./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3781813958
<...>
Warning: Permanently added '10.128.0.109' (ED25519) to the list of known hosts.
execve("./syz-executor3781813958", ["./syz-executor3781813958"], 0x7fffce5c8550 /* 10 vars */) = 0
brk(NULL) = 0x55555608f000
brk(0x55555608fd00) = 0x55555608fd00
arch_prctl(ARCH_SET_FS, 0x55555608f380) = 0
set_tid_address(0x55555608f650) = 5030
set_robust_list(0x55555608f660, 24) = 0
rseq(0x55555608fca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3781813958", 4096) = 28
getrandom("\x63\x61\x0a\x04\xed\xc6\x46\x7c", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55555608fd00
brk(0x5555560b0d00) = 0x5555560b0d00
brk(0x5555560b1000) = 0x5555560b1000
mprotect(0x7f9fa873f000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
[ 77.486907][ T26] audit: type=1400 audit(1694812276.252:83): avc: denied { write } for pid=5027 comm="strace-static-x" path="pipe:[3463]" dev="pipefs" ino=3463 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
mkdir("./syzkaller.SpINqB", 0700) = 0
chmod("./syzkaller.SpINqB", 0777) = 0
chdir("./syzkaller.SpINqB") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5031 attached
, child_tidptr=0x55555608f650) = 5031
[pid 5031] set_robust_list(0x55555608f660, 24) = 0
[pid 5031] chdir("./0") = 0
[pid 5031] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5031] setpgid(0, 0) = 0
[pid 5031] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5031] write(3, "1000", 4) = 4
[pid 5031] close(3) = 0
[pid 5031] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5031] memfd_create("syzkaller", 0) = 3
[pid 5031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9fa0287000
[ 77.526346][ T26] audit: type=1400 audit(1694812276.292:84): avc: denied { execmem } for pid=5030 comm="syz-executor378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 77.544840][ T5031] syz-executor378[5031]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[ 77.566645][ T26] audit: type=1400 audit(1694812276.302:85): avc: denied { read write } for pid=5030 comm="syz-executor378" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 77.599891][ T26] audit: type=1400 audit(1694812276.302:86): avc: denied { open } for pid=5030 comm="syz-executor378" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 77.625446][ T26] audit: type=1400 audit(1694812276.302:87): avc: denied { ioctl } for pid=5030 comm="syz-executor378" path="/dev/loop0" dev="devtmpfs" ino=648 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid 5031] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5031] munmap(0x7f9fa0287000, 16777216) = 0
[pid 5031] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5031] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5031] close(3) = 0
[pid 5031] mkdir("./file0", 0777) = 0
[ 77.752268][ T5031] loop0: detected capacity change from 0 to 32768
[ 77.762127][ T26] audit: type=1400 audit(1694812276.532:88): avc: denied { mounton } for pid=5031 comm="syz-executor378" path="/root/syzkaller.SpINqB/0/file0" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 77.763720][ T5031] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor378 (5031)
[ 77.804116][ T5031] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 77.813051][ T5031] BTRFS info (device loop0): setting nodatacow, compression disabled
[ 77.821163][ T5031] BTRFS info (device loop0): using free space tree
[ 77.843515][ T5031] BTRFS info (device loop0): enabling ssd optimizations
[pid 5031] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV, "enospc_debug,nodatacow,subvolid=0x0000000000000005,nodatacow,") = 0
[pid 5031] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5031] chdir("./file0") = 0
[pid 5031] ioctl(4, LOOP_CLR_FD) = 0
[pid 5031] close(4) = 0
[pid 5031] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[ 77.850497][ T5031] BTRFS info (device loop0): auto enabling async discard
[ 77.860394][ T26] audit: type=1400 audit(1694812276.622:89): avc: denied { mount } for pid=5031 comm="syz-executor378" name="/" dev="loop0" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[pid 5031] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5031] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid 5031] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5031] write(6, "10", 2) = 2
[ 77.883261][ T26] audit: type=1400 audit(1694812276.642:90): avc: denied { write } for pid=5031 comm="syz-executor378" name="/" dev="loop0" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 77.908402][ T5031] FAULT_INJECTION: forcing a failure.
[ 77.908402][ T5031] name failslab, interval 1, probability 0, space 0, times 1
[ 77.921318][ T5031] CPU: 0 PID: 5031 Comm: syz-executor378 Not tainted 6.6.0-rc1-syzkaller-00115-g9fdfb15a3dbf #0
[ 77.931760][ T5031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 77.941821][ T5031] Call Trace:
[ 77.945103][ T5031]
[ 77.948033][ T5031] dump_stack_lvl+0x125/0x1b0
[ 77.952733][ T5031] should_fail_ex+0x496/0x5b0
[ 77.957423][ T5031] should_failslab+0x9/0x20
[ 77.961939][ T5031] kmem_cache_alloc+0x61/0x400
[ 77.966710][ T5031] btrfs_getxattr+0x51/0x200
[ 77.971317][ T5031] ? btrfs_getxattr+0x200/0x200
[ 77.976177][ T5031] __vfs_getxattr+0x13b/0x1a0
[ 77.980864][ T5031] ? xattr_full_name+0x90/0x90
[ 77.985635][ T5031] ? unwind_next_frame+0x51/0x2390
[ 77.990765][ T5031] ? stack_access_ok+0xf9/0x270
[ 77.995660][ T5031] ? rcu_is_watching+0x12/0xb0
[ 78.000437][ T5031] cap_inode_need_killpriv+0x40/0x60
[ 78.005737][ T5031] security_inode_need_killpriv+0x62/0xa0
[ 78.011479][ T5031] __file_remove_privs+0x3b2/0x660
[ 78.016597][ T5031] ? file_update_time+0x160/0x160
[ 78.021632][ T5031] ? down_write+0x14f/0x200
[ 78.026153][ T5031] ? down_write_killable_nested+0x250/0x250
[ 78.032061][ T5031] ? tomoyo_path_number_perm+0x46e/0x590
[ 78.037723][ T5031] ? stack_trace_save+0x96/0xd0
[ 78.042593][ T5031] file_modified+0x47/0x1f0
[ 78.047102][ T5031] btrfs_fallocate+0x32a/0x2640
[ 78.051966][ T5031] ? tomoyo_path_number_perm+0x46e/0x590
[ 78.057605][ T5031] ? kasan_save_stack+0x43/0x50
[ 78.062472][ T5031] ? kasan_save_stack+0x33/0x50
[ 78.067335][ T5031] ? kasan_set_track+0x25/0x30
[ 78.072106][ T5031] ? kasan_save_free_info+0x28/0x40
[ 78.077317][ T5031] ? ____kasan_slab_free+0x138/0x190
[ 78.082608][ T5031] ? __kmem_cache_free+0xcc/0x2d0
[ 78.087637][ T5031] ? tomoyo_path_number_perm+0x46e/0x590
[ 78.093280][ T5031] ? security_file_ioctl+0x72/0xb0
[ 78.098407][ T5031] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 78.104505][ T5031] ? avc_has_extended_perms+0x719/0xf80
[ 78.110090][ T5031] ? reacquire_held_locks+0x4b0/0x4b0
[ 78.115511][ T5031] ? rcu_is_watching+0x12/0xb0
[ 78.120289][ T5031] ? lock_acquire+0x464/0x510
[ 78.124979][ T5031] ? lock_sync+0x190/0x190
[ 78.129436][ T5031] ? inode_security+0x101/0x130
[ 78.134300][ T5031] ? selinux_file_permission+0x126/0x590
[ 78.139945][ T5031] ? preempt_count_sub+0x150/0x150
[ 78.145073][ T5031] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 78.151164][ T5031] ? vfs_fallocate+0x46c/0xe80
[ 78.155955][ T5031] vfs_fallocate+0x46c/0xe80
[ 78.160570][ T5031] ioctl_preallocate+0x1a4/0x220
[ 78.165541][ T5031] ? fileattr_fill_flags+0x320/0x320
[ 78.170855][ T5031] do_vfs_ioctl+0x150b/0x1920
[ 78.175726][ T5031] ? vfs_fileattr_set+0xbf0/0xbf0
[ 78.180907][ T5031] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x460
[ 78.187424][ T5031] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x460
[ 78.193952][ T5031] ? selinux_bprm_creds_for_exec+0xb30/0xb30
[ 78.199963][ T5031] ? lock_release+0x4bf/0x680
[ 78.204671][ T5031] ? selinux_file_ioctl+0x17d/0x270
[ 78.209886][ T5031] ? selinux_file_ioctl+0xb5/0x270
[ 78.215023][ T5031] __x64_sys_ioctl+0x112/0x210
[ 78.219817][ T5031] do_syscall_64+0x38/0xb0
[ 78.224339][ T5031] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 78.230270][ T5031] RIP: 0033:0x7f9fa86c6329
[ 78.234687][ T5031] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 78.254329][ T5031] RSP: 002b:00007fff22c5b018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 78.262836][ T5031] RAX: ffffffffffffffda RBX: 00007fff22c5b040 RCX: 00007f9fa86c6329
[ 78.270810][ T5031] RDX: 0000000020000000 RSI: 0000000040305839 RDI: 0000000000000005
[ 78.278782][ T5031] RBP: 0000000000000002 R08: 00007fff22c5adb6 R09: 00007fff22c5b060
[ 78.286757][ T5031] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[ 78.294743][ T5031] R13: 0000000000000000 R14: 431bde82d7b634db R15: 00007fff22c5b080
[ 78.302730][ T5031]
[pid 5031] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x39, 0x30), 0x20000000) = 0
[ 78.306075][ T26] audit: type=1400 audit(1694812276.642:91): avc: denied { add_name } for pid=5031 comm="syz-executor378" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 78.328698][ T26] audit: type=1400 audit(1694812276.642:92): avc: denied { create } for pid=5031 comm="syz-executor378" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[pid 5031] exit_group(0) = ?
