./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor240642079
<...>
Warning: Permanently added '10.128.10.4' (ECDSA) to the list of known hosts.
execve("./syz-executor240642079", ["./syz-executor240642079"], 0x7ffceafe4e20 /* 10 vars */) = 0
brk(NULL) = 0x555555b49000
brk(0x555555b49c40) = 0x555555b49c40
arch_prctl(ARCH_SET_FS, 0x555555b49300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor240642079", 4096) = 27
brk(0x555555b6ac40) = 0x555555b6ac40
brk(0x555555b6b000) = 0x555555b6b000
mprotect(0x7f7484be5000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
getpid() = 5062
mkdir("./syzkaller.CbleQY", 0700) = 0
chmod("./syzkaller.CbleQY", 0777) = 0
chdir("./syzkaller.CbleQY") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b495d0) = 5063
./strace-static-x86_64: Process 5063 attached
[pid 5063] chdir("./0") = 0
[pid 5063] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5063] setpgid(0, 0) = 0
[pid 5063] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5063] write(3, "1000", 4) = 4
[pid 5063] close(3) = 0
[pid 5063] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5063] memfd_create("syzkaller", 0) = 3
[pid 5063] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f747c724000
[pid 5063] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5063] munmap(0x7f747c724000, 16777216) = 0
[pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5063] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5063] close(3) = 0
[pid 5063] mkdir("./file0", 0777) = 0
syzkaller login: [ 46.992767][ T5063] loop0: detected capacity change from 0 to 32768
[ 47.004041][ T5063] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor240 (5063)
[ 47.022052][ T5063] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 47.031089][ T5063] BTRFS info (device loop0): using free space tree
[pid 5063] mount("/dev/loop0", "./file0", "btrfs", 0, "") = 0
[pid 5063] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5063] chdir("./file0") = 0
[pid 5063] ioctl(4, LOOP_CLR_FD) = 0
[pid 5063] close(4) = 0
[pid 5063] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[ 47.051763][ T5063] BTRFS info (device loop0): enabling ssd optimizations
[ 47.058971][ T5063] BTRFS info (device loop0): auto enabling async discard
[pid 5063] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5063] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid 5063] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5063] write(6, "28", 2) = 2
[ 47.137582][ T5063] FAULT_INJECTION: forcing a failure.
[ 47.137582][ T5063] name failslab, interval 1, probability 0, space 0, times 1
[ 47.150533][ T5063] CPU: 0 PID: 5063 Comm: syz-executor240 Not tainted 6.2.0-rc2-syzkaller-00203-g1f5abbd77e2c #0
[ 47.160958][ T5063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 47.171006][ T5063] Call Trace:
[ 47.174274][ T5063]
[ 47.177198][ T5063] dump_stack_lvl+0xd1/0x138
[ 47.181803][ T5063] should_fail_ex.cold+0x5/0xa
[ 47.186562][ T5063] should_failslab+0x9/0x20
[ 47.191062][ T5063] __kmem_cache_alloc_node+0x5b/0x430
[ 47.196424][ T5063] ? btrfs_add_delayed_data_ref+0xd56/0x1170
[ 47.202399][ T5063] ? rcu_read_lock_sched_held+0x3e/0x70
[ 47.207949][ T5063] kmalloc_trace+0x26/0x60
[ 47.212365][ T5063] btrfs_add_delayed_data_ref+0xd56/0x1170
[ 47.218181][ T5063] ? btrfs_add_delayed_tree_ref+0x1080/0x1080
[ 47.224254][ T5063] btrfs_alloc_reserved_file_extent+0x2a9/0x360
[ 47.230497][ T5063] ? btrfs_pin_reserved_extent+0xa0/0xa0
[ 47.236125][ T5063] ? lock_downgrade+0x6e0/0x6e0
[ 47.240968][ T5063] ? rwlock_bug.part.0+0x90/0x90
[ 47.245906][ T5063] ? do_raw_spin_unlock+0x175/0x230
[ 47.251106][ T5063] btrfs_insert_replace_extent+0x939/0xaf0
[ 47.256936][ T5063] ? btrfs_zero_range_check_range_boundary+0x1b0/0x1b0
[ 47.263791][ T5063] ? btrfs_block_rsv_migrate+0x13b/0x260
