./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1131637053
<...>
Warning: Permanently added '10.128.0.27' (ED25519) to the list of known hosts.
execve("./syz-executor1131637053", ["./syz-executor1131637053"], 0x7ffdadfbdc70 /* 10 vars */) = 0
brk(NULL) = 0x5555564e8000
brk(0x5555564e8d00) = 0x5555564e8d00
arch_prctl(ARCH_SET_FS, 0x5555564e8380) = 0
set_tid_address(0x5555564e8650) = 5056
set_robust_list(0x5555564e8660, 24) = 0
rseq(0x5555564e8ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1131637053", 4096) = 28
getrandom("\x5a\xd6\x3f\xe5\x50\x24\x1a\xfc", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x5555564e8d00
brk(0x555556509d00) = 0x555556509d00
brk(0x55555650a000) = 0x55555650a000
mprotect(0x7f733d560000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
mkdir("./syzkaller.dal6NY", 0700) = 0
chmod("./syzkaller.dal6NY", 0777) = 0
chdir("./syzkaller.dal6NY") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5057 attached
, child_tidptr=0x5555564e8650) = 5057
[pid 5057] set_robust_list(0x5555564e8660, 24) = 0
[pid 5057] chdir("./0") = 0
[pid 5057] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5057] setpgid(0, 0) = 0
[pid 5057] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5057] write(3, "1000", 4) = 4
[pid 5057] close(3) = 0
[pid 5057] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5057] memfd_create("syzkaller", 0) = 3
[pid 5057] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f73350a8000
[pid 5057] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5057] munmap(0x7f73350a8000, 138412032) = 0
[pid 5057] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5057] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5057] close(3) = 0
[pid 5057] mkdir("./bus", 0777) = 0
[ 58.995868][ T5057] loop0: detected capacity change from 0 to 32768
[ 59.015871][ T5057] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz-executor113 (5057)
[ 59.035287][ T5057] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 59.045825][ T5057] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 59.054654][ T5057] BTRFS info (device loop0): doing ref verification
[ 59.061520][ T5057] BTRFS warning (device loop0): the 'inode_cache' option is deprecated and has no effect since 5.11
[ 59.072489][ T5057] BTRFS info (device loop0): force zlib compression, level 3
[ 59.079971][ T5057] BTRFS info (device loop0): allowing degraded mounts
[ 59.086817][ T5057] BTRFS info (device loop0): using free space tree
[pid 5057] mount("/dev/loop0", "./bus", "btrfs", MS_DIRSYNC, "ref_verify,nossd,inode_cache,compress-force,space_cache=v2,degraded,noacl,") = 0
[pid 5057] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5057] chdir("./bus") = 0
[pid 5057] ioctl(4, LOOP_CLR_FD) = 0
[pid 5057] close(4) = 0
[pid 5057] open("./file0", O_RDONLY) = 4
[ 59.108639][ T5057] BTRFS info (device loop0): auto enabling async discard
[pid 5057] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5057] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 5057] write(5, "14", 2) = 2
[ 59.180788][ T5057] FAULT_INJECTION: forcing a failure.
[ 59.180788][ T5057] name failslab, interval 1, probability 0, space 0, times 1
[ 59.203643][ T5057] CPU: 0 PID: 5057 Comm: syz-executor113 Not tainted 6.7.0-rc3-syzkaller-00298-g1b8af6552cb7 #0
[ 59.214215][ T5057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 59.224443][ T5057] Call Trace:
[ 59.227719][ T5057]
[ 59.230649][ T5057] dump_stack_lvl+0x1e7/0x2d0
[ 59.235366][ T5057] ? nf_tcp_handle_invalid+0x650/0x650
[ 59.240840][ T5057] ? panic+0x850/0x850
[ 59.244916][ T5057] ? __might_sleep+0xe0/0xe0
[ 59.249499][ T5057] ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 59.255510][ T5057] should_fail_ex+0x3aa/0x4e0
[ 59.260210][ T5057] should_failslab+0x9/0x20
[ 59.264729][ T5057] slab_pre_alloc_hook+0x59/0x300
[ 59.269780][ T5057] ? __lock_acquire+0x1fd0/0x1fd0
[ 59.274860][ T5057] ? btrfs_alloc_inode+0x58/0x430
[ 59.279895][ T5057] kmem_cache_alloc_lru+0x49/0x240
[ 59.285020][ T5057] ? btrfs_new_subvol_inode+0xd0/0xd0
[ 59.290394][ T5057] btrfs_alloc_inode+0x58/0x430
[ 59.295239][ T5057] ? btrfs_new_subvol_inode+0xd0/0xd0
[ 59.300782][ T5057] new_inode_pseudo+0x65/0x1d0
[ 59.305547][ T5057] new_inode+0x22/0x1d0
[ 59.309715][ T5057] btrfs_create+0x4b/0x140
[ 59.314158][ T5057] ? btrfs_lookup+0x40/0x40
[ 59.318680][ T5057] path_openat+0x13fa/0x3290
[ 59.323288][ T5057] ? do_filp_open+0x490/0x490
[ 59.328061][ T5057] do_filp_open+0x234/0x490
[ 59.332559][ T5057] ? vfs_tmpfile+0x500/0x500
[ 59.337163][ T5057] ? _raw_spin_unlock+0x28/0x40
[ 59.342007][ T5057] ? alloc_fd+0x59c/0x640
[ 59.346365][ T5057] do_sys_openat2+0x13e/0x1d0
[ 59.351057][ T5057] ? do_sys_open+0x230/0x230
[ 59.355650][ T5057] ? _raw_spin_unlock_irq+0x2e/0x50
[ 59.360845][ T5057] ? ptrace_notify+0x278/0x380
[ 59.365617][ T5057] __x64_sys_open+0x225/0x270
[ 59.370294][ T5057] ? do_sys_openat2+0x1d0/0x1d0
[ 59.375151][ T5057] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 59.381148][ T5057] ? syscall_enter_from_user_mode+0xf5/0x2d0
[ 59.387152][ T5057] do_syscall_64+0x45/0x110
[ 59.391664][ T5057] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 59.397654][ T5057] RIP: 0033:0x7f733d4e72e9
[ 59.402069][ T5057] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 59.421669][ T5057] RSP: 002b:00007ffe786f0d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 59.430180][ T5057] RAX: ffffffffffffffda RBX: 00007ffe786f0d90 RCX: 00007f733d4e72e9
[ 59.438146][ T5057] RDX: 0000000000000000 RSI: 0000000000147042 RDI: 0000000020000040
[ 59.446111][ T5057] RBP: 0000000000000002 R08: 00007ffe786f0b06 R09: 00007ffe786f0db0
[ 59.454095][ T5057] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[ 59.462247][ T5057] R13: 0000000000000000 R14: 431bde82d7b634db R15: 00007ffe786f0dd0
[ 59.470319][ T5057]
[pid 5057] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000) = -1 ENOMEM (Cannot allocate memory)
[pid 5057] exit_group(0) = ?