[pid 5031] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5031, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=22 /* 0.22 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555560906f0 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs") = 0
[ 78.351893][ T1094] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556098730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556098730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x5555560906f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5050 attached
, child_tidptr=0x55555608f650) = 5050
[pid 5050] set_robust_list(0x55555608f660, 24) = 0
[pid 5050] chdir("./1") = 0
[pid 5050] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5050] setpgid(0, 0) = 0
[pid 5050] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5050] write(3, "1000", 4) = 4
[pid 5050] close(3) = 0
[pid 5050] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5050] memfd_create("syzkaller", 0) = 3
[pid 5050] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9fa0287000
[pid 5050] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5050] munmap(0x7f9fa0287000, 16777216) = 0
[pid 5050] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5050] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5050] close(3) = 0
[pid 5050] mkdir("./file0", 0777) = 0
[ 78.742456][ T5050] loop0: detected capacity change from 0 to 32768
[ 78.753425][ T5050] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor378 (5050)
[ 78.770345][ T5050] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 78.779431][ T5050] BTRFS info (device loop0): setting nodatacow, compression disabled
[pid 5050] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV, "enospc_debug,nodatacow,subvolid=0x0000000000000005,nodatacow,") = 0
[pid 5050] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5050] chdir("./file0") = 0
[pid 5050] ioctl(4, LOOP_CLR_FD) = 0
[pid 5050] close(4) = 0
[pid 5050] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 5050] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5050] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid 5050] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5050] write(6, "10", 2) = 2
[ 78.787690][ T5050] BTRFS info (device loop0): using free space tree
[ 78.810740][ T5050] BTRFS info (device loop0): enabling ssd optimizations
[ 78.817823][ T5050] BTRFS info (device loop0): auto enabling async discard
[ 78.865454][ T5050] FAULT_INJECTION: forcing a failure.
[ 78.865454][ T5050] name failslab, interval 1, probability 0, space 0, times 0
[ 78.887172][ T1094] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 78.897056][ T5050] CPU: 0 PID: 5050 Comm: syz-executor378 Not tainted 6.6.0-rc1-syzkaller-00115-g9fdfb15a3dbf #0
[ 78.907502][ T5050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 78.917582][ T5050] Call Trace:
[ 78.920880][ T5050]
[ 78.923825][ T5050] dump_stack_lvl+0x125/0x1b0
[ 78.928542][ T5050] should_fail_ex+0x496/0x5b0
[ 78.933255][ T5050] should_failslab+0x9/0x20
[ 78.937790][ T5050] kmem_cache_alloc+0x61/0x400
[ 78.942578][ T5050] ? btrfs_lookup_first_ordered_extent+0x27b/0x4b0
[ 78.949109][ T5050] alloc_extent_map+0x1c/0x140
[ 78.953910][ T5050] btrfs_get_extent+0x233/0x1a30
[ 78.958876][ T5050] ? trace_irq_enable.constprop.0+0xd0/0x100
[ 78.964899][ T5050] ? btrfs_rename2+0x120/0x120
[ 78.969698][ T5050] ? btrfs_wait_ordered_range+0x8b/0x280
[ 78.975358][ T5050] btrfs_fallocate+0x103b/0x2640
[ 78.980327][ T5050] ? tomoyo_path_number_perm+0x46e/0x590
[ 78.985991][ T5050] ? kasan_save_stack+0x43/0x50
[ 78.990870][ T5050] ? kasan_save_stack+0x33/0x50
[ 78.995743][ T5050] ? kasan_save_free_info+0x28/0x40
[ 79.000978][ T5050] ? ____kasan_slab_free+0x138/0x190
[ 79.006294][ T5050] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 79.012395][ T5050] ? avc_has_extended_perms+0x719/0xf80
[ 79.017980][ T5050] ? reacquire_held_locks+0x4b0/0x4b0
[ 79.023386][ T5050] ? rcu_is_watching+0x12/0xb0
[ 79.028172][ T5050] ? lock_acquire+0x464/0x510
[ 79.032883][ T5050] ? inode_security+0x101/0x130
[ 79.037849][ T5050] ? selinux_file_permission+0x126/0x590
[ 79.043513][ T5050] ? preempt_count_sub+0x150/0x150
[ 79.048667][ T5050] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 79.054770][ T5050] ? vfs_fallocate+0x46c/0xe80
[ 79.059527][ T5050] vfs_fallocate+0x46c/0xe80
[ 79.064125][ T5050] ioctl_preallocate+0x1a4/0x220
[ 79.069056][ T5050] ? fileattr_fill_flags+0x320/0x320
[ 79.074339][ T5050] do_vfs_ioctl+0x150b/0x1920
[ 79.079007][ T5050] ? vfs_fileattr_set+0xbf0/0xbf0
[ 79.084025][ T5050] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x460
[ 79.090518][ T5050] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x460
[ 79.097020][ T5050] ? selinux_bprm_creds_for_exec+0xb30/0xb30
[ 79.103004][ T5050] ? lock_release+0x4bf/0x680
[ 79.107697][ T5050] ? selinux_file_ioctl+0x17d/0x270
[ 79.112886][ T5050] ? selinux_file_ioctl+0xb5/0x270
[ 79.117998][ T5050] __x64_sys_ioctl+0x112/0x210
[ 79.122777][ T5050] do_syscall_64+0x38/0xb0
[ 79.127186][ T5050] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 79.133085][ T5050] RIP: 0033:0x7f9fa86c6329
[ 79.137503][ T5050] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 79.157099][ T5050] RSP: 002b:00007fff22c5b018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid 5050] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x39, 0x30), 0x20000000) = -1 ENOMEM (Cannot allocate memory)
[pid 5050] exit_group(0) = ?
[pid 5050] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5050, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=25 /* 0.25 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555560906f0 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs") = 0
[ 79.165506][ T5050] RAX: ffffffffffffffda RBX: 00007fff22c5b040 RCX: 00007f9fa86c6329
[ 79.173483][ T5050] RDX: 0000000020000000 RSI: 0000000040305839 RDI: 0000000000000005
[ 79.181455][ T5050] RBP: 0000000000000002 R08: 00007fff22c5adb6 R09: 00007fff22c5b060
[ 79.189431][ T5050] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fff22c5b03c
[ 79.197402][ T5050] R13: 0000000000000001 R14: 431bde82d7b634db R15: 00007fff22c5b080
[ 79.205386][ T5050]
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556098730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556098730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x5555560906f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5067 attached
, child_tidptr=0x55555608f650) = 5067
[pid 5067] set_robust_list(0x55555608f660, 24) = 0
[pid 5067] chdir("./2") = 0
[pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5067] setpgid(0, 0) = 0
[pid 5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5067] write(3, "1000", 4) = 4
[pid 5067] close(3) = 0
[pid 5067] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5067] memfd_create("syzkaller", 0) = 3
[pid 5067] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9fa0287000
[pid 5067] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5067] munmap(0x7f9fa0287000, 16777216) = 0
[pid 5067] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5067] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5067] close(3) = 0
[pid 5067] mkdir("./file0", 0777) = 0
[ 79.497780][ T5067] loop0: detected capacity change from 0 to 32768
[ 79.508091][ T5067] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor378 (5067)
[ 79.526717][ T5067] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 79.535581][ T5067] BTRFS info (device loop0): setting nodatacow, compression disabled
[pid 5067] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV, "enospc_debug,nodatacow,subvolid=0x0000000000000005,nodatacow,") = 0
[pid 5067] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5067] chdir("./file0") = 0
[pid 5067] ioctl(4, LOOP_CLR_FD) = 0
[pid 5067] close(4) = 0
[pid 5067] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 5067] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5067] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid 5067] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5067] write(6, "10", 2) = 2
[ 79.544060][ T5067] BTRFS info (device loop0): using free space tree
[ 79.565181][ T5067] BTRFS info (device loop0): enabling ssd optimizations
[ 79.572200][ T5067] BTRFS info (device loop0): auto enabling async discard
[pid 5067] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x39, 0x30), 0x20000000) = 0
[pid 5067] exit_group(0) = ?
