Warning: Permanently added '10.128.0.191' (ECDSA) to the list of known hosts.
2023/04/18 04:49:06 ignoring optional flag "sandboxArg"="0"
2023/04/18 04:49:06 parsed 1 programs
2023/04/18 04:49:13 executed programs: 0
[   59.980822][ T4387] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   59.988018][ T4387] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   59.995052][ T4387] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   60.002296][ T4387] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   60.010217][ T4387] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   60.017444][ T4387] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   60.050082][ T5537] chnl_net:caif_netlink_parms(): no params data found
[   60.066613][ T5537] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.073671][ T5537] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.081013][ T5537] bridge_slave_0: entered allmulticast mode
[   60.087491][ T5537] bridge_slave_0: entered promiscuous mode
[   60.093991][ T5537] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.101081][ T5537] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.108306][ T5537] bridge_slave_1: entered allmulticast mode
[   60.114465][ T5537] bridge_slave_1: entered promiscuous mode
[   60.124481][ T5537] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.135081][ T5537] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.147982][ T5537] team0: Port device team_slave_0 added
[   60.154070][ T5537] team0: Port device team_slave_1 added
[   60.163420][ T5537] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.170493][ T5537] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.202228][ T5537] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.213694][ T5537] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.220676][ T5537] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.247274][ T5537] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.263781][ T5537] hsr_slave_0: entered promiscuous mode
[   60.269698][ T5537] hsr_slave_1: entered promiscuous mode
[   60.578398][ T5537] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   60.586590][ T5537] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   60.594477][ T5537] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   60.602723][ T5537] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   60.616227][ T5537] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.623309][ T5537] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.630679][ T5537] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.637843][ T5537] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.660694][ T5537] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.669636][ T4728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   60.678606][ T4728] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.686812][ T4728] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.694929][ T4728] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   60.704318][ T5537] 8021q: adding VLAN 0 to HW filter on device team0
[   60.712936][ T4728] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   60.721416][ T4728] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.728575][ T4728] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.744393][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   60.752741][ T5088] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.759827][ T5088] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.767772][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   60.776435][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   60.784711][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   60.793559][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   60.802409][ T5537] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   60.810464][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   60.851705][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   60.859354][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   60.868597][ T5537] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.881472][ T5070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   60.894514][ T5537] veth0_vlan: entered promiscuous mode
[   60.900593][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   60.908795][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   60.917280][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   60.926365][ T5537] veth1_vlan: entered promiscuous mode
[   60.937347][ T5070] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   60.945720][ T5070] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   60.953628][ T5070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   60.963378][ T5537] veth0_macvtap: entered promiscuous mode
[   60.970731][ T5537] veth1_macvtap: entered promiscuous mode
[   60.981843][ T5537] batman_adv: batadv0: Interface activated: batadv_slave_0
[   60.989149][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   60.998765][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   61.008022][ T5537] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.015844][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   61.025650][ T5537] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.034351][ T5537] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.043624][ T5537] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.052676][ T5537] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.076226][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.084074][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.098302][  T953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.106911][  T953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.114599][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   61.123385][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   61.238992][ T5673] loop0: detected capacity change from 0 to 32768
[   61.246531][ T5673] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (5673)
[   61.260979][ T5673] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[   61.270479][ T5673] BTRFS info (device loop0): doing ref verification
[   61.277487][ T5673] BTRFS info (device loop0): setting nodatasum
[   61.283956][ T5673] BTRFS info (device loop0): max_inline at 0
[   61.290274][ T5673] BTRFS info (device loop0): enabling ssd optimizations
[   61.297516][ T5673] BTRFS info (device loop0): using free space tree
[   61.307433][ T5673] BTRFS info (device loop0): auto enabling async discard
[   61.318388][ T5673] FAULT_INJECTION: forcing a failure.
