./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor24380457
<...>
Warning: Permanently added '10.128.0.190' (ECDSA) to the list of known hosts.
execve("./syz-executor24380457", ["./syz-executor24380457"], 0x7ffff5f03d50 /* 10 vars */) = 0
brk(NULL) = 0x555556064000
brk(0x555556064c40) = 0x555556064c40
arch_prctl(ARCH_SET_FS, 0x555556064300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor24380457", 4096) = 26
brk(0x555556085c40) = 0x555556085c40
brk(0x555556086000) = 0x555556086000
mprotect(0x7f6153dad000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
getpid() = 3631
mkdir("./syzkaller.3X6BUK", 0700) = 0
chmod("./syzkaller.3X6BUK", 0777) = 0
chdir("./syzkaller.3X6BUK") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560645d0) = 3632
./strace-static-x86_64: Process 3632 attached
[pid 3632] chdir("./0") = 0
[pid 3632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3632] setpgid(0, 0) = 0
[pid 3632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3632] write(3, "1000", 4) = 4
[pid 3632] close(3) = 0
[pid 3632] symlink("/dev/binderfs", "./binderfs") = 0
[pid 3632] memfd_create("syzkaller", 0) = 3
[pid 3632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f614b800000
[pid 3632] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 3632] munmap(0x7f614b800000, 16777216) = 0
[pid 3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3632] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3632] close(3) = 0
[pid 3632] mkdir("./file0", 0777) = 0
[ 49.656045][ T3632] loop0: detected capacity change from 0 to 32768
[ 49.667445][ T3632] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor243 (3632)
[ 49.686761][ T3632] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 49.695634][ T3632] BTRFS info (device loop0): using free space tree
[pid 3632] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV|MS_SYNCHRONOUS, "") = 0
[pid 3632] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 3632] chdir("./file0") = 0
[pid 3632] ioctl(4, LOOP_CLR_FD) = 0
[pid 3632] close(4) = 0
[pid 3632] unlink("./file1") = 0
[pid 3632] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4
[pid 3632] write(4, "\x7f\x45\x4c\x46\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x38\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1628) = 1628
[pid 3632] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 3632] write(5, "17", 2) = 2
[ 49.717283][ T3632] BTRFS info (device loop0): enabling ssd optimizations
[ 49.746009][ T27] audit: type=1800 audit(1670017508.844:2): pid=3632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor243" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 49.784259][ T3632] FAULT_INJECTION: forcing a failure.
[ 49.784259][ T3632] name failslab, interval 1, probability 0, space 0, times 1
[ 49.798136][ T3632] CPU: 1 PID: 3632 Comm: syz-executor243 Not tainted 6.1.0-rc7-syzkaller-00123-ga4412fdd49dc #0
[ 49.808572][ T3632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 49.818816][ T3632] Call Trace:
[ 49.822113][ T3632]
[ 49.825056][ T3632] dump_stack_lvl+0x1b1/0x28e
[ 49.829866][ T3632] ? nf_tcp_handle_invalid+0x62e/0x62e
[ 49.835350][ T3632] ? panic+0x710/0x710
[ 49.839450][ T3632] ? __might_sleep+0xc0/0xc0
[ 49.844066][ T3632] ? rcu_read_lock_sched_held+0x87/0x110
[ 49.849723][ T3632] should_fail_ex+0x395/0x4c0
[ 49.854438][ T3632] ? btrfs_drop_extent_map_range+0x32a/0x1690
[ 49.860532][ T3632] should_failslab+0x5/0x20
[ 49.865062][ T3632] kmem_cache_alloc+0x68/0x300
[ 49.869851][ T3632] ? btrfs_drop_extent_map_range+0x226/0x1690
[ 49.875943][ T3632] btrfs_drop_extent_map_range+0x32a/0x1690
[ 49.881837][ T3632] ? __kernel_text_address+0x9/0x40
[ 49.887046][ T3632] ? arch_stack_walk+0x98/0xe0
[ 49.891842][ T3632] ? stack_trace_snprint+0xf0/0xf0
[ 49.896956][ T3632] ? unwind_get_return_address+0x48/0x80
[ 49.902600][ T3632] ? merge_extent_mapping+0x3a0/0x3a0
[ 49.908006][ T3632] btrfs_drop_extents+0x2ee/0x3550
[ 49.913123][ T3632] ? __lock_acquire+0x1292/0x1f60
[ 49.918172][ T3632] ? read_lock_is_recursive+0x10/0x10
[ 49.923546][ T3632] ? join_transaction+0xbf8/0xe60
[ 49.928569][ T3632] ? do_raw_spin_lock+0x148/0x360
[ 49.933592][ T3632] ? __lock_acquire+0x1f60/0x1f60
[ 49.938623][ T3632] ? btrfs_dirty_pages+0x2f0/0x2f0
[ 49.943740][ T3632] ? join_transaction+0xc45/0xe60
[ 49.948759][ T3632] ? join_transaction+0xc1f/0xe60
[ 49.953807][ T3632] ? btrfs_record_root_in_trans+0x129/0x180
[ 49.959806][ T3632] ? start_transaction+0x3da/0x1180
[ 49.965034][ T3632] cow_file_range_inline+0x41b/0x920
[ 49.970348][ T3632] ? btrfs_do_encoded_write+0x1470/0x1470
[ 49.976081][ T3632] ? test_range_bit+0x440/0x4a0
[ 49.980931][ T3632] ? do_raw_spin_lock+0x148/0x360
[ 49.985959][ T3632] ? __lock_acquire+0x1f60/0x1f60
[ 49.990989][ T3632] cow_file_range+0x391/0xfa0
[ 49.995680][ T3632] ? test_range_bit+0x440/0x4a0
[ 50.000531][ T3632] ? run_delalloc_zoned+0x5e0/0x5e0
[ 50.005824][ T3632] ? find_lock_delalloc_range+0x77e/0x990
[ 50.011556][ T3632] btrfs_run_delalloc_range+0xed4/0x11a0
[ 50.017220][ T3632] ? rcu_read_lock_sched_held+0x87/0x110
[ 50.022865][ T3632] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 50.028857][ T3632] writepage_delalloc+0x25e/0x540
[ 50.033889][ T3632] ? cgroup_rstat_updated+0xca/0x350
[ 50.039275][ T3632] ? trace___extent_writepage+0x300/0x300
[ 50.044999][ T3632] ? rcu_read_lock_sched_held+0x87/0x110
[ 50.050634][ T3632] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 50.056605][ T3632] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 50.062595][ T3632] ? set_page_extent_mapped+0x156/0x2b0
[ 50.068227][ T3632] __extent_writepage+0x5d6/0x14d0
[ 50.073346][ T3632] ? extent_write_locked_range+0xd30/0xd30
[ 50.079150][ T3632] ? folio_wait_writeback+0x1cd/0x200
[ 50.084522][ T3632] extent_write_cache_pages+0x9e7/0x12d0
[ 50.090154][ T3632] ? __kmem_cache_free+0x71/0x110
[ 50.095193][ T3632] ? extent_writepages+0x550/0x550
[ 50.100296][ T3632] ? rcu_read_lock_sched_held+0x87/0x110
[ 50.105925][ T3632] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 50.111901][ T3632] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 50.117879][ T3632] ? btrfs_buffered_write+0x1324/0x16f0
[ 50.123429][ T3632] extent_writepages+0x228/0x550
[ 50.128366][ T3632] ? __extent_writepage+0x14d0/0x14d0
[ 50.133728][ T3632] ? rcu_read_lock_sched_held+0x87/0x110
