144][T13278]  ? __pfx_lock_acquire+0x10/0x10
[  431.823164][T13278]  ? __lock_acquire+0x1397/0x2100
[  431.823180][T13278]  btrfs_run_delayed_refs+0xe3/0x2f0
[  431.823205][T13278]  btrfs_commit_transaction+0x4b9/0x3760
[  431.823223][T13278]  ? btrfs_commit_transaction+0x177/0x3760
[  431.823245][T13278]  ? __asan_memset+0x23/0x50
[  431.823258][T13278]  ? lockdep_init_map_type+0xa1/0x910
[  431.823271][T13278]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  431.823285][T13278]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  431.823304][T13278]  ? join_transaction+0x405/0xda0
[  431.823321][T13278]  ? btrfs_record_root_in_trans+0x12d/0x190
[  431.823336][T13278]  ? start_transaction+0x45f/0x16b0
[  431.823360][T13278]  try_flush_qgroup+0x1ec/0x340
[  431.823373][T13278]  ? kfree+0x196/0x430
[  431.823383][T13278]  ? __pfx_try_flush_qgroup+0x10/0x10
[  431.823396][T13278]  ? qgroup_reserve_data+0x6ab/0x8c0
[  431.823416][T13278]  btrfs_qgroup_reserve_data+0x68/0xb0
[  431.823429][T13278]  btrfs_check_data_free_space+0x149/0x240
[  431.823448][T13278]  btrfs_buffered_write+0x519/0x1250
[  431.823484][T13278]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  431.823510][T13278]  ? __lock_acquire+0x1397/0x2100
[  431.823528][T13278]  btrfs_do_write_iter+0x279/0x7b0
[  431.823550][T13278]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  431.823572][T13278]  do_iter_readv_writev+0x71a/0x9d0
[  431.823590][T13278]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  431.823603][T13278]  ? rcu_read_lock_any_held+0xb7/0x160
[  431.823625][T13278]  vfs_writev+0x38b/0xbc0
[  431.823648][T13278]  ? __pfx_vfs_writev+0x10/0x10
[  431.823659][T13278]  ? vfs_write+0x7fa/0xd10
[  431.823683][T13278]  ? __fget_files+0x2a/0x410
[  431.823697][T13278]  ? __fget_files+0x395/0x410
[  431.823707][T13278]  ? __fget_files+0x2a/0x410
[  431.823724][T13278]  __se_sys_pwritev2+0x196/0x2b0
[  431.823742][T13278]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  431.823758][T13278]  ? do_syscall_64+0x100/0x230
[  431.823792][T13278]  ? __x64_sys_pwritev2+0x21/0xf0
[  431.823809][T13278]  do_syscall_64+0xf3/0x230
[  431.823823][T13278]  ? clear_bhb_loop+0x35/0x90
[  431.823839][T13278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.823852][T13278] RIP: 0033:0x7f844d97e719
[  431.823865][T13278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.823874][T13278] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  431.823888][T13278] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  431.823896][T13278] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  431.823903][T13278] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  431.823910][T13278] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  431.823917][T13278] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  431.823935][T13278]  </TASK>
[  431.826923][ T1037] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  432.070200][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  432.432279][T13296] loop0: detected capacity change from 0 to 32768
[  432.443208][T13296] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.428 (13296)
[  432.469765][T13296] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  432.479653][T13296] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  432.492731][T13296] BTRFS info (device loop0): using free-space-tree
[  432.564457][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  432.568971][T13296] FAULT_INJECTION: forcing a failure.
