./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1936602328

<...>
[   97.224333][    T8] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.142' (ED25519) to the list of known hosts.
execve("./syz-executor1936602328", ["./syz-executor1936602328"], 0x7fff155f8c50 /* 10 vars */) = 0
brk(NULL)                               = 0x55555617f000
brk(0x55555617fd00)                     = 0x55555617fd00
arch_prctl(ARCH_SET_FS, 0x55555617f380) = 0
set_tid_address(0x55555617f650)         = 5043
set_robust_list(0x55555617f660, 24)     = 0
rseq(0x55555617fca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1936602328", 4096) = 28
getrandom("\xa8\x15\x17\xa7\xa1\xe5\x2f\x30", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55555617fd00
brk(0x5555561a0d00)                     = 0x5555561a0d00
brk(0x5555561a1000)                     = 0x5555561a1000
mprotect(0x7f519a69b000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
mkdir("./syzkaller.Atus6t", 0700)       = 0
chmod("./syzkaller.Atus6t", 0777)       = 0
chdir("./syzkaller.Atus6t")             = 0
mkdir("./0", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555617f650) = 5044
./strace-static-x86_64: Process 5044 attached
[pid  5044] set_robust_list(0x55555617f660, 24) = 0
[pid  5044] chdir("./0")                = 0
[pid  5044] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5044] setpgid(0, 0)               = 0
[pid  5044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5044] write(3, "1000", 4)         = 4
[pid  5044] close(3)                    = 0
[pid  5044] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5044] memfd_create("syzkaller", 0) = 3
[pid  5044] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f51921e3000
[   97.960994][ T5044] syz-executor193[5044]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[pid  5044] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5044] munmap(0x7f51921e3000, 16777216) = 0
[pid  5044] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5044] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5044] close(3)                    = 0
[pid  5044] mkdir("./bus", 0777)        = 0
[   98.174368][ T5044] loop0: detected capacity change from 0 to 32768
[   98.186684][ T5044] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz-executor193 (5044)
[   98.206720][ T5044] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[   98.215515][ T5044] BTRFS info (device loop0): setting nodatasum
[pid  5044] mount("/dev/loop0", "./bus", "btrfs", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NODIRATIME|MS_STRICTATIME, "user_subvol_rm_allowed,datasum,nodatasum,ssd,max_inline=g12tp\t%%xk23mx9%,space_cache=v2,noacl,") = 0
[pid  5044] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5044] chdir("./bus")              = 0
[pid  5044] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5044] close(4)                    = 0
[pid  5044] openat(AT_FDCWD, "./file0", O_RDONLY) = 4
[pid  5044] openat(4, ".", O_RDONLY)    = 5
[   98.221785][ T5044] BTRFS info (device loop0): enabling ssd optimizations
[   98.228837][ T5044] BTRFS info (device loop0): max_inline at 0
[   98.234831][ T5044] BTRFS info (device loop0): using free space tree
[   98.262575][ T5044] BTRFS info (device loop0): auto enabling async discard
[pid  5044] renameat2(5, "./file0", 5, "./bus", 0) = 0
[pid  5044] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5044] write(6, "21", 2)           = 2
[   98.296286][ T5044] FAULT_INJECTION: forcing a failure.
