./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor20991418
<...>
DUID 00:04:76:8b:f6:84:a4:3b:36:39:6c:68:e7:10:38:dd:b7:2c
no interfaces have a carrier
[ 57.534610][ T5484] 8021q: adding VLAN 0 to HW filter on device bond0
[ 57.555006][ T5484] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.1.181' (ED25519) to the list of known hosts.
execve("./syz-executor20991418", ["./syz-executor20991418"], 0x7ffc9dfdea20 /* 10 vars */) = 0
brk(NULL) = 0x55557a935000
brk(0x55557a935d00) = 0x55557a935d00
arch_prctl(ARCH_SET_FS, 0x55557a935380) = 0
set_tid_address(0x55557a935650) = 5819
set_robust_list(0x55557a935660, 24) = 0
rseq(0x55557a935ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor20991418", 4096) = 26
getrandom("\x6b\x74\x93\x08\xf9\x4c\x28\xd3", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55557a935d00
brk(0x55557a956d00) = 0x55557a956d00
brk(0x55557a957000) = 0x55557a957000
mprotect(0x7f2ea2fef000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
executing program
write(1, "executing program\n", 18) = 18
memfd_create("syzkaller", 0) = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2e9aa00000
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
munmap(0x7f2e9aa00000, 138412032) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
ioctl(4, LOOP_SET_FD, 3) = 0
close(3) = 0
close(4) = 0
mkdir("./file0", 0777) = 0
syzkaller login: [ 86.849072][ T5819] loop0: detected capacity change from 0 to 32768
[ 86.880482][ T5819] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor209 (5819)
[ 86.936081][ T5819] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 86.957292][ T5819] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 86.967923][ T5819] BTRFS info (device loop0): disk space caching is enabled
[ 86.975284][ T5819] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 87.159092][ T5819] BTRFS info (device loop0): rebuilding free space tree
[ 87.196388][ T5819] BTRFS info (device loop0): disabling free space tree
mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_NOATIME|MS_REC|MS_RELATIME|MS_STRICTATIME, "compress-force,clear_cache,nodatasum,nossd,degraded,space_cache=v1,") = 0
openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
ioctl(4, LOOP_CLR_FD) = 0
close(4) = 0
[ 87.203569][ T5819] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 87.213342][ T5819] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 87.274300][ T5819] BTRFS info (device loop0): balance: start -susage=7,drange=7..2048,limit=55834574849,limit=1..13
[ 87.289172][ T5819] ------------[ cut here ]------------
[ 87.294800][ T5819] BTRFS: Transaction aborted (error -28)
[ 87.301210][ T5819] WARNING: CPU: 1 PID: 5819 at fs/btrfs/block-group.c:2781 btrfs_create_pending_block_groups+0x1120/0x1350
[ 87.312774][ T5819] Modules linked in:
[ 87.317237][ T5819] CPU: 1 UID: 0 PID: 5819 Comm: syz-executor209 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full)
[ 87.329823][ T5819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 87.340016][ T5819] RIP: 0010:btrfs_create_pending_block_groups+0x1120/0x1350
[ 87.347478][ T5819] Code: 48 c7 c6 e0 28 af 8b 44 89 f2 e8 4b bb 4a fd e9 38 fe ff ff e8 11 69 e0 fd 90 48 c7 c7 80 28 af 8b 44 89 f6 e8 e1 c6 a4 fd 90 <0f> 0b 90 90 e9 19 fe ff ff e8 f2 68 e0 fd eb 05 e8 eb 68 e0 fd 4c
[ 87.367333][ T5819] RSP: 0018:ffffc90003fff700 EFLAGS: 00010246
[ 87.373459][ T5819] RAX: 4772021d0bb19200 RBX: ffff8880283e8001 RCX: ffff88802fb15a00