[  432.568971][T13296] name failslab, interval 1, probability 0, space 0, times 0
[  432.574298][T13296] CPU: 0 UID: 0 PID: 13296 Comm: syz.0.428 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  432.574315][T13296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  432.574323][T13296] Call Trace:
[  432.574327][T13296]  <TASK>
[  432.574333][T13296]  dump_stack_lvl+0x241/0x360
[  432.574351][T13296]  ? __pfx_dump_stack_lvl+0x10/0x10
[  432.574363][T13296]  ? __pfx__printk+0x10/0x10
[  432.574380][T13296]  ? fs_reclaim_acquire+0x93/0x130
[  432.574396][T13296]  ? __pfx___might_resched+0x10/0x10
[  432.574411][T13296]  should_fail_ex+0x40a/0x550
[  432.574427][T13296]  should_failslab+0xac/0x100
[  432.574439][T13296]  ? add_to_free_space_tree+0xc9/0x320
[  432.574454][T13296]  kmem_cache_alloc_noprof+0x70/0x380
[  432.574470][T13296]  add_to_free_space_tree+0xc9/0x320
[  432.574487][T13296]  __btrfs_free_extent+0x1ce9/0x3980
[  432.574511][T13296]  ? __pfx___btrfs_free_extent+0x10/0x10
[  432.574554][T13296]  ? __lock_acquire+0x2100/0x2100
[  432.574569][T13296]  ? do_raw_read_unlock+0x3c/0x80
[  432.574585][T13296]  ? do_raw_spin_unlock+0x58/0x8b0
[  432.574600][T13296]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  432.574627][T13296]  ? validate_chain+0x11e/0x5920
[  432.574655][T13296]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  432.574673][T13296]  ? unwind_get_return_address+0x4d/0x90
[  432.574689][T13296]  ? arch_stack_walk+0xfd/0x150
[  432.574717][T13296]  ? __pfx_lock_acquire+0x10/0x10
[  432.574737][T13296]  ? __lock_acquire+0x1397/0x2100
[  432.574753][T13296]  btrfs_run_delayed_refs+0xe3/0x2f0
[  432.574771][T13296]  btrfs_commit_transaction+0x4b9/0x3760
[  432.574790][T13296]  ? btrfs_commit_transaction+0x177/0x3760
[  432.574811][T13296]  ? __asan_memset+0x23/0x50
[  432.574823][T13296]  ? lockdep_init_map_type+0xa1/0x910
[  432.574838][T13296]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  432.574852][T13296]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  432.574870][T13296]  ? join_transaction+0x405/0xda0
[  432.574887][T13296]  ? btrfs_record_root_in_trans+0x12d/0x190
[  432.574901][T13296]  ? start_transaction+0x45f/0x16b0
[  432.574933][T13296]  try_flush_qgroup+0x1ec/0x340
[  432.574944][T13296]  ? kfree+0x196/0x430
[  432.574953][T13296]  ? __pfx_try_flush_qgroup+0x10/0x10
[  432.574964][T13296]  ? qgroup_reserve_data+0x6ab/0x8c0
[  432.574984][T13296]  btrfs_qgroup_reserve_data+0x68/0xb0
[  432.574998][T13296]  btrfs_check_data_free_space+0x149/0x240
[  432.575014][T13296]  btrfs_buffered_write+0x519/0x1250
[  432.575047][T13296]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  432.575071][T13296]  ? __lock_acquire+0x1397/0x2100
[  432.575088][T13296]  btrfs_do_write_iter+0x279/0x7b0
[  432.575109][T13296]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  432.575129][T13296]  do_iter_readv_writev+0x71a/0x9d0
[  432.575149][T13296]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  432.575162][T13296]  ? rcu_read_lock_any_held+0xb7/0x160
[  432.575184][T13296]  vfs_writev+0x38b/0xbc0
[  432.575207][T13296]  ? __pfx_vfs_writev+0x10/0x10
[  432.575217][T13296]  ? vfs_write+0x7fa/0xd10
[  432.575239][T13296]  ? __fget_files+0x2a/0x410
[  432.575251][T13296]  ? __fget_files+0x395/0x410
[  432.575260][T13296]  ? __fget_files+0x2a/0x410
[  432.575276][T13296]  __se_sys_pwritev2+0x196/0x2b0
[  432.575293][T13296]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  432.575310][T13296]  ? do_syscall_64+0x100/0x230
[  432.575326][T13296]  ? __x64_sys_pwritev2+0x21/0xf0
[  432.575342][T13296]  do_syscall_64+0xf3/0x230
[  432.575356][T13296]  ? clear_bhb_loop+0x35/0x90
[  432.575374][T13296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.575388][T13296] RIP: 0033:0x7f844d97e719
[  432.575401][T13296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.575411][T13296] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  432.575423][T13296] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  432.575431][T13296] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  432.575437][T13296] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  432.575443][T13296] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  432.575450][T13296] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  432.575467][T13296]  </TASK>
[  432.575477][T13296] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  432.766843][T13296] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  432.770706][T13296] BTRFS info (device loop0 state EA): forced readonly
[  432.774778][T13296] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  432.778790][T13296] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  432.784741][T13296] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  432.794713][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  432.799434][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  432.804650][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  433.175870][T13314] loop0: detected capacity change from 0 to 32768
[  433.188338][T13314] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.429 (13314)
[  433.212904][T13314] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  433.217189][T13314] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  433.220572][T13314] BTRFS info (device loop0): using free-space-tree
[  433.323149][ T1037] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  433.342248][T13314] FAULT_INJECTION: forcing a failure.