[   98.296286][ T5044] name failslab, interval 1, probability 0, space 0, times 1
[   98.309042][ T5044] CPU: 1 PID: 5044 Comm: syz-executor193 Not tainted 6.5.0-next-20230830-syzkaller #0
[   98.318630][ T5044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   98.328711][ T5044] Call Trace:
[   98.332001][ T5044]  <TASK>
[   98.334939][ T5044]  dump_stack_lvl+0x125/0x1b0
[   98.339666][ T5044]  should_fail_ex+0x496/0x5b0
[   98.344386][ T5044]  should_failslab+0x9/0x20
[   98.348913][ T5044]  kmem_cache_alloc+0x33a/0x3b0
[   98.353808][ T5044]  ? btrfs_migrate_to_delayed_refs_rsv+0x348/0x6f0
[   98.360360][ T5044]  start_transaction+0x369/0x14d0
[   98.365425][ T5044]  btrfs_link+0x3c7/0x800
[   98.369781][ T5044]  ? btrfs_rename_exchange+0x1760/0x1760
[   98.375436][ T5044]  ? down_write_killable_nested+0x250/0x250
[   98.381354][ T5044]  ? inode_permission+0xdd/0x5e0
[   98.386313][ T5044]  ? bpf_lsm_inode_link+0x9/0x10
[   98.391276][ T5044]  vfs_link+0x83b/0xde0
[   98.395460][ T5044]  do_linkat+0x577/0x5f0
[   98.399742][ T5044]  ? __ia32_sys_symlink+0x90/0x90
[   98.404812][ T5044]  ? strncpy_from_user+0x214/0x300
[   98.409958][ T5044]  __x64_sys_linkat+0xf3/0x130
[   98.414757][ T5044]  do_syscall_64+0x38/0xb0
[   98.419197][ T5044]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   98.425109][ T5044] RIP: 0033:0x7f519a622269
[   98.429543][ T5044] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   98.449166][ T5044] RSP: 002b:00007ffcf5b2c488 EFLAGS: 00000246 ORIG_RAX: 0000000000000109
[   98.457599][ T5044] RAX: ffffffffffffffda RBX: 00007ffcf5b2c4b0 RCX: 00007f519a622269
[   98.465603][ T5044] RDX: 0000000000000005 RSI: 0000000020000000 RDI: 0000000000000005
[   98.473609][ T5044] RBP: 0000000000000002 R08: 0000000000000000 R09: 00007ffcf5b2c4d0
[   98.481600][ T5044] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[pid  5044] linkat(5, "./file1", 5, "./file0", 0) = -1 ENOMEM (Cannot allocate memory)
[pid  5044] exit_group(0)               = ?
[pid  5044] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5044, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=25 /* 0.25 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555561806f0 /* 4 entries */, 32768) = 104
[   98.489590][ T5044] R13: 0000000000000000 R14: 431bde82d7b634db R15: 00007ffcf5b2c4f0
[   98.497596][ T5044]  </TASK>
umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556188730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556188730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./0/bus")                        = 0
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs")                  = 0
getdents64(3, 0x5555561806f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./0")                            = 0
mkdir("./1", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5062 attached
, child_tidptr=0x55555617f650) = 5062
[pid  5062] set_robust_list(0x55555617f660, 24) = 0
[pid  5062] chdir("./1")                = 0
[pid  5062] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5062] setpgid(0, 0)               = 0
[pid  5062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5062] write(3, "1000", 4)         = 4
[pid  5062] close(3)                    = 0
[pid  5062] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5062] memfd_create("syzkaller", 0) = 3
[pid  5062] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f51921e3000
[   98.604566][ T5062] syz-executor193[5062]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[pid  5062] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5062] munmap(0x7f51921e3000, 16777216) = 0
[pid  5062] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5062] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5062] close(3)                    = 0
[pid  5062] mkdir("./bus", 0777)        = 0
[   98.943562][ T5062] loop0: detected capacity change from 0 to 32768
[   98.954388][ T5062] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz-executor193 (5062)
[   98.974537][ T5062] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[   98.983360][ T5062] BTRFS info (device loop0): setting nodatasum
[pid  5062] mount("/dev/loop0", "./bus", "btrfs", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NODIRATIME|MS_STRICTATIME, "user_subvol_rm_allowed,datasum,nodatasum,ssd,max_inline=g12tp\t%%xk23mx9%,space_cache=v2,noacl,") = 0
[pid  5062] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5062] chdir("./bus")              = 0
[pid  5062] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5062] close(4)                    = 0
[pid  5062] openat(AT_FDCWD, "./file0", O_RDONLY) = 4
[pid  5062] openat(4, ".", O_RDONLY)    = 5
[pid  5062] renameat2(5, "./file0", 5, "./bus", 0) = 0
[pid  5062] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5062] write(6, "21", 2)           = 2
[   98.989930][ T5062] BTRFS info (device loop0): enabling ssd optimizations
[   98.996994][ T5062] BTRFS info (device loop0): max_inline at 0
[   99.003006][ T5062] BTRFS info (device loop0): using free space tree
[   99.029025][ T5062] BTRFS info (device loop0): auto enabling async discard
[pid  5062] linkat(5, "./file1", 5, "./file0", 0) = 0
[pid  5062] exit_group(0)               = ?
