./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1870573164
<...>
forked to background, child pid 4657
[ 52.804827][ T4658] 8021q: adding VLAN 0 to HW filter on device bond0
[ 52.830760][ T4658] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: [ 53.459661][ T4753] sshd (4753) used greatest stack depth: 22320 bytes left
OK
syzkaller
Warning: Permanently added '10.128.1.125' (ECDSA) to the list of known hosts.
execve("./syz-executor1870573164", ["./syz-executor1870573164"], 0x7fff4af91970 /* 10 vars */) = 0
brk(NULL) = 0x55555587c000
brk(0x55555587cc40) = 0x55555587cc40
arch_prctl(ARCH_SET_FS, 0x55555587c300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1870573164", 4096) = 28
brk(0x55555589dc40) = 0x55555589dc40
brk(0x55555589e000) = 0x55555589e000
mprotect(0x7fd6465d9000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
getpid() = 5083
mkdir("./syzkaller.3MwV7z", 0700) = 0
chmod("./syzkaller.3MwV7z", 0777) = 0
chdir("./syzkaller.3MwV7z") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555587c5d0) = 5084
./strace-static-x86_64: Process 5084 attached
[pid 5084] chdir("./0") = 0
[pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5084] setpgid(0, 0) = 0
[pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5084] write(3, "1000", 4) = 4
[pid 5084] close(3) = 0
[pid 5084] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5084] memfd_create("syzkaller", 0) = 3
[pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd63e118000
syzkaller login: [ 79.503364][ T5084] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5084 'syz-executor187'
[pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5084] munmap(0x7fd63e118000, 16777216) = 0
[pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5084] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5084] close(3) = 0
[pid 5084] mkdir("./file0", 0777) = 0
[ 79.751631][ T5084] loop0: detected capacity change from 0 to 32768
[ 79.764619][ T5084] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor187 (5084)
[ 79.788733][ T5084] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 79.797642][ T5084] BTRFS info (device loop0): using free space tree
[pid 5084] mount("/dev/loop0", "./file0", "btrfs", 0, "") = 0
[pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5084] ioctl(4, LOOP_CLR_FD) = 0
[pid 5084] close(4) = 0
[pid 5084] fcntl(3, F_DUPFD, 3) = 4
[pid 5084] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 5084] write(5, "17", 2) = 2
[ 79.825382][ T5084] BTRFS info (device loop0): enabling ssd optimizations
[ 79.832508][ T5084] BTRFS info (device loop0): auto enabling async discard
[ 79.859249][ T5084] FAULT_INJECTION: forcing a failure.
[ 79.859249][ T5084] name failslab, interval 1, probability 0, space 0, times 1
[ 79.872225][ T5084] CPU: 1 PID: 5084 Comm: syz-executor187 Not tainted 6.2.0-next-20230225-syzkaller #0
[ 79.881841][ T5084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
[ 79.891951][ T5084] Call Trace:
[ 79.895279][ T5084]
[ 79.898258][ T5084] dump_stack_lvl+0x136/0x150
[ 79.903043][ T5084] should_fail_ex+0x4a3/0x5b0
[ 79.907831][ T5084] ? btrfs_mksubvol+0x83f/0x1310
[ 79.912892][ T5084] should_failslab+0x9/0x20
[ 79.917459][ T5084] kmem_cache_alloc+0x5a/0x320
[ 79.922336][ T5084] btrfs_mksubvol+0x83f/0x1310
[ 79.927194][ T5084] ? create_subvol+0x16f0/0x16f0
[ 79.932301][ T5084] ? lock_acquire+0x32/0xc0
[ 79.936873][ T5084] ? make_vfsuid+0x113/0x170
[ 79.941550][ T5084] btrfs_mksnapshot+0xaf/0xf0
[ 79.946400][ T5084] __btrfs_ioctl_snap_create+0x42b/0x4d0
[ 79.952125][ T5084] btrfs_ioctl_snap_create_v2+0x25a/0x520
[ 79.958117][ T5084] btrfs_ioctl+0x3f77/0x59d0
[ 79.962787][ T5084] ? tomoyo_path_number_perm+0x166/0x570
