BTRFS info (device loop4): rebuilding free space tree
------------[ cut here ]------------
WARNING: CPU: 1 PID: 6913 at fs/btrfs/extent-tree.c:3228 __btrfs_free_extent+0x1cac/0x2b78 fs/btrfs/extent-tree.c:-1
Modules linked in:
CPU: 1 UID: 0 PID: 6913 Comm: syz.4.64 Not tainted 6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __btrfs_free_extent+0x1cac/0x2b78 fs/btrfs/extent-tree.c:-1
lr : __btrfs_free_extent+0x424/0x2b78 fs/btrfs/extent-tree.c:3131
sp : ffff8000a3696a80
x29: ffff8000a3696be0 x28: 1fffe0001eea4b95 x27: ffff0000f7525ca8
x26: dfff800000000000 x25: ffff0000f7525ca0 x24: ffff0000dcbd8940
x23: 1fffe0001eea4b94 x22: 00000000fffffffe x21: 0000000000000000
x20: 000000000000000a x19: 00000000fffffffe x18: 00000000ffffffff
x17: ffff800093320000 x16: ffff80008aecb76c x15: ffff7000146d2cea
x14: 0000000000000002 x13: 00000000fffffffe x12: 0000000000ff0100
x11: ffff0000d6400000 x10: ffff80008fda2c60 x9 : 0000000000000005
x8 : 0000000000000000 x7 : ffff8000822ac858 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000002
x2 : 0000000000000002 x1 : ffff80008fda2c40 x0 : 00000000fffffffe
Call trace:
 __btrfs_free_extent+0x1cac/0x2b78 fs/btrfs/extent-tree.c:-1 (P)
 run_delayed_tree_ref fs/btrfs/extent-tree.c:1747 [inline]
 run_one_delayed_ref fs/btrfs/extent-tree.c:1773 [inline]
 btrfs_run_delayed_refs_for_head fs/btrfs/extent-tree.c:1970 [inline]
 __btrfs_run_delayed_refs+0xb94/0x31c8 fs/btrfs/extent-tree.c:2045
 btrfs_run_delayed_refs+0xc4/0x2e8 fs/btrfs/extent-tree.c:2157
 btrfs_start_dirty_block_groups+0xa94/0xd1c fs/btrfs/block-group.c:3519
 btrfs_commit_transaction+0x2ac/0x2b44 fs/btrfs/transaction.c:2238
 btrfs_rebuild_free_space_tree+0x208/0x54c fs/btrfs/free-space-tree.c:1372
 btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3077
 open_ctree+0x1b8c/0x22ac fs/btrfs/disk-io.c:3617
 btrfs_fill_super+0x184/0x2c0 fs/btrfs/super.c:968
 btrfs_get_tree_super fs/btrfs/super.c:1893 [inline]
 btrfs_get_tree+0xc50/0x1040 fs/btrfs/super.c:2088
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 fc_mount+0x24/0xac fs/namespace.c:1290
 btrfs_get_tree_subvol fs/btrfs/super.c:2046 [inline]
 btrfs_get_tree+0x4d8/0x1040 fs/btrfs/super.c:2089
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 do_new_mount+0x228/0x814 fs/namespace.c:3885
 path_mount+0x5b4/0xde0 fs/namespace.c:4209
 do_mount fs/namespace.c:4222 [inline]
 __do_sys_mount fs/namespace.c:4433 [inline]
 __se_sys_mount fs/namespace.c:4410 [inline]
 __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4410
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 48024
hardirqs last  enabled at (48023): [<ffff80008aeeccb4>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (48023): [<ffff80008aeeccb4>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (48024): [<ffff80008aec67ac>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (47782): [<ffff8000803cee94>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (47782): [<ffff8000803cee94>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (47755): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
BTRFS: Transaction aborted (error -117)
WARNING: CPU: 0 PID: 6913 at fs/btrfs/extent-tree.c:3232 __btrfs_free_extent+0x1d18/0x2b78 fs/btrfs/extent-tree.c:3229
Modules linked in:
CPU: 0 UID: 0 PID: 6913 Comm: syz.4.64 Tainted: G        W           6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __btrfs_free_extent+0x1d18/0x2b78 fs/btrfs/extent-tree.c:3229
lr : __btrfs_free_extent+0x1d18/0x2b78 fs/btrfs/extent-tree.c:3229
sp : ffff8000a3696a80
x29: ffff8000a3696be0 x28: 1fffe0001eea4b95 x27: ffff0000f7525ca8