[ 50.139362][ T3632] ? wbc_attach_and_unlock_inode+0x2fe/0x540
[ 50.145337][ T3632] ? acls_after_inode_item+0x5e0/0x5e0
[ 50.150802][ T3632] do_writepages+0x3c3/0x680
[ 50.155481][ T3632] ? __writepage+0x120/0x120
[ 50.160062][ T3632] ? __lock_acquire+0x1f60/0x1f60
[ 50.165083][ T3632] ? do_raw_spin_lock+0x148/0x360
[ 50.170105][ T3632] ? do_raw_spin_unlock+0x134/0x8a0
[ 50.175307][ T3632] ? wbc_attach_and_unlock_inode+0x350/0x540
[ 50.181291][ T3632] filemap_fdatawrite_wbc+0x11e/0x170
[ 50.186659][ T3632] filemap_fdatawrite_range+0x175/0x200
[ 50.192200][ T3632] ? filemap_fdatawrite+0x1d0/0x1d0
[ 50.197399][ T3632] ? __up_read+0x690/0x690
[ 50.201810][ T3632] ? btrfs_write_check+0x4a9/0x540
[ 50.206924][ T3632] btrfs_do_write_iter+0xf0c/0x1260
[ 50.212142][ T3632] ? btrfs_check_nocow_unlock+0x40/0x40
[ 50.217693][ T3632] vfs_write+0x7dc/0xc50
[ 50.221940][ T3632] ? file_end_write+0x230/0x230
[ 50.226788][ T3632] ? ptrace_stop+0x74d/0x970
[ 50.231387][ T3632] ? _raw_spin_unlock_irq+0x2a/0x40
[ 50.236586][ T3632] ? __fdget_pos+0x252/0x2e0
[ 50.241174][ T3632] ksys_write+0x177/0x2a0
[ 50.245503][ T3632] ? __ia32_sys_read+0x80/0x80
[ 50.250262][ T3632] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 50.256243][ T3632] ? syscall_enter_from_user_mode+0x86/0x1d0
[ 50.262224][ T3632] do_syscall_64+0x3d/0xb0
[ 50.266635][ T3632] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.272521][ T3632] RIP: 0033:0x7f6153d39ba9
[ 50.276933][ T3632] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 50.296622][ T3632] RSP: 002b:00007ffcf3634648 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 50.305031][ T3632] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6153d39ba9
[ 50.313001][ T3632] RDX: 0000000000000020 RSI: 0000000020000180 RDI: 0000000000000004
[ 50.320970][ T3632] RBP: 00007ffcf3634670 R08: 0000000000000002 R09: 00007ffcf3634680
[ 50.328931][ T3632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[pid 3632] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32
[pid 3632] exit_group(0) = ?
[pid 3632] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3632, si_uid=0, si_status=0, si_utime=5, si_stime=19} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556065620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs") = 0
[ 50.336899][ T3632] R13: 00007ffcf36346b0 R14: 00007ffcf3634690 R15: 0000000000000000
[ 50.344879][ T3632]
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555606d660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555606d660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x555556065620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560645d0) = 3655
./strace-static-x86_64: Process 3655 attached
[pid 3655] chdir("./1") = 0
[pid 3655] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3655] setpgid(0, 0) = 0
[pid 3655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3655] write(3, "1000", 4) = 4
[pid 3655] close(3) = 0
[pid 3655] symlink("/dev/binderfs", "./binderfs") = 0
[pid 3655] memfd_create("syzkaller", 0) = 3
[pid 3655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f614b800000
[pid 3655] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 3655] munmap(0x7f614b800000, 16777216) = 0
[pid 3655] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3655] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3655] close(3) = 0
[pid 3655] mkdir("./file0", 0777) = 0
[pid 3655] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV|MS_SYNCHRONOUS, "") = 0
[pid 3655] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 3655] chdir("./file0") = 0
[pid 3655] ioctl(4, LOOP_CLR_FD) = 0
[pid 3655] close(4) = 0
[pid 3655] unlink("./file1") = 0
[ 50.670942][ T3655] loop0: detected capacity change from 0 to 32768
[ 50.684497][ T3655] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 50.693698][ T3655] BTRFS info (device loop0): using free space tree
[ 50.712139][ T3655] BTRFS info (device loop0): enabling ssd optimizations
[pid 3655] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4
[pid 3655] write(4, "\x7f\x45\x4c\x46\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x38\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1628) = 1628
[pid 3655] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 3655] write(5, "17", 2) = 2
[ 50.745169][ T27] audit: type=1800 audit(1670017509.844:3): pid=3655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor243" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 50.772963][ T3655] FAULT_INJECTION: forcing a failure.
[ 50.772963][ T3655] name failslab, interval 1, probability 0, space 0, times 0
[ 50.786538][ T3655] CPU: 0 PID: 3655 Comm: syz-executor243 Not tainted 6.1.0-rc7-syzkaller-00123-ga4412fdd49dc #0
[ 50.796978][ T3655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 50.807044][ T3655] Call Trace:
[ 50.810331][ T3655]
[ 50.813274][ T3655] dump_stack_lvl+0x1b1/0x28e
[ 50.817974][ T3655] ? nf_tcp_handle_invalid+0x62e/0x62e
[ 50.823454][ T3655] ? panic+0x710/0x710
[ 50.827544][ T3655] ? __might_sleep+0xc0/0xc0
[ 50.832152][ T3655] ? rcu_read_lock_sched_held+0x87/0x110
[ 50.837812][ T3655] should_fail_ex+0x395/0x4c0
[ 50.842518][ T3655] ? btrfs_drop_extent_map_range+0x32a/0x1690
[ 50.848611][ T3655] should_failslab+0x5/0x20
[ 50.853138][ T3655] kmem_cache_alloc+0x68/0x300
[ 50.857924][ T3655] ? btrfs_drop_extent_map_range+0x226/0x1690
[ 50.864022][ T3655] btrfs_drop_extent_map_range+0x32a/0x1690
[ 50.869925][ T3655] ? __kernel_text_address+0x9/0x40
[ 50.875117][ T3655] ? arch_stack_walk+0x98/0xe0
[ 50.879880][ T3655] ? stack_trace_snprint+0xf0/0xf0
[ 50.884982][ T3655] ? unwind_get_return_address+0x48/0x80
[ 50.890614][ T3655] ? merge_extent_mapping+0x3a0/0x3a0
[ 50.895997][ T3655] btrfs_drop_extents+0x2ee/0x3550
[ 50.901101][ T3655] ? __lock_acquire+0x1292/0x1f60
[ 50.906127][ T3655] ? read_lock_is_recursive+0x10/0x10
[ 50.911485][ T3655] ? join_transaction+0xbf8/0xe60
[ 50.916495][ T3655] ? do_raw_spin_lock+0x148/0x360
[ 50.921505][ T3655] ? __lock_acquire+0x1f60/0x1f60
[ 50.926519][ T3655] ? btrfs_dirty_pages+0x2f0/0x2f0
[ 50.931624][ T3655] ? join_transaction+0xc45/0xe60
[ 50.936633][ T3655] ? join_transaction+0xc1f/0xe60
[ 50.941644][ T3655] ? btrfs_record_root_in_trans+0x129/0x180
[ 50.947532][ T3655] ? start_transaction+0x3da/0x1180
[ 50.952730][ T3655] cow_file_range_inline+0x41b/0x920
