[ OK ] Started OpenBSD Secure Shell server. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.126' (ECDSA) to the list of known hosts. syzkaller login: [ 27.569255] IPVS: ftp: loaded support on port[0] = 21 executing program [ 27.688056] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 [ 27.710099] BTRFS info (device loop0): using free space tree [ 27.715974] BTRFS info (device loop0): has skinny extents [ 27.761419] FAULT_INJECTION: forcing a failure. [ 27.761419] name failslab, interval 1, probability 0, space 0, times 1 [ 27.772754] CPU: 1 PID: 7988 Comm: syz-executor300 Not tainted 4.14.302-syzkaller #0 [ 27.780627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 27.789970] Call Trace: [ 27.792548] dump_stack+0x1b2/0x281 [ 27.796170] should_fail.cold+0x10a/0x149 [ 27.800301] should_failslab+0xd6/0x130 [ 27.804260] kmem_cache_alloc+0x28e/0x3c0 [ 27.808418] btrfs_alloc_tree_block+0xcfa/0x1410 [ 27.813160] ? btrfs_reserve_extent+0x3b0/0x3b0 [ 27.817808] ? __lock_acquire+0x2190/0x3f20 [ 27.822105] ? memcpy+0x35/0x50 [ 27.825363] ? read_extent_buffer+0x102/0x150 [ 27.829835] __btrfs_cow_block+0x367/0xfd0 [ 27.834049] ? btrfs_set_lock_blocking_rw+0x266/0x2f0 [ 27.839231] ? update_ref_for_cow+0x980/0x980 [ 27.843713] ? btrfs_tree_read_unlock_blocking+0x210/0x210 [ 27.849314] btrfs_cow_block+0x207/0x6d0 [ 27.853361] ? btrfs_set_path_blocking+0x39/0x110 [ 27.858187] btrfs_search_slot+0x546/0x1c20 [ 27.862494] ? split_leaf+0x14a0/0x14a0 [ 27.866448] ? join_transaction+0x181/0xcc0 [ 27.870746] ? btrfs_record_root_in_trans+0x106/0x150 [ 27.875917] btrfs_insert_empty_items+0xaf/0x160 [ 27.880653] insert_balance_item.isra.0+0xef/0x13f0 [ 27.885649] ? trace_hardirqs_on+0x10/0x10 [ 27.889859] ? __cancel_balance+0x2d0/0x2d0 [ 27.894157] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 27.899240] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 27.904235] ? btrfs_dev_replace_unlock+0x2e/0x50 [ 27.909054] ? btrfs_ioctl_balance+0x5e6/0x730 [ 27.913613] ? mark_held_locks+0xa6/0xf0 [ 27.917649] ? btrfs_balance+0x148f/0x39b0 [ 27.921861] ? btrfs_get_num_tolerated_disk_barrier_failures+0xd7/0x150 [ 27.928587] btrfs_balance+0xa50/0x39b0 [ 27.932538] ? btrfs_ioctl_balance+0x24e/0x730 [ 27.937097] ? btrfs_ioctl_balance+0x24e/0x730 [ 27.941655] ? __mutex_lock+0x360/0x1310 [ 27.945691] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 27.951548] ? trace_hardirqs_on+0x10/0x10 [ 27.955760] ? ima_rdwr_violation_check+0x3a0/0x3a0 [ 27.960749] ? btrfs_ioctl_balance+0x24e/0x730 [ 27.965309] ? fs_reclaim_release+0xd0/0x110 [ 27.969694] ? btrfs_shrink_device+0xdc0/0xdc0 [ 27.974254] ? btrfs_ioctl_balance+0x425/0x730 [ 27.978818] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 27.984244] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 27.989246] ? kmem_cache_alloc_trace+0x36c/0x3d0 [ 27.994066] btrfs_ioctl_balance+0x5e6/0x730 [ 27.998450] btrfs_ioctl+0xddf/0x5b20 [ 28.002226] ? _kstrtoull+0x1f2/0x450 [ 28.006004] ? btrfs_ioctl_get_supported_features+0x40/0x40 [ 28.011689] ? get_pid_task+0x91/0x130 [ 28.015581] ? lock_downgrade+0x740/0x740 [ 28.019711] ? get_pid_task+0xb8/0x130 [ 28.023660] ? proc_fail_nth_write+0x7b/0x180 [ 28.028132] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.033038] ? fsnotify+0x974/0x11b0 [ 28.036745] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.041655] ? debug_check_no_obj_freed+0x2c0/0x680 [ 28.046647] ? btrfs_ioctl_get_supported_features+0x40/0x40 [ 28.052334] do_vfs_ioctl+0x75a/0xff0 [ 28.056118] ? ioctl_preallocate+0x1a0/0x1a0 [ 28.060506] ? vfs_write+0x319/0x4d0 [ 28.064198] ? SyS_write+0x14d/0x210 [ 28.067892] ? security_file_ioctl+0x83/0xb0 [ 28.072278] SyS_ioctl+0x7f/0xb0 [ 