[ 87.381600][ T5819] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 87.389687][ T5819] RBP: ffffc90003fff980 R08: 0000000000000003 R09: 0000000000000004
[ 87.397824][ T5819] R10: dffffc0000000000 R11: fffffbfff1bba4b4 R12: 0000000000000000
[ 87.405851][ T5819] R13: dffffc0000000000 R14: 00000000ffffffe4 R15: ffff888030eb7058
[ 87.413943][ T5819] FS: 000055557a935380(0000) GS:ffff888126200000(0000) knlGS:0000000000000000
[ 87.423386][ T5819] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 87.430087][ T5819] CR2: 00005610d8094000 CR3: 0000000077a1e000 CR4: 00000000003526f0
[ 87.438184][ T5819] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 87.446260][ T5819] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 87.454359][ T5819] Call Trace:
[ 87.457823][ T5819]
[ 87.460815][ T5819] ? kfree+0x193/0x440
[ 87.464934][ T5819] ? __pfx___reserve_bytes+0x10/0x10
[ 87.470350][ T5819] ? __pfx_btrfs_create_pending_block_groups+0x10/0x10
[ 87.477328][ T5819] ? btrfs_inc_block_group_ro+0x627/0x700
[ 87.483108][ T5819] ? __mutex_unlock_slowpath+0x1cd/0x700
[ 87.488912][ T5819] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 87.494938][ T5819] ? do_raw_spin_unlock+0x122/0x240
[ 87.500268][ T5819] ? btrfs_trans_release_metadata+0x22d/0x330
[ 87.506454][ T5819] __btrfs_end_transaction+0x140/0x640
[ 87.511955][ T5819] btrfs_inc_block_group_ro+0x62f/0x700
[ 87.517576][ T5819] btrfs_relocate_block_group+0x452/0xd70
[ 87.523337][ T5819] btrfs_relocate_chunk+0x12a/0x3b0
[ 87.528711][ T5819] __btrfs_balance+0x1870/0x21d0
[ 87.533700][ T5819] ? btrfs_balance+0xcb1/0x11b0
[ 87.538626][ T5819] ? __pfx___btrfs_balance+0x10/0x10
[ 87.543938][ T5819] ? __wait_for_common+0x6d0/0x710
[ 87.549135][ T5819] ? do_raw_spin_unlock+0x122/0x240
[ 87.554365][ T5819] btrfs_balance+0xcb9/0x11b0
[ 87.559122][ T5819] btrfs_ioctl_balance+0x3d3/0x610
[ 87.564270][ T5819] ? btrfs_ioctl+0xb19/0xd00
[ 87.569009][ T5819] ? __pfx_btrfs_ioctl+0x10/0x10
[ 87.573996][ T5819] __se_sys_ioctl+0xf9/0x170
[ 87.578662][ T5819] do_syscall_64+0xf6/0x210
[ 87.583195][ T5819] ? clear_bhb_loop+0x45/0xa0
[ 87.587970][ T5819] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.593894][ T5819] RIP: 0033:0x7f2ea2f77949
[ 87.598381][ T5819] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 87.618092][ T5819] RSP: 002b:00007ffdb275bff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 87.626564][ T5819] RAX: ffffffffffffffda RBX: 00007ffdb275c1c8 RCX: 00007f2ea2f77949
[ 87.634570][ T5819] RDX: 0000200000000440 RSI: 00000000c4009420 RDI: 0000000000000003
[ 87.642654][ T5819] RBP: 00007f2ea2fef610 R08: 00000000000051a5 R09: 00007ffdb275c1c8
[ 87.650757][ T5819] R10: 00007ffdb275beb0 R11: 0000000000000246 R12: 0000000000000001
[ 87.658802][ T5819] R13: 00007ffdb275c1b8 R14: 0000000000000001 R15: 0000000000000001
[ 87.666864][ T5819]
[ 87.669899][ T5819] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 87.677178][ T5819] CPU: 1 UID: 0 PID: 5819 Comm: syz-executor209 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full)
[ 87.689594][ T5819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 87.699649][ T5819] Call Trace:
[ 87.702931][ T5819]
[ 87.705861][ T5819] dump_stack_lvl+0x99/0x250
[ 87.710473][ T5819] ? __asan_memcpy+0x40/0x70
[ 87.715072][ T5819] ? __pfx_dump_stack_lvl+0x10/0x10
[ 87.720275][ T5819] ? __pfx__printk+0x10/0x10
[ 87.724880][ T5819] panic+0x2db/0x790
[ 87.728797][ T5819] ? __pfx_panic+0x10/0x10
[ 87.733224][ T5819] ? show_trace_log_lvl+0x4fb/0x550
[ 87.738453][ T5819] __warn+0x31b/0x4b0