[pid  5062] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5062, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=31 /* 0.31 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555561806f0 /* 4 entries */, 32768) = 104
[   99.059101][ T5062] ERROR: Out of memory at tomoyo_memory_ok.
umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556188730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556188730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./1/bus")                        = 0
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs")                  = 0
getdents64(3, 0x5555561806f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./1")                            = 0
mkdir("./2", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555617f650) = 5079
./strace-static-x86_64: Process 5079 attached
[pid  5079] set_robust_list(0x55555617f660, 24) = 0
[pid  5079] chdir("./2")                = 0
[pid  5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5079] setpgid(0, 0)               = 0
[pid  5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5079] write(3, "1000", 4)         = 4
[pid  5079] close(3)                    = 0
[pid  5079] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5079] memfd_create("syzkaller", 0) = 3
[pid  5079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f51921e3000
[   99.192790][ T5079] syz-executor193[5079]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[pid  5079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5079] munmap(0x7f51921e3000, 16777216) = 0
[pid  5079] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5079] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5079] close(3)                    = 0
[pid  5079] mkdir("./bus", 0777)        = 0
[   99.512059][ T5079] loop0: detected capacity change from 0 to 32768
[   99.522321][ T5079] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz-executor193 (5079)
[   99.539098][ T5079] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[   99.547919][ T5079] BTRFS info (device loop0): setting nodatasum
[   99.554137][ T5079] BTRFS info (device loop0): enabling ssd optimizations
[pid  5079] mount("/dev/loop0", "./bus", "btrfs", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NODIRATIME|MS_STRICTATIME, "user_subvol_rm_allowed,datasum,nodatasum,ssd,max_inline=g12tp\t%%xk23mx9%,space_cache=v2,noacl,") = 0
[pid  5079] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5079] chdir("./bus")              = 0
[pid  5079] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5079] close(4)                    = 0
[pid  5079] openat(AT_FDCWD, "./file0", O_RDONLY) = 4
[pid  5079] openat(4, ".", O_RDONLY)    = 5
[pid  5079] renameat2(5, "./file0", 5, "./bus", 0) = 0
[pid  5079] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5079] write(6, "21", 2)           = 2
[   99.561226][ T5079] BTRFS info (device loop0): max_inline at 0
[   99.567306][ T5079] BTRFS info (device loop0): using free space tree
[   99.593432][ T5079] BTRFS info (device loop0): auto enabling async discard
[   99.621967][ T5079] FAULT_INJECTION: forcing a failure.
[   99.621967][ T5079] name failslab, interval 1, probability 0, space 0, times 0
[   99.634740][ T5079] CPU: 0 PID: 5079 Comm: syz-executor193 Not tainted 6.5.0-next-20230830-syzkaller #0
[   99.644335][ T5079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   99.654410][ T5079] Call Trace:
[   99.657703][ T5079]  <TASK>
[   99.660657][ T5079]  dump_stack_lvl+0x125/0x1b0
[   99.665378][ T5079]  should_fail_ex+0x496/0x5b0
[   99.670133][ T5079]  should_failslab+0x9/0x20
[   99.674656][ T5079]  kmem_cache_alloc+0x33a/0x3b0
[   99.679548][ T5079]  btrfs_alloc_tree_block+0xbc3/0x1440
[   99.685055][ T5079]  ? btrfs_alloc_logged_file_extent+0x580/0x580
[   99.691338][ T5079]  ? __module_address+0x55/0x3b0