[ 50.958007][ T3655] ? btrfs_do_encoded_write+0x1470/0x1470
[ 50.963716][ T3655] ? test_range_bit+0x440/0x4a0
[ 50.968551][ T3655] ? do_raw_spin_lock+0x148/0x360
[ 50.973651][ T3655] ? __lock_acquire+0x1f60/0x1f60
[ 50.978662][ T3655] cow_file_range+0x391/0xfa0
[ 50.983335][ T3655] ? test_range_bit+0x440/0x4a0
[ 50.988177][ T3655] ? run_delalloc_zoned+0x5e0/0x5e0
[ 50.993366][ T3655] ? find_lock_delalloc_range+0x77e/0x990
[ 50.999085][ T3655] btrfs_run_delalloc_range+0xed4/0x11a0
[ 51.004713][ T3655] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.010329][ T3655] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 51.016298][ T3655] writepage_delalloc+0x25e/0x540
[ 51.021309][ T3655] ? cgroup_rstat_updated+0xca/0x350
[ 51.026586][ T3655] ? trace___extent_writepage+0x300/0x300
[ 51.032290][ T3655] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.037905][ T3655] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 51.043882][ T3655] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 51.049871][ T3655] ? set_page_extent_mapped+0x156/0x2b0
[ 51.055419][ T3655] __extent_writepage+0x5d6/0x14d0
[ 51.060530][ T3655] ? extent_write_locked_range+0xd30/0xd30
[ 51.066329][ T3655] ? folio_wait_writeback+0x1cd/0x200
[ 51.071696][ T3655] extent_write_cache_pages+0x9e7/0x12d0
[ 51.077314][ T3655] ? __kmem_cache_free+0x71/0x110
[ 51.082338][ T3655] ? extent_writepages+0x550/0x550
[ 51.087433][ T3655] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.093053][ T3655] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 51.099021][ T3655] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 51.104990][ T3655] ? btrfs_buffered_write+0x1324/0x16f0
[ 51.110538][ T3655] extent_writepages+0x228/0x550
[ 51.115464][ T3655] ? __extent_writepage+0x14d0/0x14d0
[ 51.120819][ T3655] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.126463][ T3655] ? wbc_attach_and_unlock_inode+0x2fe/0x540
[ 51.132434][ T3655] ? acls_after_inode_item+0x5e0/0x5e0
[ 51.137882][ T3655] do_writepages+0x3c3/0x680
[ 51.142471][ T3655] ? __writepage+0x120/0x120
[ 51.147052][ T3655] ? __lock_acquire+0x1f60/0x1f60
[ 51.152071][ T3655] ? do_raw_spin_lock+0x148/0x360
[ 51.157089][ T3655] ? do_raw_spin_unlock+0x134/0x8a0
[ 51.162291][ T3655] ? wbc_attach_and_unlock_inode+0x350/0x540
[ 51.168267][ T3655] filemap_fdatawrite_wbc+0x11e/0x170
[ 51.173628][ T3655] filemap_fdatawrite_range+0x175/0x200
[ 51.179159][ T3655] ? filemap_fdatawrite+0x1d0/0x1d0
[ 51.184345][ T3655] ? __up_read+0x690/0x690
[ 51.188742][ T3655] ? btrfs_write_check+0x4a9/0x540
[ 51.193845][ T3655] btrfs_do_write_iter+0xf0c/0x1260
[ 51.199042][ T3655] ? btrfs_check_nocow_unlock+0x40/0x40
[ 51.204584][ T3655] vfs_write+0x7dc/0xc50
[ 51.208818][ T3655] ? file_end_write+0x230/0x230
[ 51.213658][ T3655] ? ptrace_stop+0x74d/0x970
[ 51.218241][ T3655] ? _raw_spin_unlock_irq+0x2a/0x40
[ 51.223429][ T3655] ? __fdget_pos+0x252/0x2e0
[ 51.228008][ T3655] ksys_write+0x177/0x2a0
[ 51.232326][ T3655] ? __ia32_sys_read+0x80/0x80
[ 51.237077][ T3655] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 51.243075][ T3655] ? syscall_enter_from_user_mode+0x86/0x1d0
[ 51.249040][ T3655] do_syscall_64+0x3d/0xb0
[ 51.253443][ T3655] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 51.259322][ T3655] RIP: 0033:0x7f6153d39ba9
[ 51.263723][ T3655] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 51.283311][ T3655] RSP: 002b:00007ffcf3634648 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[pid 3655] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32
[pid 3655] exit_group(0) = ?
[pid 3655] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3655, si_uid=0, si_status=0, si_utime=4, si_stime=15} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556065620 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./1/binderfs") = 0
[ 51.291711][ T3655] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6153d39ba9
[ 51.299667][ T3655] RDX: 0000000000000020 RSI: 0000000020000180 RDI: 0000000000000004
[ 51.307641][ T3655] RBP: 00007ffcf3634670 R08: 0000000000000002 R09: 00007ffcf3634680
[ 51.315601][ T3655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 51.323554][ T3655] R13: 00007ffcf36346b0 R14: 00007ffcf3634690 R15: 0000000000000001
[ 51.331524][ T3655]
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555606d660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555606d660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x555556065620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3676 attached
, child_tidptr=0x5555560645d0) = 3676
[pid 3676] chdir("./2") = 0
[pid 3676] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3676] setpgid(0, 0) = 0
[pid 3676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3676] write(3, "1000", 4) = 4
[pid 3676] close(3) = 0
[pid 3676] symlink("/dev/binderfs", "./binderfs") = 0
[pid 3676] memfd_create("syzkaller", 0) = 3
[pid 3676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f614b800000
[pid 3676] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 3676] munmap(0x7f614b800000, 16777216) = 0
[pid 3676] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3676] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3676] close(3) = 0
[pid 3676] mkdir("./file0", 0777) = 0
[pid 3676] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV|MS_SYNCHRONOUS, "") = 0
[pid 3676] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 3676] chdir("./file0") = 0
[pid 3676] ioctl(4, LOOP_CLR_FD) = 0
[ 51.616647][ T3676] loop0: detected capacity change from 0 to 32768
[ 51.631803][ T3676] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 51.640598][ T3676] BTRFS info (device loop0): using free space tree
[ 51.659322][ T3676] BTRFS info (device loop0): enabling ssd optimizations
[pid 3676] close(4) = 0
[pid 3676] unlink("./file1") = 0
[pid 3676] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4
[pid 3676] write(4, "\x7f\x45\x4c\x46\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x38\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1628) = 1628
[pid 3676] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 3676] write(5, "17", 2) = 2
[ 51.685561][ T27] audit: type=1800 audit(1670017510.784:4): pid=3676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor243" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 51.689649][ T3676] FAULT_INJECTION: forcing a failure.