[pid 5057] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5057, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} ---
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555564e96f0 /* 4 entries */, 32768) = 104
[ 59.484326][ T1260] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 59.546437][ T5056] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555564f1730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555564f1730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/bus") = 0
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs") = 0
getdents64(3, 0x5555564e96f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5075 attached
, child_tidptr=0x5555564e8650) = 5075
[pid 5075] set_robust_list(0x5555564e8660, 24) = 0
[pid 5075] chdir("./1") = 0
[pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5075] setpgid(0, 0) = 0
[pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5075] write(3, "1000", 4) = 4
[pid 5075] close(3) = 0
[pid 5075] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5075] memfd_create("syzkaller", 0) = 3
[pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f73350a8000
[pid 5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5075] munmap(0x7f73350a8000, 138412032) = 0
[pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5075] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5075] close(3) = 0
[pid 5075] mkdir("./bus", 0777) = 0
[ 60.045813][ T5075] loop0: detected capacity change from 0 to 32768
[ 60.056835][ T5075] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz-executor113 (5075)
[ 60.073042][ T5075] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 60.083355][ T5075] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 60.092209][ T5075] BTRFS info (device loop0): doing ref verification
[ 60.098872][ T5075] BTRFS warning (device loop0): the 'inode_cache' option is deprecated and has no effect since 5.11
[ 60.109863][ T5075] BTRFS info (device loop0): force zlib compression, level 3
[ 60.117479][ T5075] BTRFS info (device loop0): allowing degraded mounts
[ 60.124256][ T5075] BTRFS info (device loop0): using free space tree
[pid 5075] mount("/dev/loop0", "./bus", "btrfs", MS_DIRSYNC, "ref_verify,nossd,inode_cache,compress-force,space_cache=v2,degraded,noacl,") = 0
[pid 5075] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5075] chdir("./bus") = 0
[pid 5075] ioctl(4, LOOP_CLR_FD) = 0
[pid 5075] close(4) = 0
[pid 5075] open("./file0", O_RDONLY) = 4
[pid 5075] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[ 60.156576][ T5075] BTRFS info (device loop0): auto enabling async discard
[pid 5075] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 5075] write(5, "14", 2) = 2
[ 60.223308][ T1260] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 60.234395][ T5075] FAULT_INJECTION: forcing a failure.
[ 60.234395][ T5075] name failslab, interval 1, probability 0, space 0, times 0
[ 60.248260][ T5075] CPU: 0 PID: 5075 Comm: syz-executor113 Not tainted 6.7.0-rc3-syzkaller-00298-g1b8af6552cb7 #0
[ 60.258716][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 60.268809][ T5075] Call Trace:
[ 60.272114][ T5075]
[ 60.275150][ T5075] dump_stack_lvl+0x1e7/0x2d0
[ 60.279858][ T5075] ? nf_tcp_handle_invalid+0x650/0x650
[ 60.285351][ T5075] ? panic+0x850/0x850
[ 60.289452][ T5075] ? __might_sleep+0xe0/0xe0
[ 60.294067][ T5075] ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 60.300091][ T5075] should_fail_ex+0x3aa/0x4e0
[ 60.304841][ T5075] should_failslab+0x9/0x20
[ 60.309368][ T5075] slab_pre_alloc_hook+0x59/0x300
[ 60.314424][ T5075] ? __lock_acquire+0x1fd0/0x1fd0
[ 60.319475][ T5075] ? btrfs_alloc_inode+0x58/0x430
[ 60.324520][ T5075] kmem_cache_alloc_lru+0x49/0x240
[ 60.329640][ T5075] ? btrfs_new_subvol_inode+0xd0/0xd0
[ 60.335003][ T5075] btrfs_alloc_inode+0x58/0x430
[ 60.339961][ T5075] ? btrfs_new_subvol_inode+0xd0/0xd0
[ 60.345320][ T5075] new_inode_pseudo+0x65/0x1d0
[ 60.350079][ T5075] new_inode+0x22/0x1d0
[ 60.354224][ T5075] btrfs_create+0x4b/0x140
[ 60.358634][ T5075] ? btrfs_lookup+0x40/0x40
[ 60.363122][ T5075] path_openat+0x13fa/0x3290
[ 60.367716][ T5075] ? do_filp_open+0x490/0x490
[ 60.372393][ T5075] do_filp_open+0x234/0x490
[ 60.377407][ T5075] ? vfs_tmpfile+0x500/0x500
[ 60.382082][ T5075] ? _raw_spin_unlock+0x28/0x40
[ 60.386917][ T5075] ? alloc_fd+0x59c/0x640
[ 60.391290][ T5075] do_sys_openat2+0x13e/0x1d0
[ 60.395954][ T5075] ? do_sys_open+0x230/0x230
[ 60.400548][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 60.405831][ T5075] ? ptrace_notify+0x278/0x380
[ 60.410595][ T5075] __x64_sys_open+0x225/0x270
[ 60.415264][ T5075] ? do_sys_openat2+0x1d0/0x1d0
[ 60.420103][ T5075] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 60.426087][ T5075] ? syscall_enter_from_user_mode+0xf5/0x2d0
[ 60.432056][ T5075] do_syscall_64+0x45/0x110
[ 60.436554][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 60.442437][ T5075] RIP: 0033:0x7f733d4e72e9
[ 60.446848][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[pid 5075] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000) = -1 ENOMEM (Cannot allocate memory)
[pid 5075] exit_group(0) = ?