[  433.342248][T13314] name failslab, interval 1, probability 0, space 0, times 0
[  433.347141][T13314] CPU: 0 UID: 0 PID: 13314 Comm: syz.0.429 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  433.347158][T13314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.347165][T13314] Call Trace:
[  433.347170][T13314]  <TASK>
[  433.347176][T13314]  dump_stack_lvl+0x241/0x360
[  433.347200][T13314]  ? __pfx_dump_stack_lvl+0x10/0x10
[  433.347211][T13314]  ? __pfx__printk+0x10/0x10
[  433.347229][T13314]  ? fs_reclaim_acquire+0x93/0x130
[  433.347245][T13314]  ? __pfx___might_resched+0x10/0x10
[  433.347259][T13314]  ? do_iter_readv_writev+0x71a/0x9d0
[  433.347273][T13314]  ? __se_sys_pwritev2+0x196/0x2b0
[  433.347290][T13314]  should_fail_ex+0x40a/0x550
[  433.347306][T13314]  should_failslab+0xac/0x100
[  433.347317][T13314]  ? alloc_extent_state+0x25/0x310
[  433.347331][T13314]  kmem_cache_alloc_noprof+0x70/0x380
[  433.347346][T13314]  alloc_extent_state+0x25/0x310
[  433.347362][T13314]  __set_extent_bit+0x1fd/0x1e60
[  433.347387][T13314]  ? __kasan_kmalloc+0x98/0xb0
[  433.347403][T13314]  set_record_extent_bits+0x51/0x90
[  433.347416][T13314]  qgroup_reserve_data+0x27c/0x8c0
[  433.347436][T13314]  btrfs_check_data_free_space+0x149/0x240
[  433.347453][T13314]  btrfs_buffered_write+0x519/0x1250
[  433.347484][T13314]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  433.347507][T13314]  ? __lock_acquire+0x1397/0x2100
[  433.347527][T13314]  btrfs_do_write_iter+0x279/0x7b0
[  433.347547][T13314]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  433.347568][T13314]  do_iter_readv_writev+0x71a/0x9d0
[  433.347584][T13314]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  433.347597][T13314]  ? rcu_read_lock_any_held+0xb7/0x160
[  433.347617][T13314]  vfs_writev+0x38b/0xbc0
[  433.347636][T13314]  ? __pfx_vfs_writev+0x10/0x10
[  433.347646][T13314]  ? vfs_write+0x7fa/0xd10
[  433.347668][T13314]  ? __fget_files+0x2a/0x410
[  433.347680][T13314]  ? __fget_files+0x395/0x410
[  433.347690][T13314]  ? __fget_files+0x2a/0x410
[  433.347707][T13314]  __se_sys_pwritev2+0x196/0x2b0
[  433.347723][T13314]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  433.347737][T13314]  ? do_syscall_64+0x100/0x230
[  433.347753][T13314]  ? __x64_sys_pwritev2+0x21/0xf0
[  433.347769][T13314]  do_syscall_64+0xf3/0x230
[  433.347782][T13314]  ? clear_bhb_loop+0x35/0x90
[  433.347797][T13314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.347811][T13314] RIP: 0033:0x7f844d97e719
[  433.347822][T13314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.347831][T13314] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  433.347846][T13314] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  433.347854][T13314] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  433.347861][T13314] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  433.347869][T13314] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  433.347875][T13314] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  433.347891][T13314]  </TASK>
[  433.483591][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  433.838589][T13332] loop0: detected capacity change from 0 to 32768
[  433.866411][T13332] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.430 (13332)
[  433.884256][T13332] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  433.902414][T13332] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  433.905747][T13332] BTRFS info (device loop0): using free-space-tree
[  433.963250][T13332] FAULT_INJECTION: forcing a failure.