[ 51.689649][ T3676] name failslab, interval 1, probability 0, space 0, times 0
[ 51.719026][ T3676] CPU: 0 PID: 3676 Comm: syz-executor243 Not tainted 6.1.0-rc7-syzkaller-00123-ga4412fdd49dc #0
[ 51.729474][ T3676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 51.739551][ T3676] Call Trace:
[ 51.742847][ T3676]
[ 51.745792][ T3676] dump_stack_lvl+0x1b1/0x28e
[ 51.750497][ T3676] ? nf_tcp_handle_invalid+0x62e/0x62e
[ 51.755976][ T3676] ? panic+0x710/0x710
[ 51.760069][ T3676] ? __might_sleep+0xc0/0xc0
[ 51.764679][ T3676] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.770335][ T3676] should_fail_ex+0x395/0x4c0
[ 51.775038][ T3676] ? btrfs_drop_extent_map_range+0x32a/0x1690
[ 51.781108][ T3676] should_failslab+0x5/0x20
[ 51.785608][ T3676] kmem_cache_alloc+0x68/0x300
[ 51.790369][ T3676] ? btrfs_drop_extent_map_range+0x226/0x1690
[ 51.796439][ T3676] btrfs_drop_extent_map_range+0x32a/0x1690
[ 51.802329][ T3676] ? __kernel_text_address+0x9/0x40
[ 51.807537][ T3676] ? arch_stack_walk+0x98/0xe0
[ 51.812315][ T3676] ? stack_trace_snprint+0xf0/0xf0
[ 51.817514][ T3676] ? unwind_get_return_address+0x48/0x80
[ 51.823146][ T3676] ? merge_extent_mapping+0x3a0/0x3a0
[ 51.828527][ T3676] btrfs_drop_extents+0x2ee/0x3550
[ 51.833641][ T3676] ? __lock_acquire+0x1292/0x1f60
[ 51.838688][ T3676] ? read_lock_is_recursive+0x10/0x10
[ 51.844055][ T3676] ? join_transaction+0xbf8/0xe60
[ 51.849079][ T3676] ? do_raw_spin_lock+0x148/0x360
[ 51.854102][ T3676] ? __lock_acquire+0x1f60/0x1f60
[ 51.859127][ T3676] ? btrfs_dirty_pages+0x2f0/0x2f0
[ 51.864245][ T3676] ? join_transaction+0xc45/0xe60
[ 51.869266][ T3676] ? join_transaction+0xc1f/0xe60
[ 51.874299][ T3676] ? btrfs_record_root_in_trans+0x129/0x180
[ 51.880199][ T3676] ? start_transaction+0x3da/0x1180
[ 51.885411][ T3676] cow_file_range_inline+0x41b/0x920
[ 51.890701][ T3676] ? btrfs_do_encoded_write+0x1470/0x1470
[ 51.896422][ T3676] ? test_range_bit+0x440/0x4a0
[ 51.901269][ T3676] ? do_raw_spin_lock+0x148/0x360
[ 51.906292][ T3676] ? __lock_acquire+0x1f60/0x1f60
[ 51.911316][ T3676] cow_file_range+0x391/0xfa0
[ 51.916011][ T3676] ? test_range_bit+0x440/0x4a0
[ 51.920865][ T3676] ? run_delalloc_zoned+0x5e0/0x5e0
[ 51.926062][ T3676] ? find_lock_delalloc_range+0x77e/0x990
[ 51.931788][ T3676] btrfs_run_delalloc_range+0xed4/0x11a0
[ 51.937431][ T3676] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.943060][ T3676] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 51.949044][ T3676] writepage_delalloc+0x25e/0x540
[ 51.954070][ T3676] ? cgroup_rstat_updated+0xca/0x350
[ 51.959368][ T3676] ? trace___extent_writepage+0x300/0x300
[ 51.965090][ T3676] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.970717][ T3676] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 51.976690][ T3676] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 51.982672][ T3676] ? set_page_extent_mapped+0x156/0x2b0
[ 51.988219][ T3676] __extent_writepage+0x5d6/0x14d0
[ 51.993343][ T3676] ? extent_write_locked_range+0xd30/0xd30
[ 51.999149][ T3676] ? folio_wait_writeback+0x1cd/0x200
[ 52.004520][ T3676] extent_write_cache_pages+0x9e7/0x12d0
[ 52.010151][ T3676] ? __kmem_cache_free+0x71/0x110
[ 52.015190][ T3676] ? extent_writepages+0x550/0x550
[ 52.020298][ T3676] ? rcu_read_lock_sched_held+0x87/0x110
[ 52.025933][ T3676] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 52.031912][ T3676] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 52.037892][ T3676] ? btrfs_buffered_write+0x1324/0x16f0
[ 52.043453][ T3676] extent_writepages+0x228/0x550
[ 52.048392][ T3676] ? __extent_writepage+0x14d0/0x14d0
[ 52.053759][ T3676] ? rcu_read_lock_sched_held+0x87/0x110
[ 52.059398][ T3676] ? wbc_attach_and_unlock_inode+0x2fe/0x540
[ 52.065394][ T3676] ? acls_after_inode_item+0x5e0/0x5e0
[ 52.070871][ T3676] do_writepages+0x3c3/0x680
[ 52.075483][ T3676] ? __writepage+0x120/0x120
[ 52.080075][ T3676] ? __lock_acquire+0x1f60/0x1f60
[ 52.085110][ T3676] ? do_raw_spin_lock+0x148/0x360
[ 52.090143][ T3676] ? do_raw_spin_unlock+0x134/0x8a0
[ 52.095367][ T3676] ? wbc_attach_and_unlock_inode+0x350/0x540
[ 52.101364][ T3676] filemap_fdatawrite_wbc+0x11e/0x170
[ 52.106747][ T3676] filemap_fdatawrite_range+0x175/0x200
[ 52.112300][ T3676] ? filemap_fdatawrite+0x1d0/0x1d0
[ 52.117511][ T3676] ? __up_read+0x690/0x690
[ 52.121923][ T3676] ? btrfs_write_check+0x4a9/0x540
[ 52.127060][ T3676] btrfs_do_write_iter+0xf0c/0x1260
[ 52.132290][ T3676] ? btrfs_check_nocow_unlock+0x40/0x40
[ 52.137863][ T3676] vfs_write+0x7dc/0xc50
[ 52.142124][ T3676] ? file_end_write+0x230/0x230
[ 52.146983][ T3676] ? ptrace_stop+0x74d/0x970
[ 52.151587][ T3676] ? _raw_spin_unlock_irq+0x2a/0x40
[ 52.156798][ T3676] ? __fdget_pos+0x252/0x2e0
[ 52.161396][ T3676] ksys_write+0x177/0x2a0
[ 52.166169][ T3676] ? __ia32_sys_read+0x80/0x80
[ 52.170939][ T3676] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 52.176923][ T3676] ? syscall_enter_from_user_mode+0x86/0x1d0
[ 52.182910][ T3676] do_syscall_64+0x3d/0xb0
[ 52.187326][ T3676] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 52.193213][ T3676] RIP: 0033:0x7f6153d39ba9
[ 52.197626][ T3676] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 52.217223][ T3676] RSP: 002b:00007ffcf3634648 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 52.225633][ T3676] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6153d39ba9
[pid 3676] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32
[pid 3676] exit_group(0) = ?