x26: dfff800000000000 x25: ffff0000f7525ca0 x24: ffff0000dcbd8940
x23: 1fffe0001eea4b94 x22: 00000000fffffffe x21: 0000000000000000
x20: 0000000000000000 x19: 0000000000000000 x18: 00000000ffffffff
x17: 0000000000000000 x16: ffff80008ae33808 x15: ffff700011ed61d4
x14: 1ffff00011ed61d4 x13: 0000000000000004 x12: ffffffffffffffff
x11: 0000000000080000 x10: 000000000007ffff x9 : d15719fd26e06700
x8 : d15719fd26e06700 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff8000a36963d8 x4 : ffff80008f727060 x3 : ffff80008054c348
x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
 __btrfs_free_extent+0x1d18/0x2b78 fs/btrfs/extent-tree.c:3229 (P)
 run_delayed_tree_ref fs/btrfs/extent-tree.c:1747 [inline]
 run_one_delayed_ref fs/btrfs/extent-tree.c:1773 [inline]
 btrfs_run_delayed_refs_for_head fs/btrfs/extent-tree.c:1970 [inline]
 __btrfs_run_delayed_refs+0xb94/0x31c8 fs/btrfs/extent-tree.c:2045
 btrfs_run_delayed_refs+0xc4/0x2e8 fs/btrfs/extent-tree.c:2157
 btrfs_start_dirty_block_groups+0xa94/0xd1c fs/btrfs/block-group.c:3519
 btrfs_commit_transaction+0x2ac/0x2b44 fs/btrfs/transaction.c:2238
 btrfs_rebuild_free_space_tree+0x208/0x54c fs/btrfs/free-space-tree.c:1372
 btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3077
 open_ctree+0x1b8c/0x22ac fs/btrfs/disk-io.c:3617
 btrfs_fill_super+0x184/0x2c0 fs/btrfs/super.c:968
 btrfs_get_tree_super fs/btrfs/super.c:1893 [inline]
 btrfs_get_tree+0xc50/0x1040 fs/btrfs/super.c:2088
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 fc_mount+0x24/0xac fs/namespace.c:1290
 btrfs_get_tree_subvol fs/btrfs/super.c:2046 [inline]
 btrfs_get_tree+0x4d8/0x1040 fs/btrfs/super.c:2089
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 do_new_mount+0x228/0x814 fs/namespace.c:3885
 path_mount+0x5b4/0xde0 fs/namespace.c:4209
 do_mount fs/namespace.c:4222 [inline]
 __do_sys_mount fs/namespace.c:4433 [inline]
 __se_sys_mount fs/namespace.c:4410 [inline]
 __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4410
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 50534
hardirqs last  enabled at (50533): [<ffff800080553834>] __up_console_sem kernel/printk/printk.c:344 [inline]
hardirqs last  enabled at (50533): [<ffff800080553834>] __console_unlock+0x70/0xc4 kernel/printk/printk.c:2885
hardirqs last disabled at (50534): [<ffff80008aec67ac>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (50526): [<ffff8000803cee94>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (50526): [<ffff8000803cee94>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (49231): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
BTRFS: error (device loop4 state A) in __btrfs_free_extent:3232: errno=-117 Filesystem corrupted
BTRFS info (device loop4 state EA): leaf 5308416 gen 8 total ptrs 14 free space 3210 owner 2
	item 0 key (1048576 192 4194304) itemoff 3971 itemsize 24
		block group used 4096 chunk_objectid 256 flags 2
	item 1 key (1052672 169 0) itemoff 3938 itemsize 33
		extent refs 1 gen 5 flags 2
		ref#0: tree block backref root 3
	item 2 key (5242880 169 0) itemoff 3905 itemsize 33
		extent refs 1 gen 6 flags 2
		ref#0: tree block backref root 1
	item 3 key (5242880 192 1638400) itemoff 3881 itemsize 24
		block group used 40960 chunk_objectid 256 flags 5
	item 4 key (5246976 169 0) itemoff 3848 itemsize 33
		extent refs 1 gen 5 flags 2
		ref#0: tree block backref root 5
	item 5 key (5251072 169 0) itemoff 3815 itemsize 33
		extent refs 1 gen 6 flags 2
		ref#0: tree block backref root 2
	item 6 key (5259264 169 0) itemoff 3782 itemsize 33
		extent refs 1 gen 5 flags 2
		ref#0: tree block backref root 4
	item 7 key (5263360 169 0) itemoff 3749 itemsize 33