[  433.963250][T13332] name failslab, interval 1, probability 0, space 0, times 0
[  433.968344][T13332] CPU: 0 UID: 0 PID: 13332 Comm: syz.0.430 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  433.968360][T13332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.968367][T13332] Call Trace:
[  433.968374][T13332]  <TASK>
[  433.968380][T13332]  dump_stack_lvl+0x241/0x360
[  433.968400][T13332]  ? __pfx_dump_stack_lvl+0x10/0x10
[  433.968412][T13332]  ? __pfx__printk+0x10/0x10
[  433.968431][T13332]  ? fs_reclaim_acquire+0x93/0x130
[  433.968447][T13332]  ? __pfx___might_resched+0x10/0x10
[  433.968464][T13332]  should_fail_ex+0x40a/0x550
[  433.968481][T13332]  should_failslab+0xac/0x100
[  433.968496][T13332]  ? add_to_free_space_tree+0xc9/0x320
[  433.968509][T13332]  kmem_cache_alloc_noprof+0x70/0x380
[  433.968535][T13332]  add_to_free_space_tree+0xc9/0x320
[  433.968553][T13332]  __btrfs_free_extent+0x1ce9/0x3980
[  433.968581][T13332]  ? __pfx___btrfs_free_extent+0x10/0x10
[  433.968600][T13332]  ? __lock_acquire+0x2100/0x2100
[  433.968614][T13332]  ? do_raw_read_unlock+0x3c/0x80
[  433.968632][T13332]  ? do_raw_spin_unlock+0x58/0x8b0
[  433.968652][T13332]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  433.968680][T13332]  ? validate_chain+0x11e/0x5920
[  433.968713][T13332]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  433.968733][T13332]  ? unwind_get_return_address+0x4d/0x90
[  433.968748][T13332]  ? arch_stack_walk+0xfd/0x150
[  433.968775][T13332]  ? __pfx_lock_acquire+0x10/0x10
[  433.968795][T13332]  ? __lock_acquire+0x1397/0x2100
[  433.968812][T13332]  btrfs_run_delayed_refs+0xe3/0x2f0
[  433.968833][T13332]  btrfs_commit_transaction+0x4b9/0x3760
[  433.968850][T13332]  ? btrfs_commit_transaction+0x177/0x3760
[  433.968875][T13332]  ? __asan_memset+0x23/0x50
[  433.968889][T13332]  ? lockdep_init_map_type+0xa1/0x910
[  433.968904][T13332]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  433.968921][T13332]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  433.968940][T13332]  ? join_transaction+0x405/0xda0
[  433.968959][T13332]  ? btrfs_record_root_in_trans+0x12d/0x190
[  433.968975][T13332]  ? start_transaction+0x45f/0x16b0
[  433.969003][T13332]  try_flush_qgroup+0x1ec/0x340
[  433.969015][T13332]  ? kfree+0x196/0x430
[  433.969025][T13332]  ? __pfx_try_flush_qgroup+0x10/0x10
[  433.969038][T13332]  ? qgroup_reserve_data+0x6ab/0x8c0
[  433.969059][T13332]  btrfs_qgroup_reserve_data+0x68/0xb0
[  433.969074][T13332]  btrfs_check_data_free_space+0x149/0x240
[  433.969091][T13332]  btrfs_buffered_write+0x519/0x1250
[  433.969126][T13332]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  433.969152][T13332]  ? __lock_acquire+0x1397/0x2100
[  433.969169][T13332]  btrfs_do_write_iter+0x279/0x7b0
[  433.969196][T13332]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  433.969218][T13332]  do_iter_readv_writev+0x71a/0x9d0
[  433.969237][T13332]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  433.969250][T13332]  ? rcu_read_lock_any_held+0xb7/0x160
[  433.969273][T13332]  vfs_writev+0x38b/0xbc0
[  433.969295][T13332]  ? __pfx_vfs_writev+0x10/0x10
[  433.969306][T13332]  ? vfs_write+0x7fa/0xd10
[  433.969328][T13332]  ? __fget_files+0x2a/0x410
[  433.969341][T13332]  ? __fget_files+0x395/0x410
[  433.969351][T13332]  ? __fget_files+0x2a/0x410
[  433.969368][T13332]  __se_sys_pwritev2+0x196/0x2b0
[  433.969386][T13332]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  433.969401][T13332]  ? do_syscall_64+0x100/0x230
[  433.969417][T13332]  ? __x64_sys_pwritev2+0x21/0xf0
[  433.969434][T13332]  do_syscall_64+0xf3/0x230
[  433.969448][T13332]  ? clear_bhb_loop+0x35/0x90
[  433.969464][T13332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.969478][T13332] RIP: 0033:0x7f844d97e719
[  433.969490][T13332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.969500][T13332] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  433.969513][T13332] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  433.969521][T13332] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  433.969528][T13332] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  433.969535][T13332] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  433.969543][T13332] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  433.969560][T13332]  </TASK>
[  433.969570][T13332] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  434.181211][ T3025] BTRFS info (device loop0 state A): qgroup scan completed (inconsistency flag cleared)
[  434.186749][T13332] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  434.190773][T13332] BTRFS info (device loop0 state EA): forced readonly
[  434.194040][T13332] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  434.198178][T13332] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  434.204683][T13332] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  434.213974][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  434.218942][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  434.224058][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  434.583680][T13350] loop0: detected capacity change from 0 to 32768
[  434.604107][T13350] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.431 (13350)
[  434.632174][T13350] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  434.636064][T13350] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  434.639104][T13350] BTRFS info (device loop0): using free-space-tree
[  434.705032][T13350] FAULT_INJECTION: forcing a failure.