[ 47.269422][ T5063] ? do_raw_spin_lock+0x124/0x2b0
[ 47.274445][ T5063] ? do_raw_spin_unlock+0x175/0x230
[ 47.279637][ T5063] ? _raw_spin_unlock+0x28/0x40
[ 47.284485][ T5063] ? btrfs_block_rsv_migrate+0x140/0x260
[ 47.290118][ T5063] btrfs_replace_file_extents+0xa81/0x14e0
[ 47.295940][ T5063] ? btrfs_check_nocow_unlock+0x40/0x40
[ 47.301500][ T5063] ? rcu_read_lock_sched_held+0x3e/0x70
[ 47.307045][ T5063] ? trace_kmem_cache_alloc+0x35/0x100
[ 47.312499][ T5063] ? kmem_cache_alloc+0x234/0x430
[ 47.317517][ T5063] insert_prealloc_file_extent+0x3a0/0x420
[ 47.323321][ T5063] ? insert_reserved_file_extent+0x910/0x910
[ 47.329324][ T5063] __btrfs_prealloc_file_range+0x298/0x940
[ 47.335128][ T5063] ? priority_reclaim_metadata_space+0x5f0/0x5f0
[ 47.341464][ T5063] ? async_cow_start+0xa0/0xa0
[ 47.346230][ T5063] ? qgroup_reserve_data+0x172/0xbc0
[ 47.351518][ T5063] btrfs_prealloc_file_range+0x42/0x50
[ 47.356982][ T5063] btrfs_fallocate+0x191e/0x27b0
[ 47.361931][ T5063] ? btrfs_replace_file_extents+0x14e0/0x14e0
[ 47.368000][ T5063] ? do_raw_spin_lock+0x124/0x2b0
[ 47.373028][ T5063] ? lock_release+0x810/0x810
[ 47.377716][ T5063] ? btrfs_replace_file_extents+0x14e0/0x14e0
[ 47.383792][ T5063] vfs_fallocate+0x48b/0xe00
[ 47.388390][ T5063] __x64_sys_fallocate+0xd3/0x140
[ 47.393415][ T5063] do_syscall_64+0x39/0xb0
[ 47.397830][ T5063] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 47.403718][ T5063] RIP: 0033:0x7f7484b71a79
[ 47.408124][ T5063] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 47.427991][ T5063] RSP: 002b:00007fff34a03218 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 47.436398][ T5063] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f7484b71a79
[ 47.444359][ T5063] RDX: 000000000000f0ff RSI: 0000000000000000 RDI: 0000000000000005
[ 47.452318][ T5063] RBP: 00007fff34a03240 R08: 0000000000000002 R09: 00007fff34a03250
[ 47.460278][ T5063] R10: 0000000000008001 R11: 0000000000000246 R12: 0000000000000006
[ 47.468246][ T5063] R13: 00007fff34a03280 R14: 00007fff34a03260 R15: 0000000000000000
[ 47.476227][ T5063]
[pid 5063] fallocate(5, 0, 61695, 32769) = -1 ENOMEM (Cannot allocate memory)
[pid 5063] exit_group(0) = ?
[pid 5063] +++ exited with 0 +++
[ 47.482483][ T2414] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 47.497161][ T5063] BTRFS error (device loop0: state A): Transaction aborted (error -12)
[ 47.505584][ T5063] BTRFS: error (device loop0: state A) in btrfs_replace_file_extents:2568: errno=-12 Out of memory
[ 47.516718][ T5063] BTRFS info (device loop0: state EA): forced readonly
[ 47.525988][ T5080] ------------[ cut here ]------------
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5063, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=25 /* 0.25 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b4a620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs") = 0
[ 47.531827][ T5080] WARNING: CPU: 0 PID: 5080 at fs/btrfs/transaction.c:144 btrfs_put_transaction+0x3a0/0x470
[ 47.542103][ T5080] Modules linked in:
[ 47.546241][ T5080] CPU: 0 PID: 5080 Comm: btrfs-transacti Not tainted 6.2.0-rc2-syzkaller-00203-g1f5abbd77e2c #0
[ 47.557357][ T5080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 47.570762][ T5080] RIP: 0010:btrfs_put_transaction+0x3a0/0x470
[ 47.577283][ T5080] Code: fc ff ff 48 89 df e8 1f cc 6b fe e9 73 fd ff ff e8 d5 c9 1d fe 0f 0b eb a1 e8 cc c9 1d fe 0f 0b e9 a2 fd ff ff e8 c0 c9 1d fe <0f> 0b e9 cd fd ff ff 48 89 df e8 91 cc 6b fe e9 01 ff ff ff 4c 89
[ 47.597003][ T5080] RSP: 0018:ffffc90003f1fcb8 EFLAGS: 00010293
[ 47.603088][ T5080] RAX: 0000000000000000 RBX: ffff888017cba028 RCX: 0000000000000000
[ 47.611119][ T5080] RDX: ffff888074c59d40 RSI: ffffffff836388a0 RDI: ffff888017cba330
[ 47.619188][ T5080] RBP: ffff888017cba000 R08: 0000000000000005 R09: 0000000000000001