[pid 5067] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5067, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=17 /* 0.17 s */} ---
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555560906f0 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs") = 0
[ 79.617066][ T11] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556098730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556098730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x5555560906f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555608f650) = 5084
./strace-static-x86_64: Process 5084 attached
[pid 5084] set_robust_list(0x55555608f660, 24) = 0
[pid 5084] chdir("./3") = 0
[pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5084] setpgid(0, 0) = 0
[pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5084] write(3, "1000", 4) = 4
[pid 5084] close(3) = 0
[pid 5084] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5084] memfd_create("syzkaller", 0) = 3
[pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9fa0287000
[pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5084] munmap(0x7f9fa0287000, 16777216) = 0
[pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5084] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5084] close(3) = 0
[pid 5084] mkdir("./file0", 0777) = 0
[ 79.992051][ T5084] loop0: detected capacity change from 0 to 32768
[ 80.002848][ T5084] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor378 (5084)
[ 80.020003][ T5084] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 80.029743][ T5084] BTRFS info (device loop0): setting nodatacow, compression disabled
[pid 5084] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV, "enospc_debug,nodatacow,subvolid=0x0000000000000005,nodatacow,") = 0
[pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5084] chdir("./file0") = 0
[pid 5084] ioctl(4, LOOP_CLR_FD) = 0
[pid 5084] close(4) = 0
[pid 5084] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 5084] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5084] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid 5084] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5084] write(6, "10", 2) = 2
[ 80.037861][ T5084] BTRFS info (device loop0): using free space tree
[ 80.057157][ T5084] BTRFS info (device loop0): enabling ssd optimizations
[ 80.064289][ T5084] BTRFS info (device loop0): auto enabling async discard
[ 80.106839][ T5084] FAULT_INJECTION: forcing a failure.
[ 80.106839][ T5084] name failslab, interval 1, probability 0, space 0, times 0
[ 80.119855][ T11] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 80.129601][ T5084] CPU: 0 PID: 5084 Comm: syz-executor378 Not tainted 6.6.0-rc1-syzkaller-00115-g9fdfb15a3dbf #0
[ 80.140212][ T5084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 80.150259][ T5084] Call Trace:
[ 80.153533][ T5084]
[ 80.156470][ T5084] dump_stack_lvl+0x125/0x1b0
[ 80.161187][ T5084] should_fail_ex+0x496/0x5b0
[ 80.165863][ T5084] should_failslab+0x9/0x20
[ 80.170361][ T5084] __kmem_cache_alloc_node+0x5f/0x470
[ 80.175741][ T5084] kmalloc_trace+0x25/0xe0
[ 80.180155][ T5084] qgroup_reserve_data+0x7a8/0xa60
[ 80.185270][ T5084] btrfs_qgroup_reserve_data+0x2e/0xc0
[ 80.190741][ T5084] btrfs_fallocate+0x1391/0x2640
[ 80.195689][ T5084] ? tomoyo_path_number_perm+0x46e/0x590
[ 80.201320][ T5084] ? kasan_save_stack+0x43/0x50
[ 80.206175][ T5084] ? kasan_save_stack+0x33/0x50
[ 80.211026][ T5084] ? kasan_save_free_info+0x28/0x40
[ 80.216232][ T5084] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 80.222300][ T5084] ? avc_has_extended_perms+0x719/0xf80
[ 80.227840][ T5084] ? reacquire_held_locks+0x4b0/0x4b0
[ 80.233219][ T5084] ? rcu_is_watching+0x12/0xb0
[ 80.237980][ T5084] ? lock_acquire+0x464/0x510
[ 80.242777][ T5084] ? inode_security+0x101/0x130
[ 80.247636][ T5084] ? selinux_file_permission+0x126/0x590
[ 80.253381][ T5084] ? preempt_count_sub+0x150/0x150
[ 80.258517][ T5084] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 80.264605][ T5084] ? vfs_fallocate+0x46c/0xe80
[ 80.269376][ T5084] vfs_fallocate+0x46c/0xe80
[ 80.273972][ T5084] ioctl_preallocate+0x1a4/0x220
[ 80.278935][ T5084] ? fileattr_fill_flags+0x320/0x320
[ 80.284248][ T5084] do_vfs_ioctl+0x150b/0x1920
[ 80.288944][ T5084] ? vfs_fileattr_set+0xbf0/0xbf0
[ 80.293984][ T5084] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x460
[ 80.300500][ T5084] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x460
[ 80.307016][ T5084] ? selinux_bprm_creds_for_exec+0xb30/0xb30
[ 80.313014][ T5084] ? lock_release+0x4bf/0x680
[ 80.317702][ T5084] ? selinux_file_ioctl+0x17d/0x270
[ 80.322908][ T5084] ? selinux_file_ioctl+0xb5/0x270
[ 80.328037][ T5084] __x64_sys_ioctl+0x112/0x210
[ 80.332810][ T5084] do_syscall_64+0x38/0xb0
[ 80.337316][ T5084] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 80.343215][ T5084] RIP: 0033:0x7f9fa86c6329
[ 80.347628][ T5084] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 80.367240][ T5084] RSP: 002b:00007fff22c5b018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 80.375656][ T5084] RAX: ffffffffffffffda RBX: 00007fff22c5b040 RCX: 00007f9fa86c6329
[ 80.383630][ T5084] RDX: 0000000020000000 RSI: 0000000040305839 RDI: 0000000000000005
[ 80.391603][ T5084] RBP: 0000000000000002 R08: 00007fff22c5adb6 R09: 00007fff22c5b060
[ 80.399572][ T5084] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fff22c5b03c
[pid 5084] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x39, 0x30), 0x20000000) = -1 ENOMEM (Cannot allocate memory)
[pid 5084] exit_group(0) = ?
[pid 5084] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=26 /* 0.26 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555560906f0 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs") = 0
[ 80.407542][ T5084] R13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff22c5b080
[ 80.415522][ T5084]
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556098730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556098730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x5555560906f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5101 attached
, child_tidptr=0x55555608f650) = 5101
[pid 5101] set_robust_list(0x55555608f660, 24) = 0
[pid 5101] chdir("./4") = 0
[pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5101] setpgid(0, 0) = 0
[pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5101] write(3, "1000", 4) = 4
[pid 5101] close(3) = 0
[pid 5101] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5101] memfd_create("syzkaller", 0) = 3
[pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9fa0287000
[pid 5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5101] munmap(0x7f9fa0287000, 16777216) = 0
[pid 5101] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5101] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5101] close(3) = 0
[pid 5101] mkdir("./file0", 0777) = 0
[ 80.792070][ T5101] loop0: detected capacity change from 0 to 32768
[ 80.805659][ T5101] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor378 (5101)
[ 80.822906][ T5101] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 80.831615][ T5101] BTRFS info (device loop0): setting nodatacow, compression disabled
[pid 5101] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV, "enospc_debug,nodatacow,subvolid=0x0000000000000005,nodatacow,") = 0
[pid 5101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5101] chdir("./file0") = 0
[pid 5101] ioctl(4, LOOP_CLR_FD) = 0
[pid 5101] close(4) = 0
[pid 5101] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 5101] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5101] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[ 80.840189][ T5101] BTRFS info (device loop0): using free space tree
[ 80.859992][ T5101] BTRFS info (device loop0): enabling ssd optimizations
[ 80.866975][ T5101] BTRFS info (device loop0): auto enabling async discard
[pid 5101] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5101] write(6, "10", 2) = 2
[ 80.911734][ T11] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 80.916754][ T5101] FAULT_INJECTION: forcing a failure.
