ T6211]  ? __pfx_iter_file_splice_write+0x10/0x10
[  137.512933][ T6211]  direct_splice_actor+0x192/0x6c0
[  137.514777][ T6211]  splice_direct_to_actor+0x345/0xa30
[  137.516474][ T6211]  ? __pfx_direct_splice_actor+0x10/0x10
[  137.518308][ T6211]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  137.520186][ T6211]  do_splice_direct+0x174/0x240
[  137.521734][ T6211]  ? __pfx_do_splice_direct+0x10/0x10
[  137.523474][ T6211]  ? avc_policy_seqno+0x9/0x20
[  137.524981][ T6211]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  137.526840][ T6211]  ? rw_verify_area+0xce/0x6d0
[  137.528444][ T6211]  do_sendfile+0xadc/0xe20
[  137.529906][ T6211]  ? __pfx_do_sendfile+0x10/0x10
[  137.531488][ T6211]  ? __x64_sys_futex+0x34f/0x4d0
[  137.533220][ T6211]  ? __x64_sys_futex+0x358/0x4d0
[  137.534914][ T6211]  __x64_sys_sendfile64+0x1d8/0x220
[  137.536559][ T6211]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  137.538475][ T6211]  do_syscall_64+0x106/0xf80
[  137.539988][ T6211]  ? clear_bhb_loop+0x40/0x90
[  137.541472][ T6211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.543401][ T6211] RIP: 0033:0x7fc6d526e3b9
[  137.544814][ T6211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 d0 ff ff ff f7 d8 64 89 01 48
[  137.550867][ T6211] RSP: 002b:00007fc6d5fc6078 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  137.553858][ T6211] RAX: ffffffffffffffda RBX: 00007fc6d53abf80 RCX: 00007fc6d526e3b9
[  137.557269][ T6211] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  137.560347][ T6211] RBP: 00007fc6d52cf498 R08: 0000000000000000 R09: 0000000000000000
[  137.562861][ T6211] R10: 000000000880000c R11: 0000000000000246 R12: 0000000000000000
[  137.565339][ T6211] R13: 000000000000000b R14: 00007fc6d53abf80 R15: 00007fffee6437b8
[  137.568252][ T6211]  </TASK>
[  137.569254][ T6211] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  137.571548][ T6211] CPU: 1 UID: 0 PID: 6211 Comm: syz-executor.0 Not tainted syzkaller #0 PREEMPT(full) 
[  137.574598][ T6211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  137.577817][ T6211] Call Trace:
[  137.578951][ T6211]  <TASK>
[  137.579908][ T6211]  dump_stack_lvl+0x100/0x190
[  137.581396][ T6211]  vpanic+0x552/0x970
[  137.582698][ T6211]  ? __pfx_vpanic+0x10/0x10
[  137.584148][ T6211]  panic+0xd1/0xe0
[  137.585346][ T6211]  ? __pfx_panic+0x10/0x10
[  137.586771][ T6211]  ? check_panic_on_warn+0x1f/0x90
[  137.588390][ T6211]  check_panic_on_warn.cold+0x19/0x34
[  137.590091][ T6211]  ? __btrfs_free_extent.isra.0+0xc79/0x2bb0
[  137.591982][ T6211]  __warn.cold+0x191/0x348
[  137.593453][ T6211]  __report_bug+0x296/0x3d0
[  137.594895][ T6211]  ? __btrfs_free_extent.isra.0+0xc79/0x2bb0
[  137.596781][ T6211]  ? __pfx___report_bug+0x10/0x10
[  137.598376][ T6211]  ? __btrfs_free_extent.isra.0+0x81e/0x2bb0
[  137.600261][ T6211]  report_bug_entry+0xe1/0x290
[  137.601777][ T6211]  ? __btrfs_free_extent.isra.0+0xc7d/0x2bb0
[  137.603764][ T6211]  handle_bug+0x1cd/0x2a0
[  137.605142][ T6211]  exc_invalid_op+0x17/0x50
[  137.606592][ T6211]  asm_exc_invalid_op+0x1a/0x20
[  137.608138][ T6211] RIP: 0010:__btrfs_free_extent.isra.0+0xc7d/0x2bb0
[  137.610191][ T6211] Code: 00 00 48 c7 c7 a0 c1 03 8c c6 05 ba c7 93 0c 01 e8 08 94 b6 fd e9 64 47 00 fd e8 de be da fd 48 8d 3d 07 4f b4 0c 8b 74 24 38 <67> 48 0f b9 3a bb 01 00 00 00 e9 4d 44 00 fd e8 bf be da fd 48 8b
[  137.616201][ T6211] RSP: 0000:ffffc900046bf138 EFLAGS: 00010293
[  137.618103][ T6211] RAX: 0000000000000000 RBX: ffffffffffffffe4 RCX: ffffffff842e1cce
[  137.620583][ T6211] RDX: ffff8880320e24c0 RSI: 00000000ffffffe4 RDI: ffffffff90e27030
[  137.623036][ T6211] RBP: 0000000000622000 R08: 0000000000000005 R09: fffffffffffffffb
[  137.625529][ T6211] R10: ffffffffffffffe4 R11: 0000000000000000 R12: ffff888037448c60
[  137.628049][ T6211] R13: ffff88802e48d0f0 R14: ffff8880290b4000 R15: 00000000ffffffe4
[  137.630505][ T6211]  ? __btrfs_free_extent.isra.0+0x81e/0x2bb0