[   61.318388][ T5673] name failslab, interval 1, probability 0, space 0, times 1
[   61.331204][ T5673] CPU: 0 PID: 5673 Comm: syz-executor.0 Not tainted 6.3.0-rc7-syzkaller #0
[   61.339970][ T5673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[   61.350028][ T5673] Call Trace:
[   61.353306][ T5673]  <TASK>
[   61.356302][ T5673]  dump_stack_lvl+0x72/0xa0
[   61.360900][ T5673]  should_fail_ex+0x13e/0x140
[   61.365765][ T5673]  should_failslab+0x9/0x20
[   61.370380][ T5673]  __kmem_cache_alloc_node+0x43/0x300
[   61.375777][ T5673]  ? btrfs_insert_empty_items+0x42/0xc0
[   61.381424][ T5673]  kmalloc_trace+0x24/0x90
[   61.385913][ T5673]  btrfs_ref_tree_mod+0xde/0xb50
[   61.390955][ T5673]  ? kmem_cache_alloc+0x147/0x320
[   61.396184][ T5673]  btrfs_alloc_tree_block+0x636/0x860
[   61.401746][ T5673]  __btrfs_cow_block+0x18e/0x8e0
[   61.406793][ T5673]  btrfs_cow_block+0x163/0x2c0
[   61.411925][ T5673]  btrfs_search_slot+0xa9e/0x1560
[   61.416968][ T5673]  ? _raw_spin_unlock+0x13/0x30
[   61.421846][ T5673]  ? inode_insert5+0x13a/0x2c0
[   61.426629][ T5673]  ? btrfs_free_path+0x2e/0x40
[   61.431573][ T5673]  btrfs_insert_empty_items+0x42/0xc0
[   61.436956][ T5673]  btrfs_create_new_inode+0x2f5/0xf40
[   61.442363][ T5673]  btrfs_create_common+0xf2/0x160
[   61.447406][ T5673]  btrfs_create+0x76/0xa0
[   61.451755][ T5673]  ? btrfs_mkdir+0x90/0x90
[   61.456196][ T5673]  path_openat+0x1725/0x1b10
[   61.460893][ T5673]  do_filp_open+0xc5/0x1b0
[   61.465416][ T5673]  ? expand_files+0x1ba/0x2f0
[   61.470210][ T5673]  ? strncpy_from_user+0x1f7/0x280
[   61.475419][ T5673]  do_sys_openat2+0xed/0x260
[   61.480029][ T5673]  __x64_sys_openat+0x83/0xe0
[   61.484754][ T5673]  do_syscall_64+0x39/0xb0
[   61.489301][ T5673]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   61.495304][ T5673] RIP: 0033:0x7f505ea8c0d9
[   61.499902][ T5673] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   61.519881][ T5673] RSP: 002b:00007f505f848168 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   61.528404][ T5673] RAX: ffffffffffffffda RBX: 00007f505ebabf80 RCX: 00007f505ea8c0d9
[   61.536559][ T5673] RDX: 000000000000275a RSI: 0000000020000040 RDI: ffffffffffffff9c
[   61.545247][ T5673] RBP: 00007f505f8481d0 R08: 0000000000000000 R09: 0000000000000000
[   61.553323][ T5673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   61.561650][ T5673] R13: 00007ffe1f90086f R14: 00007f505f848300 R15: 0000000000022000
[   61.569980][ T5673]  </TASK>
[   62.066267][ T5076] Bluetooth: hci0: command 0x0409 tx timeout
[   64.155462][ T5076] Bluetooth: hci0: command 0x041b tx timeout
[   66.225038][ T5076] Bluetooth: hci0: command 0x040f tx timeout
2023/04/18 04:49:21 executed programs: 1
[   67.231983][ T6212] loop0: detected capacity change from 0 to 32768
[   67.238967][ T6212] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (6212)
[   67.252208][ T6212] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[   67.261455][ T6212] BTRFS info (device loop0): doing ref verification
[   67.268152][ T6212] BTRFS info (device loop0): setting nodatasum
[   67.274321][ T6212] BTRFS info (device loop0): max_inline at 0
[   67.280357][ T6212] BTRFS info (device loop0): enabling ssd optimizations
[   67.287381][ T6212] BTRFS info (device loop0): using free space tree
[   67.297543][ T6212] BTRFS info (device loop0): auto enabling async discard
[   67.399960][ T6233] loop0: detected capacity change from 0 to 32768
[   67.406821][ T6233] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (6233)
[   67.421465][ T6233] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[   67.431056][ T6233] BTRFS info (device loop0): doing ref verification
[   67.437893][ T6233] BTRFS info (device loop0): setting nodatasum
[   67.444176][ T6233] BTRFS info (device loop0): max_inline at 0
[   67.450194][ T6233] BTRFS info (device loop0): enabling ssd optimizations
[   67.457225][ T6233] BTRFS info (device loop0): using free space tree
[   67.466702][ T6233] BTRFS info (device loop0): auto enabling async discard
[   67.474825][ T6233] FAULT_INJECTION: forcing a failure.