[ 80.916754][ T5101] name failslab, interval 1, probability 0, space 0, times 0
[ 80.933470][ T5101] CPU: 1 PID: 5101 Comm: syz-executor378 Not tainted 6.6.0-rc1-syzkaller-00115-g9fdfb15a3dbf #0
[ 80.943914][ T5101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 80.953993][ T5101] Call Trace:
[ 80.957287][ T5101]
[ 80.960229][ T5101] dump_stack_lvl+0x125/0x1b0
[ 80.964942][ T5101] should_fail_ex+0x496/0x5b0
[ 80.969627][ T5101] should_failslab+0x9/0x20
[ 80.974143][ T5101] kmem_cache_alloc+0x61/0x400
[ 80.978925][ T5101] alloc_extent_state+0x1b/0x2d0
[ 80.983900][ T5101] __set_extent_bit+0xb20/0x1530
[ 80.988868][ T5101] lock_extent+0xa8/0x190
[ 80.993219][ T5101] ? try_lock_extent+0x130/0x130
[ 80.998177][ T5101] btrfs_punch_hole_lock_range+0xb2/0x110
[ 81.003915][ T5101] btrfs_fallocate+0x1378/0x2640
[ 81.008952][ T5101] ? tomoyo_path_number_perm+0x46e/0x590
[ 81.014621][ T5101] ? kasan_save_stack+0x43/0x50
[ 81.019476][ T5101] ? kasan_save_stack+0x33/0x50
[ 81.024334][ T5101] ? kasan_save_free_info+0x28/0x40
[ 81.029640][ T5101] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 81.035735][ T5101] ? avc_has_extended_perms+0x719/0xf80
[ 81.041318][ T5101] ? reacquire_held_locks+0x4b0/0x4b0
[ 81.046716][ T5101] ? rcu_is_watching+0x12/0xb0
[ 81.051481][ T5101] ? lock_acquire+0x464/0x510
[ 81.056168][ T5101] ? inode_security+0x101/0x130
[ 81.061025][ T5101] ? selinux_file_permission+0x126/0x590
[ 81.066666][ T5101] ? preempt_count_sub+0x150/0x150
[ 81.071791][ T5101] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 81.077869][ T5101] ? vfs_fallocate+0x46c/0xe80
[ 81.082638][ T5101] vfs_fallocate+0x46c/0xe80
[ 81.087232][ T5101] ioctl_preallocate+0x1a4/0x220
[ 81.092191][ T5101] ? fileattr_fill_flags+0x320/0x320
[ 81.097573][ T5101] do_vfs_ioctl+0x150b/0x1920
[ 81.102259][ T5101] ? vfs_fileattr_set+0xbf0/0xbf0
[ 81.107311][ T5101] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x460
[ 81.113835][ T5101] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x460
[ 81.120360][ T5101] ? selinux_bprm_creds_for_exec+0xb30/0xb30
[ 81.126356][ T5101] ? lock_release+0x4bf/0x680
[ 81.131048][ T5101] ? selinux_file_ioctl+0x17d/0x270
[ 81.136253][ T5101] ? selinux_file_ioctl+0xb5/0x270
[ 81.141374][ T5101] __x64_sys_ioctl+0x112/0x210
[ 81.146146][ T5101] do_syscall_64+0x38/0xb0
[ 81.150566][ T5101] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 81.156467][ T5101] RIP: 0033:0x7f9fa86c6329
[ 81.160880][ T5101] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 81.180493][ T5101] RSP: 002b:00007fff22c5b018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 81.188998][ T5101] RAX: ffffffffffffffda RBX: 00007fff22c5b040 RCX: 00007f9fa86c6329
[ 81.196984][ T5101] RDX: 0000000020000000 RSI: 0000000040305839 RDI: 0000000000000005
[ 81.204957][ T5101] RBP: 0000000000000002 R08: 00007fff22c5adb6 R09: 00007fff22c5b060
[pid 5101] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x39, 0x30), 0x20000000) = 0
[pid 5101] exit_group(0) = ?
[pid 5101] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=24 /* 0.24 s */} ---
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555560906f0 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs") = 0
[ 81.213029][ T5101] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fff22c5b03c
[ 81.221010][ T5101] R13: 0000000000000004 R14: 431bde82d7b634db R15: 00007fff22c5b080
[ 81.228994][ T5101]
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556098730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556098730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x5555560906f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555608f650) = 5118
./strace-static-x86_64: Process 5118 attached
[pid 5118] set_robust_list(0x55555608f660, 24) = 0
[pid 5118] chdir("./5") = 0
[pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5118] setpgid(0, 0) = 0
[pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5118] write(3, "1000", 4) = 4
[pid 5118] close(3) = 0
[pid 5118] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5118] memfd_create("syzkaller", 0) = 3
[pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9fa0287000
[pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5118] munmap(0x7f9fa0287000, 16777216) = 0
[pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5118] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5118] close(3) = 0
[pid 5118] mkdir("./file0", 0777) = 0
[ 81.601629][ T5118] loop0: detected capacity change from 0 to 32768
[ 81.612370][ T5118] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor378 (5118)
[ 81.630510][ T5118] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 81.639494][ T5118] BTRFS info (device loop0): setting nodatacow, compression disabled
[pid 5118] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV, "enospc_debug,nodatacow,subvolid=0x0000000000000005,nodatacow,") = 0
[pid 5118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5118] chdir("./file0") = 0
[pid 5118] ioctl(4, LOOP_CLR_FD) = 0
[pid 5118] close(4) = 0
[pid 5118] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 5118] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5118] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid 5118] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5118] write(6, "10", 2) = 2
[ 81.647791][ T5118] BTRFS info (device loop0): using free space tree
[ 81.667651][ T5118] BTRFS info (device loop0): enabling ssd optimizations
[ 81.674770][ T5118] BTRFS info (device loop0): auto enabling async discard
[ 81.719283][ T5118] FAULT_INJECTION: forcing a failure.
[ 81.719283][ T5118] name failslab, interval 1, probability 0, space 0, times 0
[ 81.732858][ T5118] CPU: 0 PID: 5118 Comm: syz-executor378 Not tainted 6.6.0-rc1-syzkaller-00115-g9fdfb15a3dbf #0
[ 81.733631][ T57] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 81.743284][ T5118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 81.743298][ T5118] Call Trace:
[ 81.743305][ T5118]
[ 81.743313][ T5118] dump_stack_lvl+0x125/0x1b0
[ 81.773267][ T5118] should_fail_ex+0x496/0x5b0
[ 81.777973][ T5118] should_failslab+0x9/0x20
[ 81.782514][ T5118] kmem_cache_alloc+0x61/0x400
[ 81.787302][ T5118] alloc_extent_state+0x1b/0x2d0
[ 81.792278][ T5118] __set_extent_bit+0xb20/0x1530
[ 81.797257][ T5118] set_record_extent_bits+0x56/0x90
[ 81.802494][ T5118] qgroup_reserve_data+0x23f/0xa60
[ 81.807647][ T5118] btrfs_qgroup_reserve_data+0x2e/0xc0
[ 81.813134][ T5118] btrfs_fallocate+0x1391/0x2640
[ 81.818107][ T5118] ? tomoyo_path_number_perm+0x46e/0x590
[ 81.823768][ T5118] ? kasan_save_stack+0x43/0x50
[ 81.828642][ T5118] ? kasan_save_stack+0x33/0x50
[ 81.833516][ T5118] ? kasan_save_free_info+0x28/0x40
[ 81.838738][ T5118] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 81.844821][ T5118] ? avc_has_extended_perms+0x719/0xf80
[ 81.850396][ T5118] ? reacquire_held_locks+0x4b0/0x4b0
[ 81.855783][ T5118] ? rcu_is_watching+0x12/0xb0
[ 81.860647][ T5118] ? lock_acquire+0x464/0x510
[ 81.865428][ T5118] ? inode_security+0x101/0x130
[ 81.870287][ T5118] ? selinux_file_permission+0x126/0x590
[ 81.875928][ T5118] ? preempt_count_sub+0x150/0x150
[ 81.881059][ T5118] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 81.887144][ T5118] ? vfs_fallocate+0x46c/0xe80
[ 81.892002][ T5118] vfs_fallocate+0x46c/0xe80
[ 81.896685][ T5118] ioctl_preallocate+0x1a4/0x220
[ 81.901638][ T5118] ? fileattr_fill_flags+0x320/0x320
[ 81.906933][ T5118] do_vfs_ioctl+0x150b/0x1920
[ 81.911631][ T5118] ? vfs_fileattr_set+0xbf0/0xbf0
[ 81.916661][ T5118] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x460
[ 81.923177][ T5118] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x460
[ 81.929693][ T5118] ? selinux_bprm_creds_for_exec+0xb30/0xb30
[ 81.935694][ T5118] ? lock_release+0x4bf/0x680
[ 81.940387][ T5118] ? selinux_file_ioctl+0x17d/0x270
[ 81.945596][ T5118] ? selinux_file_ioctl+0xb5/0x270
[ 81.950723][ T5118] __x64_sys_ioctl+0x112/0x210
[ 81.955496][ T5118] do_syscall_64+0x38/0xb0
[ 81.959915][ T5118] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 81.965812][ T5118] RIP: 0033:0x7f9fa86c6329
[ 81.970225][ T5118] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 81.989850][ T5118] RSP: 002b:00007fff22c5b018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 81.998277][ T5118] RAX: ffffffffffffffda RBX: 00007fff22c5b040 RCX: 00007f9fa86c6329
[ 82.006248][ T5118] RDX: 0000000020000000 RSI: 0000000040305839 RDI: 0000000000000005
[pid 5118] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x39, 0x30), 0x20000000) = 0
[pid 5118] exit_group(0) = ?