[pid 5075] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} ---
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[ 60.466444][ T5075] RSP: 002b:00007ffe786f0d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 60.474931][ T5075] RAX: ffffffffffffffda RBX: 00007ffe786f0d90 RCX: 00007f733d4e72e9
[ 60.482891][ T5075] RDX: 0000000000000000 RSI: 0000000000147042 RDI: 0000000020000040
[ 60.490868][ T5075] RBP: 0000000000000002 R08: 00007ffe786f0b06 R09: 00007ffe786f0db0
[ 60.498825][ T5075] R10: 0000000000000002 R11: 0000000000000246 R12: 00007ffe786f0d8c
[ 60.506918][ T5075] R13: 0000000000000001 R14: 431bde82d7b634db R15: 00007ffe786f0dd0
[ 60.514886][ T5075]
getdents64(3, 0x5555564e96f0 /* 4 entries */, 32768) = 104
[ 60.573162][ T5056] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555564f1730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555564f1730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/bus") = 0
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs") = 0
getdents64(3, 0x5555564e96f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5093 attached
[pid 5093] set_robust_list(0x5555564e8660, 24) = 0
[pid 5056] <... clone resumed>, child_tidptr=0x5555564e8650) = 5093
[pid 5093] chdir("./2") = 0
[pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5093] setpgid(0, 0) = 0
[pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5093] write(3, "1000", 4) = 4
[pid 5093] close(3) = 0
[pid 5093] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5093] memfd_create("syzkaller", 0) = 3
[pid 5093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f73350a8000
[pid 5093] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5093] munmap(0x7f73350a8000, 138412032) = 0
[pid 5093] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5093] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5093] close(3) = 0
[pid 5093] mkdir("./bus", 0777) = 0
[ 61.022620][ T5093] loop0: detected capacity change from 0 to 32768
[ 61.032633][ T5093] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz-executor113 (5093)
[ 61.048111][ T5093] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 61.058381][ T5093] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 61.067467][ T5093] BTRFS info (device loop0): doing ref verification
[ 61.074098][ T5093] BTRFS warning (device loop0): the 'inode_cache' option is deprecated and has no effect since 5.11
[ 61.085057][ T5093] BTRFS info (device loop0): force zlib compression, level 3
[ 61.092486][ T5093] BTRFS info (device loop0): allowing degraded mounts
[ 61.099697][ T5093] BTRFS info (device loop0): using free space tree
[pid 5093] mount("/dev/loop0", "./bus", "btrfs", MS_DIRSYNC, "ref_verify,nossd,inode_cache,compress-force,space_cache=v2,degraded,noacl,") = 0
[pid 5093] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5093] chdir("./bus") = 0
[pid 5093] ioctl(4, LOOP_CLR_FD) = 0
[pid 5093] close(4) = 0
[pid 5093] open("./file0", O_RDONLY) = 4
[ 61.118726][ T5093] BTRFS info (device loop0): auto enabling async discard
[pid 5093] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5093] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 5093] write(5, "14", 2) = 2
[ 61.229424][ T5093] FAULT_INJECTION: forcing a failure.
[ 61.229424][ T5093] name failslab, interval 1, probability 0, space 0, times 0
[ 61.243709][ T1260] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 61.260588][ T5093] CPU: 1 PID: 5093 Comm: syz-executor113 Not tainted 6.7.0-rc3-syzkaller-00298-g1b8af6552cb7 #0
[ 61.271145][ T5093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 61.281219][ T5093] Call Trace:
[ 61.284493][ T5093]
[ 61.287444][ T5093] dump_stack_lvl+0x1e7/0x2d0
[ 61.292145][ T5093] ? nf_tcp_handle_invalid+0x650/0x650
[ 61.297606][ T5093] ? panic+0x850/0x850
[ 61.301671][ T5093] ? __might_sleep+0xe0/0xe0
[ 61.306254][ T5093] should_fail_ex+0x3aa/0x4e0
[ 61.310935][ T5093] ? alloc_extent_state+0x25/0x2e0
[ 61.316036][ T5093] should_failslab+0x9/0x20
[ 61.320551][ T5093] kmem_cache_alloc+0x6d/0x2b0
[ 61.325318][ T5093] alloc_extent_state+0x25/0x2e0
[ 61.330259][ T5093] __set_extent_bit+0x1c8/0x1b00
[ 61.335366][ T5093] ? PageUptodate+0xd7/0x290
[ 61.339947][ T5093] ? __write_extent_buffer+0x20f/0x410
[ 61.345398][ T5093] ? __asan_memcpy+0x40/0x70
[ 61.349983][ T5093] set_extent_bit+0x3b/0x50
[ 61.354488][ T5093] btrfs_alloc_tree_block+0xa58/0x1700
[ 61.359953][ T5093] ? alloc_reserved_file_extent+0x6d0/0x6d0
[ 61.365848][ T5093] ? read_extent_buffer+0x11f/0x2a0
[ 61.371038][ T5093] ? __asan_memcpy+0x40/0x70
[ 61.375643][ T5093] btrfs_force_cow_block+0x545/0x1b70
[ 61.381015][ T5093] ? btrfs_qgroup_trace_subtree_after_cow+0x413/0x1460
[ 61.387862][ T5093] ? btrfs_block_can_be_shared+0x360/0x360
[ 61.393688][ T5093] ? btrfs_qgroup_add_swapped_blocks+0x8f0/0x990
[ 61.400028][ T5093] ? clear_nonspinnable+0x60/0x60
[ 61.405052][ T5093] btrfs_cow_block+0x35e/0xa20
[ 61.409835][ T5093] btrfs_search_slot+0xbdd/0x30c0
[ 61.414895][ T5093] ? btrfs_find_item+0x5c0/0x5c0
[ 61.419828][ T5093] ? btrfs_create_new_inode+0xda9/0x2740
[ 61.425458][ T5093] ? __lock_acquire+0x1fd0/0x1fd0
[ 61.430490][ T5093] ? do_raw_spin_lock+0x14e/0x370
[ 61.435538][ T5093] ? do_raw_spin_unlock+0x13b/0x8b0
[ 61.440732][ T5093] btrfs_insert_empty_items+0x9c/0x190
[ 61.446196][ T5093] btrfs_create_new_inode+0x10e9/0x2740
[ 61.451761][ T5093] ? btrfs_new_inode_args_destroy+0x160/0x160
[ 61.457822][ T5093] ? btrfs_record_root_in_trans+0x16e/0x180
[ 61.463710][ T5093] ? start_transaction+0x3dc/0x1780
[ 61.468914][ T5093] btrfs_create_common+0x1f9/0x300
[ 61.474164][ T5093] ? btrfs_tmpfile+0x4e0/0x4e0
[ 61.478933][ T5093] ? do_raw_spin_unlock+0x13b/0x8b0
[ 61.484193][ T5093] ? btrfs_create+0x75/0x140
[ 61.488790][ T5093] ? btrfs_lookup+0x40/0x40
[ 61.493291][ T5093] path_openat+0x13fa/0x3290
[ 61.497903][ T5093] ? do_filp_open+0x490/0x490
[ 61.502582][ T5093] do_filp_open+0x234/0x490
[ 61.507211][ T5093] ? vfs_tmpfile+0x500/0x500
[ 61.511803][ T5093] ? _raw_spin_unlock+0x28/0x40
[ 61.516729][ T5093] ? alloc_fd+0x59c/0x640
[ 61.521056][ T5093] do_sys_openat2+0x13e/0x1d0
[ 61.525783][ T5093] ? do_sys_open+0x230/0x230
[ 61.530360][ T5093] ? _raw_spin_unlock_irq+0x2e/0x50
[ 61.535559][ T5093] ? ptrace_notify+0x278/0x380
[ 61.540409][ T5093] __x64_sys_open+0x225/0x270
[ 61.545160][ T5093] ? do_sys_openat2+0x1d0/0x1d0
[ 61.549999][ T5093] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 61.556062][ T5093] ? syscall_enter_from_user_mode+0xf5/0x2d0
[ 61.562130][ T5093] do_syscall_64+0x45/0x110
[ 61.566657][ T5093] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 61.572628][ T5093] RIP: 0033:0x7f733d4e72e9
[ 61.577037][ T5093] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 61.596724][ T5093] RSP: 002b:00007ffe786f0d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 61.605391][ T5093] RAX: ffffffffffffffda RBX: 00007ffe786f0d90 RCX: 00007f733d4e72e9
[ 61.613453][ T5093] RDX: 0000000000000000 RSI: 0000000000147042 RDI: 0000000020000040
[ 61.621875][ T5093] RBP: 0000000000000002 R08: 00007ffe786f0b06 R09: 00007ffe786f0db0
[pid 5093] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 6
[pid 5093] exit_group(0) = ?