[ 79.968509][ T5084] ? tomoyo_execute_permission+0x4a0/0x4a0
[ 79.974501][ T5084] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 79.981006][ T5084] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 79.986975][ T5084] ? do_vfs_ioctl+0x132/0x1670
[ 79.991807][ T5084] ? vfs_fileattr_set+0xc40/0xc40
[ 79.996920][ T5084] ? find_held_lock+0x2d/0x110
[ 80.001758][ T5084] ? do_one_initcall+0x5a1/0x7d0
[ 80.006798][ T5084] ? bpf_lsm_file_ioctl+0x9/0x10
[ 80.011889][ T5084] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 80.018391][ T5084] __x64_sys_ioctl+0x197/0x210
[ 80.023248][ T5084] do_syscall_64+0x39/0xb0
[ 80.027825][ T5084] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 80.034396][ T5084] RIP: 0033:0x7fd646565a29
[ 80.038903][ T5084] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 80.058578][ T5084] RSP: 002b:00007fffdc0e67f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 80.067064][ T5084] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd646565a29
[pid 5084] ioctl(4, BTRFS_IOC_SNAP_CREATE_V2, {fd=4, flags=BTRFS_SUBVOL_QGROUP_INHERIT, size=72, qgroup_inherit={flags=0, num_qgroups=0, num_ref_copies=0, num_excl_copies=0, lim={flags=0, max_rfer=0, max_excl=0, rsv_rfer=0, rsv_excl=0}, ...}, name="\x05"}) = -1 ENOMEM (Cannot allocate memory)
[pid 5084] exit_group(0) = ?
[pid 5084] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=28 /* 0.28 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x55555587d620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs") = 0
[ 80.075094][ T5084] RDX: 0000000020002d40 RSI: 0000000050009417 RDI: 0000000000000004
[ 80.083121][ T5084] RBP: 00007fffdc0e6820 R08: 0000000000000002 R09: 00007fffdc0e6830
[ 80.091156][ T5084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 80.099196][ T5084] R13: 00007fffdc0e6860 R14: 00007fffdc0e6840 R15: 0000000000000000
[ 80.107345][ T5084]
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555885660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555885660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x55555587d620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555587c5d0) = 5113
./strace-static-x86_64: Process 5113 attached
[pid 5113] chdir("./1") = 0
[pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5113] setpgid(0, 0) = 0
[pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5113] write(3, "1000", 4) = 4
[pid 5113] close(3) = 0
[pid 5113] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5113] memfd_create("syzkaller", 0) = 3
[pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd63e118000
[pid 5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5113] munmap(0x7fd63e118000, 16777216) = 0
[pid 5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5113] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5113] close(3) = 0
[pid 5113] mkdir("./file0", 0777) = 0
[ 80.569645][ T5113] loop0: detected capacity change from 0 to 32768
[ 80.586017][ T5113] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor187 (5113)
[ 80.604132][ T5113] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 80.613297][ T5113] BTRFS info (device loop0): using free space tree
[pid 5113] mount("/dev/loop0", "./file0", "btrfs", 0, "") = 0
[pid 5113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5113] ioctl(4, LOOP_CLR_FD) = 0
[pid 5113] close(4) = 0
[pid 5113] fcntl(3, F_DUPFD, 3) = 4
[pid 5113] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 5113] write(5, "17", 2) = 2
[ 80.635549][ T5113] BTRFS info (device loop0): enabling ssd optimizations
[ 80.642657][ T5113] BTRFS info (device loop0): auto enabling async discard
[ 80.662289][ T5113] FAULT_INJECTION: forcing a failure.