		extent refs 1 gen 6 flags 2
		ref#0: tree block backref root 10
	item 8 key (5279744 169 0) itemoff 3716 itemsize 33
		extent refs 1 gen 5 flags 2
		ref#0: tree block backref root 7
	item 9 key (5287936 169 0) itemoff 3683 itemsize 33
		extent refs 1 gen 5 flags 2
		ref#0: tree block backref root 18446744073709551607
	item 10 key (5292032 169 0) itemoff 3650 itemsize 33
		extent refs 1 gen 5 flags 2
		ref#0: tree block backref root 9
	item 11 key (5304320 169 0) itemoff 3617 itemsize 33
		extent refs 1 gen 8 flags 2
		ref#0: tree block backref root 10
	item 12 key (5308416 169 0) itemoff 3584 itemsize 33
		extent refs 1 gen 8 flags 2
		ref#0: tree block backref root 2
	item 13 key (6881280 192 1638400) itemoff 3560 itemsize 24
		block group used 0 chunk_objectid 256 flags 5
BTRFS critical (device loop4 state EA): unable to find ref byte nr 6881280 parent 0 root 10 owner 0 offset 0 slot 13
BTRFS error (device loop4 st
BTRFS error (device loop4 state EA): failed to run delayed ref for logical 6881280 num_bytes 4096 type 176 action 2 ref_mod 1: -2
BTRFS: error (device loop4 state EA) in btrfs_run_delayed_refs:2159: errno=-2 No such entry
BTRFS warning (device loop4 state EA): failed to rebuild free space tree: -2
BTRFS error (device loop4 state EA): commit super ret -30
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6913 at fs/btrfs/block-group.c:159 btrfs_put_block_group+0x2cc/0x364 fs/btrfs/block-group.c:159
Modules linked in:
CPU: 0 UID: 0 PID: 6913 Comm: syz.4.64 Tainted: G        W           6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : btrfs_put_block_group+0x2cc/0x364 fs/btrfs/block-group.c:159
lr : btrfs_put_block_group+0x2cc/0x364 fs/btrfs/block-group.c:159
sp : ffff8000a3697450
x29: ffff8000a3697450 x28: 1fffe00020daf52c x27: dfff800000000000
x26: ffff000106d791c0 x25: 0000000000000001 x24: ffff000106d7a9a8
x23: dfff800000000000 x22: 0000000000000000 x21: 0000000000000001
x20: 0000000000001000 x19: ffff000106d7a800 x18: 00000000ffffffff
x17: ffff800093320000 x16: ffff80008052bb74 x15: 0000000000000001
x14: 1fffe00020daf535 x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000080000 x10: 000000000007ffff x9 : ffff8000a8626000
x8 : 0000000000080000 x7 : ffff80008022c5c0 x6 : ffff80008022c7bc
x5 : ffff0000ccf349b0 x4 : ffff8000a3697180 x3 : ffff8000824eb578
x2 : 0000000000000001 x1 : 0000000000001000 x0 : 0000000000000000
Call trace:
 btrfs_put_block_group+0x2cc/0x364 fs/btrfs/block-group.c:159 (P)
 btrfs_free_block_groups+0x99c/0xd0c fs/btrfs/block-group.c:4551
 close_ctree+0x644/0xb40 fs/btrfs/disk-io.c:4411
 open_ctree+0x1ff4/0x22ac fs/btrfs/disk-io.c:-1
 btrfs_fill_super+0x184/0x2c0 fs/btrfs/super.c:968
 btrfs_get_tree_super fs/btrfs/super.c:1893 [inline]
 btrfs_get_tree+0xc50/0x1040 fs/btrfs/super.c:2088
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 fc_mount+0x24/0xac fs/namespace.c:1290
 btrfs_get_tree_subvol fs/btrfs/super.c:2046 [inline]
 btrfs_get_tree+0x4d8/0x1040 fs/btrfs/super.c:2089
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 do_new_mount+0x228/0x814 fs/namespace.c:3885
 path_mount+0x5b4/0xde0 fs/namespace.c:4209
 do_mount fs/namespace.c:4222 [inline]
 __do_sys_mount fs/namespace.c:4433 [inline]
 __se_sys_mount fs/namespace.c:4410 [inline]
 __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4410
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 52876
hardirqs last  enabled at (52875): [<ffff800080c3ff04>] kasan_quarantine_put+0x1a0/0x1c8 mm/kasan/quarantine.c:234