[pid 3676] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3676, si_uid=0, si_status=0, si_utime=3, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556065620 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./2/binderfs") = 0
[ 52.233597][ T3676] RDX: 0000000000000020 RSI: 0000000020000180 RDI: 0000000000000004
[ 52.241561][ T3676] RBP: 00007ffcf3634670 R08: 0000000000000002 R09: 00007ffcf3634680
[ 52.249526][ T3676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 52.257496][ T3676] R13: 00007ffcf36346b0 R14: 00007ffcf3634690 R15: 0000000000000002
[ 52.265476][ T3676]
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555606d660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555606d660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x555556065620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560645d0) = 3702
./strace-static-x86_64: Process 3702 attached
[pid 3702] chdir("./3") = 0
[pid 3702] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3702] setpgid(0, 0) = 0
[pid 3702] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3702] write(3, "1000", 4) = 4
[pid 3702] close(3) = 0
[pid 3702] symlink("/dev/binderfs", "./binderfs") = 0
[pid 3702] memfd_create("syzkaller", 0) = 3
[pid 3702] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f614b800000
[pid 3702] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 3702] munmap(0x7f614b800000, 16777216) = 0
[pid 3702] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3702] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3702] close(3) = 0
[pid 3702] mkdir("./file0", 0777) = 0
[pid 3702] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV|MS_SYNCHRONOUS, "") = 0
[pid 3702] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 3702] chdir("./file0") = 0
[pid 3702] ioctl(4, LOOP_CLR_FD) = 0
[pid 3702] close(4) = 0
[pid 3702] unlink("./file1") = 0
[ 52.615755][ T3702] loop0: detected capacity change from 0 to 32768
[ 52.629199][ T3702] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 52.638045][ T3702] BTRFS info (device loop0): using free space tree
[ 52.656651][ T3702] BTRFS info (device loop0): enabling ssd optimizations
[pid 3702] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4
[pid 3702] write(4, "\x7f\x45\x4c\x46\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x38\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1628) = 1628
[pid 3702] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 3702] write(5, "17", 2) = 2
[ 52.687718][ T27] audit: type=1800 audit(1670017511.784:5): pid=3702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor243" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 52.714765][ T3702] FAULT_INJECTION: forcing a failure.
[ 52.714765][ T3702] name failslab, interval 1, probability 0, space 0, times 0
[ 52.728136][ T3702] CPU: 0 PID: 3702 Comm: syz-executor243 Not tainted 6.1.0-rc7-syzkaller-00123-ga4412fdd49dc #0
[ 52.738585][ T3702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 52.748659][ T3702] Call Trace:
[ 52.751951][ T3702]
[ 52.754882][ T3702] dump_stack_lvl+0x1b1/0x28e
[ 52.759570][ T3702] ? nf_tcp_handle_invalid+0x62e/0x62e
[ 52.765023][ T3702] ? panic+0x710/0x710
[ 52.769100][ T3702] ? __might_sleep+0xc0/0xc0
[ 52.773689][ T3702] ? rcu_read_lock_sched_held+0x87/0x110
[ 52.779324][ T3702] should_fail_ex+0x395/0x4c0
[ 52.784009][ T3702] ? btrfs_drop_extent_map_range+0x32a/0x1690
[ 52.790077][ T3702] should_failslab+0x5/0x20
[ 52.794578][ T3702] kmem_cache_alloc+0x68/0x300
[ 52.799337][ T3702] ? btrfs_drop_extent_map_range+0x226/0x1690
[ 52.805409][ T3702] btrfs_drop_extent_map_range+0x32a/0x1690
[ 52.811303][ T3702] ? __kernel_text_address+0x9/0x40
[ 52.816505][ T3702] ? arch_stack_walk+0x98/0xe0
[ 52.821278][ T3702] ? stack_trace_snprint+0xf0/0xf0
[ 52.826385][ T3702] ? unwind_get_return_address+0x48/0x80
[ 52.832016][ T3702] ? merge_extent_mapping+0x3a0/0x3a0
[ 52.837396][ T3702] btrfs_drop_extents+0x2ee/0x3550
[ 52.842508][ T3702] ? __lock_acquire+0x1292/0x1f60
[ 52.847552][ T3702] ? read_lock_is_recursive+0x10/0x10
[ 52.852919][ T3702] ? join_transaction+0xbf8/0xe60
[ 52.857941][ T3702] ? do_raw_spin_lock+0x148/0x360
[ 52.862964][ T3702] ? __lock_acquire+0x1f60/0x1f60
[ 52.867989][ T3702] ? btrfs_dirty_pages+0x2f0/0x2f0
[ 52.873105][ T3702] ? join_transaction+0xc45/0xe60
[ 52.878129][ T3702] ? join_transaction+0xc1f/0xe60
[ 52.883152][ T3702] ? btrfs_record_root_in_trans+0x129/0x180
[ 52.889046][ T3702] ? start_transaction+0x3da/0x1180
[ 52.894257][ T3702] cow_file_range_inline+0x41b/0x920
[ 52.899569][ T3702] ? btrfs_do_encoded_write+0x1470/0x1470
[ 52.905302][ T3702] ? test_range_bit+0x440/0x4a0
[ 52.910161][ T3702] ? do_raw_spin_lock+0x148/0x360
[ 52.915196][ T3702] ? __lock_acquire+0x1f60/0x1f60
[ 52.920228][ T3702] cow_file_range+0x391/0xfa0
[ 52.924925][ T3702] ? test_range_bit+0x440/0x4a0
[ 52.929785][ T3702] ? run_delalloc_zoned+0x5e0/0x5e0
[ 52.934990][ T3702] ? find_lock_delalloc_range+0x77e/0x990
[ 52.940722][ T3702] btrfs_run_delalloc_range+0xed4/0x11a0
[ 52.946373][ T3702] ? rcu_read_lock_sched_held+0x87/0x110
[ 52.952004][ T3702] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 52.957985][ T3702] writepage_delalloc+0x25e/0x540
[ 52.963967][ T3702] ? cgroup_rstat_updated+0xca/0x350
[ 52.969266][ T3702] ? trace___extent_writepage+0x300/0x300
[ 52.974985][ T3702] ? rcu_read_lock_sched_held+0x87/0x110
[ 52.980614][ T3702] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 52.986588][ T3702] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 52.992574][ T3702] ? set_page_extent_mapped+0x156/0x2b0
[ 52.998118][ T3702] __extent_writepage+0x5d6/0x14d0
[ 53.003236][ T3702] ? extent_write_locked_range+0xd30/0xd30
[ 53.009052][ T3702] ? folio_wait_writeback+0x1cd/0x200
[ 53.014420][ T3702] extent_write_cache_pages+0x9e7/0x12d0
[ 53.020053][ T3702] ? __kmem_cache_free+0x71/0x110
[ 53.025095][ T3702] ? extent_writepages+0x550/0x550
[ 53.030220][ T3702] ? rcu_read_lock_sched_held+0x87/0x110
[ 53.035861][ T3702] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 53.041845][ T3702] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 53.047841][ T3702] ? btrfs_buffered_write+0x1324/0x16f0
[ 53.053404][ T3702] extent_writepages+0x228/0x550
[ 53.058434][ T3702] ? __extent_writepage+0x14d0/0x14d0
[ 53.063811][ T3702] ? rcu_read_lock_sched_held+0x87/0x110
[ 53.069449][ T3702] ? wbc_attach_and_unlock_inode+0x2fe/0x540
[ 53.075430][ T3702] ? acls_after_inode_item+0x5e0/0x5e0
[ 53.080889][ T3702] do_writepages+0x3c3/0x680
[ 53.085574][ T3702] ? __writepage+0x120/0x120
[ 53.090159][ T3702] ? __lock_acquire+0x1f60/0x1f60
[ 53.095184][ T3702] ? do_raw_spin_lock+0x148/0x360
[ 53.100206][ T3702] ? do_raw_spin_unlock+0x134/0x8a0
[ 53.105409][ T3702] ? wbc_attach_and_unlock_inode+0x350/0x540
[ 53.111391][ T3702] filemap_fdatawrite_wbc+0x11e/0x170
[ 53.116762][ T3702] filemap_fdatawrite_range+0x175/0x200
[ 53.122304][ T3702] ? filemap_fdatawrite+0x1d0/0x1d0
[ 53.127504][ T3702] ? __up_read+0x690/0x690
[ 53.131912][ T3702] ? btrfs_write_check+0x4a9/0x540
[ 53.137030][ T3702] btrfs_do_write_iter+0xf0c/0x1260
[ 53.142241][ T3702] ? btrfs_check_nocow_unlock+0x40/0x40
[ 53.147795][ T3702] vfs_write+0x7dc/0xc50
[ 53.152048][ T3702] ? file_end_write+0x230/0x230
[ 53.156912][ T3702] ? ptrace_stop+0x74d/0x970
[ 53.161511][ T3702] ? _raw_spin_unlock_irq+0x2a/0x40
[ 53.166714][ T3702] ? __fdget_pos+0x252/0x2e0
[ 53.171307][ T3702] ksys_write+0x177/0x2a0
[ 53.175727][ T3702] ? __ia32_sys_read+0x80/0x80
[ 53.180492][ T3702] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 53.186472][ T3702] ? syscall_enter_from_user_mode+0x86/0x1d0
[ 53.192449][ T3702] do_syscall_64+0x3d/0xb0
[ 53.196862][ T3702] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 53.202748][ T3702] RIP: 0033:0x7f6153d39ba9
[ 53.207167][ T3702] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 53.226766][ T3702] RSP: 002b:00007ffcf3634648 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[pid 3702] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32
[pid 3702] exit_group(0) = ?