[ 80.662289][ T5113] name failslab, interval 1, probability 0, space 0, times 0
[ 80.675922][ T5113] CPU: 1 PID: 5113 Comm: syz-executor187 Not tainted 6.2.0-next-20230225-syzkaller #0
[ 80.685548][ T5113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
[ 80.695654][ T5113] Call Trace:
[ 80.698981][ T5113]
[ 80.701955][ T5113] dump_stack_lvl+0x136/0x150
[ 80.706851][ T5113] should_fail_ex+0x4a3/0x5b0
[ 80.711595][ T5113] ? start_transaction+0x345/0x1450
[ 80.716854][ T5113] should_failslab+0x9/0x20
[ 80.721419][ T5113] kmem_cache_alloc+0x5a/0x320
[ 80.726267][ T5113] ? btrfs_delayed_refs_rsv_refill+0xd5/0x1a0
[ 80.732414][ T5113] start_transaction+0x345/0x1450
[ 80.737523][ T5113] btrfs_mksubvol+0xa20/0x1310
[ 80.742363][ T5113] ? create_subvol+0x16f0/0x16f0
[ 80.747366][ T5113] ? lock_acquire+0x32/0xc0
[ 80.751933][ T5113] ? make_vfsuid+0x113/0x170
[ 80.756614][ T5113] btrfs_mksnapshot+0xaf/0xf0
[ 80.761374][ T5113] __btrfs_ioctl_snap_create+0x42b/0x4d0
[ 80.767099][ T5113] btrfs_ioctl_snap_create_v2+0x25a/0x520
[ 80.772904][ T5113] btrfs_ioctl+0x3f77/0x59d0
[ 80.777573][ T5113] ? tomoyo_path_number_perm+0x166/0x570
[ 80.783286][ T5113] ? tomoyo_execute_permission+0x4a0/0x4a0
[ 80.789174][ T5113] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 80.795672][ T5113] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 80.801640][ T5113] ? do_vfs_ioctl+0x132/0x1670
[ 80.806554][ T5113] ? vfs_fileattr_set+0xc40/0xc40
[ 80.811667][ T5113] ? find_held_lock+0x2d/0x110
[ 80.816592][ T5113] ? do_one_initcall+0x5a1/0x7d0
[ 80.821639][ T5113] ? bpf_lsm_file_ioctl+0x9/0x10
[ 80.826638][ T5113] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 80.833152][ T5113] __x64_sys_ioctl+0x197/0x210
[ 80.837986][ T5113] do_syscall_64+0x39/0xb0
[ 80.842478][ T5113] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 80.848437][ T5113] RIP: 0033:0x7fd646565a29
[ 80.852909][ T5113] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 80.872566][ T5113] RSP: 002b:00007fffdc0e67f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid 5113] ioctl(4, BTRFS_IOC_SNAP_CREATE_V2, {fd=4, flags=BTRFS_SUBVOL_QGROUP_INHERIT, size=72, qgroup_inherit={flags=0, num_qgroups=0, num_ref_copies=0, num_excl_copies=0, lim={flags=0, max_rfer=0, max_excl=0, rsv_rfer=0, rsv_excl=0}, ...}, name="\x05"}) = -1 ENOMEM (Cannot allocate memory)
[pid 5113] exit_group(0) = ?