[  137.632395][ T6211]  ? __btrfs_free_extent.isra.0+0xc72/0x2bb0
[  137.634340][ T6211]  ? __pfx___btrfs_free_extent.isra.0+0x10/0x10
[  137.636423][ T6211]  ? do_raw_read_unlock+0x3f/0x70
[  137.638012][ T6211]  ? btrfs_tree_mod_log_lowest_seq+0x50/0xb0
[  137.639903][ T6211]  ? btrfs_merge_delayed_refs+0x102/0xad0
[  137.641685][ T6211]  ? find_held_lock+0x2b/0x80
[  137.643273][ T6211]  ? __btrfs_run_delayed_refs+0x548/0x3d20
[  137.645101][ T6211]  ? __btrfs_run_delayed_refs+0x548/0x3d20
[  137.646927][ T6211]  __btrfs_run_delayed_refs+0x910/0x3d20
[  137.648704][ T6211]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  137.650612][ T6211]  ? lockdep_unlock+0x5a/0xc0
[  137.652107][ T6211]  ? __lock_acquire+0xd73/0x2630
[  137.653894][ T6211]  ? __lock_acquire+0x4a5/0x2630
[  137.655469][ T6211]  btrfs_run_delayed_refs+0x1a4/0x3c0
[  137.657161][ T6211]  btrfs_commit_transaction+0x1f4d/0x3860
[  137.658963][ T6211]  ? lockdep_init_map_type+0x5c/0x250
[  137.660650][ T6211]  ? __raw_spin_lock_init+0x3a/0x110
[  137.662308][ T6211]  ? btrfs_find_space_info+0xc8/0x100
[  137.664122][ T6211]  ? btrfs_record_root_in_trans+0x15b/0x1b0
[  137.665977][ T6211]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  137.667894][ T6211]  ? start_transaction+0x27f/0x1ac0
[  137.669535][ T6211]  btrfs_sync_file+0xa2a/0x1010
[  137.671081][ T6211]  ? __pfx_btrfs_sync_file+0x10/0x10
[  137.672806][ T6211]  ? do_raw_spin_lock+0x128/0x260
[  137.674418][ T6211]  ? find_held_lock+0x2b/0x80
[  137.675915][ T6211]  ? btrfs_do_write_iter+0x43f/0x930
[  137.677585][ T6211]  ? __pfx_btrfs_sync_file+0x10/0x10
[  137.679272][ T6211]  vfs_fsync_range+0x9b/0x190
[  137.680767][ T6211]  btrfs_do_write_iter+0x6c8/0x930
[  137.682379][ T6211]  ? trace_kmalloc+0x101/0x130
[  137.683954][ T6211]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  137.685709][ T6211]  ? splice_from_pipe_next+0x1ec/0x5a0
[  137.687435][ T6211]  iter_file_splice_write+0x830/0x10a0
[  137.689153][ T6211]  ? __pfx_iter_file_splice_write+0x10/0x10
[  137.691008][ T6211]  ? __pfx_copy_splice_read+0x10/0x10
[  137.692741][ T6211]  ? __pfx_iter_file_splice_write+0x10/0x10
[  137.694602][ T6211]  direct_splice_actor+0x192/0x6c0
[  137.696223][ T6211]  splice_direct_to_actor+0x345/0xa30
[  137.697908][ T6211]  ? __pfx_direct_splice_actor+0x10/0x10
[  137.699627][ T6211]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  137.701277][ T6211]  do_splice_direct+0x174/0x240
[  137.702833][ T6211]  ? __pfx_do_splice_direct+0x10/0x10
[  137.704771][ T6211]  ? avc_policy_seqno+0x9/0x20
[  137.706285][ T6211]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  137.708156][ T6211]  ? rw_verify_area+0xce/0x6d0
[  137.709677][ T6211]  do_sendfile+0xadc/0xe20
[  137.711100][ T6211]  ? __pfx_do_sendfile+0x10/0x10
[  137.712718][ T6211]  ? __x64_sys_futex+0x34f/0x4d0
[  137.714321][ T6211]  ? __x64_sys_futex+0x358/0x4d0
[  137.715891][ T6211]  __x64_sys_sendfile64+0x1d8/0x220
[  137.717524][ T6211]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  137.719473][ T6211]  do_syscall_64+0x106/0xf80
[  137.720936][ T6211]  ? clear_bhb_loop+0x40/0x90
[  137.722419][ T6211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.724346][ T6211] RIP: 0033:0x7fc6d526e3b9
[  137.725755][ T6211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 d0 ff ff ff f7 d8 64 89 01 48
[  137.731808][ T6211] RSP: 002b:00007fc6d5fc6078 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  137.734843][ T6211] RAX: ffffffffffffffda RBX: 00007fc6d53abf80 RCX: 00007fc6d526e3b9
[  137.737425][ T6211] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  137.739925][ T6211] RBP: 00007fc6d52cf498 R08: 0000000000000000 R09: 0000000000000000
[  137.742371][ T6211] R10: 000000000880000c R11: 0000000000000246 R12: 0000000000000000
[  137.744908][ T6211] R13: 000000000000000b R14: 00007fc6d53abf80 R15: 00007fffee6437b8
[  137.747395][ T6211]  </TASK>
[  137.748923][ T6211] Kernel Offset: disabled
[  137.750294][ T6211] Rebooting in 86400 seconds..