[  434.705032][T13350] name failslab, interval 1, probability 0, space 0, times 0
[  434.709874][T13350] CPU: 0 UID: 0 PID: 13350 Comm: syz.0.431 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  434.709892][T13350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  434.709899][T13350] Call Trace:
[  434.709904][T13350]  <TASK>
[  434.709910][T13350]  dump_stack_lvl+0x241/0x360
[  434.709930][T13350]  ? __pfx_dump_stack_lvl+0x10/0x10
[  434.709941][T13350]  ? __pfx__printk+0x10/0x10
[  434.709960][T13350]  ? fs_reclaim_acquire+0x93/0x130
[  434.709976][T13350]  ? __pfx___might_resched+0x10/0x10
[  434.709993][T13350]  should_fail_ex+0x40a/0x550
[  434.710009][T13350]  should_failslab+0xac/0x100
[  434.710021][T13350]  ? alloc_extent_state+0x25/0x310
[  434.710035][T13350]  kmem_cache_alloc_noprof+0x70/0x380
[  434.710050][T13350]  alloc_extent_state+0x25/0x310
[  434.710067][T13350]  __set_extent_bit+0x1fd/0x1e60
[  434.710090][T13350]  ? __asan_memcpy+0x40/0x70
[  434.710108][T13350]  set_extent_bit+0x3b/0x50
[  434.710127][T13350]  btrfs_alloc_tree_block+0x96b/0x1440
[  434.710152][T13350]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  434.710169][T13350]  ? __lock_acquire+0x1397/0x2100
[  434.710196][T13350]  ? read_extent_buffer+0x11b/0x540
[  434.710221][T13350]  btrfs_force_cow_block+0x526/0x1fd0
[  434.710243][T13350]  ? __pfx_lock_acquire+0x10/0x10
[  434.710267][T13350]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  434.710280][T13350]  ? btrfs_qgroup_add_swapped_blocks+0x8d0/0x9b0
[  434.710298][T13350]  ? down_write_nested+0x195/0x220
[  434.710311][T13350]  ? __pfx_down_write_nested+0x10/0x10
[  434.710326][T13350]  btrfs_cow_block+0x371/0x830
[  434.710349][T13350]  btrfs_search_slot+0xc01/0x3180
[  434.710363][T13350]  ? unwind_get_return_address+0x4d/0x90
[  434.710395][T13350]  ? __pfx_btrfs_search_slot+0x10/0x10
[  434.710407][T13350]  ? btrfs_extent_root+0x2a1/0x3b0
[  434.710425][T13350]  ? __pfx_btrfs_extent_root+0x10/0x10
[  434.710440][T13350]  ? stack_depot_save_flags+0x37/0x940
[  434.710458][T13350]  ? __btrfs_free_extent+0x357/0x3980
[  434.710474][T13350]  lookup_inline_extent_backref+0x448/0x1b40
[  434.710486][T13350]  ? btrfs_commit_transaction+0x4b9/0x3760
[  434.710499][T13350]  ? try_flush_qgroup+0x1ec/0x340
[  434.710510][T13350]  ? btrfs_qgroup_reserve_data+0x68/0xb0
[  434.710548][T13350]  ? btrfs_buffered_write+0x519/0x1250
[  434.710564][T13350]  ? __se_sys_pwritev2+0x196/0x2b0
[  434.710580][T13350]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.710609][T13350]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  434.710637][T13350]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  434.710651][T13350]  __btrfs_free_extent+0x436/0x3980
[  434.710679][T13350]  ? __pfx___btrfs_free_extent+0x10/0x10
[  434.710693][T13350]  ? __lock_acquire+0x2100/0x2100
[  434.710707][T13350]  ? do_raw_read_unlock+0x3c/0x80
[  434.710725][T13350]  ? do_raw_spin_unlock+0x58/0x8b0
[  434.710744][T13350]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  434.710775][T13350]  ? validate_chain+0x11e/0x5920
[  434.710811][T13350]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  434.710830][T13350]  ? unwind_get_return_address+0x4d/0x90
[  434.710847][T13350]  ? arch_stack_walk+0xfd/0x150
[  434.710876][T13350]  ? __pfx_lock_acquire+0x10/0x10