[pid 5093] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} ---
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[ 61.629844][ T5093] R10: 0000000000000002 R11: 0000000000000246 R12: 00007ffe786f0d8c
[ 61.637805][ T5093] R13: 0000000000000002 R14: 431bde82d7b634db R15: 00007ffe786f0dd0
[ 61.645776][ T5093]
[ 61.659771][ T28] audit: type=1800 audit(1701605316.207:2): pid=5093 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor113" name="bus" dev="loop0" ino=263 res=0 errno=0
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555564e96f0 /* 4 entries */, 32768) = 104
[ 61.731705][ T5056] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555564f1730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555564f1730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/bus") = 0
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs") = 0
getdents64(3, 0x5555564e96f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5110 attached
, child_tidptr=0x5555564e8650) = 5110
[pid 5110] set_robust_list(0x5555564e8660, 24) = 0
[pid 5110] chdir("./3") = 0
[pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5110] setpgid(0, 0) = 0
[pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5110] write(3, "1000", 4) = 4
[pid 5110] close(3) = 0
[pid 5110] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5110] memfd_create("syzkaller", 0) = 3
[pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f73350a8000
[pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5110] munmap(0x7f73350a8000, 138412032) = 0
[pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5110] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5110] close(3) = 0
[pid 5110] mkdir("./bus", 0777) = 0
[ 62.126417][ T5110] loop0: detected capacity change from 0 to 32768
[ 62.141534][ T5110] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz-executor113 (5110)
[ 62.157177][ T5110] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 62.167533][ T5110] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 62.176223][ T5110] BTRFS info (device loop0): doing ref verification
[ 62.183143][ T5110] BTRFS warning (device loop0): the 'inode_cache' option is deprecated and has no effect since 5.11
[ 62.193961][ T5110] BTRFS info (device loop0): force zlib compression, level 3
[ 62.201404][ T5110] BTRFS info (device loop0): allowing degraded mounts
[ 62.208512][ T5110] BTRFS info (device loop0): using free space tree
[pid 5110] mount("/dev/loop0", "./bus", "btrfs", MS_DIRSYNC, "ref_verify,nossd,inode_cache,compress-force,space_cache=v2,degraded,noacl,") = 0
[pid 5110] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5110] chdir("./bus") = 0
[pid 5110] ioctl(4, LOOP_CLR_FD) = 0
[pid 5110] close(4) = 0
[pid 5110] open("./file0", O_RDONLY) = 4
[ 62.228501][ T5110] BTRFS info (device loop0): auto enabling async discard
[pid 5110] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5110] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 5110] write(5, "14", 2) = 2
[ 62.304219][ T5110] FAULT_INJECTION: forcing a failure.