[   99.696311][ T5079]  ? rcu_is_watching+0x12/0xb0
[   99.701113][ T5079]  ? btrfs_comp_cpu_keys+0x26a/0x2f0
[   99.706434][ T5079]  __btrfs_cow_block+0x3ce/0x18f0
[   99.711584][ T5079]  ? update_ref_for_cow+0xc10/0xc10
[   99.716814][ T5079]  ? btrfs_qgroup_add_swapped_blocks+0x9d0/0x9d0
[   99.723191][ T5079]  btrfs_cow_block+0x2f1/0x820
[   99.727996][ T5079]  btrfs_search_slot+0x12a0/0x30e0
[   99.733148][ T5079]  ? balance_level+0x2420/0x2420
[   99.738124][ T5079]  ? kasan_set_track+0x25/0x30
[   99.742938][ T5079]  btrfs_insert_empty_items+0xb7/0x1b0
[   99.748441][ T5079]  btrfs_insert_inode_ref+0x1c6/0xd30
[   99.753865][ T5079]  ? btrfs_del_inode_ref+0x830/0x830
[   99.759180][ T5079]  ? wait_current_trans+0x101/0x4a0
[   99.764416][ T5079]  ? rcu_is_watching+0x12/0xb0
[   99.769204][ T5079]  ? lock_release+0x4bf/0x680
[   99.773912][ T5079]  ? lock_sync+0x190/0x190
[   99.778357][ T5079]  ? inode_set_ctime_current+0x1b1/0x470
[   99.784027][ T5079]  ? reacquire_held_locks+0x4b0/0x4b0
[   99.789429][ T5079]  ? reacquire_held_locks+0x4b0/0x4b0
[   99.794831][ T5079]  ? timestamp_truncate+0x21b/0x2d0
[   99.800068][ T5079]  ? inode_owner_or_capable+0x240/0x240
[   99.805649][ T5079]  btrfs_add_link+0x3e9/0xc30
[   99.810351][ T5079]  ? btrfs_new_inode_args_destroy+0x1c0/0x1c0
[   99.816443][ T5079]  ? inode_needs_update_time+0x460/0x460
[   99.822111][ T5079]  ? simple_setattr+0x80/0x110
[   99.826908][ T5079]  btrfs_link+0x476/0x800
[   99.831261][ T5079]  ? btrfs_rename_exchange+0x1760/0x1760
[   99.836919][ T5079]  ? down_write_killable_nested+0x250/0x250
[   99.842845][ T5079]  ? inode_permission+0xdd/0x5e0
[   99.847816][ T5079]  ? bpf_lsm_inode_link+0x9/0x10
[   99.852786][ T5079]  vfs_link+0x83b/0xde0
[   99.856979][ T5079]  do_linkat+0x577/0x5f0
[   99.861259][ T5079]  ? __ia32_sys_symlink+0x90/0x90
[   99.866346][ T5079]  ? strncpy_from_user+0x214/0x300
[   99.871492][ T5079]  __x64_sys_linkat+0xf3/0x130
[   99.876323][ T5079]  do_syscall_64+0x38/0xb0
[   99.880773][ T5079]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   99.886774][ T5079] RIP: 0033:0x7f519a622269
[   99.891207][ T5079] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   99.910846][ T5079] RSP: 002b:00007ffcf5b2c488 EFLAGS: 00000246 ORIG_RAX: 0000000000000109
[pid  5079] linkat(5, "./file1", 5, "./file0", 0) = -1 ENOMEM (Cannot allocate memory)
[pid  5079] exit_group(0)               = ?
[pid  5079] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=32 /* 0.32 s */} ---
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555561806f0 /* 4 entries */, 32768) = 104
[   99.919283][ T5079] RAX: ffffffffffffffda RBX: 00007ffcf5b2c4b0 RCX: 00007f519a622269
[   99.927276][ T5079] RDX: 0000000000000005 RSI: 0000000020000000 RDI: 0000000000000005
[   99.935281][ T5079] RBP: 0000000000000002 R08: 0000000000000000 R09: 00007ffcf5b2c4d0
[   99.943275][ T5079] R10: 00000000200000c0 R11: 0000000000000246 R12: 00007ffcf5b2c4ac
[   99.951263][ T5079] R13: 0000000000000002 R14: 431bde82d7b634db R15: 00007ffcf5b2c4f0
[   99.959274][ T5079]  </TASK>
[  100.013811][ T5043] ------------[ cut here ]------------
[  100.021273][ T5043] WARNING: CPU: 0 PID: 5043 at fs/btrfs/space-info.h:198 btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.032775][ T5043] Modules linked in:
[  100.036727][ T5043] CPU: 0 PID: 5043 Comm: syz-executor193 Not tainted 6.5.0-next-20230830-syzkaller #0
[  100.046348][ T5043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[  100.056478][ T5043] RIP: 0010:btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.064007][ T5043] Code: fd e9 69 fc ff ff e8 c7 62 f0 fd 49 89 ee 4c 89 e6 49 f7 de 4c 89 f7 e8 c6 5d f0 fd 4d 39 f4 0f 83 7c fd ff ff e8 a8 62 f0 fd <0f> 0b 45 31 e4 e9 75 fd ff ff e8 99 62 f0 fd 48 8d 7b 18 be ff ff