[pid 5113] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=26 /* 0.26 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x55555587d620 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./1/binderfs") = 0
[ 80.881002][ T5113] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd646565a29
[ 80.889035][ T5113] RDX: 0000000020002d40 RSI: 0000000050009417 RDI: 0000000000000004
[ 80.897025][ T5113] RBP: 00007fffdc0e6820 R08: 0000000000000002 R09: 00007fffdc0e6830
[ 80.905036][ T5113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 80.913034][ T5113] R13: 00007fffdc0e6860 R14: 00007fffdc0e6840 R15: 0000000000000001
[ 80.921052][ T5113]
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555885660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555885660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x55555587d620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555587c5d0) = 5131
./strace-static-x86_64: Process 5131 attached
[pid 5131] chdir("./2") = 0
[pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5131] setpgid(0, 0) = 0
[pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5131] write(3, "1000", 4) = 4
[pid 5131] close(3) = 0
[pid 5131] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5131] memfd_create("syzkaller", 0) = 3
[pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd63e118000
[pid 5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5131] munmap(0x7fd63e118000, 16777216) = 0
[pid 5131] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5131] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5131] close(3) = 0
[pid 5131] mkdir("./file0", 0777) = 0
[ 81.352364][ T5131] loop0: detected capacity change from 0 to 32768
[ 81.365208][ T5131] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor187 (5131)
[ 81.385563][ T5131] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 81.394411][ T5131] BTRFS info (device loop0): using free space tree
[pid 5131] mount("/dev/loop0", "./file0", "btrfs", 0, "") = 0
[pid 5131] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5131] ioctl(4, LOOP_CLR_FD) = 0
[pid 5131] close(4) = 0
[pid 5131] fcntl(3, F_DUPFD, 3) = 4
[pid 5131] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 5131] write(5, "17", 2) = 2
[ 81.417018][ T5131] BTRFS info (device loop0): enabling ssd optimizations
[ 81.424596][ T5131] BTRFS info (device loop0): auto enabling async discard
[ 81.440605][ T5131] FAULT_INJECTION: forcing a failure.
[ 81.440605][ T5131] name failslab, interval 1, probability 0, space 0, times 0
[ 81.453782][ T5131] CPU: 0 PID: 5131 Comm: syz-executor187 Not tainted 6.2.0-next-20230225-syzkaller #0
[ 81.463396][ T5131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
[ 81.473495][ T5131] Call Trace:
[ 81.476790][ T5131]
[ 81.479844][ T5131] dump_stack_lvl+0x136/0x150
[ 81.484616][ T5131] should_fail_ex+0x4a3/0x5b0
[ 81.489374][ T5131] ? start_transaction+0x345/0x1450
[ 81.494650][ T5131] should_failslab+0x9/0x20
[ 81.499317][ T5131] kmem_cache_alloc+0x5a/0x320
[ 81.504172][ T5131] ? btrfs_delayed_refs_rsv_refill+0xd5/0x1a0
[ 81.510324][ T5131] start_transaction+0x345/0x1450
[ 81.515434][ T5131] btrfs_mksubvol+0xa20/0x1310
[ 81.520295][ T5131] ? create_subvol+0x16f0/0x16f0
[ 81.525315][ T5131] ? lock_acquire+0x32/0xc0
[ 81.529884][ T5131] ? make_vfsuid+0x113/0x170
[ 81.534572][ T5131] btrfs_mksnapshot+0xaf/0xf0
[ 81.539357][ T5131] __btrfs_ioctl_snap_create+0x42b/0x4d0
[ 81.545081][ T5131] btrfs_ioctl_snap_create_v2+0x25a/0x520
[ 81.552540][ T5131] btrfs_ioctl+0x3f77/0x59d0
[ 81.557387][ T5131] ? tomoyo_path_number_perm+0x166/0x570
[ 81.563199][ T5131] ? tomoyo_execute_permission+0x4a0/0x4a0
[ 81.569093][ T5131] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 81.575606][ T5131] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 81.581572][ T5131] ? do_vfs_ioctl+0x132/0x1670
[ 81.586406][ T5131] ? vfs_fileattr_set+0xc40/0xc40
[ 81.591520][ T5131] ? find_held_lock+0x2d/0x110
[ 81.596356][ T5131] ? do_one_initcall+0x5a1/0x7d0
[ 81.601399][ T5131] ? bpf_lsm_file_ioctl+0x9/0x10
[ 81.606401][ T5131] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 81.613201][ T5131] __x64_sys_ioctl+0x197/0x210
[ 81.618065][ T5131] do_syscall_64+0x39/0xb0
[ 81.622561][ T5131] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 81.628517][ T5131] RIP: 0033:0x7fd646565a29
[ 81.632991][ T5131] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 81.652747][ T5131] RSP: 002b:00007fffdc0e67f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid 5131] ioctl(4, BTRFS_IOC_SNAP_CREATE_V2, {fd=4, flags=BTRFS_SUBVOL_QGROUP_INHERIT, size=72, qgroup_inherit={flags=0, num_qgroups=0, num_ref_copies=0, num_excl_copies=0, lim={flags=0, max_rfer=0, max_excl=0, rsv_rfer=0, rsv_excl=0}, ...}, name="\x05"}) = -1 ENOMEM (Cannot allocate memory)
[pid 5131] exit_group(0) = ?