[pid 5118] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} ---
umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555560906f0 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./5/binderfs") = 0
[ 82.014216][ T5118] RBP: 0000000000000002 R08: 00007fff22c5adb6 R09: 00007fff22c5b060
[ 82.022188][ T5118] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fff22c5b03c
[ 82.030157][ T5118] R13: 0000000000000005 R14: 431bde82d7b634db R15: 00007fff22c5b080
[ 82.038131][ T5118]
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556098730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556098730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x5555560906f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555608f650) = 5135
./strace-static-x86_64: Process 5135 attached
[pid 5135] set_robust_list(0x55555608f660, 24) = 0
[pid 5135] chdir("./6") = 0
[pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5135] setpgid(0, 0) = 0
[pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5135] write(3, "1000", 4) = 4
[pid 5135] close(3) = 0
[pid 5135] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5135] memfd_create("syzkaller", 0) = 3
[pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9fa0287000
[pid 5135] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5135] munmap(0x7f9fa0287000, 16777216) = 0
[pid 5135] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5135] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5135] close(3) = 0
[pid 5135] mkdir("./file0", 0777) = 0
[ 82.449042][ T5135] loop0: detected capacity change from 0 to 32768
[ 82.459415][ T5135] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor378 (5135)
[ 82.476505][ T5135] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 82.485350][ T5135] BTRFS info (device loop0): setting nodatacow, compression disabled
[pid 5135] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV, "enospc_debug,nodatacow,subvolid=0x0000000000000005,nodatacow,") = 0
[pid 5135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5135] chdir("./file0") = 0
[pid 5135] ioctl(4, LOOP_CLR_FD) = 0
[pid 5135] close(4) = 0
[pid 5135] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 5135] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5135] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid 5135] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5135] write(6, "10", 2) = 2
[ 82.493552][ T5135] BTRFS info (device loop0): using free space tree
[ 82.514284][ T5135] BTRFS info (device loop0): enabling ssd optimizations
[ 82.521406][ T5135] BTRFS info (device loop0): auto enabling async discard
[ 82.554770][ T5135] FAULT_INJECTION: forcing a failure.
[ 82.554770][ T5135] name failslab, interval 1, probability 0, space 0, times 0
[ 82.567542][ T5135] CPU: 1 PID: 5135 Comm: syz-executor378 Not tainted 6.6.0-rc1-syzkaller-00115-g9fdfb15a3dbf #0
[ 82.575467][ T11] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 82.577958][ T5135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 82.597041][ T5135] Call Trace:
[ 82.600334][ T5135]
[ 82.603272][ T5135] dump_stack_lvl+0x125/0x1b0
[ 82.607990][ T5135] should_fail_ex+0x496/0x5b0
[ 82.612692][ T5135] should_failslab+0x9/0x20
[ 82.617225][ T5135] kmem_cache_alloc+0x61/0x400
[ 82.622014][ T5135] alloc_extent_state+0x1b/0x2d0
[ 82.626984][ T5135] __set_extent_bit+0xb20/0x1530
[ 82.631953][ T5135] lock_extent+0xa8/0x190
[ 82.636321][ T5135] ? try_lock_extent+0x130/0x130
[ 82.641385][ T5135] btrfs_punch_hole_lock_range+0xb2/0x110
[ 82.647147][ T5135] btrfs_fallocate+0x1378/0x2640
[ 82.652122][ T5135] ? tomoyo_path_number_perm+0x46e/0x590
[ 82.657783][ T5135] ? kasan_save_stack+0x43/0x50
[ 82.662657][ T5135] ? kasan_save_stack+0x33/0x50
[ 82.667534][ T5135] ? kasan_save_free_info+0x28/0x40
[ 82.672770][ T5135] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 82.678870][ T5135] ? avc_has_extended_perms+0x719/0xf80
[ 82.684461][ T5135] ? reacquire_held_locks+0x4b0/0x4b0
[ 82.689870][ T5135] ? rcu_is_watching+0x12/0xb0
[ 82.694664][ T5135] ? lock_acquire+0x464/0x510
[ 82.699461][ T5135] ? inode_security+0x101/0x130
[ 82.704343][ T5135] ? selinux_file_permission+0x126/0x590
[ 82.710015][ T5135] ? preempt_count_sub+0x150/0x150
[ 82.715166][ T5135] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 82.721269][ T5135] ? vfs_fallocate+0x46c/0xe80
[ 82.726058][ T5135] vfs_fallocate+0x46c/0xe80
[ 82.730672][ T5135] ioctl_preallocate+0x1a4/0x220
[ 82.735641][ T5135] ? fileattr_fill_flags+0x320/0x320
[ 82.740957][ T5135] do_vfs_ioctl+0x150b/0x1920
[ 82.745668][ T5135] ? vfs_fileattr_set+0xbf0/0xbf0
[ 82.750722][ T5135] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x460
[ 82.757341][ T5135] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x460
[ 82.763883][ T5135] ? selinux_bprm_creds_for_exec+0xb30/0xb30
[ 82.769988][ T5135] ? lock_release+0x4bf/0x680
[ 82.774703][ T5135] ? selinux_file_ioctl+0x17d/0x270
[ 82.779932][ T5135] ? selinux_file_ioctl+0xb5/0x270
[ 82.785080][ T5135] __x64_sys_ioctl+0x112/0x210
[ 82.789884][ T5135] do_syscall_64+0x38/0xb0
[ 82.794328][ T5135] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 82.800254][ T5135] RIP: 0033:0x7f9fa86c6329
[ 82.804688][ T5135] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 82.824318][ T5135] RSP: 002b:00007fff22c5b018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 82.832743][ T5135] RAX: ffffffffffffffda RBX: 00007fff22c5b040 RCX: 00007f9fa86c6329
[ 82.840792][ T5135] RDX: 0000000020000000 RSI: 0000000040305839 RDI: 0000000000000005
[pid 5135] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x39, 0x30), 0x20000000) = 0
[pid 5135] exit_group(0) = ?
[pid 5135] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5135, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=28 /* 0.28 s */} ---
umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555560906f0 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./6/binderfs") = 0
[ 82.848752][ T5135] RBP: 0000000000000002 R08: 00007fff22c5adb6 R09: 00007fff22c5b060
[ 82.856720][ T5135] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fff22c5b03c
[ 82.864698][ T5135] R13: 0000000000000006 R14: 431bde82d7b634db R15: 00007fff22c5b080
[ 82.872659][ T5135]
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556098730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556098730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x5555560906f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555608f650) = 5152
./strace-static-x86_64: Process 5152 attached
[pid 5152] set_robust_list(0x55555608f660, 24) = 0
[pid 5152] chdir("./7") = 0
[pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5152] setpgid(0, 0) = 0
[pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5152] write(3, "1000", 4) = 4
[pid 5152] close(3) = 0
[pid 5152] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5152] memfd_create("syzkaller", 0) = 3
[pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9fa0287000
[pid 5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5152] munmap(0x7f9fa0287000, 16777216) = 0
[pid 5152] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5152] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5152] close(3) = 0
[pid 5152] mkdir("./file0", 0777) = 0
[ 83.175840][ T5152] loop0: detected capacity change from 0 to 32768
[ 83.185136][ T5152] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor378 (5152)
[ 83.200480][ T5152] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 83.209561][ T5152] BTRFS info (device loop0): setting nodatacow, compression disabled
[ 83.217722][ T5152] BTRFS info (device loop0): using free space tree
[pid 5152] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV, "enospc_debug,nodatacow,subvolid=0x0000000000000005,nodatacow,") = 0
[pid 5152] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5152] chdir("./file0") = 0
[pid 5152] ioctl(4, LOOP_CLR_FD) = 0
[pid 5152] close(4) = 0
[pid 5152] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 5152] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[ 83.237988][ T5152] BTRFS info (device loop0): enabling ssd optimizations
[ 83.245140][ T5152] BTRFS info (device loop0): auto enabling async discard
[pid 5152] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid 5152] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5152] write(6, "10", 2) = 2
[ 83.279396][ T5152] FAULT_INJECTION: forcing a failure.
