[   53.005669][ T1120] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.017714][ T1120] veth1_macvtap: left promiscuous mode
[   53.023491][ T1120] veth0_macvtap: left promiscuous mode
[   53.029036][ T1120] veth1_vlan: left promiscuous mode
[   53.035453][ T1120] veth0_vlan: left promiscuous mode
[   53.154556][ T1120] team0 (unregistering): Port device team_slave_1 removed
[   53.166261][ T1120] team0 (unregistering): Port device team_slave_0 removed
[   53.178424][ T1120] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   53.192983][ T1120] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   53.238376][ T1120] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.10.37' (ECDSA) to the list of known hosts.
2023/03/24 03:11:15 ignoring optional flag "sandboxArg"="0"
2023/03/24 03:11:15 parsed 1 programs
2023/03/24 03:11:15 executed programs: 0
[   67.746738][ T4398] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   67.756082][ T4398] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   67.763916][ T4398] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   67.772876][ T4398] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   67.780933][ T4398] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   67.788973][ T4398] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   67.873072][ T5535] chnl_net:caif_netlink_parms(): no params data found
[   67.908402][ T5535] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.915771][ T5535] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.923230][ T5535] bridge_slave_0: entered allmulticast mode
[   67.929706][ T5535] bridge_slave_0: entered promiscuous mode
[   67.937901][ T5535] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.945624][ T5535] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.952815][ T5535] bridge_slave_1: entered allmulticast mode
[   67.959265][ T5535] bridge_slave_1: entered promiscuous mode
[   67.976760][ T5535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.988333][ T5535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.009644][ T5535] team0: Port device team_slave_0 added
[   68.016818][ T5535] team0: Port device team_slave_1 added
[   68.032794][ T5535] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.039748][ T5535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.066155][ T5535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.079870][ T5535] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.087360][ T5535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.113894][ T5535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.140825][ T5535] hsr_slave_0: entered promiscuous mode
[   68.147123][ T5535] hsr_slave_1: entered promiscuous mode
[   68.613216][ T5535] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   68.625126][ T5535] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   68.635051][ T5535] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   68.646757][ T5535] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   68.668758][ T5535] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.676027][ T5535] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.684154][ T5535] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.691708][ T5535] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.744460][ T5535] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.760127][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   68.773952][ T5086] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.781558][ T5086] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.790789][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   68.805694][ T5535] 8021q: adding VLAN 0 to HW filter on device team0
[   68.818740][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   68.830113][ T5086] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.837403][ T5086] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.857392][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   68.868057][   T14] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.875263][   T14] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.897778][  T895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   68.909324][  T895] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   68.918640][  T895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   68.928621][  T895] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   68.937731][  T895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   68.947051][  T895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   68.958916][ T5535] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   68.971376][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   68.989334][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   68.998290][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   69.007334][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   69.153278][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   69.160762][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   69.177942][ T5535] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.199767][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   69.210212][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   69.234599][ T5535] veth0_vlan: entered promiscuous mode
[   69.240589][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   69.250542][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   69.265106][ T5535] veth1_vlan: entered promiscuous mode
[   69.272724][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   69.280721][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   69.289220][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   69.311382][ T5535] veth0_macvtap: entered promiscuous mode
[   69.320410][ T5152] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   69.329453][ T5152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   69.338884][ T5152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   69.349689][ T5535] veth1_macvtap: entered promiscuous mode
[   69.359703][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   69.368205][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   69.385484][ T5535] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.393272][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   69.403133][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   69.414946][ T5535] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.424972][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   69.435068][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   69.445887][ T5535] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.456424][ T5535] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.465970][ T5535] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.475342][ T5535] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.536167][  T928] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.547986][  T928] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.566236][ T5087] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   69.584068][  T928] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.593702][  T928] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.606296][ T5087] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   69.852701][ T4398] Bluetooth: hci0: command 0x0409 tx timeout
[   69.916062][ T5610] loop0: detected capacity change from 0 to 32768
[   69.937249][ T5610] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   70.052717][ T5610] XFS (loop0): Torn write (CRC failure) detected at log block 0x180. Truncating head block from 0x200.