[pid 3702] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3702, si_uid=0, si_status=0, si_utime=2, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556065620 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./3/binderfs") = 0
[ 53.235180][ T3702] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6153d39ba9
[ 53.243144][ T3702] RDX: 0000000000000020 RSI: 0000000020000180 RDI: 0000000000000004
[ 53.251110][ T3702] RBP: 00007ffcf3634670 R08: 0000000000000002 R09: 00007ffcf3634680
[ 53.259076][ T3702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 53.267042][ T3702] R13: 00007ffcf36346b0 R14: 00007ffcf3634690 R15: 0000000000000003
[ 53.275022][ T3702]
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555606d660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555606d660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x555556065620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560645d0) = 3721
./strace-static-x86_64: Process 3721 attached
[pid 3721] chdir("./4") = 0
[pid 3721] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3721] setpgid(0, 0) = 0
[pid 3721] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3721] write(3, "1000", 4) = 4
[pid 3721] close(3) = 0
[pid 3721] symlink("/dev/binderfs", "./binderfs") = 0
[pid 3721] memfd_create("syzkaller", 0) = 3
[pid 3721] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f614b800000
[pid 3721] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 3721] munmap(0x7f614b800000, 16777216) = 0
[pid 3721] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3721] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3721] close(3) = 0
[pid 3721] mkdir("./file0", 0777) = 0
[pid 3721] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV|MS_SYNCHRONOUS, "") = 0
[pid 3721] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 3721] chdir("./file0") = 0
[pid 3721] ioctl(4, LOOP_CLR_FD) = 0
[pid 3721] close(4) = 0
[pid 3721] unlink("./file1") = 0
[ 53.609739][ T3721] loop0: detected capacity change from 0 to 32768
[ 53.622693][ T3721] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 53.631477][ T3721] BTRFS info (device loop0): using free space tree
[ 53.649074][ T3721] BTRFS info (device loop0): enabling ssd optimizations
[pid 3721] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4
[pid 3721] write(4, "\x7f\x45\x4c\x46\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x38\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1628) = 1628
[pid 3721] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 3721] write(5, "17", 2) = 2
[ 53.677075][ T27] audit: type=1800 audit(1670017512.774:6): pid=3721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor243" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 53.706536][ T3721] FAULT_INJECTION: forcing a failure.
[ 53.706536][ T3721] name failslab, interval 1, probability 0, space 0, times 0
[ 53.720955][ T3721] CPU: 1 PID: 3721 Comm: syz-executor243 Not tainted 6.1.0-rc7-syzkaller-00123-ga4412fdd49dc #0
[ 53.731405][ T3721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 53.741519][ T3721] Call Trace:
[ 53.744831][ T3721]
[ 53.747775][ T3721] dump_stack_lvl+0x1b1/0x28e
[ 53.752479][ T3721] ? nf_tcp_handle_invalid+0x62e/0x62e
[ 53.757962][ T3721] ? panic+0x710/0x710
[ 53.762056][ T3721] ? __might_sleep+0xc0/0xc0
[ 53.766674][ T3721] should_fail_ex+0x395/0x4c0
[ 53.771379][ T3721] ? btrfs_add_delayed_tree_ref+0x1ff/0xa90
[ 53.777302][ T3721] should_failslab+0x5/0x20
[ 53.781831][ T3721] kmem_cache_alloc+0x68/0x300
[ 53.786624][ T3721] btrfs_add_delayed_tree_ref+0x1ff/0xa90
[ 53.792387][ T3721] ? rb_erase_cached+0x80/0x80
[ 53.797282][ T3721] btrfs_free_tree_block+0x3bd/0x9c0
[ 53.802602][ T3721] ? unpin_extent_range+0xcc0/0xcc0
[ 53.807818][ T3721] ? do_raw_spin_lock+0x148/0x360
[ 53.812875][ T3721] ? do_raw_spin_unlock+0x134/0x8a0
[ 53.818108][ T3721] btrfs_del_leaf+0x245/0x3c0
[ 53.822813][ T3721] btrfs_del_items+0xb47/0xe00
[ 53.827618][ T3721] ? btrfs_duplicate_item+0x420/0x420
[ 53.833017][ T3721] ? btrfs_get_64+0x197/0x3d0
[ 53.837702][ T3721] ? btrfs_get_token_64+0x620/0x620
[ 53.842895][ T3721] ? memcpy+0x3c/0x60
[ 53.846896][ T3721] ? btrfs_get_8+0xbb/0x210
[ 53.851396][ T3721] btrfs_drop_extents+0x27c4/0x3550
[ 53.856635][ T3721] ? btrfs_dirty_pages+0x2f0/0x2f0
[ 53.861765][ T3721] ? join_transaction+0xc45/0xe60
[ 53.866799][ T3721] ? join_transaction+0xc1f/0xe60
[ 53.871828][ T3721] ? btrfs_record_root_in_trans+0x129/0x180
[ 53.877731][ T3721] ? start_transaction+0x3da/0x1180
[ 53.882952][ T3721] cow_file_range_inline+0x41b/0x920
[ 53.888252][ T3721] ? btrfs_do_encoded_write+0x1470/0x1470
[ 53.893980][ T3721] ? test_range_bit+0x440/0x4a0
[ 53.898828][ T3721] ? do_raw_spin_lock+0x148/0x360
[ 53.903851][ T3721] ? __lock_acquire+0x1f60/0x1f60
[ 53.908879][ T3721] cow_file_range+0x391/0xfa0
[ 53.913568][ T3721] ? test_range_bit+0x440/0x4a0
[ 53.918417][ T3721] ? run_delalloc_zoned+0x5e0/0x5e0
[ 53.923622][ T3721] ? find_lock_delalloc_range+0x77e/0x990
[ 53.929350][ T3721] btrfs_run_delalloc_range+0xed4/0x11a0
[ 53.934991][ T3721] ? rcu_read_lock_sched_held+0x87/0x110
[ 53.940623][ T3721] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 53.946601][ T3721] writepage_delalloc+0x25e/0x540
[ 53.951624][ T3721] ? cgroup_rstat_updated+0xca/0x350
[ 53.956922][ T3721] ? trace___extent_writepage+0x300/0x300
[ 53.962643][ T3721] ? rcu_read_lock_sched_held+0x87/0x110