[ 62.304219][ T5110] name failslab, interval 1, probability 0, space 0, times 0
[ 62.323316][ T2832] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 62.333184][ T5110] CPU: 0 PID: 5110 Comm: syz-executor113 Not tainted 6.7.0-rc3-syzkaller-00298-g1b8af6552cb7 #0
[ 62.343729][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 62.353892][ T5110] Call Trace:
[ 62.357192][ T5110]
[ 62.360145][ T5110] dump_stack_lvl+0x1e7/0x2d0
[ 62.364867][ T5110] ? nf_tcp_handle_invalid+0x650/0x650
[ 62.370356][ T5110] ? panic+0x850/0x850
[ 62.374459][ T5110] ? __might_sleep+0xe0/0xe0
[ 62.379355][ T5110] should_fail_ex+0x3aa/0x4e0
[ 62.384100][ T5110] ? alloc_extent_state+0x25/0x2e0
[ 62.389253][ T5110] should_failslab+0x9/0x20
[ 62.393779][ T5110] kmem_cache_alloc+0x6d/0x2b0
[ 62.398662][ T5110] alloc_extent_state+0x25/0x2e0
[ 62.403999][ T5110] __set_extent_bit+0x1c8/0x1b00
[ 62.409110][ T5110] ? PageUptodate+0xd7/0x290
[ 62.413723][ T5110] ? __write_extent_buffer+0x20f/0x410
[ 62.419372][ T5110] ? __asan_memcpy+0x40/0x70
[ 62.423976][ T5110] set_extent_bit+0x3b/0x50
[ 62.428685][ T5110] btrfs_alloc_tree_block+0xa58/0x1700
[ 62.434153][ T5110] ? alloc_reserved_file_extent+0x6d0/0x6d0
[ 62.440052][ T5110] ? read_extent_buffer+0x11f/0x2a0
[ 62.445239][ T5110] ? __asan_memcpy+0x40/0x70
[ 62.449820][ T5110] btrfs_force_cow_block+0x545/0x1b70
[ 62.455193][ T5110] ? btrfs_qgroup_trace_subtree_after_cow+0x413/0x1460
[ 62.462133][ T5110] ? btrfs_block_can_be_shared+0x360/0x360
[ 62.467944][ T5110] ? btrfs_qgroup_add_swapped_blocks+0x8f0/0x990
[ 62.474274][ T5110] ? clear_nonspinnable+0x60/0x60
[ 62.479289][ T5110] btrfs_cow_block+0x35e/0xa20
[ 62.484162][ T5110] btrfs_search_slot+0xbdd/0x30c0
[ 62.489207][ T5110] ? btrfs_find_item+0x5c0/0x5c0
[ 62.494227][ T5110] ? btrfs_create_new_inode+0xda9/0x2740
[ 62.499849][ T5110] ? __lock_acquire+0x1fd0/0x1fd0
[ 62.504864][ T5110] ? do_raw_spin_lock+0x14e/0x370
[ 62.509915][ T5110] ? do_raw_spin_unlock+0x13b/0x8b0
[ 62.515131][ T5110] btrfs_insert_empty_items+0x9c/0x190
[ 62.520603][ T5110] btrfs_create_new_inode+0x10e9/0x2740
[ 62.526163][ T5110] ? btrfs_new_inode_args_destroy+0x160/0x160
[ 62.532405][ T5110] ? btrfs_record_root_in_trans+0x16e/0x180
[ 62.538487][ T5110] ? start_transaction+0x3dc/0x1780
[ 62.543716][ T5110] btrfs_create_common+0x1f9/0x300
[ 62.548946][ T5110] ? btrfs_tmpfile+0x4e0/0x4e0
[ 62.553891][ T5110] ? do_raw_spin_unlock+0x13b/0x8b0
[ 62.559138][ T5110] ? btrfs_create+0x75/0x140
[ 62.563771][ T5110] ? btrfs_lookup+0x40/0x40
[ 62.568273][ T5110] path_openat+0x13fa/0x3290
[ 62.572965][ T5110] ? do_filp_open+0x490/0x490
[ 62.577644][ T5110] do_filp_open+0x234/0x490
[ 62.582136][ T5110] ? vfs_tmpfile+0x500/0x500
[ 62.586739][ T5110] ? _raw_spin_unlock+0x28/0x40
[ 62.591574][ T5110] ? alloc_fd+0x59c/0x640
[ 62.595915][ T5110] do_sys_openat2+0x13e/0x1d0
[ 62.600622][ T5110] ? do_sys_open+0x230/0x230
[ 62.605315][ T5110] ? _raw_spin_unlock_irq+0x2e/0x50
[ 62.610774][ T5110] ? ptrace_notify+0x278/0x380
[ 62.615543][ T5110] __x64_sys_open+0x225/0x270
[ 62.620216][ T5110] ? do_sys_openat2+0x1d0/0x1d0
[ 62.625061][ T5110] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 62.631123][ T5110] ? syscall_enter_from_user_mode+0xf5/0x2d0
[ 62.637214][ T5110] do_syscall_64+0x45/0x110
[ 62.641713][ T5110] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 62.647685][ T5110] RIP: 0033:0x7f733d4e72e9
[ 62.652091][ T5110] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 62.671857][ T5110] RSP: 002b:00007ffe786f0d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 62.680348][ T5110] RAX: ffffffffffffffda RBX: 00007ffe786f0d90 RCX: 00007f733d4e72e9
[ 62.688307][ T5110] RDX: 0000000000000000 RSI: 0000000000147042 RDI: 0000000020000040
[ 62.696340][ T5110] RBP: 0000000000000002 R08: 00007ffe786f0b06 R09: 00007ffe786f0db0
[pid 5110] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 6
[pid 5110] exit_group(0) = ?
[pid 5110] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=25 /* 0.25 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[ 62.704312][ T5110] R10: 0000000000000002 R11: 0000000000000246 R12: 00007ffe786f0d8c
[ 62.712479][ T5110] R13: 0000000000000003 R14: 431bde82d7b634db R15: 00007ffe786f0dd0
[ 62.720554][ T5110]
[ 62.731485][ T28] audit: type=1800 audit(1701605317.277:3): pid=5110 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor113" name="bus" dev="loop0" ino=263 res=0 errno=0
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555564e96f0 /* 4 entries */, 32768) = 104
[ 62.849305][ T5056] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555564f1730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555564f1730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/bus") = 0
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs") = 0
getdents64(3, 0x5555564e96f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5127 attached
[pid 5127] set_robust_list(0x5555564e8660, 24) = 0
[pid 5127] chdir("./4") = 0
[pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5056] <... clone resumed>, child_tidptr=0x5555564e8650) = 5127
[pid 5127] setpgid(0, 0) = 0
[pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5127] write(3, "1000", 4) = 4
[pid 5127] close(3) = 0
[pid 5127] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5127] memfd_create("syzkaller", 0) = 3
[pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f73350a8000
[pid 5127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5127] munmap(0x7f73350a8000, 138412032) = 0
[pid 5127] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5127] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5127] close(3) = 0
[pid 5127] mkdir("./bus", 0777) = 0
[ 63.272679][ T5127] loop0: detected capacity change from 0 to 32768
[ 63.289618][ T5127] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz-executor113 (5127)
[ 63.305346][ T5127] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 63.315763][ T5127] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 63.324774][ T5127] BTRFS info (device loop0): doing ref verification
[ 63.331446][ T5127] BTRFS warning (device loop0): the 'inode_cache' option is deprecated and has no effect since 5.11
[ 63.342342][ T5127] BTRFS info (device loop0): force zlib compression, level 3
[ 63.349967][ T5127] BTRFS info (device loop0): allowing degraded mounts
[ 63.356763][ T5127] BTRFS info (device loop0): using free space tree
[pid 5127] mount("/dev/loop0", "./bus", "btrfs", MS_DIRSYNC, "ref_verify,nossd,inode_cache,compress-force,space_cache=v2,degraded,noacl,") = 0
[pid 5127] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5127] chdir("./bus") = 0
[pid 5127] ioctl(4, LOOP_CLR_FD) = 0
[pid 5127] close(4) = 0
[pid 5127] open("./file0", O_RDONLY) = 4
[ 63.374893][ T5127] BTRFS info (device loop0): auto enabling async discard
[pid 5127] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5127] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 5127] write(5, "14", 2) = 2
[ 63.460875][ T5127] FAULT_INJECTION: forcing a failure.