hardirqs last disabled at (52876): [<ffff80008aec67ac>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (52504): [<ffff8000803cee94>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (52504): [<ffff8000803cee94>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (52493): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6913 at fs/btrfs/block-group.c:159 btrfs_put_block_group+0x2cc/0x364 fs/btrfs/block-group.c:159
Modules linked in:
CPU: 0 UID: 0 PID: 6913 Comm: syz.4.64 Tainted: G        W           6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : btrfs_put_block_group+0x2cc/0x364 fs/btrfs/block-group.c:159
lr : btrfs_put_block_group+0x2cc/0x364 fs/btrfs/block-group.c:159
sp : ffff8000a3697450
x29: ffff8000a3697450 x28: 1fffe00020daf42c x27: dfff800000000000
x26: ffff000106d791c0 x25: 0000000000000001 x24: ffff000106d7a1a8
x23: dfff800000000000 x22: 0000000000000000 x21: 0000000000000001
x20: 0000000000002000 x19: ffff000106d7a000 x18: 00000000ffffffff
x17: ffff800093320000 x16: ffff80008052bb74 x15: 0000000000000001
x14: 1fffe00020daf435 x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000080000 x10: 000000000007ffff x9 : ffff8000a8626000
x8 : 0000000000080000 x7 : 0000000000000000 x6 : 000000000000003f
x5 : 0000000000000040 x4 : 0000000000000001 x3 : ffff8000824eb578
x2 : 0000000000000001 x1 : 0000000000002000 x0 : 0000000000000000
Call trace:
 btrfs_put_block_group+0x2cc/0x364 fs/btrfs/block-group.c:159 (P)
 btrfs_free_block_groups+0x99c/0xd0c fs/btrfs/block-group.c:4551
 close_ctree+0x644/0xb40 fs/btrfs/disk-io.c:4411
 open_ctree+0x1ff4/0x22ac fs/btrfs/disk-io.c:-1
 btrfs_fill_super+0x184/0x2c0 fs/btrfs/super.c:968
 btrfs_get_tree_super fs/btrfs/super.c:1893 [inline]
 btrfs_get_tree+0xc50/0x1040 fs/btrfs/super.c:2088
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 fc_mount+0x24/0xac fs/namespace.c:1290
 btrfs_get_tree_subvol fs/btrfs/super.c:2046 [inline]
 btrfs_get_tree+0x4d8/0x1040 fs/btrfs/super.c:2089
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 do_new_mount+0x228/0x814 fs/namespace.c:3885
 path_mount+0x5b4/0xde0 fs/namespace.c:4209
 do_mount fs/namespace.c:4222 [inline]
 __do_sys_mount fs/namespace.c:4433 [inline]
 __se_sys_mount fs/namespace.c:4410 [inline]
 __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4410
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 55792
hardirqs last  enabled at (55791): [<ffff800080c3ff04>] kasan_quarantine_put+0x1a0/0x1c8 mm/kasan/quarantine.c:234
hardirqs last disabled at (55792): [<ffff80008aec67ac>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (55758): [<ffff8000803cee94>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (55758): [<ffff8000803cee94>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (52879): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 1 PID: 6913 at fs/btrfs/block-rsv.c:465 btrfs_release_global_block_rsv+0x218/0x22c fs/btrfs/block-rsv.c:465
Modules linked in:
CPU: 1 UID: 0 PID: 6913 Comm: syz.4.64 Tainted: G        W           6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : btrfs_release_global_block_rsv+0x218/0x22c fs/btrfs/block-rsv.c:465
lr : btrfs_release_global_block_rsv+0x218/0x22c fs/btrfs/block-rsv.c:465
sp : ffff8000a3697460
x29: ffff8000a3697460 x28: 1fffe00020daf32c x27: dfff800000000000
x26: ffff000106d79858 x25: 0000000000000001 x24: ffff000106d799a8
x23: ffff000106d79800 x22: 0000000000000000 x21: dfff800000000000
x20: 000000000005e000 x19: ffff0000f5504400 x18: 00000000ffffffff
x17: ffff800093320000 x16: ffff80008052bb74 x15: 0000000000000001
x14: 1fffe00020daf204 x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000080000 x10: 000000000007ffff x9 : ffff8000a8626000