[pid 5131] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=30 /* 0.30 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x55555587d620 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./2/binderfs") = 0
[ 81.661230][ T5131] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd646565a29
[ 81.669263][ T5131] RDX: 0000000020002d40 RSI: 0000000050009417 RDI: 0000000000000004
[ 81.677301][ T5131] RBP: 00007fffdc0e6820 R08: 0000000000000002 R09: 00007fffdc0e6830
[ 81.685375][ T5131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 81.693409][ T5131] R13: 00007fffdc0e6860 R14: 00007fffdc0e6840 R15: 0000000000000002
[ 81.701469][ T5131]
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555885660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555885660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x55555587d620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555587c5d0) = 5149
./strace-static-x86_64: Process 5149 attached
[pid 5149] chdir("./3") = 0
[pid 5149] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5149] setpgid(0, 0) = 0
[pid 5149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5149] write(3, "1000", 4) = 4
[pid 5149] close(3) = 0
[pid 5149] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5149] memfd_create("syzkaller", 0) = 3
[pid 5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd63e118000
[pid 5149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5149] munmap(0x7fd63e118000, 16777216) = 0
[pid 5149] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5149] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5149] close(3) = 0
[pid 5149] mkdir("./file0", 0777) = 0
[ 82.141845][ T5149] loop0: detected capacity change from 0 to 32768
[ 82.153319][ T5149] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor187 (5149)
[ 82.170836][ T5149] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 82.179560][ T5149] BTRFS info (device loop0): using free space tree
[pid 5149] mount("/dev/loop0", "./file0", "btrfs", 0, "") = 0
[pid 5149] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5149] ioctl(4, LOOP_CLR_FD) = 0
[pid 5149] close(4) = 0
[pid 5149] fcntl(3, F_DUPFD, 3) = 4
[pid 5149] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 5149] write(5, "17", 2) = 2
[ 82.201268][ T5149] BTRFS info (device loop0): enabling ssd optimizations
[ 82.208520][ T5149] BTRFS info (device loop0): auto enabling async discard
[ 82.224986][ T5149] FAULT_INJECTION: forcing a failure.
[ 82.224986][ T5149] name failslab, interval 1, probability 0, space 0, times 0
[ 82.239864][ T5149] CPU: 0 PID: 5149 Comm: syz-executor187 Not tainted 6.2.0-next-20230225-syzkaller #0
[ 82.249477][ T5149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
[ 82.259566][ T5149] Call Trace:
[ 82.262901][ T5149]
[ 82.265890][ T5149] dump_stack_lvl+0x136/0x150
[ 82.270662][ T5149] should_fail_ex+0x4a3/0x5b0
[ 82.275423][ T5149] ? btrfs_set_inode_index_count+0xd5/0x340
[ 82.281382][ T5149] should_failslab+0x9/0x20
[ 82.285928][ T5149] kmem_cache_alloc+0x5a/0x320
[ 82.290757][ T5149] ? __radix_tree_lookup+0x215/0x2a0
[ 82.296181][ T5149] btrfs_set_inode_index_count+0xd5/0x340
[ 82.301941][ T5149] ? trace_btrfs_writepage_end_io_hook+0x350/0x350