[  434.710896][T13350]  ? __lock_acquire+0x1397/0x2100
[  434.710913][T13350]  btrfs_run_delayed_refs+0xe3/0x2f0
[  434.710933][T13350]  btrfs_commit_transaction+0x4b9/0x3760
[  434.710951][T13350]  ? btrfs_commit_transaction+0x177/0x3760
[  434.710975][T13350]  ? __asan_memset+0x23/0x50
[  434.710990][T13350]  ? lockdep_init_map_type+0xa1/0x910
[  434.711006][T13350]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  434.711021][T13350]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  434.711041][T13350]  ? join_transaction+0x405/0xda0
[  434.711061][T13350]  ? btrfs_record_root_in_trans+0x12d/0x190
[  434.711078][T13350]  ? start_transaction+0x45f/0x16b0
[  434.711108][T13350]  try_flush_qgroup+0x1ec/0x340
[  434.711121][T13350]  ? kfree+0x196/0x430
[  434.711133][T13350]  ? __pfx_try_flush_qgroup+0x10/0x10
[  434.711148][T13350]  ? qgroup_reserve_data+0x6ab/0x8c0
[  434.711171][T13350]  btrfs_qgroup_reserve_data+0x68/0xb0
[  434.711193][T13350]  btrfs_check_data_free_space+0x149/0x240
[  434.711212][T13350]  btrfs_buffered_write+0x519/0x1250
[  434.711250][T13350]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  434.711277][T13350]  ? __lock_acquire+0x1397/0x2100
[  434.711298][T13350]  btrfs_do_write_iter+0x279/0x7b0
[  434.711338][T13350]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  434.711362][T13350]  do_iter_readv_writev+0x71a/0x9d0
[  434.711382][T13350]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  434.711397][T13350]  ? rcu_read_lock_any_held+0xb7/0x160
[  434.711422][T13350]  vfs_writev+0x38b/0xbc0
[  434.711445][T13350]  ? __pfx_vfs_writev+0x10/0x10
[  434.711455][T13350]  ? vfs_write+0x7fa/0xd10
[  434.711482][T13350]  ? __fget_files+0x2a/0x410
[  434.711496][T13350]  ? __fget_files+0x395/0x410
[  434.711507][T13350]  ? __fget_files+0x2a/0x410
[  434.711527][T13350]  __se_sys_pwritev2+0x196/0x2b0
[  434.711545][T13350]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  434.711563][T13350]  ? do_syscall_64+0x100/0x230
[  434.711581][T13350]  ? __x64_sys_pwritev2+0x21/0xf0
[  434.711599][T13350]  do_syscall_64+0xf3/0x230
[  434.711615][T13350]  ? clear_bhb_loop+0x35/0x90
[  434.711633][T13350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.711647][T13350] RIP: 0033:0x7f844d97e719
[  434.711660][T13350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.711670][T13350] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  434.711684][T13350] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  434.711692][T13350] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  434.711699][T13350] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  434.711707][T13350] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  434.711713][T13350] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  434.711736][T13350]  </TASK>
[  435.004380][ T1037] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  435.020056][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  435.394377][T13368] loop0: detected capacity change from 0 to 32768
[  435.401763][T13368] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.432 (13368)
[  435.434171][T13368] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  435.438231][T13368] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  435.441464][T13368] BTRFS info (device loop0): using free-space-tree
[  435.514179][T13368] FAULT_INJECTION: forcing a failure.