x8 : 0000000000080000 x7 : ffff8000824e6364 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80008052bc7c
x2 : 0000000000000001 x1 : 000000000005e000 x0 : 0000000000000000
Call trace:
 btrfs_release_global_block_rsv+0x218/0x22c fs/btrfs/block-rsv.c:465 (P)
 btrfs_free_block_groups+0xa48/0xd0c fs/btrfs/block-group.c:4557
 close_ctree+0x644/0xb40 fs/btrfs/disk-io.c:4411
 open_ctree+0x1ff4/0x22ac fs/btrfs/disk-io.c:-1
 btrfs_fill_super+0x184/0x2c0 fs/btrfs/super.c:968
 btrfs_get_tree_super fs/btrfs/super.c:1893 [inline]
 btrfs_get_tree+0xc50/0x1040 fs/btrfs/super.c:2088
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 fc_mount+0x24/0xac fs/namespace.c:1290
 btrfs_get_tree_subvol fs/btrfs/super.c:2046 [inline]
 btrfs_get_tree+0x4d8/0x1040 fs/btrfs/super.c:2089
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 do_new_mount+0x228/0x814 fs/namespace.c:3885
 path_mount+0x5b4/0xde0 fs/namespace.c:4209
 do_mount fs/namespace.c:4222 [inline]
 __do_sys_mount fs/namespace.c:4433 [inline]
 __se_sys_mount fs/namespace.c:4410 [inline]
 __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4410
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 56186
hardirqs last  enabled at (56185): [<ffff800080c3ff04>] kasan_quarantine_put+0x1a0/0x1c8 mm/kasan/quarantine.c:234
hardirqs last disabled at (56186): [<ffff80008aec67ac>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (56156): [<ffff8000803cee94>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (56156): [<ffff8000803cee94>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (55797): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 1 PID: 6913 at fs/btrfs/block-rsv.c:466 btrfs_release_global_block_rsv+0x224/0x22c fs/btrfs/block-rsv.c:466
Modules linked in:
CPU: 1 UID: 0 PID: 6913 Comm: syz.4.64 Tainted: G        W           6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : btrfs_release_global_block_rsv+0x224/0x22c fs/btrfs/block-rsv.c:466
lr : btrfs_release_global_block_rsv+0x224/0x22c fs/btrfs/block-rsv.c:466
sp : ffff8000a3697460
x29: ffff8000a3697460 x28: 1fffe00020daf32c x27: dfff800000000000
x26: ffff000106d79858 x25: 0000000000000001 x24: ffff000106d799a8
x23: ffff000106d79800 x22: 0000000000000000 x21: dfff800000000000
x20: 000000000005e000 x19: 00000000000c0000 x18: 00000000ffffffff
x17: ffff800093320000 x16: ffff80008052bb74 x15: 0000000000000001
x14: 1fffe00020daf204 x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000080000 x10: 000000000007ffff x9 : ffff8000a8626000
x8 : 0000000000080000 x7 : ffff8000824e6364 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80008052bc7c
x2 : 0000000000000001 x1 : 00000000000c0000 x0 : 0000000000000000
Call trace:
 btrfs_release_global_block_rsv+0x224/0x22c fs/btrfs/block-rsv.c:466 (P)
 btrfs_free_block_groups+0xa48/0xd0c fs/btrfs/block-group.c:4557
 close_ctree+0x644/0xb40 fs/btrfs/disk-io.c:4411
 open_ctree+0x1ff4/0x22ac fs/btrfs/disk-io.c:-1
 btrfs_fill_super+0x184/0x2c0 fs/btrfs/super.c:968
 btrfs_get_tree_super fs/btrfs/super.c:1893 [inline]
 btrfs_get_tree+0xc50/0x1040 fs/btrfs/super.c:2088
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 fc_mount+0x24/0xac fs/namespace.c:1290
 btrfs_get_tree_subvol fs/btrfs/super.c:2046 [inline]
 btrfs_get_tree+0x4d8/0x1040 fs/btrfs/super.c:2089
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 do_new_mount+0x228/0x814 fs/namespace.c:3885
 path_mount+0x5b4/0xde0 fs/namespace.c:4209
 do_mount fs/namespace.c:4222 [inline]
 __do_sys_mount fs/namespace.c:4433 [inline]
 __se_sys_mount fs/namespace.c:4410 [inline]
 __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4410
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 56382
