./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3664722004

<...>
Warning: Permanently added '10.128.0.254' (ECDSA) to the list of known hosts.
execve("./syz-executor3664722004", ["./syz-executor3664722004"], 0x7ffc98d2c5c0 /* 10 vars */) = 0
brk(NULL)                               = 0x555555aa5000
brk(0x555555aa5c40)                     = 0x555555aa5c40
arch_prctl(ARCH_SET_FS, 0x555555aa5300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3664722004", 4096) = 28
brk(0x555555ac6c40)                     = 0x555555ac6c40
brk(0x555555ac7000)                     = 0x555555ac7000
mprotect(0x7fec37173000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5077 attached
, child_tidptr=0x555555aa55d0) = 5077
[pid  5077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5077] setpgid(0, 0)               = 0
[pid  5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5077] write(3, "1000", 4)         = 4
[pid  5077] close(3)                    = 0
[pid  5077] memfd_create("syzkaller", 0) = 3
[pid  5077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fec2ecb3000
[   57.273124][ T5077] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5077 'syz-executor366'
[pid  5077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5077] munmap(0x7fec2ecb3000, 16777216) = 0
[pid  5077] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5077] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5077] close(3)                    = 0
[pid  5077] mkdir("./file0", 0777)      = 0
[   57.462366][ T5077] loop0: detected capacity change from 0 to 32768
[   57.477415][ T5077] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor366 (5077)
[   57.498100][ T5077] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[pid  5077] mount("/dev/loop0", "./file0", "btrfs", 0, "") = 0
[pid  5077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5077] chdir("./file0")            = 0
[pid  5077] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5077] close(4)                    = 0
[pid  5077] creat("./bus", 000)         = 4
[   57.507231][ T5077] BTRFS info (device loop0): using free space tree
[   57.532669][ T5077] BTRFS info (device loop0): enabling ssd optimizations
[   57.539857][ T5077] BTRFS info (device loop0): auto enabling async discard
[pid  5077] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 010) = 5
[pid  5077] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid  5077] ioctl(6, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[   57.581199][   T27] audit: type=1800 audit(1673151770.117:2): pid=5077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor366" name="bus" dev="loop0" ino=263 res=0 errno=0
[pid  5077] fallocate(4, 0, 0, 2622468) = 0
[pid  5077] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7
[pid  5077] write(7, "4", 1)            = 1
[   57.656230][ T5077] FAULT_INJECTION: forcing a failure.
[   57.656230][ T5077] name failslab, interval 1, probability 0, space 0, times 1
[   57.669244][ T5077] CPU: 1 PID: 5077 Comm: syz-executor366 Not tainted 6.2.0-rc2-next-20230105-syzkaller #0
[   57.680395][ T5077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   57.690571][ T5077] Call Trace:
[   57.693880][ T5077]  <TASK>
[   57.696835][ T5077]  dump_stack_lvl+0xd1/0x138
[   57.701484][ T5077]  should_fail_ex.cold+0x5/0xa
[   57.706301][ T5077]  should_failslab+0x9/0x20
[   57.710866][ T5077]  __kmem_cache_alloc_node+0x5b/0x330
[   57.716281][ T5077]  ? ulist_add_merge.part.0+0x85/0x490
[   57.721822][ T5077]  kmalloc_trace+0x26/0x60
[   57.726289][ T5077]  ulist_add_merge.part.0+0x85/0x490
[   57.731613][ T5077]  ? rcu_read_lock_sched_held+0x3e/0x70
[   57.737202][ T5077]  ulist_add+0x106/0x160
[   57.741490][ T5077]  set_state_bits.isra.0+0x11f/0x1c0