[ 63.460875][ T5127] name failslab, interval 1, probability 0, space 0, times 0
[ 63.477225][ T2832] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 63.486680][ T5127] CPU: 0 PID: 5127 Comm: syz-executor113 Not tainted 6.7.0-rc3-syzkaller-00298-g1b8af6552cb7 #0
[ 63.497130][ T5127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 63.507208][ T5127] Call Trace:
[ 63.510513][ T5127]
[ 63.513465][ T5127] dump_stack_lvl+0x1e7/0x2d0
[ 63.518180][ T5127] ? nf_tcp_handle_invalid+0x650/0x650
[ 63.523672][ T5127] ? panic+0x850/0x850
[ 63.527871][ T5127] should_fail_ex+0x3aa/0x4e0
[ 63.532623][ T5127] ? btrfs_alloc_tree_block+0xbb1/0x1700
[ 63.538279][ T5127] should_failslab+0x9/0x20
[ 63.542788][ T5127] kmem_cache_alloc+0x6d/0x2b0
[ 63.547576][ T5127] ? set_extent_bit+0x3b/0x50
[ 63.552259][ T5127] btrfs_alloc_tree_block+0xbb1/0x1700
[ 63.557736][ T5127] ? alloc_reserved_file_extent+0x6d0/0x6d0
[ 63.563663][ T5127] ? read_extent_buffer+0x11f/0x2a0
[ 63.568940][ T5127] ? __asan_memcpy+0x40/0x70
[ 63.573535][ T5127] btrfs_force_cow_block+0x545/0x1b70
[ 63.578918][ T5127] ? btrfs_qgroup_trace_subtree_after_cow+0x413/0x1460
[ 63.585874][ T5127] ? btrfs_block_can_be_shared+0x360/0x360
[ 63.591694][ T5127] ? btrfs_qgroup_add_swapped_blocks+0x8f0/0x990
[ 63.598111][ T5127] ? clear_nonspinnable+0x60/0x60
[ 63.603139][ T5127] btrfs_cow_block+0x35e/0xa20
[ 63.607914][ T5127] btrfs_search_slot+0xbdd/0x30c0
[ 63.612967][ T5127] ? btrfs_find_item+0x5c0/0x5c0
[ 63.617910][ T5127] ? btrfs_create_new_inode+0xda9/0x2740
[ 63.623562][ T5127] ? __lock_acquire+0x1fd0/0x1fd0
[ 63.628582][ T5127] ? do_raw_spin_lock+0x14e/0x370
[ 63.633710][ T5127] ? do_raw_spin_unlock+0x13b/0x8b0
[ 63.638920][ T5127] btrfs_insert_empty_items+0x9c/0x190
[ 63.644379][ T5127] btrfs_create_new_inode+0x10e9/0x2740
[ 63.650029][ T5127] ? btrfs_new_inode_args_destroy+0x160/0x160
[ 63.656104][ T5127] ? btrfs_record_root_in_trans+0x16e/0x180
[ 63.662175][ T5127] ? start_transaction+0x3dc/0x1780
[ 63.667560][ T5127] btrfs_create_common+0x1f9/0x300
[ 63.672772][ T5127] ? btrfs_tmpfile+0x4e0/0x4e0
[ 63.677553][ T5127] ? do_raw_spin_unlock+0x13b/0x8b0
[ 63.682775][ T5127] ? btrfs_create+0x75/0x140
[ 63.687382][ T5127] ? btrfs_lookup+0x40/0x40
[ 63.691973][ T5127] path_openat+0x13fa/0x3290
[ 63.696597][ T5127] ? do_filp_open+0x490/0x490
[ 63.701385][ T5127] do_filp_open+0x234/0x490
[ 63.705899][ T5127] ? vfs_tmpfile+0x500/0x500
[ 63.710596][ T5127] ? _raw_spin_unlock+0x28/0x40
[ 63.715531][ T5127] ? alloc_fd+0x59c/0x640
[ 63.720133][ T5127] do_sys_openat2+0x13e/0x1d0
[ 63.724812][ T5127] ? do_sys_open+0x230/0x230
[ 63.729404][ T5127] ? _raw_spin_unlock_irq+0x2e/0x50
[ 63.734660][ T5127] ? ptrace_notify+0x278/0x380
[ 63.739520][ T5127] __x64_sys_open+0x225/0x270
[ 63.744201][ T5127] ? do_sys_openat2+0x1d0/0x1d0
[ 63.749066][ T5127] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 63.755151][ T5127] ? syscall_enter_from_user_mode+0xf5/0x2d0
[ 63.761217][ T5127] do_syscall_64+0x45/0x110
[ 63.765721][ T5127] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 63.771629][ T5127] RIP: 0033:0x7f733d4e72e9
[ 63.776059][ T5127] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 63.795663][ T5127] RSP: 002b:00007ffe786f0d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 63.804074][ T5127] RAX: ffffffffffffffda RBX: 00007ffe786f0d90 RCX: 00007f733d4e72e9
[ 63.812044][ T5127] RDX: 0000000000000000 RSI: 0000000000147042 RDI: 0000000020000040
[ 63.820115][ T5127] RBP: 0000000000000002 R08: 00007ffe786f0b06 R09: 00007ffe786f0db0
[ 63.828427][ T5127] R10: 0000000000000002 R11: 0000000000000246 R12: 00007ffe786f0d8c
[ 63.836391][ T5127] R13: 0000000000000004 R14: 431bde82d7b634db R15: 00007ffe786f0dd0
[ 63.844381][ T5127]
[ 63.848011][ T5127] BTRFS error (device loop0: state A): Transaction aborted (error -12)
[pid 5127] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000) = -1 ENOMEM (Cannot allocate memory)
[pid 5127] exit_group(0) = ?
