./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2622792533 <...> Warning: Permanently added '10.128.0.41' (ED25519) to the list of known hosts. execve("./syz-executor2622792533", ["./syz-executor2622792533"], 0x7ffc18fed490 /* 10 vars */) = 0 brk(NULL) = 0x555556ec6000 brk(0x555556ec6d00) = 0x555556ec6d00 arch_prctl(ARCH_SET_FS, 0x555556ec6380) = 0 set_tid_address(0x555556ec6650) = 5060 set_robust_list(0x555556ec6660, 24) = 0 rseq(0x555556ec6ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2622792533", 4096) = 28 getrandom("\x50\x6c\x91\x1e\xb5\xc3\x0a\x29", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556ec6d00 brk(0x555556ee7d00) = 0x555556ee7d00 brk(0x555556ee8000) = 0x555556ee8000 mprotect(0x7f39e02b6000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5062 attached [pid 5062] set_robust_list(0x555556ec6660, 24 [pid 5060] <... clone resumed>, child_tidptr=0x555556ec6650) = 5062 [pid 5062] <... set_robust_list resumed>) = 0 [pid 5062] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5062] setpgid(0, 0) = 0 [pid 5062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5062] write(3, "1000", 4) = 4 [pid 5062] close(3) = 0 [pid 5062] memfd_create("syzkaller", 0) = 3 [pid 5062] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f39d7dfe000 [pid 5062] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5062] munmap(0x7f39d7dfe000, 138412032) = 0 [pid 5062] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5062] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5062] close(3) = 0 [pid 5062] mkdir("./file0", 0777) = 0 [ 71.744342][ T5062] loop0: detected capacity change from 0 to 32768 [ 71.770858][ T5062] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor262 (5062) [ 71.792431][ T5062] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 71.801744][ T5062] BTRFS info (device loop0): setting nodatacow, compression disabled [ 71.810452][ T5062] BTRFS info (device loop0): turning on flush-on-commit [ 71.817425][ T5062] BTRFS info (device loop0): disabling tree log [ 71.823805][ T5062] BTRFS info (device loop0): enabling auto defrag [ 71.830550][ T5062] BTRFS info (device loop0): using free space tree [pid 5062] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID|MS_NODEV|MS_SYNCHRONOUS, "nossd_spread,nodatacow,flushoncommit,notreelog,nodatasum,autodefrag,user_subvol_rm_allowed,notreelog"...) = 0 [pid 5062] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5062] chdir("./file0") = 0 [pid 5062] ioctl(4, LOOP_CLR_FD) = 0 [ 71.858852][ T5062] BTRFS info (device loop0): enabling ssd optimizations [ 71.865927][ T5062] BTRFS info (device loop0): auto enabling async discard [pid 5062] close(4) = 0 [pid 5062] openat(AT_FDCWD, "blkio.bfq.time_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5062] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0 [pid 5062] openat(AT_FDCWD, "cpuset.effective_mems", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5062] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [ 72.031752][ T5062] FAULT_INJECTION: forcing a failure. [ 72.031752][ T5062] name failslab, interval 1, probability 0, space 0, times 1 [ 72.045396][ T5062] CPU: 0 PID: 5062 Comm: syz-executor262 Not tainted 6.6.0-syzkaller-15601-g4bbdb725a36b #0 [ 72.055517][ T5062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 72.065619][ T5062] Call Trace: [ 72.068939][ T5062] [ 72.071909][ T5062] dump_stack_lvl+0x1e7/0x2d0 [ 72.076671][ T5062] ? nf_tcp_handle_invalid+0x650/0x650 [pid 5062] write(6, "5", 1) = 1 [ 72.082198][ T5062] ? panic+0x850/0x850 [ 72.086341][ T5062] should_fail_ex+0x3aa/0x4e0 [ 72.091069][ T5062] ? ulist_add_merge+0x14c/0x480 [ 72.096064][ T5062] should_failslab+0x9/0x20 [ 72.100636][ T5062] __kmem_cache_alloc_node+0x6d/0x300 [ 72.106074][ T5062] ? ulist_add_merge+0x14c/0x480 [ 72.111073][ T5062] kmalloc_trace+0x2a/0xe0 [ 72.115567][ T5062] ulist_add_merge+0x14c/0x480 [ 72.120402][ T5062] insert_state_fast+0x15a/0x250 [ 72.125406][ T5062] __set_extent_bit+0x1433/0x1af0 [ 72.130515][ T5062] set_record_extent_bits+0x51/0x90 [ 72.135768][ T5062] qgroup_reserve_data+0x27c/0x8a0 [ 72.140949][ T5062] ? fault_in_safe_writeable+0x260/0x260 [ 72.144182][ T2767] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 72.146624][ T5062] btrfs_qgroup_reserve_data+0x2e/0xb0 [ 72.161378][ T5062] btrfs_check_data_free_space+0x149/0x240 [ 72.167234][ T5062] btrfs_buffered_write+0x5c6/0x1380 [ 72.172559][ T5062] ? btrfs_do_write_iter+0x1190/0x1190 [ 72.178030][ T5062] ? finish_task_switch+0x1e5/0x840 [ 72.183244][ T5062] ? lockdep_hardirqs_on+0x98/0x140 [ 72.188560][ T5062] btrfs_do_write_iter+0x2bb/0x1190 [ 72.193806][ T5062] ? read_lock_is_recursive+0x20/0x20 [ 72.199200][ T5062] ? rcu_read_lock_bh_held+0x120/0x120 [ 72.204673][ T5062] ? btrfs_check_nocow_unlock+0x40/0x40 [ 72.210258][ T5062] vfs_write+0x792/0xb20 [ 72.214540][ T5062] ? file_end_write+0x250/0x250 [ 72.219516][ T5062] ? lockdep_hardirqs_on+0x98/0x140 [ 72.224747][ T5062] ? __fdget_pos+0x2c7/0x340 [ 72.229407][ T5062] ksys_write+0x1a0/0x2c0 [ 72.233775][ T5062] ? __ia32_sys_read+0x90/0x90 [ 72.238561][ T5062] ? syscall_enter_from_user_mode+0x32/0x230 [ 72.244584][ T5062] ? syscall_enter_from_user_mode+0x8c/0x230 [ 72.250589][ T5062] do_syscall_64+0x44/0x110 [ 72.255132][ T5062] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 72.261055][ T5062] RIP: 0033:0x7f39e023cf19 [ 72.265520][ T5062] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 72.285322][ T5062] RSP: 002b:00007fff43f45138 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 72.294286][ T5062] RAX: ffffffffffffffda RBX: 00007fff43f45150 RCX: 00007f39e023cf19 [ 72.302286][ T5062] RDX: 000000000000000b RSI: 00000000200000c0 RDI: 0000000000000005 [ 72.310289][ T5062] RBP: 0000000000000001 R08: 00007fff43f44ed7 R09: 0000555556ec7378 [ 72.318278][ T5062] R10: 0000000000000001 R11: 0000000000000246 R12: 00007fff43f45170 [ 72.326389][ T5062] R13: 00007fff43f45398 R14: 431bde82d7b634db R15: 00007f39e028601d [ 72.334425][ T5062] [ 72.339030][ T5062] ------------[ cut here ]------------ [ 72.345444][ T5062] kernel BUG at fs/btrfs/extent-io-tree.c:397! [ 72.351856][ T5062] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 72.358048][ T5062] CPU: 0 PID: 5062 Comm: syz-executor262 Not tainted 6.6.0-syzkaller-15601-g4bbdb725a36b #0 [ 72.368155][ T5062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 72.378251][ T5062] RIP: 0010:insert_state_fast+0x244/0x250 [ 72.383994][ T5062] Code: 2e fe e9 77 ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 71 fe ff ff 4c 89 e7 e8 d6 33 2e fe e9 64 fe ff ff e8 2c 12 d2 fd <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 55 41 57 41 56 41 55 41 54 53 [ 72.403609][ T5062] RSP: 0018:ffffc900042a76a0 EFLAGS: 00010293 [ 72.409686][ T5062] RAX: ffffffff83bcae64 RBX: dffffc0000000000 RCX: ffff888013338000 [ 72.417692][ T5062] RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000 [ 72.425669][ T5062] RBP: 00000000fffffff4 R08: ffffffff83bcad85 R09: 1ffffffff1b45542 [ 72.433651][ T5062] R10: dffffc0000000000 R11: fffffbfff1b45543 R12: 0000000000000000 [ 72.441745][ T5062] R13: ffff88801c01ae88 R14: ffff888027491540 R15: 0000000000000800 [ 72.449749][ T5062] FS: 0000555556ec6380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 72.458713][ T5062] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.465392][ T5062] CR2: 00007fd642e220f0 CR3: 000000006715a000 CR4: 00000000003506f0 [ 72.473380][ T5062] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 72.481361][ T5062] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 72.489343][ T5062] Call Trace: [ 72.492634][ T5062] [ 72.495569][ T5062] ? __die_body+0x8b/0xe0 [ 72.499924][ T5062] ? die+0xa1/0xd0 [ 72.503847][ T5062] ? do_trap+0x153/0x380 [ 72.508279][ T5062] ? insert_state_fast+0x244/0x250 [ 72.513407][ T5062] ? do_error_trap+0x1dc/0x2c0 [ 72.518191][ T5062] ? insert_state_fast+0x244/0x250 [ 72.523314][ T5062] ? insert_state_fast+0x244/0x250 [ 72.528441][ T5062] ? __read_swap_cache_async+0x7f4/0xa80 [ 72.534097][ T5062] ? do_int3+0x50/0x50 [ 72.538241][ T5062] ? handle_invalid_op+0x34/0x40 [ 72.543202][ T5062] ? insert_state_fast+0x244/0x250 [ 72.548387][ T5062] ? exc_invalid_op+0x33/0x50 [ 72.553082][ T5062] ? asm_exc_invalid_op+0x1a/0x20 [ 72.558125][ T5062] ? insert_state_fast+0x165/0x250 [ 72.563294][ T5062] ? insert_state_fast+0x244/0x250 [ 72.568539][ T5062] ? insert_state_fast+0x244/0x250 [ 72.573699][ T5062] __set_extent_bit+0x1433/0x1af0 [ 72.578782][ T5062] set_record_extent_bits+0x51/0x90 [ 72.584011][ T5062] qgroup_reserve_data+0x27c/0x8a0 [ 72.589151][ T5062] ? fault_in_safe_writeable+0x260/0x260 [ 72.594903][ T5062] btrfs_qgroup_reserve_data+0x2e/0xb0 [ 72.600387][ T5062] btrfs_check_data_free_space+0x149/0x240 [ 72.606221][ T5062] btrfs_buffered_write+0x5c6/0x1380 [ 72.611533][ T5062] ? btrfs_do_write_iter+0x1190/0x1190 [ 72.617006][ T5062] ? finish_task_switch+0x1e5/0x840 [ 72.622216][ T5062] ? lockdep_hardirqs_on+0x98/0x140 [ 72.627450][ T5062] btrfs_do_write_iter+0x2bb/0x1190 [ 72.632753][ T5062] ? read_lock_is_recursive+0x20/0x20 [ 72.638245][ T5062] ? rcu_read_lock_bh_held+0x120/0x120 [ 72.643724][ T5062] ? btrfs_check_nocow_unlock+0x40/0x40 [ 72.649310][ T5062] vfs_write+0x792/0xb20 [ 72.653671][ T5062] ? file_end_write+0x250/0x250 [ 72.658544][ T5062] ? lockdep_hardirqs_on+0x98/0x140 [ 72.663774][ T5062] ? __fdget_pos+0x2c7/0x340 [ 72.668383][ T5062] ksys_write+0x1a0/0x2c0 [ 72.672761][ T5062] ? __ia32_sys_read+0x90/0x90 [ 72.677658][ T5062] ? syscall_enter_from_user_mode+0x32/0x230 [ 72.683670][ T5062] ? syscall_enter_from_user_mode+0x8c/0x230 [ 72.689685][ T5062] do_syscall_64+0x44/0x110 [ 72.694224][ T5062] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 72.700145][ T5062] RIP: 0033:0x7f39e023cf19 [ 72.704577][ T5062] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 72.724229][ T5062] RSP: 002b:00007fff43f45138 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 72.732749][ T5062] RAX: ffffffffffffffda RBX: 00007fff43f45150 RCX: 00007f39e023cf19 [ 72.740918][ T5062] RDX: 000000000000000b RSI: 00000000200000c0 RDI: 0000000000000005 [ 72.748900][ T5062] RBP: 0000000000000001 R08: 00007fff43f44ed7 R09: 0000555556ec7378 [ 72.756889][ T5062] R10: 0000000000000001 R11: 0000000000000246 R12: 00007fff43f45170 [ 72.764882][ T5062] R13: 00007fff43f45398 R14: 431bde82d7b634db R15: 00007f39e028601d [ 72.772918][ T5062] [ 72.775945][ T5062] Modules linked in: [ 72.780035][ T5062] ---[ end trace 0000000000000000 ]--- [ 72.785525][ T5062] RIP: 0010:insert_state_fast+0x244/0x250 [ 72.791309][ T5062] Code: 2e fe e9 77 ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 71 fe ff ff 4c 89 e7 e8 d6 33 2e fe e9 64 fe ff ff e8 2c 12 d2 fd <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 55 41 57 41 56 41 55 41 54 53 [ 72.810976][ T5062] RSP: 0018:ffffc900042a76a0 EFLAGS: 00010293 [ 72.817189][ T5062] RAX: ffffffff83bcae64 RBX: dffffc0000000000 RCX: ffff888013338000 [ 72.825214][ T5062] RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000 [ 72.833237][ T5062] RBP: 00000000fffffff4 R08: ffffffff83bcad85 R09: 1ffffffff1b45542 [ 72.841769][ T5062] R10: dffffc0000000000 R11: fffffbfff1b45543 R12: 0000000000000000 [ 72.849907][ T5062] R13: ffff88801c01ae88 R14: ffff888027491540 R15: 0000000000000800 [ 72.858014][ T5062] FS: 0000555556ec6380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 72.867006][ T5062] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.873669][ T5062] CR2: 00007fd642e220f0 CR3: 000000006715a000 CR4: 00000000003506f0 [ 72.881699][ T5062] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 72.889751][ T5062] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 72.897761][ T5062] Kernel panic - not syncing: Fatal exception [ 72.904148][ T5062] Kernel Offset: disabled [ 72.908482][ T5062] Rebooting in 86400 seconds..