[   57.746820][ T5077]  __set_extent_bit+0x420/0x1670
[   57.751816][ T5077]  set_record_extent_bits+0x60/0x70
[   57.757063][ T5077]  qgroup_reserve_data+0x239/0xbe0
[   57.762225][ T5077]  ? fault_in_readable+0x1c0/0x290
[   57.767383][ T5077]  btrfs_qgroup_reserve_data+0x2f/0xd0
[   57.772325][   T11] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[   57.773039][ T5077]  btrfs_check_data_free_space+0x111/0x280
[   57.787990][ T5077]  btrfs_buffered_write+0x519/0x1380
[   57.793328][ T5077]  ? ktime_get_coarse_real_ts64+0x1bb/0x200
[   57.799274][ T5077]  ? lockdep_hardirqs_on+0x7d/0x100
[   57.804523][ T5077]  ? btrfs_check_nocow_lock+0x3c0/0x3c0
[   57.810140][ T5077]  ? __up_read+0x192/0x720
[   57.814602][ T5077]  ? up_write+0x520/0x520
[   57.819002][ T5077]  btrfs_do_write_iter+0xef0/0x1470
[   57.824787][ T5077]  ? btrfs_fdatawrite_range+0x110/0x110
[   57.830371][ T5077]  vfs_write+0x9ed/0xe10
[   57.834627][ T5077]  ? kernel_write+0x670/0x670
[   57.839316][ T5077]  ? find_held_lock+0x2d/0x110
[   57.844134][ T5077]  ? lock_downgrade+0x6e0/0x6e0
[   57.848982][ T5077]  ? __fget_light+0x20a/0x270
[   57.853662][ T5077]  ksys_write+0x12b/0x250
[   57.857993][ T5077]  ? __ia32_sys_read+0xb0/0xb0
[   57.862762][ T5077]  ? lockdep_hardirqs_on+0x7d/0x100
[   57.867981][ T5077]  ? _raw_spin_unlock_irq+0x2e/0x50
[   57.873189][ T5077]  ? ptrace_notify+0xfe/0x140
[   57.877871][ T5077]  do_syscall_64+0x39/0xb0
[   57.882293][ T5077]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   57.888363][ T5077] RIP: 0033:0x7fec37100629
[   57.892813][ T5077] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   57.912446][ T5077] RSP: 002b:00007fffc999c208 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   57.920862][ T5077] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fec37100629
[   57.928833][ T5077] RDX: 0000000000000049 RSI: 0000000020000180 RDI: 0000000000000005
[   57.936810][ T5077] RBP: 00007fffc999c220 R08: 0000000000000001 R09: 000000000000000d
[   57.944794][ T5077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007
[   57.952952][ T5077] R13: 0000000000000000 R14: 431bde82d7b634db R15: 0000000000000000
[   57.960967][ T5077]  </TASK>
[   57.964873][ T5077] ------------[ cut here ]------------
[   57.970528][ T5077] kernel BUG at fs/btrfs/extent-io-tree.c:379!
[   57.976841][ T5077] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   57.982916][ T5077] CPU: 1 PID: 5077 Comm: syz-executor366 Not tainted 6.2.0-rc2-next-20230105-syzkaller #0
[   57.992849][ T5077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   58.002923][ T5077] RIP: 0010:set_state_bits.isra.0+0x17b/0x1c0
[   58.009092][ T5077] Code: 38 d0 7c 04 84 d2 75 31 44 8b 73 7c e8 1e d4 fa fd 44 89 e0 44 09 f0 89 43 7c 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 05 d4 fa fd <0f> 0b 4c 89 ef e8 bb ba 48 fe e9 e6 fe ff ff 4c 89 ef e8 ae ba 48
[   58.028798][ T5077] RSP: 0018:ffffc90003e9f850 EFLAGS: 00010293
[   58.034933][ T5077] RAX: 0000000000000000 RBX: ffff888021c8ecc0 RCX: 0000000000000000
[   58.042921][ T5077] RDX: ffff88801e720000 RSI: ffffffff8386db7b RDI: 0000000000000005
[   58.050972][ T5077] RBP: 00000000fffffff4 R08: 0000000000000005 R09: 0000000000000000
[   58.058951][ T5077] R10: 00000000fffffff4 R11: 0000000000000000 R12: 0000000000000800
[   58.067175][ T5077] R13: ffff888021c8ed3c R14: 0000000000000fff R15: 0000000000000000
[   58.075234][ T5077] FS:  0000555555aa5300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   58.084173][ T5077] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   58.090764][ T5077] CR2: 00007fec37177140 CR3: 000000002af53000 CR4: 00000000003506e0