[   70.096927][ T5610] XFS (loop0): Starting recovery (logdev: internal)
[   70.122881][ T5610] ==================================================================
[   70.131075][ T5610] BUG: KASAN: slab-out-of-bounds in xfs_btree_lookup_get_block+0x12d/0x680
[   70.141106][ T5610] Read of size 8 at addr ffff8880711eb258 by task syz-executor.0/5610
[   70.149336][ T5610] 
[   70.151715][ T5610] CPU: 0 PID: 5610 Comm: syz-executor.0 Not tainted 6.3.0-rc3-syzkaller #0
[   70.160300][ T5610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   70.172360][ T5610] Call Trace:
[   70.175814][ T5610]  <TASK>
[   70.178837][ T5610]  dump_stack_lvl+0x12e/0x1d0
[   70.183555][ T5610]  ? irq_work_queue+0x66/0xb0
[   70.188493][ T5610]  ? nf_tcp_handle_invalid+0x4e0/0x4e0
[   70.194039][ T5610]  ? panic+0x510/0x510
[   70.198358][ T5610]  ? _printk+0xab/0xf0
[   70.203690][ T5610]  print_report+0x163/0x510
[   70.208414][ T5610]  ? xfs_btree_lookup_get_block+0x12d/0x680
[   70.214307][ T5610]  kasan_report+0x108/0x140
[   70.218978][ T5610]  ? xfs_btree_lookup_get_block+0x12d/0x680
[   70.224945][ T5610]  xfs_btree_lookup_get_block+0x12d/0x680
[   70.230640][ T5610]  ? xfs_btree_decrement+0xa40/0xa40
[   70.235926][ T5610]  ? lockdep_hardirqs_on_prepare+0x418/0x780
[   70.241892][ T5610]  xfs_btree_lookup+0x2f7/0xfe0
[   70.246739][ T5610]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[   70.252618][ T5610]  ? stack_trace_save+0x10a/0x1e0
[   70.257625][ T5610]  ? xfs_btree_lookup_get_block+0x680/0x680
[   70.263671][ T5610]  ? __stack_depot_save+0x4dc/0x650
[   70.268846][ T5610]  ? kasan_set_track+0x52/0x60
[   70.273671][ T5610]  ? kasan_set_track+0x40/0x60
[   70.278415][ T5610]  ? __kasan_slab_alloc+0x66/0x70
[   70.283413][ T5610]  ? kmem_cache_alloc+0x11f/0x2e0
[   70.288611][ T5610]  ? xfs_refcountbt_init_cursor+0x82/0x340
[   70.294400][ T5610]  ? xfs_refcount_recover_cow_leftovers+0x1de/0xaa0
[   70.300968][ T5610]  ? xfs_reflink_recover_cow+0x65/0x180
[   70.306491][ T5610]  xfs_btree_simple_query_range+0xde/0x5a0
[   70.312293][ T5610]  ? __se_sys_mount+0x20d/0x2a0
[   70.317210][ T5610]  ? do_syscall_64+0x41/0xc0
[   70.321777][ T5610]  ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   70.327902][ T5610]  ? xfs_refcount_recover_cow_leftovers+0xaa0/0xaa0
[   70.334475][ T5610]  ? xfs_btree_query_range+0x360/0x360
[   70.340006][ T5610]  ? lockdep_hardirqs_on_prepare+0x418/0x780
[   70.346044][ T5610]  ? xfs_btree_query_range+0x174/0x360
[   70.351499][ T5610]  xfs_btree_query_range+0x2b7/0x360
[   70.356754][ T5610]  ? ___slab_alloc+0xe45/0x1000
[   70.361598][ T5610]  ? lockdep_hardirqs_on+0x90/0x130
[   70.366769][ T5610]  ? xfs_refcount_recover_cow_leftovers+0xaa0/0xaa0
[   70.373417][ T5610]  ? xfs_btree_space_to_height+0x80/0x80
[   70.379194][ T5610]  ? slab_post_alloc_hook+0x85/0x3a0
[   70.384634][ T5610]  ? rcu_is_watching+0x15/0xb0