[ 83.279396][ T5152] name failslab, interval 1, probability 0, space 0, times 0
[ 83.293426][ T5152] CPU: 1 PID: 5152 Comm: syz-executor378 Not tainted 6.6.0-rc1-syzkaller-00115-g9fdfb15a3dbf #0
[ 83.298010][ T11] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 83.303863][ T5152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 83.303877][ T5152] Call Trace:
[ 83.303885][ T5152]
[ 83.303892][ T5152] dump_stack_lvl+0x125/0x1b0
[ 83.333865][ T5152] should_fail_ex+0x496/0x5b0
[ 83.338570][ T5152] should_failslab+0x9/0x20
[ 83.343196][ T5152] kmem_cache_alloc+0x61/0x400
[ 83.347974][ T5152] alloc_extent_state+0x1b/0x2d0
[ 83.352936][ T5152] __set_extent_bit+0xb20/0x1530
[ 83.357891][ T5152] set_record_extent_bits+0x56/0x90
[ 83.363107][ T5152] qgroup_reserve_data+0x23f/0xa60
[ 83.368237][ T5152] btrfs_qgroup_reserve_data+0x2e/0xc0
[ 83.373713][ T5152] btrfs_fallocate+0x1391/0x2640
[ 83.378673][ T5152] ? tomoyo_path_number_perm+0x46e/0x590
[ 83.384329][ T5152] ? kasan_save_stack+0x43/0x50
[ 83.389276][ T5152] ? kasan_save_stack+0x33/0x50
[ 83.394134][ T5152] ? kasan_save_free_info+0x28/0x40
[ 83.399348][ T5152] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 83.405426][ T5152] ? avc_has_extended_perms+0x719/0xf80
[ 83.410982][ T5152] ? reacquire_held_locks+0x4b0/0x4b0
[ 83.416476][ T5152] ? rcu_is_watching+0x12/0xb0
[ 83.421244][ T5152] ? lock_acquire+0x464/0x510
[ 83.425932][ T5152] ? inode_security+0x101/0x130
[ 83.430794][ T5152] ? selinux_file_permission+0x126/0x590
[ 83.436434][ T5152] ? preempt_count_sub+0x150/0x150
[ 83.441562][ T5152] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 83.447639][ T5152] ? vfs_fallocate+0x46c/0xe80
[ 83.452403][ T5152] vfs_fallocate+0x46c/0xe80
[ 83.457084][ T5152] ioctl_preallocate+0x1a4/0x220
[ 83.462029][ T5152] ? fileattr_fill_flags+0x320/0x320
[ 83.467324][ T5152] do_vfs_ioctl+0x150b/0x1920
[ 83.472006][ T5152] ? vfs_fileattr_set+0xbf0/0xbf0
[ 83.477035][ T5152] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x460
[ 83.483546][ T5152] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x460
[ 83.490058][ T5152] ? selinux_bprm_creds_for_exec+0xb30/0xb30
[ 83.496048][ T5152] ? lock_release+0x4bf/0x680
[ 83.500736][ T5152] ? selinux_file_ioctl+0x17d/0x270
[ 83.505944][ T5152] ? selinux_file_ioctl+0xb5/0x270
[ 83.511066][ T5152] __x64_sys_ioctl+0x112/0x210
[ 83.515838][ T5152] do_syscall_64+0x38/0xb0
[ 83.520259][ T5152] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 83.526245][ T5152] RIP: 0033:0x7f9fa86c6329
[ 83.530676][ T5152] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 83.550286][ T5152] RSP: 002b:00007fff22c5b018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 83.558701][ T5152] RAX: ffffffffffffffda RBX: 00007fff22c5b040 RCX: 00007f9fa86c6329
[ 83.566684][ T5152] RDX: 0000000020000000 RSI: 0000000040305839 RDI: 0000000000000005
[pid 5152] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x39, 0x30), 0x20000000) = 0
[pid 5152] exit_group(0) = ?
[pid 5152] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555560906f0 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./7/binderfs") = 0
[ 83.574656][ T5152] RBP: 0000000000000002 R08: 00007fff22c5adb6 R09: 00007fff22c5b060
[ 83.582715][ T5152] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fff22c5b03c
[ 83.590694][ T5152] R13: 0000000000000007 R14: 431bde82d7b634db R15: 00007fff22c5b080
[ 83.598950][ T5152]
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556098730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556098730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x5555560906f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555608f650) = 5169
./strace-static-x86_64: Process 5169 attached
[pid 5169] set_robust_list(0x55555608f660, 24) = 0
[pid 5169] chdir("./8") = 0
[pid 5169] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5169] setpgid(0, 0) = 0
[pid 5169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5169] write(3, "1000", 4) = 4
[pid 5169] close(3) = 0
[pid 5169] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5169] memfd_create("syzkaller", 0) = 3
[pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9fa0287000
[pid 5169] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5169] munmap(0x7f9fa0287000, 16777216) = 0
[pid 5169] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5169] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5169] close(3) = 0
[pid 5169] mkdir("./file0", 0777) = 0
[ 83.966323][ T5169] loop0: detected capacity change from 0 to 32768
[ 83.976814][ T5169] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor378 (5169)
[ 83.994207][ T5169] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 84.002905][ T5169] BTRFS info (device loop0): setting nodatacow, compression disabled
[pid 5169] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV, "enospc_debug,nodatacow,subvolid=0x0000000000000005,nodatacow,") = 0
[pid 5169] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5169] chdir("./file0") = 0
[pid 5169] ioctl(4, LOOP_CLR_FD) = 0
[pid 5169] close(4) = 0
[pid 5169] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 5169] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5169] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid 5169] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5169] write(6, "10", 2) = 2
[ 84.011094][ T5169] BTRFS info (device loop0): using free space tree
[ 84.031796][ T5169] BTRFS info (device loop0): enabling ssd optimizations
[ 84.039065][ T5169] BTRFS info (device loop0): auto enabling async discard
[ 84.084242][ T5169] FAULT_INJECTION: forcing a failure.