[  435.514179][T13368] name failslab, interval 1, probability 0, space 0, times 0
[  435.519188][T13368] CPU: 0 UID: 0 PID: 13368 Comm: syz.0.432 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  435.519205][T13368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  435.519213][T13368] Call Trace:
[  435.519219][T13368]  <TASK>
[  435.519225][T13368]  dump_stack_lvl+0x241/0x360
[  435.519266][T13368]  ? __pfx_dump_stack_lvl+0x10/0x10
[  435.519278][T13368]  ? __pfx__printk+0x10/0x10
[  435.519297][T13368]  ? fs_reclaim_acquire+0x93/0x130
[  435.519313][T13368]  ? __pfx___might_resched+0x10/0x10
[  435.519331][T13368]  should_fail_ex+0x40a/0x550
[  435.519355][T13368]  should_failslab+0xac/0x100
[  435.519367][T13368]  ? alloc_extent_state+0x25/0x310
[  435.519383][T13368]  kmem_cache_alloc_noprof+0x70/0x380
[  435.519399][T13368]  alloc_extent_state+0x25/0x310
[  435.519416][T13368]  __set_extent_bit+0x1fd/0x1e60
[  435.519442][T13368]  ? __asan_memcpy+0x40/0x70
[  435.519460][T13368]  set_extent_bit+0x3b/0x50
[  435.519476][T13368]  btrfs_alloc_tree_block+0x96b/0x1440
[  435.519501][T13368]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  435.519517][T13368]  ? __lock_acquire+0x1397/0x2100
[  435.519537][T13368]  ? read_extent_buffer+0x11b/0x540
[  435.519555][T13368]  btrfs_force_cow_block+0x526/0x1fd0
[  435.519568][T13368]  ? __pfx_lock_acquire+0x10/0x10
[  435.519581][T13368]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  435.519589][T13368]  ? btrfs_qgroup_add_swapped_blocks+0x8d0/0x9b0
[  435.519600][T13368]  ? down_write_nested+0x195/0x220
[  435.519607][T13368]  ? __pfx_down_write_nested+0x10/0x10
[  435.519615][T13368]  btrfs_cow_block+0x371/0x830
[  435.519627][T13368]  btrfs_search_slot+0xc01/0x3180
[  435.519637][T13368]  ? unwind_get_return_address+0x4d/0x90
[  435.519663][T13368]  ? __pfx_btrfs_search_slot+0x10/0x10
[  435.519675][T13368]  ? btrfs_extent_root+0x2a1/0x3b0
[  435.519691][T13368]  ? __pfx_btrfs_extent_root+0x10/0x10
[  435.519704][T13368]  ? stack_depot_save_flags+0x37/0x940
[  435.519719][T13368]  ? __btrfs_free_extent+0x357/0x3980
[  435.519735][T13368]  lookup_inline_extent_backref+0x448/0x1b40
[  435.519746][T13368]  ? btrfs_commit_transaction+0x4b9/0x3760
[  435.519759][T13368]  ? try_flush_qgroup+0x1ec/0x340
[  435.519769][T13368]  ? btrfs_qgroup_reserve_data+0x68/0xb0
[  435.519780][T13368]  ? btrfs_buffered_write+0x519/0x1250
[  435.519794][T13368]  ? __se_sys_pwritev2+0x196/0x2b0
[  435.519809][T13368]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.519839][T13368]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  435.519864][T13368]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  435.519878][T13368]  __btrfs_free_extent+0x436/0x3980
[  435.519904][T13368]  ? __pfx___btrfs_free_extent+0x10/0x10
[  435.519916][T13368]  ? __lock_acquire+0x2100/0x2100
[  435.519929][T13368]  ? do_raw_read_unlock+0x3c/0x80
[  435.519947][T13368]  ? do_raw_spin_unlock+0x58/0x8b0
[  435.519978][T13368]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  435.520004][T13368]  ? validate_chain+0x11e/0x5920
[  435.520038][T13368]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  435.520055][T13368]  ? unwind_get_return_address+0x4d/0x90
[  435.520071][T13368]  ? arch_stack_walk+0xfd/0x150
[  435.520095][T13368]  ? __pfx_lock_acquire+0x10/0x10
[  435.520115][T13368]  ? __lock_acquire+0x1397/0x2100
[  435.520131][T13368]  btrfs_run_delayed_refs+0xe3/0x2f0
[  435.520150][T13368]  btrfs_commit_transaction+0x4b9/0x3760
[  435.520165][T13368]  ? btrfs_commit_transaction+0x177/0x3760
[  435.520188][T13368]  ? __asan_memset+0x23/0x50
[  435.520202][T13368]  ? lockdep_init_map_type+0xa1/0x910
[  435.520216][T13368]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  435.520230][T13368]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  435.520251][T13368]  ? join_transaction+0x405/0xda0
[  435.520267][T13368]  ? btrfs_record_root_in_trans+0x12d/0x190
[  435.520282][T13368]  ? start_transaction+0x45f/0x16b0