hardirqs last  enabled at (56381): [<ffff80008aec8cb0>] __exit_to_kernel_mode arch/arm64/kernel/entry-common.c:85 [inline]
hardirqs last  enabled at (56381): [<ffff80008aec8cb0>] exit_to_kernel_mode+0xc0/0xf0 arch/arm64/kernel/entry-common.c:95
hardirqs last disabled at (56382): [<ffff80008aec67ac>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (56376): [<ffff8000803cee94>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (56376): [<ffff8000803cee94>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (56191): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 1 PID: 6913 at fs/btrfs/block-group.c:4445 check_removing_space_info+0x10c/0x280 fs/btrfs/block-group.c:4446
Modules linked in:
CPU: 1 UID: 0 PID: 6913 Comm: syz.4.64 Tainted: G        W           6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_removing_space_info+0x10c/0x280 fs/btrfs/block-group.c:4446
lr : check_removing_space_info+0x260/0x280 fs/btrfs/block-group.c:4445
sp : ffff8000a3697450
x29: ffff8000a3697450 x28: 1fffe00020daf32c x27: dfff800000000000
x26: ffff000106d79858 x25: 0000000000000001 x24: 1fffe00020daf202
x23: dfff800000000000 x22: 0000000000000000 x21: 000000000005e000
x20: ffff0000f5504000 x19: ffff000106d79000 x18: 00000000ffffffff
x17: ffff800093320000 x16: ffff80008052bb74 x15: 0000000000000001
x14: 1fffe00020daf204 x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000080000 x10: 000000000007ffff x9 : ffff8000a8626000
x8 : 0000000000080000 x7 : ffff8000824e6364 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000
x2 : 0000000000000000 x1 : ffff000106d79000 x0 : ffff0000f5504000
Call trace:
 check_removing_space_info+0x10c/0x280 fs/btrfs/block-group.c:4446 (P)
 btrfs_free_block_groups+0xa7c/0xd0c fs/btrfs/block-group.c:4563
 close_ctree+0x644/0xb40 fs/btrfs/disk-io.c:4411
 open_ctree+0x1ff4/0x22ac fs/btrfs/disk-io.c:-1
 btrfs_fill_super+0x184/0x2c0 fs/btrfs/super.c:968
 btrfs_get_tree_super fs/btrfs/super.c:1893 [inline]
 btrfs_get_tree+0xc50/0x1040 fs/btrfs/super.c:2088
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 fc_mount+0x24/0xac fs/namespace.c:1290
 btrfs_get_tree_subvol fs/btrfs/super.c:2046 [inline]
 btrfs_get_tree+0x4d8/0x1040 fs/btrfs/super.c:2089
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 do_new_mount+0x228/0x814 fs/namespace.c:3885
 path_mount+0x5b4/0xde0 fs/namespace.c:4209
 do_mount fs/namespace.c:4222 [inline]
 __do_sys_mount fs/namespace.c:4433 [inline]
 __se_sys_mount fs/namespace.c:4410 [inline]
 __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4410
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 56574
hardirqs last  enabled at (56573): [<ffff80008aec8cb0>] __exit_to_kernel_mode arch/arm64/kernel/entry-common.c:85 [inline]
hardirqs last  enabled at (56573): [<ffff80008aec8cb0>] exit_to_kernel_mode+0xc0/0xf0 arch/arm64/kernel/entry-common.c:95
hardirqs last disabled at (56574): [<ffff80008aec67ac>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (56568): [<ffff8000803cee94>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (56568): [<ffff8000803cee94>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (56387): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
BTRFS info (device loop4 state EA): space_info DATA+METADATA (sub-group id 0) has 2838528 free, is not full
BTRFS info (device loop4 state EA): space_info total=3276800, used=40960, pinned=0, reserved=12288, may_use=385024, readonly=0 zone_unusable=0
BTRFS info (device loop4 state EA): global_block_rsv: size 0 reserved 0
BTRFS info (device loop4 state EA): trans_block_rsv: size 0 reserved 0
BTRFS info (device loop4 state EA): chunk_block_rsv: size 0 reserved 0