[ 84.084242][ T5169] name failslab, interval 1, probability 0, space 0, times 0
[ 84.098419][ T10] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 84.108549][ T5169] CPU: 0 PID: 5169 Comm: syz-executor378 Not tainted 6.6.0-rc1-syzkaller-00115-g9fdfb15a3dbf #0
[ 84.118997][ T5169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 84.129071][ T5169] Call Trace:
[ 84.132382][ T5169]
[ 84.135326][ T5169] dump_stack_lvl+0x125/0x1b0
[ 84.140050][ T5169] should_fail_ex+0x496/0x5b0
[ 84.144795][ T5169] should_failslab+0x9/0x20
[ 84.149335][ T5169] kmem_cache_alloc+0x61/0x400
[ 84.154135][ T5169] btrfs_get_extent+0x2ed/0x1a30
[ 84.159114][ T5169] ? trace_irq_enable.constprop.0+0xd0/0x100
[ 84.165133][ T5169] ? btrfs_rename2+0x120/0x120
[ 84.169932][ T5169] ? btrfs_wait_ordered_range+0x8b/0x280
[ 84.175635][ T5169] btrfs_fallocate+0x103b/0x2640
[ 84.180610][ T5169] ? tomoyo_path_number_perm+0x46e/0x590
[ 84.186368][ T5169] ? kasan_save_stack+0x43/0x50
[ 84.191248][ T5169] ? kasan_save_stack+0x33/0x50
[ 84.196129][ T5169] ? kasan_save_free_info+0x28/0x40
[ 84.201365][ T5169] ? ____kasan_slab_free+0x138/0x190
[ 84.206677][ T5169] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 84.212776][ T5169] ? avc_has_extended_perms+0x719/0xf80
[ 84.218360][ T5169] ? reacquire_held_locks+0x4b0/0x4b0
[ 84.223766][ T5169] ? rcu_is_watching+0x12/0xb0
[ 84.228637][ T5169] ? lock_acquire+0x464/0x510
[ 84.233355][ T5169] ? inode_security+0x101/0x130
[ 84.238406][ T5169] ? selinux_file_permission+0x126/0x590
[ 84.244069][ T5169] ? preempt_count_sub+0x150/0x150
[ 84.249218][ T5169] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 84.255331][ T5169] ? vfs_fallocate+0x46c/0xe80
[ 84.260127][ T5169] vfs_fallocate+0x46c/0xe80
[ 84.264759][ T5169] ioctl_preallocate+0x1a4/0x220
[ 84.269742][ T5169] ? fileattr_fill_flags+0x320/0x320
[ 84.275067][ T5169] do_vfs_ioctl+0x150b/0x1920
[ 84.279786][ T5169] ? vfs_fileattr_set+0xbf0/0xbf0
[ 84.284843][ T5169] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x460
[ 84.291383][ T5169] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x460
[ 84.297921][ T5169] ? selinux_bprm_creds_for_exec+0xb30/0xb30
[ 84.303943][ T5169] ? lock_release+0x4bf/0x680
[ 84.308655][ T5169] ? selinux_file_ioctl+0x17d/0x270
[ 84.313977][ T5169] ? selinux_file_ioctl+0xb5/0x270
[ 84.319116][ T5169] __x64_sys_ioctl+0x112/0x210
[ 84.323881][ T5169] do_syscall_64+0x38/0xb0
[ 84.328295][ T5169] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 84.334190][ T5169] RIP: 0033:0x7f9fa86c6329
[ 84.338607][ T5169] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 84.358404][ T5169] RSP: 002b:00007fff22c5b018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 84.366838][ T5169] RAX: ffffffffffffffda RBX: 00007fff22c5b040 RCX: 00007f9fa86c6329
[ 84.374804][ T5169] RDX: 0000000020000000 RSI: 0000000040305839 RDI: 0000000000000005
[pid 5169] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x39, 0x30), 0x20000000) = -1 ENOMEM (Cannot allocate memory)
[pid 5169] exit_group(0) = ?
[pid 5169] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5169, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=26 /* 0.26 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555560906f0 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./8/binderfs") = 0
[ 84.382798][ T5169] RBP: 0000000000000002 R08: 00007fff22c5adb6 R09: 00007fff22c5b060
[ 84.390786][ T5169] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fff22c5b03c
[ 84.398771][ T5169] R13: 0000000000000008 R14: 431bde82d7b634db R15: 00007fff22c5b080
[ 84.406780][ T5169]
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555556098730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556098730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x5555560906f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5186 attached
, child_tidptr=0x55555608f650) = 5186
[pid 5186] set_robust_list(0x55555608f660, 24) = 0
[pid 5186] chdir("./9") = 0
[pid 5186] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5186] setpgid(0, 0) = 0
[pid 5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5186] write(3, "1000", 4) = 4
[pid 5186] close(3) = 0
[pid 5186] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5186] memfd_create("syzkaller", 0) = 3
[pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9fa0287000
[pid 5186] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5186] munmap(0x7f9fa0287000, 16777216) = 0
[pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5186] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5186] close(3) = 0
[pid 5186] mkdir("./file0", 0777) = 0
[ 84.708653][ T5186] loop0: detected capacity change from 0 to 32768
[ 84.718457][ T5186] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor378 (5186)
[ 84.735779][ T5186] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 84.744536][ T5186] BTRFS info (device loop0): setting nodatacow, compression disabled
[ 84.752596][ T5186] BTRFS info (device loop0): using free space tree
[pid 5186] mount("/dev/loop0", "./file0", "btrfs", MS_NODEV, "enospc_debug,nodatacow,subvolid=0x0000000000000005,nodatacow,") = 0
[pid 5186] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5186] chdir("./file0") = 0
[pid 5186] ioctl(4, LOOP_CLR_FD) = 0
[pid 5186] close(4) = 0
[pid 5186] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 5186] ioctl(4, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5186] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[ 84.772387][ T5186] BTRFS info (device loop0): enabling ssd optimizations
[ 84.779597][ T5186] BTRFS info (device loop0): auto enabling async discard
[pid 5186] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5186] write(6, "10", 2) = 2
[ 84.828288][ T5186] FAULT_INJECTION: forcing a failure.
[ 84.828288][ T5186] name failslab, interval 1, probability 0, space 0, times 0
[ 84.841014][ T5186] CPU: 0 PID: 5186 Comm: syz-executor378 Not tainted 6.6.0-rc1-syzkaller-00115-g9fdfb15a3dbf #0
[ 84.851455][ T5186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 84.861537][ T5186] Call Trace:
[ 84.864832][ T5186]
[ 84.867776][ T5186] dump_stack_lvl+0x125/0x1b0
[ 84.872498][ T5186] should_fail_ex+0x496/0x5b0
[ 84.877203][ T5186] should_failslab+0x9/0x20
[ 84.881913][ T5186] __kmem_cache_alloc_node+0x5f/0x470
[ 84.887322][ T5186] ? lock_acquire+0x464/0x510
[ 84.892206][ T5186] kmalloc_trace+0x25/0xe0
[ 84.896639][ T5186] ulist_add_merge+0x178/0x660
[ 84.901422][ T5186] set_state_bits.isra.0+0x11f/0x1c0
[ 84.906730][ T5186] __set_extent_bit+0xbbe/0x1530
[ 84.911693][ T5186] set_record_extent_bits+0x56/0x90
[ 84.916910][ T5186] qgroup_reserve_data+0x23f/0xa60
[ 84.922054][ T5186] btrfs_qgroup_reserve_data+0x2e/0xc0
[ 84.927520][ T5186] btrfs_fallocate+0x1391/0x2640
[ 84.932468][ T5186] ? tomoyo_path_number_perm+0x46e/0x590
[ 84.938714][ T5186] ? kasan_save_stack+0x43/0x50
[ 84.943570][ T5186] ? kasan_save_stack+0x33/0x50
[ 84.948683][ T5186] ? kasan_save_free_info+0x28/0x40
[ 84.953890][ T5186] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 84.959969][ T5186] ? avc_has_extended_perms+0x719/0xf80
[ 84.965529][ T5186] ? reacquire_held_locks+0x4b0/0x4b0
[ 84.970913][ T5186] ? rcu_is_watching+0x12/0xb0
[ 84.975716][ T5186] ? lock_acquire+0x464/0x510
[ 84.980494][ T5186] ? inode_security+0x101/0x130
[ 84.985362][ T5186] ? selinux_file_permission+0x126/0x590
[ 84.991033][ T5186] ? preempt_count_sub+0x150/0x150
[ 84.996183][ T5186] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 85.002359][ T5186] ? vfs_fallocate+0x46c/0xe80
[ 85.007130][ T5186] vfs_fallocate+0x46c/0xe80
[ 85.011730][ T5186] ioctl_preallocate+0x1a4/0x220
[ 85.016689][ T5186] ? fileattr_fill_flags+0x320/0x320
[ 85.022015][ T5186] do_vfs_ioctl+0x150b/0x1920
[ 85.026700][ T5186] ? vfs_fileattr_set+0xbf0/0xbf0
[ 85.031762][ T5186] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x460
[ 85.038280][ T5186] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x460
[ 85.044790][ T5186] ? selinux_bprm_creds_for_exec+0xb30/0xb30
[ 85.050779][ T5186] ? lock_release+0x4bf/0x680
[ 85.055472][ T5186] ? selinux_file_ioctl+0x17d/0x270
[ 85.060683][ T5186] ? selinux_file_ioctl+0xb5/0x270
[ 85.065807][ T5186] __x64_sys_ioctl+0x112/0x210
[ 85.070585][ T5186] do_syscall_64+0x38/0xb0
[ 85.075006][ T5186] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 85.080906][ T5186] RIP: 0033:0x7f9fa86c6329
[ 85.085322][ T5186] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 85.104951][ T5186] RSP: 002b:00007fff22c5b018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 85.113474][ T5186] RAX: ffffffffffffffda RBX: 00007fff22c5b040 RCX: 00007f9fa86c6329
[ 85.121445][ T5186] RDX: 0000000020000000 RSI: 0000000040305839 RDI: 0000000000000005
[ 85.129416][ T5186] RBP: 0000000000000002 R08: 00007fff22c5adb6 R09: 00007fff22c5b060
[ 85.137389][ T5186] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fff22c5b03c
[ 85.145358][ T5186] R13: 0000000000000009 R14: 431bde82d7b634db R15: 00007fff22c5b080
[ 85.153334][ T5186]
[ 85.157232][ T5186] ------------[ cut here ]------------
[ 85.162701][ T5186] kernel BUG at fs/btrfs/extent-io-tree.c:379!