[ 53.968298][ T3721] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 53.974292][ T3721] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 53.980299][ T3721] ? set_page_extent_mapped+0x156/0x2b0
[ 53.985873][ T3721] __extent_writepage+0x5d6/0x14d0
[ 53.991016][ T3721] ? extent_write_locked_range+0xd30/0xd30
[ 53.996831][ T3721] ? folio_wait_writeback+0x1cd/0x200
[ 54.002217][ T3721] extent_write_cache_pages+0x9e7/0x12d0
[ 54.007854][ T3721] ? __kmem_cache_free+0x71/0x110
[ 54.012900][ T3721] ? extent_writepages+0x550/0x550
[ 54.018025][ T3721] ? rcu_read_lock_sched_held+0x87/0x110
[ 54.023675][ T3721] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 54.029672][ T3721] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 54.035662][ T3721] ? btrfs_buffered_write+0x1324/0x16f0
[ 54.041221][ T3721] extent_writepages+0x228/0x550
[ 54.046167][ T3721] ? __extent_writepage+0x14d0/0x14d0
[ 54.051549][ T3721] ? rcu_read_lock_sched_held+0x87/0x110
[ 54.057202][ T3721] ? wbc_attach_and_unlock_inode+0x2fe/0x540
[ 54.063192][ T3721] ? acls_after_inode_item+0x5e0/0x5e0
[ 54.068663][ T3721] do_writepages+0x3c3/0x680
[ 54.073272][ T3721] ? __writepage+0x120/0x120
[ 54.077864][ T3721] ? __lock_acquire+0x1f60/0x1f60
[ 54.082895][ T3721] ? do_raw_spin_lock+0x148/0x360
[ 54.087923][ T3721] ? do_raw_spin_unlock+0x134/0x8a0
[ 54.093129][ T3721] ? wbc_attach_and_unlock_inode+0x350/0x540
[ 54.099112][ T3721] filemap_fdatawrite_wbc+0x11e/0x170
[ 54.104486][ T3721] filemap_fdatawrite_range+0x175/0x200
[ 54.110033][ T3721] ? filemap_fdatawrite+0x1d0/0x1d0
[ 54.115238][ T3721] ? __up_read+0x690/0x690
[ 54.119648][ T3721] ? btrfs_write_check+0x4a9/0x540
[ 54.124769][ T3721] btrfs_do_write_iter+0xf0c/0x1260
[ 54.129983][ T3721] ? btrfs_check_nocow_unlock+0x40/0x40
[ 54.135546][ T3721] vfs_write+0x7dc/0xc50
[ 54.139799][ T3721] ? file_end_write+0x230/0x230
[ 54.144667][ T3721] ? ptrace_stop+0x74d/0x970
[ 54.149271][ T3721] ? _raw_spin_unlock_irq+0x2a/0x40
[ 54.154473][ T3721] ? __fdget_pos+0x252/0x2e0
[ 54.159064][ T3721] ksys_write+0x177/0x2a0
[ 54.163394][ T3721] ? __ia32_sys_read+0x80/0x80
[ 54.168160][ T3721] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 54.174141][ T3721] ? syscall_enter_from_user_mode+0x86/0x1d0
[ 54.180129][ T3721] do_syscall_64+0x3d/0xb0
[ 54.184543][ T3721] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 54.190433][ T3721] RIP: 0033:0x7f6153d39ba9
[ 54.194846][ T3721] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 54.214443][ T3721] RSP: 002b:00007ffcf3634648 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 54.222867][ T3721] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6153d39ba9
[ 54.230844][ T3721] RDX: 0000000000000020 RSI: 0000000020000180 RDI: 0000000000000004
[ 54.238895][ T3721] RBP: 00007ffcf3634670 R08: 0000000000000002 R09: 00007ffcf3634680
[ 54.246861][ T3721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 54.254824][ T3721] R13: 00007ffcf36346b0 R14: 00007ffcf3634690 R15: 0000000000000004
[ 54.262806][ T3721]
[ 54.271576][ T3721] ------------[ cut here ]------------
[ 54.277521][ T3721] kernel BUG at fs/btrfs/extent-tree.c:3274!
[ 54.284369][ T3721] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 54.290448][ T3721] CPU: 0 PID: 3721 Comm: syz-executor243 Not tainted 6.1.0-rc7-syzkaller-00123-ga4412fdd49dc #0
[ 54.300856][ T3721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 54.310892][ T3721] RIP: 0010:btrfs_free_tree_block+0x9b4/0x9c0
[ 54.316945][ T3721] Code: 44 89 e9 80 e1 07 38 c1 0f 8c fb fb ff ff be 08 00 00 00 4c 89 ef e8 8b fe 5c fe e9 e9 fb ff ff e8 41 7e 10 07 e8 bc e1 08 fe <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 55 41 57 41 56 41 55 41 54 53
[ 54.336532][ T3721] RSP: 0018:ffffc9000436e860 EFLAGS: 00010293
[ 54.342580][ T3721] RAX: ffffffff8381b634 RBX: 00000000fffffff4 RCX: ffff8880272f8000
[ 54.350531][ T3721] RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000
[ 54.358483][ T3721] RBP: ffffc9000436e9b8 R08: ffffffff8381b048 R09: fffffbfff1a42e8f
[ 54.366444][ T3721] R10: fffffbfff1a42e8f R11: 1ffffffff1a42e8e R12: dffffc0000000000
[ 54.374396][ T3721] R13: ffffc9000436e8e0 R14: ffff88807e7c3e30 R15: ffff88807e7c3d10
[ 54.382348][ T3721] FS: 0000555556064300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 54.391258][ T3721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 54.397821][ T3721] CR2: 0000557180d19c28 CR3: 000000002359d000 CR4: 00000000003506f0
[ 54.405774][ T3721] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 54.413724][ T3721] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 54.421683][ T3721] Call Trace:
[ 54.424959][ T3721]
[ 54.427875][ T3721] ? unpin_extent_range+0xcc0/0xcc0
[ 54.433060][ T3721] ? do_raw_spin_lock+0x148/0x360
[ 54.438069][ T3721] ? do_raw_spin_unlock+0x134/0x8a0
[ 54.443252][ T3721] btrfs_del_leaf+0x245/0x3c0
[ 54.447915][ T3721] btrfs_del_items+0xb47/0xe00
[ 54.452669][ T3721] ? btrfs_duplicate_item+0x420/0x420
[ 54.458021][ T3721] ? btrfs_get_64+0x197/0x3d0
[ 54.462679][ T3721] ? btrfs_get_token_64+0x620/0x620
[ 54.467855][ T3721] ? memcpy+0x3c/0x60
[ 54.471817][ T3721] ? btrfs_get_8+0xbb/0x210
[ 54.476385][ T3721] btrfs_drop_extents+0x27c4/0x3550
[ 54.481574][ T3721] ? btrfs_dirty_pages+0x2f0/0x2f0
[ 54.486755][ T3721] ? join_transaction+0xc45/0xe60
[ 54.491761][ T3721] ? join_transaction+0xc1f/0xe60
[ 54.496771][ T3721] ? btrfs_record_root_in_trans+0x129/0x180