28.075619] ? do_vfs_ioctl+0xff0/0xff0 [ 28.079572] do_syscall_64+0x1d5/0x640 [ 28.083439] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.088691] RIP: 0033:0x7f5fdafe61e9 [ 28.092408] RSP: 002b:00007ffc0bcbc0f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 28.100090] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f5fdafe61e9 [ 28.107335] RDX: 0000000000000000 RSI: 00000000c4009420 RDI: 0000000000000004 [ 28.114582] RBP: 00007ffc0bcbc110 R08: 0000000000000001 R09: 00007ffc0bcbc298 [ 28.121828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 28.129073] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 28.158092] ------------[ cut here ]------------ [ 28.162933] WARNING: CPU: 1 PID: 7988 at fs/btrfs/extent-tree.c:10028 btrfs_free_block_groups+0x713/0xc50 [ 28.172796] Kernel panic - not syncing: panic_on_warn set ... [ 28.172796] [ 28.180138] CPU: 1 PID: 7988 Comm: syz-executor300 Not tainted 4.14.302-syzkaller #0 [ 28.187996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 28.197327] Call Trace: [ 28.199898] dump_stack+0x1b2/0x281 [ 28.203504] panic+0x1f9/0x42d [ 28.206674] ? add_taint.cold+0x16/0x16 [ 28.210629] ? btrfs_free_block_groups+0x713/0xc50 [ 28.215540] ? btrfs_free_block_groups+0x713/0xc50 [ 28.220449] __warn.cold+0x20/0x44 [ 28.223972] ? ist_end_non_atomic+0x10/0x10 [ 28.228282] ? btrfs_free_block_groups+0x713/0xc50 [ 28.233189] report_bug+0x208/0x250 [ 28.236797] do_error_trap+0x195/0x2d0 [ 28.240667] ? math_error+0x2d0/0x2d0 [ 28.244451] ? lock_acquire+0x170/0x3f0 [ 28.248407] ? space_info_add_old_bytes+0x26/0x7e0 [ 28.253319] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.258143] invalid_op+0x1b/0x40 [ 28.261579] RIP: 0010:btrfs_free_block_groups+0x713/0xc50 [ 28.267091] RSP: 0018:ffff8880b360fb10 EFLAGS: 00010297 [ 28.272432] RAX: ffff8880b4f08300 RBX: 0000000000000000 RCX: ffffed10130d0ddb [ 28.279683] RDX: 0000000000000000 RSI: ffff888098686ed8 RDI: ffff8880b325d258 [ 28.286931] RBP: ffff888098685b80 R08: ffffffff8ba60b0c R09: 0000000000000001 [ 28.294186] R10: 0000000000000000 R11: ffff8880b4f08300 R12: ffff8880b325d2e8 [ 28.301433] R13: dffffc0000000000 R14: ffff8880b325c000 R15: 1ffff110130d0ddb [ 28.308697] close_ctree+0x33d/0x840 [ 28.312391] ? btrfs_cleanup_transaction.isra.0+0x10d0/0x10d0 [ 28.318265] ? dispose_list+0x1e0/0x1e0 [ 28.322222] ? fsnotify_unmount_inodes+0x1b4/0x210 [ 28.327131] ? btrfs_set_super+0x60/0x60 [ 28.331177] generic_shutdown_super+0x144/0x370 [ 28.335824] kill_anon_super+0x36/0x90 [ 28.339691] btrfs_kill_super+0x49/0x540 [ 28.343734] ? unregister_shrinker+0x170/0x210 [ 28.348299] deactivate_locked_super+0x6c/0xd0 [ 28.352858] deactivate_super+0x7f/0xa0 [ 28.356810] cleanup_mnt+0x186/0x2c0 [ 28.360504] task_work_run+0x11f/0x190 [ 28.364372] do_exit+0xa44/0x2850 [ 28.367808] ? __do_page_fault+0x571/0xad0 [ 28.372024] ? mm_update_next_owner+0x5b0/0x5b0 [ 28.376686] ? lock_downgrade+0x740/0x740 [ 28.381664] do_group_exit+0x100/0x2e0 [ 28.385538] SyS_exit_group+0x19/0x20 [ 28.389321] ? do_group_exit+0x2e0/0x2e0 [ 28.393363] do_syscall_64+0x1d5/0x640 [ 28.397245] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.402417] RIP: 0033:0x7f5fdafe4d49 [ 28.406125] RSP: 002b:00007ffc0bcbc0a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 28.413822] RAX: ffffffffffffffda RBX: 00007f5fdb05f3f0 RCX: 00007f5fdafe4d49 [ 28.421072] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 28.428323] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 00007ffc0bcbc298 [ 28.435579] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5fdb05f3f0 [ 28.442830] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 28.450439] Kernel Offset: disabled [ 28.454099] Rebooting in 86400 seconds..