[ 82.308490][ T5149] ? btrfs_get_delayed_node+0xfd/0x5b0
[ 82.314000][ T5149] ? ktime_get_resolution_ns+0x1f/0x1a0
[ 82.319589][ T5149] ? btrfs_async_run_delayed_root+0x720/0x720
[ 82.325711][ T5149] ? current_time+0x1fe/0x2c0
[ 82.330456][ T5149] btrfs_set_inode_index+0xe9/0x150
[ 82.335707][ T5149] create_pending_snapshot+0x863/0x2da0
[ 82.341291][ T5149] ? btrfs_scrub_pause+0x2f3/0x390
[ 82.346470][ T5149] ? __btrfs_abort_transaction+0x180/0x180
[ 82.352323][ T5149] ? rcu_read_lock_sched_held+0x3e/0x70
[ 82.357916][ T5149] ? trace_contention_end+0x173/0x1e0
[ 82.363336][ T5149] ? __mutex_lock+0x231/0x1350
[ 82.368153][ T5149] ? btrfs_commit_transaction+0xaa6/0x4410
[ 82.374015][ T5149] ? lock_release+0x780/0x780
[ 82.378737][ T5149] ? btrfs_commit_transaction+0x99c/0x4410
[ 82.384574][ T5149] ? rcu_read_lock_sched_held+0x3e/0x70
[ 82.390166][ T5149] ? trace_lock_acquire+0x1f1/0x2b0
[ 82.395407][ T5149] create_pending_snapshots+0x174/0x2c0
[ 82.401002][ T5149] btrfs_commit_transaction+0xaae/0x4410
[ 82.406671][ T5149] ? wait_for_completion_io_timeout+0x20/0x20
[ 82.412799][ T5149] ? radix_tree_tag_set+0x260/0x300
[ 82.418080][ T5149] ? create_pending_snapshots+0x2c0/0x2c0
[ 82.423928][ T5149] ? start_transaction+0x2aa/0x1450
[ 82.429182][ T5149] btrfs_mksubvol+0xa6f/0x1310
[ 82.434011][ T5149] ? create_subvol+0x16f0/0x16f0
[ 82.439016][ T5149] ? lock_acquire+0x32/0xc0
[ 82.443572][ T5149] ? make_vfsuid+0x113/0x170
[ 82.448216][ T5149] btrfs_mksnapshot+0xaf/0xf0
[ 82.452941][ T5149] __btrfs_ioctl_snap_create+0x42b/0x4d0
[ 82.458630][ T5149] btrfs_ioctl_snap_create_v2+0x25a/0x520
[ 82.464591][ T5149] btrfs_ioctl+0x3f77/0x59d0
[ 82.469229][ T5149] ? tomoyo_path_number_perm+0x166/0x570
[ 82.474914][ T5149] ? tomoyo_execute_permission+0x4a0/0x4a0
[ 82.480773][ T5149] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 82.487236][ T5149] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 82.493188][ T5149] ? do_vfs_ioctl+0x132/0x1670
[ 82.497996][ T5149] ? vfs_fileattr_set+0xc40/0xc40
[ 82.503071][ T5149] ? find_held_lock+0x2d/0x110
[ 82.507871][ T5149] ? do_one_initcall+0x5a1/0x7d0
[ 82.512890][ T5149] ? bpf_lsm_file_ioctl+0x9/0x10
[ 82.517879][ T5149] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 82.524355][ T5149] __x64_sys_ioctl+0x197/0x210
[ 82.529156][ T5149] do_syscall_64+0x39/0xb0
[ 82.533665][ T5149] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 82.539589][ T5149] RIP: 0033:0x7fd646565a29
[ 82.544041][ T5149] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 82.563700][ T5149] RSP: 002b:00007fffdc0e67f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 82.572174][ T5149] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd646565a29
[ 82.580207][ T5149] RDX: 0000000020002d40 RSI: 0000000050009417 RDI: 0000000000000004
[ 82.588211][ T5149] RBP: 00007fffdc0e6820 R08: 0000000000000002 R09: 00007fffdc0e6830
[ 82.596211][ T5149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 82.604246][ T5149] R13: 00007fffdc0e6860 R14: 00007fffdc0e6840 R15: 0000000000000003
[ 82.612280][ T5149]
[ 82.621278][ T5149] ------------[ cut here ]------------
[ 82.626944][ T5149] kernel BUG at fs/btrfs/transaction.c:1697!