[   70.389458][ T5610]  ? xfs_refcountbt_init_cursor+0x82/0x340
[   70.395326][ T5610]  ? xfs_refcountbt_init_cursor+0x15e/0x340
[   70.401198][ T5610]  xfs_refcount_recover_cow_leftovers+0x299/0xaa0
[   70.407858][ T5610]  ? xfs_refcount_free_cow_extent+0x170/0x170
[   70.414086][ T5610]  ? rcu_lock_acquire+0x30/0x30
[   70.419038][ T5610]  ? __lock_acquire+0x1f80/0x1f80
[   70.424160][ T5610]  ? xfs_perag_grab+0x162/0x260
[   70.429009][ T5610]  xfs_reflink_recover_cow+0x65/0x180
[   70.434366][ T5610]  ? xlog_recover_finish+0x705/0x7f0
[   70.439719][ T5610]  xlog_recover_finish+0x721/0x7f0
[   70.444960][ T5610]  ? xlog_do_recover+0x3c0/0x3c0
[   70.449977][ T5610]  ? __xfs_ag_resv_free+0x510/0x510
[   70.455278][ T5610]  ? xfs_fs_reserve_ag_blocks+0xd7/0x250
[   70.460908][ T5610]  ? xfs_fs_reserve_ag_blocks+0xd7/0x250
[   70.466628][ T5610]  xfs_log_mount_finish+0x1c1/0x360
[   70.471895][ T5610]  xfs_mountfs+0x116e/0x1cd0
[   70.476564][ T5610]  ? xfs_default_resblks+0x60/0x60
[   70.481672][ T5610]  ? xfs_mru_cache_create+0x3b3/0x4d0
[   70.487245][ T5610]  ? rcu_is_watching+0x15/0xb0
[   70.491994][ T5610]  xfs_fs_fill_super+0xb55/0xed0
[   70.496913][ T5610]  get_tree_bdev+0x3d7/0x620
[   70.501584][ T5610]  ? xfs_fs_warn_deprecated+0x160/0x160
[   70.507405][ T5610]  vfs_get_tree+0x7f/0x220
[   70.511804][ T5610]  do_new_mount+0x1e5/0x940
[   70.516281][ T5610]  ? do_move_mount_old+0x110/0x110
[   70.521380][ T5610]  ? user_path_at_empty+0xf1/0x140
[   70.526484][ T5610]  ? user_path_at_empty+0xf1/0x140
[   70.531672][ T5610]  __se_sys_mount+0x20d/0x2a0
[   70.536421][ T5610]  ? print_irqtrace_events+0x220/0x220
[   70.541855][ T5610]  ? __x64_sys_mount+0xc0/0xc0
[   70.546677][ T5610]  ? syscall_enter_from_user_mode+0x32/0x260
[   70.552719][ T5610]  ? lockdep_hardirqs_on+0x90/0x130
[   70.557905][ T5610]  ? syscall_enter_from_user_mode+0x32/0x260
[   70.563872][ T5610]  do_syscall_64+0x41/0xc0
[   70.568291][ T5610]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   70.574435][ T5610] RIP: 0033:0x7f646028d5da
[   70.578855][ T5610] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   70.598453][ T5610] RSP: 002b:00007f6460fa1f88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   70.606930][ T5610] RAX: ffffffffffffffda RBX: 0000000000009712 RCX: 00007f646028d5da
[   70.614895][ T5610] RDX: 0000000020000100 RSI: 0000000020009640 RDI: 00007f6460fa1fe0
[   70.622951][ T5610] RBP: 00007f6460fa2020 R08: 00007f6460fa2020 R09: 0000000000200800
[   70.630917][ T5610] R10: 0000000000200800 R11: 0000000000000246 R12: 0000000020000100
[   70.639314][ T5610] R13: 0000000020009640 R14: 00007f6460fa1fe0 R15: 0000000020000240
[   70.647354][ T5610]  </TASK>
[   70.650351][ T5610] 
[   70.652677][ T5610] The buggy address belongs to the object at ffff8880711eb210
[   70.652677][ T5610]  which belongs to the cache xfs_refcbt_cur of size 200