[  100.083917][ T5043] RSP: 0018:ffffc90003a37ab8 EFLAGS: 00010293
[  100.090084][ T5043] RAX: 0000000000000000 RBX: ffff888022bb2800 RCX: 0000000000000000
[  100.098161][ T5043] RDX: ffff88801f9f1dc0 RSI: ffffffff83977cc8 RDI: 0000000000000006
[  100.106175][ T5043] RBP: ffffffffffea0000 R08: 0000000000000006 R09: 0000000000160000
[  100.114227][ T5043] R10: 000000000015f000 R11: 1ffff1100389a94a R12: 000000000015f000
[  100.122251][ T5043] R13: ffff888022bb2860 R14: 0000000000160000 R15: 0000000000000005
[  100.130276][ T5043] FS:  000055555617f380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  100.139290][ T5043] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  100.145923][ T5043] CR2: 00007f7a594c2723 CR3: 000000007392b000 CR4: 00000000003506f0
[  100.153981][ T5043] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  100.162028][ T5043] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  100.170074][ T5043] Call Trace:
[  100.173380][ T5043]  <TASK>
[  100.176379][ T5043]  ? show_regs+0x8f/0xa0
[  100.180681][ T5043]  ? __warn+0xe6/0x380
[  100.184800][ T5043]  ? btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.191759][ T5043]  ? report_bug+0x3bc/0x580
[  100.196368][ T5043]  ? handle_bug+0x3c/0x70
[  100.200739][ T5043]  ? exc_invalid_op+0x17/0x40
[  100.205433][ T5043]  ? asm_exc_invalid_op+0x1a/0x20
[  100.210700][ T5043]  ? btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.217622][ T5043]  ? btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.224500][ T5043]  ? btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.231415][ T5043]  btrfs_block_rsv_release+0x566/0x670
[  100.236946][ T5043]  btrfs_release_global_block_rsv+0x26/0x2e0
[  100.242954][ T5043]  btrfs_free_block_groups+0xbb6/0x13d0
[  100.248748][ T5043]  ? free_root_pointers+0x701/0x980
[  100.253993][ T5043]  close_ctree+0x8c4/0xdd0
[  100.258482][ T5043]  ? btrfs_cleanup_transaction.isra.0+0x1200/0x1200
[  100.265128][ T5043]  ? find_rule+0x370/0x370
[  100.269713][ T5043]  ? __fsnotify_vfsmount_delete+0x20/0x20
[  100.275522][ T5043]  ? dispose_list+0x1e0/0x1e0
[  100.280265][ T5043]  ? fscrypt_destroy_keyring+0x1e/0x390
[  100.285854][ T5043]  ? btrfs_set_super+0x70/0x70
[  100.290677][ T5043]  generic_shutdown_super+0x161/0x3c0
[  100.296102][ T5043]  kill_anon_super+0x3a/0x60
[  100.300751][ T5043]  btrfs_kill_super+0x3b/0x50
[  100.305467][ T5043]  deactivate_locked_super+0x9a/0x170
[  100.310899][ T5043]  deactivate_super+0xde/0x100
[  100.315714][ T5043]  cleanup_mnt+0x222/0x3d0
[  100.320189][ T5043]  task_work_run+0x14d/0x240
[  100.324832][ T5043]  ? task_work_cancel+0x30/0x30
[  100.329756][ T5043]  ptrace_notify+0x10c/0x130
[  100.334391][ T5043]  syscall_exit_to_user_mode_prepare+0x120/0x220
[  100.340811][ T5043]  syscall_exit_to_user_mode+0xd/0x60
[  100.346229][ T5043]  do_syscall_64+0x44/0xb0
[  100.350718][ T5043]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  100.356680][ T5043] RIP: 0033:0x7f519a6234c7
[  100.361113][ T5043] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[  100.380791][ T5043] RSP: 002b:00007ffcf5b2b398 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[  100.389715][ T5043] RAX: 0000000000000000 RBX: 0000000000018346 RCX: 00007f519a6234c7
[  100.397740][ T5043] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffcf5b2b450
[  100.405738][ T5043] RBP: 00007ffcf5b2b450 R08: 0000000000000000 R09: 0000000000000000
[  100.413749][ T5043] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffcf5b2c4d0
[  100.421769][ T5043] R13: 00005555561806c0 R14: 431bde82d7b634db R15: 00007ffcf5b2c4f0
[  100.429788][ T5043]  </TASK>
[  100.432827][ T5043] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  100.440110][ T5043] CPU: 0 PID: 5043 Comm: syz-executor193 Not tainted 6.5.0-next-20230830-syzkaller #0