[   58.098742][ T5077] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   58.106713][ T5077] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   58.114779][ T5077] Call Trace:
[   58.118056][ T5077]  <TASK>
[   58.120989][ T5077]  __set_extent_bit+0x420/0x1670
[   58.126123][ T5077]  set_record_extent_bits+0x60/0x70
[   58.131327][ T5077]  qgroup_reserve_data+0x239/0xbe0
[   58.136479][ T5077]  ? fault_in_readable+0x1c0/0x290
[   58.141611][ T5077]  btrfs_qgroup_reserve_data+0x2f/0xd0
[   58.147081][ T5077]  btrfs_check_data_free_space+0x111/0x280
[   58.152896][ T5077]  btrfs_buffered_write+0x519/0x1380
[   58.158196][ T5077]  ? ktime_get_coarse_real_ts64+0x1bb/0x200
[   58.164107][ T5077]  ? lockdep_hardirqs_on+0x7d/0x100
[   58.169578][ T5077]  ? btrfs_check_nocow_lock+0x3c0/0x3c0
[   58.175137][ T5077]  ? __up_read+0x192/0x720
[   58.179592][ T5077]  ? up_write+0x520/0x520
[   58.183955][ T5077]  btrfs_do_write_iter+0xef0/0x1470
[   58.189199][ T5077]  ? btrfs_fdatawrite_range+0x110/0x110
[   58.194928][ T5077]  vfs_write+0x9ed/0xe10
[   58.199532][ T5077]  ? kernel_write+0x670/0x670
[   58.204308][ T5077]  ? find_held_lock+0x2d/0x110
[   58.209092][ T5077]  ? lock_downgrade+0x6e0/0x6e0
[   58.213950][ T5077]  ? __fget_light+0x20a/0x270
[   58.218810][ T5077]  ksys_write+0x12b/0x250
[   58.223166][ T5077]  ? __ia32_sys_read+0xb0/0xb0
[   58.227938][ T5077]  ? lockdep_hardirqs_on+0x7d/0x100
[   58.233145][ T5077]  ? _raw_spin_unlock_irq+0x2e/0x50
[   58.238393][ T5077]  ? ptrace_notify+0xfe/0x140
[   58.243092][ T5077]  do_syscall_64+0x39/0xb0
[   58.247611][ T5077]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   58.253694][ T5077] RIP: 0033:0x7fec37100629
[   58.258118][ T5077] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   58.277750][ T5077] RSP: 002b:00007fffc999c208 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   58.286180][ T5077] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fec37100629
[   58.294162][ T5077] RDX: 0000000000000049 RSI: 0000000020000180 RDI: 0000000000000005
[   58.302135][ T5077] RBP: 00007fffc999c220 R08: 0000000000000001 R09: 000000000000000d
[   58.310122][ T5077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007
[   58.318463][ T5077] R13: 0000000000000000 R14: 431bde82d7b634db R15: 0000000000000000
[   58.326455][ T5077]  </TASK>
[   58.329474][ T5077] Modules linked in:
[   58.333509][ T5077] ---[ end trace 0000000000000000 ]---
[   58.338982][ T5077] RIP: 0010:set_state_bits.isra.0+0x17b/0x1c0
[   58.345134][ T5077] Code: 38 d0 7c 04 84 d2 75 31 44 8b 73 7c e8 1e d4 fa fd 44 89 e0 44 09 f0 89 43 7c 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 05 d4 fa fd <0f> 0b 4c 89 ef e8 bb ba 48 fe e9 e6 fe ff ff 4c 89 ef e8 ae ba 48
[   58.364810][ T5077] RSP: 0018:ffffc90003e9f850 EFLAGS: 00010293
[   58.370935][ T5077] RAX: 0000000000000000 RBX: ffff888021c8ecc0 RCX: 0000000000000000
[   58.379188][ T5077] RDX: ffff88801e720000 RSI: ffffffff8386db7b RDI: 0000000000000005
[   58.387246][ T5077] RBP: 00000000fffffff4 R08: 0000000000000005 R09: 0000000000000000
[   58.395250][ T5077] R10: 00000000fffffff4 R11: 0000000000000000 R12: 0000000000000800
[   58.403372][ T5077] R13: ffff888021c8ed3c R14: 0000000000000fff R15: 0000000000000000
[   58.411486][ T5077] FS:  0000555555aa5300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   58.421273][ T5077] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   58.428881][ T5077] CR2: 00007fec37177140 CR3: 000000002af53000 CR4: 00000000003506e0
[   58.436992][ T5077] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   58.445113][ T5077] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   58.454612][ T5077] Kernel panic - not syncing: Fatal exception
[   58.460851][ T5077] Kernel Offset: disabled
[   58.465183][ T5077] Rebooting in 86400 seconds..