[ 87.742463][ T5819] ? btrfs_create_pending_block_groups+0x1120/0x1350
[ 87.749162][ T5819] ? btrfs_create_pending_block_groups+0x1120/0x1350
[ 87.755854][ T5819] report_bug+0x2be/0x4f0
[ 87.760202][ T5819] ? btrfs_create_pending_block_groups+0x1120/0x1350
[ 87.766894][ T5819] ? btrfs_create_pending_block_groups+0x1120/0x1350
[ 87.773587][ T5819] ? btrfs_create_pending_block_groups+0x1122/0x1350
[ 87.780275][ T5819] handle_bug+0x84/0x160
[ 87.784534][ T5819] exc_invalid_op+0x1a/0x50
[ 87.789050][ T5819] asm_exc_invalid_op+0x1a/0x20
[ 87.793912][ T5819] RIP: 0010:btrfs_create_pending_block_groups+0x1120/0x1350
[ 87.801215][ T5819] Code: 48 c7 c6 e0 28 af 8b 44 89 f2 e8 4b bb 4a fd e9 38 fe ff ff e8 11 69 e0 fd 90 48 c7 c7 80 28 af 8b 44 89 f6 e8 e1 c6 a4 fd 90 <0f> 0b 90 90 e9 19 fe ff ff e8 f2 68 e0 fd eb 05 e8 eb 68 e0 fd 4c
[ 87.820837][ T5819] RSP: 0018:ffffc90003fff700 EFLAGS: 00010246
[ 87.826920][ T5819] RAX: 4772021d0bb19200 RBX: ffff8880283e8001 RCX: ffff88802fb15a00
[ 87.834905][ T5819] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 87.842884][ T5819] RBP: ffffc90003fff980 R08: 0000000000000003 R09: 0000000000000004
[ 87.850921][ T5819] R10: dffffc0000000000 R11: fffffbfff1bba4b4 R12: 0000000000000000
[ 87.858947][ T5819] R13: dffffc0000000000 R14: 00000000ffffffe4 R15: ffff888030eb7058
[ 87.867011][ T5819] ? kfree+0x193/0x440
[ 87.871119][ T5819] ? __pfx___reserve_bytes+0x10/0x10
[ 87.876597][ T5819] ? __pfx_btrfs_create_pending_block_groups+0x10/0x10
[ 87.883468][ T5819] ? btrfs_inc_block_group_ro+0x627/0x700
[ 87.889209][ T5819] ? __mutex_unlock_slowpath+0x1cd/0x700
[ 87.894853][ T5819] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 87.900843][ T5819] ? do_raw_spin_unlock+0x122/0x240
[ 87.906052][ T5819] ? btrfs_trans_release_metadata+0x22d/0x330
[ 87.912132][ T5819] __btrfs_end_transaction+0x140/0x640
[ 87.917604][ T5819] btrfs_inc_block_group_ro+0x62f/0x700
[ 87.923168][ T5819] btrfs_relocate_block_group+0x452/0xd70
[ 87.928925][ T5819] btrfs_relocate_chunk+0x12a/0x3b0
[ 87.934235][ T5819] __btrfs_balance+0x1870/0x21d0
[ 87.939308][ T5819] ? btrfs_balance+0xcb1/0x11b0
[ 87.944248][ T5819] ? __pfx___btrfs_balance+0x10/0x10
[ 87.949564][ T5819] ? __wait_for_common+0x6d0/0x710
[ 87.954716][ T5819] ? do_raw_spin_unlock+0x122/0x240
[ 87.959946][ T5819] btrfs_balance+0xcb9/0x11b0
[ 87.964660][ T5819] btrfs_ioctl_balance+0x3d3/0x610
[ 87.969784][ T5819] ? btrfs_ioctl+0xb19/0xd00
[ 87.974397][ T5819] ? __pfx_btrfs_ioctl+0x10/0x10
[ 87.979358][ T5819] __se_sys_ioctl+0xf9/0x170
[ 87.983966][ T5819] do_syscall_64+0xf6/0x210
[ 87.988478][ T5819] ? clear_bhb_loop+0x45/0xa0
[ 87.993165][ T5819] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.999076][ T5819] RIP: 0033:0x7f2ea2f77949
[ 88.003502][ T5819] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 88.023141][ T5819] RSP: 002b:00007ffdb275bff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 88.031566][ T5819] RAX: ffffffffffffffda RBX: 00007ffdb275c1c8 RCX: 00007f2ea2f77949
[ 88.039548][ T5819] RDX: 0000200000000440 RSI: 00000000c4009420 RDI: 0000000000000003
[ 88.047530][ T5819] RBP: 00007f2ea2fef610 R08: 00000000000051a5 R09: 00007ffdb275c1c8
[ 88.055541][ T5819] R10: 00007ffdb275beb0 R11: 0000000000000246 R12: 0000000000000001
[ 88.063537][ T5819] R13: 00007ffdb275c1b8 R14: 0000000000000001 R15: 0000000000000001
[ 88.071538][ T5819]
[ 88.074937][ T5819] Kernel Offset: disabled
[ 88.079276][ T5819] Rebooting in 86400 seconds..