[pid 5127] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555564e96f0 /* 4 entries */, 32768) = 104
[ 63.857715][ T5127] BTRFS: error (device loop0: state A) in btrfs_create_new_inode:6285: errno=-12 Out of memory
[ 63.874224][ T5127] BTRFS info (device loop0: state EA): forced readonly
[ 63.921097][ T5056] BTRFS info (device loop0: state EA): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 63.934371][ T5056] BTRFS warning (device loop0: state EA): qgroup 0/5 has unreleased space, type 1 rsv 20480
[ 63.944597][ T5056] BTRFS error (device loop0: state EA): qgroup reserved space leaked
[ 63.977080][ T5056] ------------[ cut here ]------------
[ 63.983499][ T5056] WARNING: CPU: 1 PID: 5056 at fs/btrfs/space-info.h:199 btrfs_space_info_update_bytes_may_use+0x2a0/0x610
[ 63.995436][ T5056] Modules linked in:
[ 63.999487][ T5056] CPU: 1 PID: 5056 Comm: syz-executor113 Not tainted 6.7.0-rc3-syzkaller-00298-g1b8af6552cb7 #0
[ 64.010369][ T5056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 64.020577][ T5056] RIP: 0010:btrfs_space_info_update_bytes_may_use+0x2a0/0x610
[ 64.028299][ T5056] Code: 00 00 74 08 4c 89 ff e8 5e 9d 32 fe 49 8b 1f 48 89 df 48 8b 6c 24 20 48 89 ee e8 7b 97 d6 fd 48 39 eb 73 16 e8 61 95 d6 fd 90 <0f> 0b 90 45 31 f6 43 80 7c 25 00 00 75 aa eb b0 e8 4b 95 d6 fd 43
[ 64.048406][ T5056] RSP: 0018:ffffc90004277920 EFLAGS: 00010293
[ 64.054584][ T5056] RAX: ffffffff83b7e4df RBX: 000000000015f000 RCX: ffff888024368000
[ 64.062696][ T5056] RDX: 0000000000000000 RSI: 0000000000160000 RDI: 000000000015f000
[ 64.070926][ T5056] RBP: 0000000000160000 R08: ffffffff83b7e4d5 R09: 1ffffffff1e0171d
[ 64.078998][ T5056] R10: dffffc0000000000 R11: fffffbfff1e0171e R12: dffffc0000000000
[ 64.087133][ T5056] R13: 1ffff110281f050c R14: ffffffffffea0000 R15: ffff888140f82860
[ 64.095106][ T5056] FS: 00005555564e8380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[ 64.104110][ T5056] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 64.110737][ T5056] CR2: 000056201ed6d798 CR3: 00000000788a3000 CR4: 00000000003506f0
[ 64.118837][ T5056] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 64.127039][ T5056] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 64.135115][ T5056] Call Trace:
[ 64.138470][ T5056]
[ 64.141423][ T5056] ? __warn+0x162/0x4b0
[ 64.145603][ T5056] ? btrfs_space_info_update_bytes_may_use+0x2a0/0x610
[ 64.152596][ T5056] ? report_bug+0x2b3/0x500
[ 64.157254][ T5056] ? btrfs_space_info_update_bytes_may_use+0x2a0/0x610
[ 64.164132][ T5056] ? handle_bug+0x3e/0x60
[ 64.168948][ T5056] ? exc_invalid_op+0x1a/0x50
[ 64.173650][ T5056] ? asm_exc_invalid_op+0x1a/0x20
[ 64.178844][ T5056] ? btrfs_space_info_update_bytes_may_use+0x295/0x610
[ 64.185731][ T5056] ? btrfs_space_info_update_bytes_may_use+0x29f/0x610
[ 64.192655][ T5056] ? btrfs_space_info_update_bytes_may_use+0x2a0/0x610
[ 64.199562][ T5056] btrfs_block_rsv_release+0x4fb/0x5f0
[ 64.205067][ T5056] ? do_raw_read_unlock+0x80/0x80
[ 64.210172][ T5056] btrfs_release_global_block_rsv+0x33/0x270
[ 64.216176][ T5056] btrfs_free_block_groups+0xc39/0x1070
[ 64.221811][ T5056] close_ctree+0x75a/0xd40
[ 64.226247][ T5056] ? hook_sb_delete+0x846/0xb80
[ 64.231172][ T5056] ? __btrfs_handle_fs_error+0x380/0x380
[ 64.236873][ T5056] ? init_tree_roots+0x1f10/0x1f10
[ 64.241998][ T5056] ? hook_sb_delete+0x1a3/0xb80
[ 64.246910][ T5056] ? hook_inode_free_security+0xb0/0xb0
[ 64.252493][ T5056] ? clear_inode+0x160/0x160
[ 64.257116][ T5056] ? dput+0x52/0x470
[ 64.261019][ T5056] ? dput+0x452/0x470
[ 64.265001][ T5056] ? btrfs_fill_super+0x2f0/0x2f0
[ 64.270085][ T5056] generic_shutdown_super+0x13a/0x2c0
[ 64.275481][ T5056] kill_anon_super+0x3b/0x70
[ 64.280186][ T5056] btrfs_kill_super+0x41/0x50
[ 64.284888][ T5056] deactivate_locked_super+0xc1/0x130
[ 64.290330][ T5056] cleanup_mnt+0x426/0x4c0
[ 64.294767][ T5056] ? _raw_spin_unlock_irq+0x23/0x50
[ 64.300041][ T5056] task_work_run+0x24a/0x300
[ 64.304712][ T5056] ? task_work_cancel+0x2b0/0x2b0
[ 64.309812][ T5056] ? lockdep_hardirqs_on+0x98/0x140
[ 64.315113][ T5056] ? __x64_sys_umount+0x126/0x170
[ 64.320186][ T5056] ptrace_notify+0x2cd/0x380
[ 64.324791][ T5056] ? do_notify_parent+0x10c0/0x10c0
[ 64.330285][ T5056] ? __x64_sys_umount+0x126/0x170
[ 64.335329][ T5056] ? path_umount+0xf40/0xf40
[ 64.340466][ T5056] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 64.346479][ T5056] syscall_exit_to_user_mode+0x168/0x2a0
[ 64.352104][ T5056] do_syscall_64+0x52/0x110
[ 64.356669][ T5056] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 64.362590][ T5056] RIP: 0033:0x7f733d4e8547
[ 64.367107][ T5056] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[ 64.386746][ T5056] RSP: 002b:00007ffe786efc78 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6
[ 64.395149][ T5056] RAX: 0000000000000000 RBX: 000000000000f643 RCX: 00007f733d4e8547