[   67.474825][ T6233] name failslab, interval 1, probability 0, space 0, times 0
[   67.487897][ T6233] CPU: 0 PID: 6233 Comm: syz-executor.0 Not tainted 6.3.0-rc7-syzkaller #0
[   67.496671][ T6233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[   67.506903][ T6233] Call Trace:
[   67.510264][ T6233]  <TASK>
[   67.513211][ T6233]  dump_stack_lvl+0x72/0xa0
[   67.517963][ T6233]  should_fail_ex+0x13e/0x140
[   67.522716][ T6233]  should_failslab+0x9/0x20
[   67.527209][ T6233]  __kmem_cache_alloc_node+0x43/0x300
[   67.532654][ T6233]  kmalloc_trace+0x24/0x90
[   67.537056][ T6233]  btrfs_ref_tree_mod+0xf7/0xb50
[   67.542257][ T6233]  ? kmem_cache_alloc+0x147/0x320
[   67.547290][ T6233]  btrfs_alloc_tree_block+0x636/0x860
[   67.552735][ T6233]  __btrfs_cow_block+0x18e/0x8e0
[   67.557656][ T6233]  btrfs_cow_block+0x163/0x2c0
[   67.562411][ T6233]  btrfs_search_slot+0xa9e/0x1560
[   67.567432][ T6233]  ? _raw_spin_unlock+0x13/0x30
[   67.572282][ T6233]  ? inode_insert5+0x13a/0x2c0
[   67.577049][ T6233]  ? btrfs_free_path+0x2e/0x40
[   67.581885][ T6233]  btrfs_insert_empty_items+0x42/0xc0
[   67.587259][ T6233]  btrfs_create_new_inode+0x2f5/0xf40
[   67.592633][ T6233]  btrfs_create_common+0xf2/0x160
[   67.597674][ T6233]  btrfs_create+0x76/0xa0
[   67.602011][ T6233]  ? btrfs_mkdir+0x90/0x90
[   67.606415][ T6233]  path_openat+0x1725/0x1b10
[   67.611426][ T6233]  do_filp_open+0xc5/0x1b0
[   67.615828][ T6233]  ? expand_files+0x1ba/0x2f0
[   67.620501][ T6233]  ? strncpy_from_user+0x1f7/0x280
[   67.625774][ T6233]  do_sys_openat2+0xed/0x260
[   67.630362][ T6233]  __x64_sys_openat+0x83/0xe0
[   67.635039][ T6233]  do_syscall_64+0x39/0xb0
[   67.639461][ T6233]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   67.645369][ T6233] RIP: 0033:0x7f505ea8c0d9
[   67.649792][ T6233] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   67.669386][ T6233] RSP: 002b:00007f505f848168 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   67.677821][ T6233] RAX: ffffffffffffffda RBX: 00007f505ebabf80 RCX: 00007f505ea8c0d9
[   67.685864][ T6233] RDX: 000000000000275a RSI: 0000000020000040 RDI: ffffffffffffff9c
[   67.693840][ T6233] RBP: 00007f505f8481d0 R08: 0000000000000000 R09: 0000000000000000
[   67.701895][ T6233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   67.709849][ T6233] R13: 00007ffe1f90086f R14: 00007f505f848300 R15: 0000000000022000
[   67.717911][ T6233]  </TASK>
[   68.305034][ T5076] Bluetooth: hci0: command 0x0419 tx timeout
[   69.905164][   T24] cfg80211: failed to load regulatory.db
[   69.905581][ T1208] ieee802154 phy0 wpan0: encryption failed: -22
[   69.917164][ T1208] ieee802154 phy1 wpan1: encryption failed: -22
2023/04/18 04:49:26 executed programs: 3
[   72.935921][ T6254] loop0: detected capacity change from 0 to 32768
[   72.943244][ T6254] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (6254)
[   72.957863][ T6254] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[   72.967432][ T6254] BTRFS info (device loop0): doing ref verification
[   72.974132][ T6254] BTRFS info (device loop0): setting nodatasum
[   72.980454][ T6254] BTRFS info (device loop0): max_inline at 0
[   72.986577][ T6254] BTRFS info (device loop0): enabling ssd optimizations
[   72.993522][ T6254] BTRFS info (device loop0): using free space tree
[   73.003147][ T6254] BTRFS info (device loop0): auto enabling async discard
[   73.100601][ T6275] loop0: detected capacity change from 0 to 32768
[   73.107712][ T6275] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (6275)
[   73.121197][ T6275] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[   73.130901][ T6275] BTRFS info (device loop0): doing ref verification
[   73.137672][ T6275] BTRFS info (device loop0): setting nodatasum