[ 85.164687][ T57] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 85.169197][ T5186] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 85.183926][ T5186] CPU: 0 PID: 5186 Comm: syz-executor378 Not tainted 6.6.0-rc1-syzkaller-00115-g9fdfb15a3dbf #0
[ 85.194360][ T5186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 85.204428][ T5186] RIP: 0010:set_state_bits.isra.0+0x17b/0x1c0
[ 85.210536][ T5186] Code: 38 d0 7c 04 84 d2 75 31 44 8b 73 7c e8 3e 7a ed fd 44 89 e0 44 09 f0 89 43 7c 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 25 7a ed fd <0f> 0b 4c 89 ef e8 db 7a 42 fe e9 e6 fe ff ff 4c 89 ef e8 ce 7a 42
[ 85.230166][ T5186] RSP: 0018:ffffc90003a9f7a0 EFLAGS: 00010293
[ 85.236254][ T5186] RAX: 0000000000000000 RBX: ffff88801c60b240 RCX: 0000000000000000
[ 85.244242][ T5186] RDX: ffff88802a0a80c0 RSI: ffffffff839952db RDI: 0000000000000005
[ 85.252230][ T5186] RBP: 00000000fffffff4 R08: 0000000000000005 R09: 0000000000000000
[ 85.260228][ T5186] R10: 00000000fffffff4 R11: 0000000000000001 R12: 0000000000000800
[ 85.268219][ T5186] R13: ffff88801c60b2bc R14: 000000000000ffff R15: 0000000000000000
[ 85.276214][ T5186] FS: 000055555608f380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 85.285186][ T5186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 85.291794][ T5186] CR2: 00007f9fa8743100 CR3: 0000000026fb0000 CR4: 00000000003506f0
[ 85.299780][ T5186] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 85.307757][ T5186] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 85.315745][ T5186] Call Trace:
[ 85.319029][ T5186]
[ 85.321960][ T5186] ? show_regs+0x8f/0xa0
[ 85.326217][ T5186] ? die+0x36/0xa0
[ 85.330211][ T5186] ? do_trap+0x22b/0x420
[ 85.334466][ T5186] ? set_state_bits.isra.0+0x17b/0x1c0
[ 85.339946][ T5186] ? set_state_bits.isra.0+0x17b/0x1c0
[ 85.345444][ T5186] ? do_error_trap+0xf4/0x230
[ 85.350131][ T5186] ? set_state_bits.isra.0+0x17b/0x1c0
[ 85.355608][ T5186] ? handle_invalid_op+0x34/0x40
[ 85.360560][ T5186] ? set_state_bits.isra.0+0x17b/0x1c0
[ 85.366032][ T5186] ? exc_invalid_op+0x2d/0x40
[ 85.370742][ T5186] ? asm_exc_invalid_op+0x1a/0x20
[ 85.375775][ T5186] ? set_state_bits.isra.0+0x17b/0x1c0
[ 85.381250][ T5186] ? set_state_bits.isra.0+0x17b/0x1c0
[ 85.386725][ T5186] __set_extent_bit+0xbbe/0x1530
[ 85.391686][ T5186] set_record_extent_bits+0x56/0x90
[ 85.396925][ T5186] qgroup_reserve_data+0x23f/0xa60
[ 85.402057][ T5186] btrfs_qgroup_reserve_data+0x2e/0xc0
[ 85.407523][ T5186] btrfs_fallocate+0x1391/0x2640
[ 85.412488][ T5186] ? tomoyo_path_number_perm+0x46e/0x590
[ 85.418151][ T5186] ? kasan_save_stack+0x43/0x50
[ 85.423014][ T5186] ? kasan_save_stack+0x33/0x50
[ 85.427868][ T5186] ? kasan_save_free_info+0x28/0x40
[ 85.433087][ T5186] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 85.439168][ T5186] ? avc_has_extended_perms+0x719/0xf80
[ 85.444838][ T5186] ? reacquire_held_locks+0x4b0/0x4b0
[ 85.450228][ T5186] ? rcu_is_watching+0x12/0xb0
[ 85.454992][ T5186] ? lock_acquire+0x464/0x510
[ 85.459681][ T5186] ? inode_security+0x101/0x130
[ 85.464540][ T5186] ? selinux_file_permission+0x126/0x590
[ 85.470181][ T5186] ? preempt_count_sub+0x150/0x150
[ 85.475313][ T5186] ? btrfs_replace_file_extents+0x1b70/0x1b70
[ 85.481394][ T5186] ? vfs_fallocate+0x46c/0xe80
[ 85.486160][ T5186] vfs_fallocate+0x46c/0xe80
[ 85.490754][ T5186] ioctl_preallocate+0x1a4/0x220
[ 85.495700][ T5186] ? fileattr_fill_flags+0x320/0x320
[ 85.500996][ T5186] do_vfs_ioctl+0x150b/0x1920
[ 85.505690][ T5186] ? vfs_fileattr_set+0xbf0/0xbf0
[ 85.510723][ T5186] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x460
[ 85.517237][ T5186] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x460
[ 85.523755][ T5186] ? selinux_bprm_creds_for_exec+0xb30/0xb30
[ 85.529744][ T5186] ? lock_release+0x4bf/0x680
[ 85.534525][ T5186] ? selinux_file_ioctl+0x17d/0x270
[ 85.539817][ T5186] ? selinux_file_ioctl+0xb5/0x270
[ 85.544943][ T5186] __x64_sys_ioctl+0x112/0x210
[ 85.549734][ T5186] do_syscall_64+0x38/0xb0
[ 85.554161][ T5186] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 85.560073][ T5186] RIP: 0033:0x7f9fa86c6329
[ 85.564500][ T5186] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 85.584111][ T5186] RSP: 002b:00007fff22c5b018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 85.592719][ T5186] RAX: ffffffffffffffda RBX: 00007fff22c5b040 RCX: 00007f9fa86c6329
[ 85.600704][ T5186] RDX: 0000000020000000 RSI: 0000000040305839 RDI: 0000000000000005
[ 85.608684][ T5186] RBP: 0000000000000002 R08: 00007fff22c5adb6 R09: 00007fff22c5b060
[ 85.616661][ T5186] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fff22c5b03c
[ 85.624631][ T5186] R13: 0000000000000009 R14: 431bde82d7b634db R15: 00007fff22c5b080
[ 85.632610][ T5186]
[ 85.635625][ T5186] Modules linked in:
[ 85.639901][ T5186] ---[ end trace 0000000000000000 ]---
[ 85.645658][ T5186] RIP: 0010:set_state_bits.isra.0+0x17b/0x1c0
[ 85.651771][ T5186] Code: 38 d0 7c 04 84 d2 75 31 44 8b 73 7c e8 3e 7a ed fd 44 89 e0 44 09 f0 89 43 7c 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 25 7a ed fd <0f> 0b 4c 89 ef e8 db 7a 42 fe e9 e6 fe ff ff 4c 89 ef e8 ce 7a 42
[ 85.671438][ T5186] RSP: 0018:ffffc90003a9f7a0 EFLAGS: 00010293
[ 85.677571][ T5186] RAX: 0000000000000000 RBX: ffff88801c60b240 RCX: 0000000000000000
[ 85.685857][ T5186] RDX: ffff88802a0a80c0 RSI: ffffffff839952db RDI: 0000000000000005
[ 85.693870][ T5186] RBP: 00000000fffffff4 R08: 0000000000000005 R09: 0000000000000000
[ 85.701853][ T5186] R10: 00000000fffffff4 R11: 0000000000000001 R12: 0000000000000800
[ 85.709872][ T5186] R13: ffff88801c60b2bc R14: 000000000000ffff R15: 0000000000000000
[ 85.717889][ T5186] FS: 000055555608f380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 85.726850][ T5186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 85.733470][ T5186] CR2: 00007f9fa8743100 CR3: 0000000026fb0000 CR4: 00000000003506f0
[ 85.741548][ T5186] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 85.749554][ T5186] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 85.757707][ T5186] Kernel panic - not syncing: Fatal exception
[ 85.764005][ T5186] Kernel Offset: disabled
[ 85.768318][ T5186] Rebooting in 86400 seconds..