[   70.667746][ T5610] The buggy address is located 72 bytes inside of
[   70.667746][ T5610]  allocated 200-byte region [ffff8880711eb210, ffff8880711eb2d8)
[   70.681790][ T5610] 
[   70.684100][ T5610] The buggy address belongs to the physical page:
[   70.690838][ T5610] page:ffffea0001c47ac0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x711eb
[   70.700983][ T5610] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[   70.708558][ T5610] raw: 00fff00000000200 ffff888145e63a00 dead000000000122 0000000000000000
[   70.717211][ T5610] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000
[   70.725879][ T5610] page dumped because: kasan: bad access detected
[   70.733266][ T5610] page_owner tracks the page as allocated
[   70.738959][ T5610] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 5610, tgid 5609 (syz-executor.0), ts 70122868955, free_ts 52786526579
[   70.758633][ T5610]  get_page_from_freelist+0x31e9/0x3360
[   70.764591][ T5610]  __alloc_pages+0x255/0x670
[   70.769263][ T5610]  alloc_slab_page+0x6a/0x160
[   70.774087][ T5610]  new_slab+0x84/0x2f0
[   70.778227][ T5610]  ___slab_alloc+0xa07/0x1000
[   70.782896][ T5610]  kmem_cache_alloc+0x1b9/0x2e0
[   70.787808][ T5610]  xfs_refcountbt_init_cursor+0x82/0x340
[   70.793408][ T5610]  xfs_refcount_recover_cow_leftovers+0x1de/0xaa0
[   70.799791][ T5610]  xfs_reflink_recover_cow+0x65/0x180
[   70.805394][ T5610]  xlog_recover_finish+0x721/0x7f0
[   70.811167][ T5610]  xfs_log_mount_finish+0x1c1/0x360
[   70.816425][ T5610]  xfs_mountfs+0x116e/0x1cd0
[   70.823861][ T5610]  xfs_fs_fill_super+0xb55/0xed0
[   70.828800][ T5610]  get_tree_bdev+0x3d7/0x620
[   70.833519][ T5610]  vfs_get_tree+0x7f/0x220
[   70.837914][ T5610]  do_new_mount+0x1e5/0x940
[   70.842477][ T5610] page last free stack trace:
[   70.847737][ T5610]  __free_pages_ok+0xc3d/0xc70
[   70.852476][ T5610]  free_large_kmalloc+0xef/0x180
[   70.857405][ T5610]  ieee80211_txq_teardown_flows+0x114/0x1b0
[   70.863304][ T5610]  ieee80211_remove_interfaces+0x1a5/0x780
[   70.869267][ T5610]  ieee80211_unregister_hw+0x53/0x1f0
[   70.874999][ T5610]  mac80211_hwsim_del_radio+0x26a/0x450
[   70.881657][ T5610]  hwsim_exit_net+0x3bf/0x5f0
[   70.887213][ T5610]  cleanup_net+0x735/0xa30
[   70.892225][ T5610]  process_one_work+0x7c4/0xe70
[   70.897431][ T5610]  worker_thread+0x8c9/0xfd0
[   70.902359][ T5610]  kthread+0x232/0x2b0
[   70.906408][ T5610]  ret_from_fork+0x1f/0x30
[   70.910807][ T5610] 
[   70.913243][ T5610] Memory state around the buggy address:
[   70.919164][ T5610]  ffff8880711eb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   70.927205][ T5610]  ffff8880711eb180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   70.935361][ T5610] >ffff8880711eb200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   70.943867][ T5610]                                                     ^