[ 54.502648][ T3721] ? start_transaction+0x3da/0x1180
[ 54.507830][ T3721] cow_file_range_inline+0x41b/0x920
[ 54.513097][ T3721] ? btrfs_do_encoded_write+0x1470/0x1470
[ 54.518796][ T3721] ? test_range_bit+0x440/0x4a0
[ 54.523626][ T3721] ? do_raw_spin_lock+0x148/0x360
[ 54.528640][ T3721] ? __lock_acquire+0x1f60/0x1f60
[ 54.533645][ T3721] cow_file_range+0x391/0xfa0
[ 54.538309][ T3721] ? test_range_bit+0x440/0x4a0
[ 54.543142][ T3721] ? run_delalloc_zoned+0x5e0/0x5e0
[ 54.548327][ T3721] ? find_lock_delalloc_range+0x77e/0x990
[ 54.554033][ T3721] btrfs_run_delalloc_range+0xed4/0x11a0
[ 54.559653][ T3721] ? rcu_read_lock_sched_held+0x87/0x110
[ 54.565265][ T3721] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 54.571223][ T3721] writepage_delalloc+0x25e/0x540
[ 54.576231][ T3721] ? cgroup_rstat_updated+0xca/0x350
[ 54.581501][ T3721] ? trace___extent_writepage+0x300/0x300
[ 54.587200][ T3721] ? rcu_read_lock_sched_held+0x87/0x110
[ 54.592811][ T3721] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 54.598768][ T3721] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 54.604728][ T3721] ? set_page_extent_mapped+0x156/0x2b0
[ 54.610253][ T3721] __extent_writepage+0x5d6/0x14d0
[ 54.615347][ T3721] ? extent_write_locked_range+0xd30/0xd30
[ 54.621145][ T3721] ? folio_wait_writeback+0x1cd/0x200
[ 54.626498][ T3721] extent_write_cache_pages+0x9e7/0x12d0
[ 54.632111][ T3721] ? __kmem_cache_free+0x71/0x110
[ 54.637122][ T3721] ? extent_writepages+0x550/0x550
[ 54.642216][ T3721] ? rcu_read_lock_sched_held+0x87/0x110
[ 54.647827][ T3721] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 54.653785][ T3721] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 54.659746][ T3721] ? btrfs_buffered_write+0x1324/0x16f0
[ 54.665277][ T3721] extent_writepages+0x228/0x550
[ 54.670197][ T3721] ? __extent_writepage+0x14d0/0x14d0
[ 54.675549][ T3721] ? rcu_read_lock_sched_held+0x87/0x110
[ 54.681164][ T3721] ? wbc_attach_and_unlock_inode+0x2fe/0x540
[ 54.687122][ T3721] ? acls_after_inode_item+0x5e0/0x5e0
[ 54.692563][ T3721] do_writepages+0x3c3/0x680
[ 54.697133][ T3721] ? __writepage+0x120/0x120
[ 54.701710][ T3721] ? __lock_acquire+0x1f60/0x1f60
[ 54.706717][ T3721] ? do_raw_spin_lock+0x148/0x360
[ 54.711721][ T3721] ? do_raw_spin_unlock+0x134/0x8a0
[ 54.716929][ T3721] ? wbc_attach_and_unlock_inode+0x350/0x540
[ 54.722890][ T3721] filemap_fdatawrite_wbc+0x11e/0x170
[ 54.728249][ T3721] filemap_fdatawrite_range+0x175/0x200
[ 54.733777][ T3721] ? filemap_fdatawrite+0x1d0/0x1d0
[ 54.738953][ T3721] ? __up_read+0x690/0x690
[ 54.743350][ T3721] ? btrfs_write_check+0x4a9/0x540
[ 54.748444][ T3721] btrfs_do_write_iter+0xf0c/0x1260
[ 54.753627][ T3721] ? btrfs_check_nocow_unlock+0x40/0x40
[ 54.759158][ T3721] vfs_write+0x7dc/0xc50
[ 54.763387][ T3721] ? file_end_write+0x230/0x230
[ 54.768219][ T3721] ? ptrace_stop+0x74d/0x970
[ 54.772792][ T3721] ? _raw_spin_unlock_irq+0x2a/0x40
[ 54.777975][ T3721] ? __fdget_pos+0x252/0x2e0
[ 54.782550][ T3721] ksys_write+0x177/0x2a0
[ 54.786865][ T3721] ? __ia32_sys_read+0x80/0x80
[ 54.791608][ T3721] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 54.797575][ T3721] ? syscall_enter_from_user_mode+0x86/0x1d0
[ 54.803535][ T3721] do_syscall_64+0x3d/0xb0
[ 54.807931][ T3721] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 54.813802][ T3721] RIP: 0033:0x7f6153d39ba9
[ 54.818202][ T3721] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 54.837786][ T3721] RSP: 002b:00007ffcf3634648 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 54.846178][ T3721] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6153d39ba9
[ 54.854129][ T3721] RDX: 0000000000000020 RSI: 0000000020000180 RDI: 0000000000000004
[ 54.862078][ T3721] RBP: 00007ffcf3634670 R08: 0000000000000002 R09: 00007ffcf3634680
[ 54.870029][ T3721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 54.877977][ T3721] R13: 00007ffcf36346b0 R14: 00007ffcf3634690 R15: 0000000000000004
[ 54.885932][ T3721]
[ 54.888975][ T3721] Modules linked in:
[ 54.893813][ T3721] ---[ end trace 0000000000000000 ]---
[ 54.902071][ T3721] RIP: 0010:btrfs_free_tree_block+0x9b4/0x9c0
[ 54.908142][ T3721] Code: 44 89 e9 80 e1 07 38 c1 0f 8c fb fb ff ff be 08 00 00 00 4c 89 ef e8 8b fe 5c fe e9 e9 fb ff ff e8 41 7e 10 07 e8 bc e1 08 fe <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 55 41 57 41 56 41 55 41 54 53
[ 54.928094][ T3721] RSP: 0018:ffffc9000436e860 EFLAGS: 00010293
[ 54.934253][ T3721] RAX: ffffffff8381b634 RBX: 00000000fffffff4 RCX: ffff8880272f8000
[ 54.942917][ T3721] RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000
[ 54.951280][ T3721] RBP: ffffc9000436e9b8 R08: ffffffff8381b048 R09: fffffbfff1a42e8f
[ 54.959263][ T3721] R10: fffffbfff1a42e8f R11: 1ffffffff1a42e8e R12: dffffc0000000000
[ 54.967519][ T3721] R13: ffffc9000436e8e0 R14: ffff88807e7c3e30 R15: ffff88807e7c3d10
[ 54.975711][ T3721] FS: 0000555556064300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[ 54.984731][ T3721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 54.991334][ T3721] CR2: 00005639f6e7d318 CR3: 000000002359d000 CR4: 00000000003506e0
[ 54.999296][ T3721] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 55.007295][ T3721] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 55.015346][ T3721] Kernel panic - not syncing: Fatal exception
[ 55.021655][ T3721] Kernel Offset: disabled
[ 55.025969][ T3721] Rebooting in 86400 seconds..