[ 64.403167][ T5056] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffe786efd30
[ 64.411185][ T5056] RBP: 00007ffe786efd30 R08: 0000000000000000 R09: 0000000000000000
[ 64.419199][ T5056] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffe786f0db0
[ 64.427201][ T5056] R13: 00005555564e96c0 R14: 431bde82d7b634db R15: 00007ffe786f0dd0
[ 64.435184][ T5056]
[ 64.438248][ T5056] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 64.445702][ T5056] CPU: 1 PID: 5056 Comm: syz-executor113 Not tainted 6.7.0-rc3-syzkaller-00298-g1b8af6552cb7 #0
[ 64.456105][ T5056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 64.466158][ T5056] Call Trace:
[ 64.469438][ T5056]
[ 64.472359][ T5056] dump_stack_lvl+0x1e7/0x2d0
[ 64.477045][ T5056] ? nf_tcp_handle_invalid+0x650/0x650
[ 64.482505][ T5056] ? panic+0x850/0x850
[ 64.486580][ T5056] ? vscnprintf+0x5d/0x80
[ 64.490911][ T5056] panic+0x349/0x850
[ 64.494801][ T5056] ? __warn+0x171/0x4b0
[ 64.499041][ T5056] ? __memcpy_flushcache+0x2b0/0x2b0
[ 64.504350][ T5056] __warn+0x318/0x4b0
[ 64.508333][ T5056] ? btrfs_space_info_update_bytes_may_use+0x2a0/0x610
[ 64.515181][ T5056] report_bug+0x2b3/0x500
[ 64.519512][ T5056] ? btrfs_space_info_update_bytes_may_use+0x2a0/0x610
[ 64.526529][ T5056] handle_bug+0x3e/0x60
[ 64.531000][ T5056] exc_invalid_op+0x1a/0x50
[ 64.535497][ T5056] asm_exc_invalid_op+0x1a/0x20
[ 64.540339][ T5056] RIP: 0010:btrfs_space_info_update_bytes_may_use+0x2a0/0x610
[ 64.547795][ T5056] Code: 00 00 74 08 4c 89 ff e8 5e 9d 32 fe 49 8b 1f 48 89 df 48 8b 6c 24 20 48 89 ee e8 7b 97 d6 fd 48 39 eb 73 16 e8 61 95 d6 fd 90 <0f> 0b 90 45 31 f6 43 80 7c 25 00 00 75 aa eb b0 e8 4b 95 d6 fd 43
[ 64.567586][ T5056] RSP: 0018:ffffc90004277920 EFLAGS: 00010293
[ 64.573681][ T5056] RAX: ffffffff83b7e4df RBX: 000000000015f000 RCX: ffff888024368000
[ 64.581742][ T5056] RDX: 0000000000000000 RSI: 0000000000160000 RDI: 000000000015f000
[ 64.589734][ T5056] RBP: 0000000000160000 R08: ffffffff83b7e4d5 R09: 1ffffffff1e0171d
[ 64.597724][ T5056] R10: dffffc0000000000 R11: fffffbfff1e0171e R12: dffffc0000000000
[ 64.605700][ T5056] R13: 1ffff110281f050c R14: ffffffffffea0000 R15: ffff888140f82860
[ 64.613687][ T5056] ? btrfs_space_info_update_bytes_may_use+0x295/0x610
[ 64.620542][ T5056] ? btrfs_space_info_update_bytes_may_use+0x29f/0x610
[ 64.627436][ T5056] btrfs_block_rsv_release+0x4fb/0x5f0
[ 64.632903][ T5056] ? do_raw_read_unlock+0x80/0x80
[ 64.637958][ T5056] btrfs_release_global_block_rsv+0x33/0x270
[ 64.643946][ T5056] btrfs_free_block_groups+0xc39/0x1070
[ 64.649535][ T5056] close_ctree+0x75a/0xd40
[ 64.653976][ T5056] ? hook_sb_delete+0x846/0xb80
[ 64.658831][ T5056] ? __btrfs_handle_fs_error+0x380/0x380
[ 64.664467][ T5056] ? init_tree_roots+0x1f10/0x1f10
[ 64.669576][ T5056] ? hook_sb_delete+0x1a3/0xb80
[ 64.674438][ T5056] ? hook_inode_free_security+0xb0/0xb0
[ 64.679987][ T5056] ? clear_inode+0x160/0x160
[ 64.684569][ T5056] ? dput+0x52/0x470
[ 64.688462][ T5056] ? dput+0x452/0x470
[ 64.692444][ T5056] ? btrfs_fill_super+0x2f0/0x2f0
[ 64.697480][ T5056] generic_shutdown_super+0x13a/0x2c0
[ 64.702856][ T5056] kill_anon_super+0x3b/0x70
[ 64.707461][ T5056] btrfs_kill_super+0x41/0x50
[ 64.712139][ T5056] deactivate_locked_super+0xc1/0x130
[ 64.717505][ T5056] cleanup_mnt+0x426/0x4c0
[ 64.721916][ T5056] ? _raw_spin_unlock_irq+0x23/0x50
[ 64.727299][ T5056] task_work_run+0x24a/0x300
[ 64.731996][ T5056] ? task_work_cancel+0x2b0/0x2b0
[ 64.737018][ T5056] ? lockdep_hardirqs_on+0x98/0x140
[ 64.742276][ T5056] ? __x64_sys_umount+0x126/0x170
[ 64.747324][ T5056] ptrace_notify+0x2cd/0x380
[ 64.751931][ T5056] ? do_notify_parent+0x10c0/0x10c0
[ 64.757137][ T5056] ? __x64_sys_umount+0x126/0x170
[ 64.762243][ T5056] ? path_umount+0xf40/0xf40
[ 64.766830][ T5056] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 64.772810][ T5056] syscall_exit_to_user_mode+0x168/0x2a0
[ 64.778439][ T5056] do_syscall_64+0x52/0x110
[ 64.782938][ T5056] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 64.788834][ T5056] RIP: 0033:0x7f733d4e8547
[ 64.793287][ T5056] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[ 64.812890][ T5056] RSP: 002b:00007ffe786efc78 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6
[ 64.821303][ T5056] RAX: 0000000000000000 RBX: 000000000000f643 RCX: 00007f733d4e8547
[ 64.829270][ T5056] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffe786efd30
[ 64.837236][ T5056] RBP: 00007ffe786efd30 R08: 0000000000000000 R09: 0000000000000000
[ 64.845197][ T5056] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffe786f0db0
[ 64.853161][ T5056] R13: 00005555564e96c0 R14: 431bde82d7b634db R15: 00007ffe786f0dd0
[ 64.861155][ T5056]
[ 64.864405][ T5056] Kernel Offset: disabled
[ 64.868847][ T5056] Rebooting in 86400 seconds..