[   70.951427][ T5610]  ffff8880711eb280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   70.959673][ T5610]  ffff8880711eb300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   70.967913][ T5610] ==================================================================
[   70.982040][ T5610] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   70.989357][ T5610] CPU: 1 PID: 5610 Comm: syz-executor.0 Not tainted 6.3.0-rc3-syzkaller #0
[   70.998043][ T5610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   71.009231][ T5610] Call Trace:
[   71.012620][ T5610]  <TASK>
[   71.015634][ T5610]  dump_stack_lvl+0x12e/0x1d0
[   71.020317][ T5610]  ? nf_tcp_handle_invalid+0x4e0/0x4e0
[   71.026206][ T5610]  ? panic+0x510/0x510
[   71.030306][ T5610]  panic+0x1f2/0x510
[   71.034378][ T5610]  ? memcpy_page_flushcache+0xe0/0xe0
[   71.040010][ T5610]  ? _raw_spin_unlock_irqrestore+0x114/0x120
[   71.045989][ T5610]  ? _raw_spin_unlock+0x40/0x40
[   71.050839][ T5610]  check_panic_on_warn+0x58/0x70
[   71.055950][ T5610]  ? xfs_btree_lookup_get_block+0x12d/0x680
[   71.061835][ T5610]  end_report+0x63/0x110
[   71.066083][ T5610]  kasan_report+0x115/0x140
[   71.070571][ T5610]  ? xfs_btree_lookup_get_block+0x12d/0x680
[   71.076573][ T5610]  xfs_btree_lookup_get_block+0x12d/0x680
[   71.082307][ T5610]  ? xfs_btree_decrement+0xa40/0xa40
[   71.087578][ T5610]  ? lockdep_hardirqs_on_prepare+0x418/0x780
[   71.093720][ T5610]  xfs_btree_lookup+0x2f7/0xfe0
[   71.098699][ T5610]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[   71.104591][ T5610]  ? stack_trace_save+0x10a/0x1e0
[   71.109594][ T5610]  ? xfs_btree_lookup_get_block+0x680/0x680
[   71.115674][ T5610]  ? __stack_depot_save+0x4dc/0x650
[   71.121053][ T5610]  ? kasan_set_track+0x52/0x60
[   71.125817][ T5610]  ? kasan_set_track+0x40/0x60
[   71.130581][ T5610]  ? __kasan_slab_alloc+0x66/0x70
[   71.135862][ T5610]  ? kmem_cache_alloc+0x11f/0x2e0
[   71.142115][ T5610]  ? xfs_refcountbt_init_cursor+0x82/0x340
[   71.147916][ T5610]  ? xfs_refcount_recover_cow_leftovers+0x1de/0xaa0
[   71.154697][ T5610]  ? xfs_reflink_recover_cow+0x65/0x180
[   71.160448][ T5610]  xfs_btree_simple_query_range+0xde/0x5a0
[   71.166329][ T5610]  ? __se_sys_mount+0x20d/0x2a0
[   71.171398][ T5610]  ? do_syscall_64+0x41/0xc0
[   71.176257][ T5610]  ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   71.182563][ T5610]  ? xfs_refcount_recover_cow_leftovers+0xaa0/0xaa0
[   71.189160][ T5610]  ? xfs_btree_query_range+0x360/0x360
[   71.194603][ T5610]  ? lockdep_hardirqs_on_prepare+0x418/0x780
[   71.200576][ T5610]  ? xfs_btree_query_range+0x174/0x360
[   71.206024][ T5610]  xfs_btree_query_range+0x2b7/0x360
[   71.211306][ T5610]  ? ___slab_alloc+0xe45/0x1000
[   71.216215][ T5610]  ? lockdep_hardirqs_on+0x90/0x130
[   71.221396][ T5610]  ? xfs_refcount_recover_cow_leftovers+0xaa0/0xaa0
[   71.227966][ T5610]  ? xfs_btree_space_to_height+0x80/0x80