BTRFS info (device loop4 state EA): delayed_block_rsv: size 0 reserved 0
BTRFS info (device loop4 state EA): delayed_refs_rsv: size 786432 reserved 385024
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6913 at fs/btrfs/block-group.c:4456 check_removing_space_info+0x248/0x280 fs/btrfs/block-group.c:4457
Modules linked in:
CPU: 0 UID: 0 PID: 6913 Comm: syz.4.64 Tainted: G        W           6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_removing_space_info+0x248/0x280 fs/btrfs/block-group.c:4457
lr : check_removing_space_info+0x238/0x280 fs/btrfs/block-group.c:4456
sp : ffff8000a3697450
x29: ffff8000a3697450 x28: 1fffe00020daf32c x27: dfff800000000000
x26: ffff000106d79858 x25: 0000000000000001 x24: 1fffe00020daf202
x23: dfff800000000000 x22: 0000000000000000 x21: 0000000000003000
x20: ffff0000f5504000 x19: ffff000106d79000 x18: 1fffe000337dc876
x17: ffff80008f62e000 x16: ffff80008aecb65c x15: 0000000000000001
x14: 1fffe000337df620 x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000080000 x10: 000000000007ffff x9 : ffff8000a8626000
x8 : 0000000000080000 x7 : ffff800080487a94 x6 : 0000000000000000
x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000
x2 : 0000000000000000 x1 : ffff000106d79000 x0 : ffff0000f5504000
Call trace:
 check_removing_space_info+0x248/0x280 fs/btrfs/block-group.c:4457 (P)
 btrfs_free_block_groups+0xa7c/0xd0c fs/btrfs/block-group.c:4563
 close_ctree+0x644/0xb40 fs/btrfs/disk-io.c:4411
 open_ctree+0x1ff4/0x22ac fs/btrfs/disk-io.c:-1
 btrfs_fill_super+0x184/0x2c0 fs/btrfs/super.c:968
 btrfs_get_tree_super fs/btrfs/super.c:1893 [inline]
 btrfs_get_tree+0xc50/0x1040 fs/btrfs/super.c:2088
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 fc_mount+0x24/0xac fs/namespace.c:1290
 btrfs_get_tree_subvol fs/btrfs/super.c:2046 [inline]
 btrfs_get_tree+0x4d8/0x1040 fs/btrfs/super.c:2089
 vfs_get_tree+0x90/0x28c fs/super.c:1802
 do_new_mount+0x228/0x814 fs/namespace.c:3885
 path_mount+0x5b4/0xde0 fs/namespace.c:4209
 do_mount fs/namespace.c:4222 [inline]
 __do_sys_mount fs/namespace.c:4433 [inline]
 __se_sys_mount fs/namespace.c:4410 [inline]
 __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4410
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 56852
hardirqs last  enabled at (56851): [<ffff800080487b28>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1544 [inline]
hardirqs last  enabled at (56851): [<ffff800080487b28>] finish_lock_switch+0xb0/0x1c0 kernel/sched/core.c:5144
hardirqs last disabled at (56852): [<ffff80008aec67ac>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (56760): [<ffff8000803cee94>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (56760): [<ffff8000803cee94>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (56579): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
BTRFS info (device loop4 state EA): space_info DATA+METADATA (sub-group id 0) has 2838528 free, is not full
BTRFS info (device loop4 state EA): space_info total=3276800, used=40960, pinned=0, reserved=12288, may_use=385024, readonly=0 zone_unusable=0
BTRFS info (device loop4 state EA): global_block_rsv: size 0 reserved 0
BTRFS info (device loop4 state EA): trans_block_rsv: size 0 reserved 0
BTRFS info (device loop4 state EA): chunk_block_rsv: size 0 reserved 0
BTRFS info (device loop4 state EA): delayed_block_rsv: size 0 reserved 0
BTRFS info (device loop4 state EA): delayed_refs_rsv: size 786432 reserved 385024
BTRFS error (device loop4 state EA): open_ctree failed: -2
UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
misc raw-gadget: fail, usb_gadget_register_driver returned -16