[  100.449661][ T5043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[  100.459722][ T5043] Call Trace:
[  100.463005][ T5043]  <TASK>
[  100.465942][ T5043]  dump_stack_lvl+0xd9/0x1b0
[  100.470564][ T5043]  panic+0x6a6/0x750
[  100.474477][ T5043]  ? panic_smp_self_stop+0xa0/0xa0
[  100.479614][ T5043]  ? btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.486488][ T5043]  check_panic_on_warn+0xab/0xb0
[  100.491447][ T5043]  __warn+0xf2/0x380
[  100.495354][ T5043]  ? btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.502226][ T5043]  report_bug+0x3bc/0x580
[  100.506591][ T5043]  handle_bug+0x3c/0x70
[  100.510767][ T5043]  exc_invalid_op+0x17/0x40
[  100.515308][ T5043]  asm_exc_invalid_op+0x1a/0x20
[  100.520193][ T5043] RIP: 0010:btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.527705][ T5043] Code: fd e9 69 fc ff ff e8 c7 62 f0 fd 49 89 ee 4c 89 e6 49 f7 de 4c 89 f7 e8 c6 5d f0 fd 4d 39 f4 0f 83 7c fd ff ff e8 a8 62 f0 fd <0f> 0b 45 31 e4 e9 75 fd ff ff e8 99 62 f0 fd 48 8d 7b 18 be ff ff
[  100.547347][ T5043] RSP: 0018:ffffc90003a37ab8 EFLAGS: 00010293
[  100.553435][ T5043] RAX: 0000000000000000 RBX: ffff888022bb2800 RCX: 0000000000000000
[  100.561433][ T5043] RDX: ffff88801f9f1dc0 RSI: ffffffff83977cc8 RDI: 0000000000000006
[  100.569422][ T5043] RBP: ffffffffffea0000 R08: 0000000000000006 R09: 0000000000160000
[  100.577420][ T5043] R10: 000000000015f000 R11: 1ffff1100389a94a R12: 000000000015f000
[  100.585496][ T5043] R13: ffff888022bb2860 R14: 0000000000160000 R15: 0000000000000005
[  100.593490][ T5043]  ? btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.600381][ T5043]  ? btrfs_space_info_update_bytes_may_use+0x448/0x590
[  100.607269][ T5043]  btrfs_block_rsv_release+0x566/0x670
[  100.612776][ T5043]  btrfs_release_global_block_rsv+0x26/0x2e0
[  100.618797][ T5043]  btrfs_free_block_groups+0xbb6/0x13d0
[  100.624368][ T5043]  ? free_root_pointers+0x701/0x980
[  100.629592][ T5043]  close_ctree+0x8c4/0xdd0
[  100.634039][ T5043]  ? btrfs_cleanup_transaction.isra.0+0x1200/0x1200
[  100.640664][ T5043]  ? find_rule+0x370/0x370
[  100.645116][ T5043]  ? __fsnotify_vfsmount_delete+0x20/0x20
[  100.650870][ T5043]  ? dispose_list+0x1e0/0x1e0
[  100.655591][ T5043]  ? fscrypt_destroy_keyring+0x1e/0x390
[  100.661179][ T5043]  ? btrfs_set_super+0x70/0x70
[  100.665972][ T5043]  generic_shutdown_super+0x161/0x3c0
[  100.671399][ T5043]  kill_anon_super+0x3a/0x60
[  100.676027][ T5043]  btrfs_kill_super+0x3b/0x50
[  100.680730][ T5043]  deactivate_locked_super+0x9a/0x170
[  100.686231][ T5043]  deactivate_super+0xde/0x100
[  100.691039][ T5043]  cleanup_mnt+0x222/0x3d0
[  100.695500][ T5043]  task_work_run+0x14d/0x240
[  100.700129][ T5043]  ? task_work_cancel+0x30/0x30
[  100.705029][ T5043]  ptrace_notify+0x10c/0x130
[  100.709646][ T5043]  syscall_exit_to_user_mode_prepare+0x120/0x220
[  100.716005][ T5043]  syscall_exit_to_user_mode+0xd/0x60
[  100.721409][ T5043]  do_syscall_64+0x44/0xb0
[  100.725861][ T5043]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  100.731808][ T5043] RIP: 0033:0x7f519a6234c7
[  100.736244][ T5043] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[  100.755977][ T5043] RSP: 002b:00007ffcf5b2b398 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[  100.764420][ T5043] RAX: 0000000000000000 RBX: 0000000000018346 RCX: 00007f519a6234c7
[  100.772412][ T5043] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffcf5b2b450
[  100.780401][ T5043] RBP: 00007ffcf5b2b450 R08: 0000000000000000 R09: 0000000000000000
[  100.788385][ T5043] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffcf5b2c4d0
[  100.796373][ T5043] R13: 00005555561806c0 R14: 431bde82d7b634db R15: 00007ffcf5b2c4f0
[  100.804370][ T5043]  </TASK>
[  100.807641][ T5043] Kernel Offset: disabled
[  100.811987][ T5043] Rebooting in 86400 seconds..