[   71.234159][ T5610]  ? slab_post_alloc_hook+0x85/0x3a0
[   71.239767][ T5610]  ? rcu_is_watching+0x15/0xb0
[   71.244524][ T5610]  ? xfs_refcountbt_init_cursor+0x82/0x340
[   71.250426][ T5610]  ? xfs_refcountbt_init_cursor+0x15e/0x340
[   71.256427][ T5610]  xfs_refcount_recover_cow_leftovers+0x299/0xaa0
[   71.263294][ T5610]  ? xfs_refcount_free_cow_extent+0x170/0x170
[   71.269783][ T5610]  ? rcu_lock_acquire+0x30/0x30
[   71.275144][ T5610]  ? __lock_acquire+0x1f80/0x1f80
[   71.280163][ T5610]  ? xfs_perag_grab+0x162/0x260
[   71.285005][ T5610]  xfs_reflink_recover_cow+0x65/0x180
[   71.290376][ T5610]  ? xlog_recover_finish+0x705/0x7f0
[   71.295651][ T5610]  xlog_recover_finish+0x721/0x7f0
[   71.300826][ T5610]  ? xlog_do_recover+0x3c0/0x3c0
[   71.305837][ T5610]  ? __xfs_ag_resv_free+0x510/0x510
[   71.311009][ T5610]  ? xfs_fs_reserve_ag_blocks+0xd7/0x250
[   71.316646][ T5610]  ? xfs_fs_reserve_ag_blocks+0xd7/0x250
[   71.322251][ T5610]  xfs_log_mount_finish+0x1c1/0x360
[   71.327600][ T5610]  xfs_mountfs+0x116e/0x1cd0
[   71.332270][ T5610]  ? xfs_default_resblks+0x60/0x60
[   71.337368][ T5610]  ? xfs_mru_cache_create+0x3b3/0x4d0
[   71.342806][ T5610]  ? rcu_is_watching+0x15/0xb0
[   71.347661][ T5610]  xfs_fs_fill_super+0xb55/0xed0
[   71.352668][ T5610]  get_tree_bdev+0x3d7/0x620
[   71.357691][ T5610]  ? xfs_fs_warn_deprecated+0x160/0x160
[   71.363221][ T5610]  vfs_get_tree+0x7f/0x220
[   71.367657][ T5610]  do_new_mount+0x1e5/0x940
[   71.372523][ T5610]  ? do_move_mount_old+0x110/0x110
[   71.378066][ T5610]  ? user_path_at_empty+0xf1/0x140
[   71.383168][ T5610]  ? user_path_at_empty+0xf1/0x140
[   71.388709][ T5610]  __se_sys_mount+0x20d/0x2a0
[   71.393459][ T5610]  ? print_irqtrace_events+0x220/0x220
[   71.398918][ T5610]  ? __x64_sys_mount+0xc0/0xc0
[   71.403829][ T5610]  ? syscall_enter_from_user_mode+0x32/0x260
[   71.410057][ T5610]  ? lockdep_hardirqs_on+0x90/0x130
[   71.415251][ T5610]  ? syscall_enter_from_user_mode+0x32/0x260
[   71.421209][ T5610]  do_syscall_64+0x41/0xc0
[   71.425622][ T5610]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   71.431512][ T5610] RIP: 0033:0x7f646028d5da
[   71.436116][ T5610] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   71.456849][ T5610] RSP: 002b:00007f6460fa1f88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   71.465251][ T5610] RAX: ffffffffffffffda RBX: 0000000000009712 RCX: 00007f646028d5da
[   71.473305][ T5610] RDX: 0000000020000100 RSI: 0000000020009640 RDI: 00007f6460fa1fe0
[   71.481345][ T5610] RBP: 00007f6460fa2020 R08: 00007f6460fa2020 R09: 0000000000200800
[   71.489318][ T5610] R10: 0000000000200800 R11: 0000000000000246 R12: 0000000020000100
[   71.497731][ T5610] R13: 0000000020009640 R14: 00007f6460fa1fe0 R15: 0000000020000240
[   71.505729][ T5610]  </TASK>
[   71.508998][ T5610] Kernel Offset: disabled
[   71.513380][ T5610] Rebooting in 86400 seconds..