[   73.143838][ T6275] BTRFS info (device loop0): max_inline at 0
[   73.150165][ T6275] BTRFS info (device loop0): enabling ssd optimizations
[   73.157728][ T6275] BTRFS info (device loop0): using free space tree
[   73.167537][ T6275] BTRFS info (device loop0): auto enabling async discard
[   74.254128][ T6292] kmemleak: 33 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
[   78.318980][ T6292] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff8881098ed5c0 (size 64):
  comm "syz-executor.0", pid 6233, jiffies 4294944012 (age 13.020s)
  hex dump (first 32 bytes):
    03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff815375e4>] kmalloc_trace+0x24/0x90
    [<ffffffff8212d6fa>] add_tree_block+0x3a/0x240
    [<ffffffff8212ecc5>] btrfs_build_ref_tree+0x535/0x7c0
    [<ffffffff82016456>] open_ctree+0x12d6/0x2360
    [<ffffffff81fddd33>] btrfs_mount_root+0x583/0x6f0
    [<ffffffff816b0faf>] legacy_get_tree+0x2f/0x90
    [<ffffffff8164aafc>] vfs_get_tree+0x2c/0x110
    [<ffffffff81685f81>] vfs_kern_mount.part.0+0xd1/0x120
    [<ffffffff81686010>] vfs_kern_mount+0x40/0x60
    [<ffffffff81fe1d0d>] btrfs_mount+0x19d/0x620
    [<ffffffff816b0faf>] legacy_get_tree+0x2f/0x90
    [<ffffffff8164aafc>] vfs_get_tree+0x2c/0x110
    [<ffffffff8168db53>] path_mount+0xc53/0x10f0
    [<ffffffff8168e792>] __x64_sys_mount+0x192/0x1e0
    [<ffffffff849c6969>] do_syscall_64+0x39/0xb0
    [<ffffffff84a0008b>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

BUG: memory leak
unreferenced object 0xffff88810a5b5600 (size 64):
  comm "syz-executor.0", pid 6233, jiffies 4294944012 (age 13.030s)
  hex dump (first 32 bytes):
    03 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00  ................
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff815375e4>] kmalloc_trace+0x24/0x90
    [<ffffffff8212d0a5>] add_block_entry+0x35/0x320
    [<ffffffff8212d75f>] add_tree_block+0x9f/0x240
    [<ffffffff8212ecc5>] btrfs_build_ref_tree+0x535/0x7c0
    [<ffffffff82016456>] open_ctree+0x12d6/0x2360
    [<ffffffff81fddd33>] btrfs_mount_root+0x583/0x6f0
    [<ffffffff816b0faf>] legacy_get_tree+0x2f/0x90
    [<ffffffff8164aafc>] vfs_get_tree+0x2c/0x110
    [<ffffffff81685f81>] vfs_kern_mount.part.0+0xd1/0x120
    [<ffffffff81686010>] vfs_kern_mount+0x40/0x60
    [<ffffffff81fe1d0d>] btrfs_mount+0x19d/0x620
    [<ffffffff816b0faf>] legacy_get_tree+0x2f/0x90
    [<ffffffff8164aafc>] vfs_get_tree+0x2c/0x110
    [<ffffffff8168db53>] path_mount+0xc53/0x10f0
    [<ffffffff8168e792>] __x64_sys_mount+0x192/0x1e0
    [<ffffffff849c6969>] do_syscall_64+0x39/0xb0

BUG: memory leak
unreferenced object 0xffff88810b608e00 (size 96):
  comm "syz-executor.0", pid 6233, jiffies 4294944012 (age 13.030s)
  hex dump (first 32 bytes):
    00 10 10 00 00 00 00 00 00 10 00 00 00 00 00 00  ................
    01 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00  ................
  backtrace:
    [<ffffffff815375e4>] kmalloc_trace+0x24/0x90
    [<ffffffff8212d0be>] add_block_entry+0x4e/0x320
    [<ffffffff8212d75f>] add_tree_block+0x9f/0x240
    [<ffffffff8212ecc5>] btrfs_build_ref_tree+0x535/0x7c0
    [<ffffffff82016456>] open_ctree+0x12d6/0x2360
    [<ffffffff81fddd33>] btrfs_mount_root+0x583/0x6f0
    [<ffffffff816b0faf>] legacy_get_tree+0x2f/0x90
    [<ffffffff8164aafc>] vfs_get_tree+0x2c/0x110
    [<ffffffff81685f81>] vfs_kern_mount.part.0+0xd1/0x120
    [<ffffffff81686010>] vfs_kern_mount+0x40/0x60
    [<ffffffff81fe1d0d>] btrfs_mount+0x19d/0x620
    [<ffffffff816b0faf>] legacy_get_tree+0x2f/0x90
    [<ffffffff8164aafc>] vfs_get_tree+0x2c/0x110
    [<ffffffff8168db53>] path_mount+0xc53/0x10f0
    [<ffffffff8168e792>] __x64_sys_mount+0x192/0x1e0
    [<ffffffff849c6969>] do_syscall_64+0x39/0xb0