[ 82.634492][ T5149] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 82.640626][ T5149] CPU: 1 PID: 5149 Comm: syz-executor187 Not tainted 6.2.0-next-20230225-syzkaller #0
[ 82.650212][ T5149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
[ 82.660304][ T5149] RIP: 0010:create_pending_snapshot+0x1894/0x2da0
[ 82.666774][ T5149] Code: 89 e8 ba b9 06 00 00 4c 89 ff 44 8b ad d0 fd ff ff 48 c7 c6 80 29 95 8a 44 89 e9 e8 f6 e5 ff ff e9 16 ef ff ff e8 cc f1 14 fe <0f> 0b e8 c5 f1 14 fe 48 8b bd 90 fe ff ff e8 69 e5 0e 00 48 8b bd
[ 82.686428][ T5149] RSP: 0018:ffffc90003d0f5c8 EFLAGS: 00010293
[ 82.692632][ T5149] RAX: 0000000000000000 RBX: ffff88801e0ad600 RCX: 0000000000000000
[ 82.700643][ T5149] RDX: ffff88807580d7c0 RSI: ffffffff836fb3e4 RDI: 0000000000000005
[ 82.708653][ T5149] RBP: ffffc90003d0f838 R08: 0000000000000005 R09: 0000000000000000
[ 82.716666][ T5149] R10: 00000000fffffff4 R11: 0000000000000000 R12: ffff88801e064000
[ 82.724678][ T5149] R13: 00000000fffffff4 R14: ffff88802041e000 R15: ffff888074c8a3f0
[ 82.732710][ T5149] FS: 000055555587c300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[ 82.741686][ T5149] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 82.748303][ T5149] CR2: 00007ffd1a5beb64 CR3: 000000002ab83000 CR4: 00000000003506e0
[ 82.756298][ T5149] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 82.764276][ T5149] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 82.772251][ T5149] Call Trace:
[ 82.775543][ T5149]
[ 82.778482][ T5149] ? btrfs_scrub_pause+0x2f3/0x390
[ 82.783616][ T5149] ? __btrfs_abort_transaction+0x180/0x180
[ 82.789438][ T5149] ? rcu_read_lock_sched_held+0x3e/0x70
[ 82.795008][ T5149] ? trace_contention_end+0x173/0x1e0
[ 82.800406][ T5149] ? __mutex_lock+0x231/0x1350
[ 82.805293][ T5149] ? btrfs_commit_transaction+0xaa6/0x4410
[ 82.811116][ T5149] ? lock_release+0x780/0x780
[ 82.815805][ T5149] ? btrfs_commit_transaction+0x99c/0x4410
[ 82.821622][ T5149] ? rcu_read_lock_sched_held+0x3e/0x70
[ 82.827184][ T5149] ? trace_lock_acquire+0x1f1/0x2b0
[ 82.832400][ T5149] create_pending_snapshots+0x174/0x2c0
[ 82.837970][ T5149] btrfs_commit_transaction+0xaae/0x4410
[ 82.843615][ T5149] ? wait_for_completion_io_timeout+0x20/0x20
[ 82.849710][ T5149] ? radix_tree_tag_set+0x260/0x300
[ 82.854943][ T5149] ? create_pending_snapshots+0x2c0/0x2c0
[ 82.860688][ T5149] ? start_transaction+0x2aa/0x1450
[ 82.866045][ T5149] btrfs_mksubvol+0xa6f/0x1310
[ 82.870942][ T5149] ? create_subvol+0x16f0/0x16f0
[ 82.875911][ T5149] ? lock_acquire+0x32/0xc0
[ 82.880437][ T5149] ? make_vfsuid+0x113/0x170
[ 82.885064][ T5149] btrfs_mksnapshot+0xaf/0xf0
[ 82.889787][ T5149] __btrfs_ioctl_snap_create+0x42b/0x4d0
[ 82.895455][ T5149] btrfs_ioctl_snap_create_v2+0x25a/0x520
[ 82.901207][ T5149] btrfs_ioctl+0x3f77/0x59d0