[ 47.627453][ T5080] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888017cba010
[ 47.635425][ T5080] R13: dffffc0000000000 R14: ffff88801be14c10 R15: ffff88801be14000
[ 47.643445][ T5080] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 47.652590][ T5080] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 47.659203][ T5080] CR2: 000055db91048fd0 CR3: 000000002699c000 CR4: 0000000000350ef0
[ 47.667210][ T5080] Call Trace:
[ 47.670473][ T5080]
[ 47.673388][ T5080] btrfs_cleanup_transaction.isra.0+0x223/0x1310
[ 47.679762][ T5080] ? btrfs_cleanup_one_transaction+0x1980/0x1980
[ 47.686106][ T5080] ? __mutex_unlock_slowpath+0x157/0x5e0
[ 47.691810][ T5080] ? wait_for_completion_io_timeout+0x20/0x20
[ 47.697941][ T5080] ? do_raw_spin_lock+0x124/0x2b0
[ 47.702951][ T5080] ? sched_core_balance+0x14c0/0x14c0
[ 47.708353][ T5080] ? rwlock_bug.part.0+0x90/0x90
[ 47.713315][ T5080] ? do_raw_spin_unlock+0x175/0x230
[ 47.718549][ T5080] transaction_kthread+0x3cb/0x4e0
[ 47.723676][ T5080] ? btrfs_cleanup_transaction.isra.0+0x1310/0x1310
[ 47.730304][ T5080] kthread+0x2e8/0x3a0
[ 47.734392][ T5080] ? kthread_complete_and_exit+0x40/0x40
[ 47.740084][ T5080] ret_from_fork+0x1f/0x30
[ 47.744553][ T5080]
[ 47.747649][ T5080] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 47.754932][ T5080] CPU: 0 PID: 5080 Comm: btrfs-transacti Not tainted 6.2.0-rc2-syzkaller-00203-g1f5abbd77e2c #0
[ 47.765333][ T5080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 47.775378][ T5080] Call Trace:
[ 47.778643][ T5080]
[ 47.781564][ T5080] dump_stack_lvl+0xd1/0x138
[ 47.786152][ T5080] panic+0x2cc/0x626
[ 47.790046][ T5080] ? panic_print_sys_info.part.0+0x110/0x110
[ 47.796117][ T5080] ? btrfs_put_transaction+0x3a0/0x470
[ 47.801575][ T5080] check_panic_on_warn.cold+0x19/0x35
[ 47.806958][ T5080] __warn+0xf2/0x1a0
[ 47.810848][ T5080] ? btrfs_put_transaction+0x3a0/0x470
[ 47.816296][ T5080] report_bug+0x1c0/0x210
[ 47.820622][ T5080] handle_bug+0x3c/0x70
[ 47.824776][ T5080] exc_invalid_op+0x18/0x50
[ 47.829275][ T5080] asm_exc_invalid_op+0x1a/0x20
[ 47.834116][ T5080] RIP: 0010:btrfs_put_transaction+0x3a0/0x470
[ 47.840177][ T5080] Code: fc ff ff 48 89 df e8 1f cc 6b fe e9 73 fd ff ff e8 d5 c9 1d fe 0f 0b eb a1 e8 cc c9 1d fe 0f 0b e9 a2 fd ff ff e8 c0 c9 1d fe <0f> 0b e9 cd fd ff ff 48 89 df e8 91 cc 6b fe e9 01 ff ff ff 4c 89
[ 47.859776][ T5080] RSP: 0018:ffffc90003f1fcb8 EFLAGS: 00010293
[ 47.865834][ T5080] RAX: 0000000000000000 RBX: ffff888017cba028 RCX: 0000000000000000
[ 47.873793][ T5080] RDX: ffff888074c59d40 RSI: ffffffff836388a0 RDI: ffff888017cba330
[ 47.881755][ T5080] RBP: ffff888017cba000 R08: 0000000000000005 R09: 0000000000000001
[ 47.889715][ T5080] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888017cba010
[ 47.897677][ T5080] R13: dffffc0000000000 R14: ffff88801be14c10 R15: ffff88801be14000
[ 47.905642][ T5080] ? btrfs_put_transaction+0x3a0/0x470
[ 47.911094][ T5080] ? btrfs_put_transaction+0x3a0/0x470
[ 47.916550][ T5080] btrfs_cleanup_transaction.isra.0+0x223/0x1310
[ 47.922877][ T5080] ? btrfs_cleanup_one_transaction+0x1980/0x1980
[ 47.929193][ T5080] ? __mutex_unlock_slowpath+0x157/0x5e0
[ 47.934843][ T5080] ? wait_for_completion_io_timeout+0x20/0x20
[ 47.940909][ T5080] ? do_raw_spin_lock+0x124/0x2b0
[ 47.945923][ T5080] ? sched_core_balance+0x14c0/0x14c0
[ 47.951296][ T5080] ? rwlock_bug.part.0+0x90/0x90
[ 47.956222][ T5080] ? do_raw_spin_unlock+0x175/0x230
[ 47.961432][ T5080] transaction_kthread+0x3cb/0x4e0
[ 47.966538][ T5080] ? btrfs_cleanup_transaction.isra.0+0x1310/0x1310
[ 47.973120][ T5080] kthread+0x2e8/0x3a0
[ 47.977183][ T5080] ? kthread_complete_and_exit+0x40/0x40
[ 47.982806][ T5080] ret_from_fork+0x1f/0x30
[ 47.987231][ T5080]
[ 47.990918][ T5080] Kernel Offset: disabled
[ 47.995291][ T5080] Rebooting in 86400 seconds..