[ 82.905841][ T5149] ? tomoyo_path_number_perm+0x166/0x570
[ 82.911510][ T5149] ? tomoyo_execute_permission+0x4a0/0x4a0
[ 82.917349][ T5149] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 82.923789][ T5149] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 82.929725][ T5149] ? do_vfs_ioctl+0x132/0x1670
[ 82.934499][ T5149] ? vfs_fileattr_set+0xc40/0xc40
[ 82.939575][ T5149] ? find_held_lock+0x2d/0x110
[ 82.944348][ T5149] ? do_one_initcall+0x5a1/0x7d0
[ 82.949311][ T5149] ? bpf_lsm_file_ioctl+0x9/0x10
[ 82.954269][ T5149] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 82.960705][ T5149] __x64_sys_ioctl+0x197/0x210
[ 82.965567][ T5149] do_syscall_64+0x39/0xb0
[ 82.970007][ T5149] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 82.975909][ T5149] RIP: 0033:0x7fd646565a29
[ 82.980330][ T5149] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 83.000042][ T5149] RSP: 002b:00007fffdc0e67f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 83.008555][ T5149] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd646565a29
[ 83.016530][ T5149] RDX: 0000000020002d40 RSI: 0000000050009417 RDI: 0000000000000004
[ 83.024504][ T5149] RBP: 00007fffdc0e6820 R08: 0000000000000002 R09: 00007fffdc0e6830
[ 83.032481][ T5149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 83.040473][ T5149] R13: 00007fffdc0e6860 R14: 00007fffdc0e6840 R15: 0000000000000003
[ 83.048547][ T5149]
[ 83.051581][ T5149] Modules linked in:
[ 83.056888][ T5149] ---[ end trace 0000000000000000 ]---
[ 83.062924][ T5149] RIP: 0010:create_pending_snapshot+0x1894/0x2da0
[ 83.069513][ T5149] Code: 89 e8 ba b9 06 00 00 4c 89 ff 44 8b ad d0 fd ff ff 48 c7 c6 80 29 95 8a 44 89 e9 e8 f6 e5 ff ff e9 16 ef ff ff e8 cc f1 14 fe <0f> 0b e8 c5 f1 14 fe 48 8b bd 90 fe ff ff e8 69 e5 0e 00 48 8b bd
[ 83.089761][ T5149] RSP: 0018:ffffc90003d0f5c8 EFLAGS: 00010293
[ 83.095878][ T5149] RAX: 0000000000000000 RBX: ffff88801e0ad600 RCX: 0000000000000000
[ 83.103937][ T5149] RDX: ffff88807580d7c0 RSI: ffffffff836fb3e4 RDI: 0000000000000005
[ 83.112064][ T5149] RBP: ffffc90003d0f838 R08: 0000000000000005 R09: 0000000000000000
[ 83.120174][ T5149] R10: 00000000fffffff4 R11: 0000000000000000 R12: ffff88801e064000
[ 83.128231][ T5149] R13: 00000000fffffff4 R14: ffff88802041e000 R15: ffff888074c8a3f0
[ 83.136263][ T5149] FS: 000055555587c300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 83.146642][ T5149] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 83.153384][ T5149] CR2: 000055af87434a00 CR3: 000000002ab83000 CR4: 00000000003506f0
[ 83.161419][ T5149] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 83.169794][ T5149] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 83.177983][ T5149] Kernel panic - not syncing: Fatal exception
[ 83.184243][ T5149] Kernel Offset: disabled
[ 83.188593][ T5149] Rebooting in 86400 seconds..