[  435.520308][T13368]  try_flush_qgroup+0x1ec/0x340
[  435.520319][T13368]  ? kfree+0x196/0x430
[  435.520329][T13368]  ? __pfx_try_flush_qgroup+0x10/0x10
[  435.520343][T13368]  ? qgroup_reserve_data+0x6ab/0x8c0
[  435.520363][T13368]  btrfs_qgroup_reserve_data+0x68/0xb0
[  435.520377][T13368]  btrfs_check_data_free_space+0x149/0x240
[  435.520395][T13368]  btrfs_buffered_write+0x519/0x1250
[  435.520431][T13368]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  435.520458][T13368]  ? __lock_acquire+0x1397/0x2100
[  435.520478][T13368]  btrfs_do_write_iter+0x279/0x7b0
[  435.520499][T13368]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  435.520521][T13368]  do_iter_readv_writev+0x71a/0x9d0
[  435.520539][T13368]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  435.520551][T13368]  ? rcu_read_lock_any_held+0xb7/0x160
[  435.520573][T13368]  vfs_writev+0x38b/0xbc0
[  435.520593][T13368]  ? __pfx_vfs_writev+0x10/0x10
[  435.520603][T13368]  ? vfs_write+0x7fa/0xd10
[  435.520628][T13368]  ? __fget_files+0x2a/0x410
[  435.520639][T13368]  ? __fget_files+0x395/0x410
[  435.520649][T13368]  ? __fget_files+0x2a/0x410
[  435.520665][T13368]  __se_sys_pwritev2+0x196/0x2b0
[  435.520682][T13368]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  435.520698][T13368]  ? do_syscall_64+0x100/0x230
[  435.520724][T13368]  ? __x64_sys_pwritev2+0x21/0xf0
[  435.520741][T13368]  do_syscall_64+0xf3/0x230
[  435.520755][T13368]  ? clear_bhb_loop+0x35/0x90
[  435.520771][T13368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.520785][T13368] RIP: 0033:0x7f844d97e719
[  435.520799][T13368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.520808][T13368] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  435.520820][T13368] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  435.520828][T13368] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  435.520835][T13368] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  435.520841][T13368] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  435.520848][T13368] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  435.520867][T13368]  </TASK>
[  435.798980][ T1040] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  435.811102][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  436.153801][T13386] loop0: detected capacity change from 0 to 32768
[  436.165760][T13386] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.433 (13386)
[  436.202454][T13386] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  436.206815][T13386] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  436.222757][T13386] BTRFS info (device loop0): using free-space-tree
[  436.284667][T13386] FAULT_INJECTION: forcing a failure.
[  436.284667][T13386] name failslab, interval 1, probability 0, space 0, times 0
[  436.289592][T13386] CPU: 0 UID: 0 PID: 13386 Comm: syz.0.433 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  436.289617][T13386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  436.289630][T13386] Call Trace:
[  436.289638][T13386]  <TASK>
[  436.289648][T13386]  dump_stack_lvl+0x241/0x360
[  436.289670][T13386]  ? __pfx_dump_stack_lvl+0x10/0x10
[  436.289683][T13386]  ? __pfx__printk+0x10/0x10
[  436.289702][T13386]  ? fs_reclaim_acquire+0x93/0x130
[  436.289720][T13386]  ? __pfx___might_resched+0x10/0x10
[  436.289739][T13386]  should_fail_ex+0x40a/0x550
[  436.289758][T13386]  should_failslab+0xac/0x100
[  436.289771][T13386]  ? alloc_extent_state+0x25/0x310
[  436.289789][T13386]  kmem_cache_alloc_noprof+0x70/0x380
[  436.289805][T13386]  alloc_extent_state+0x25/0x310
[  436.289826][T13386]  __set_extent_bit+0x1fd/0x1e60
[  436.289853][T13386]  ? __asan_memcpy+0x40/0x70
[  436.289873][T13386]  set_extent_bit+0x3b/0x50
[  436.289892][T13386]  btrfs_alloc_tree_block+0x96b/0x1440
[  436.289916][T13386]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  436.289934][T13386]  ? __lock_acquire+0x1397/0x2100
[  436.289953][T13386]  ? read_extent_buffer+0x11b/0x540
[  436.289976][T13386]  btrfs_force_cow_block+0x526/0x1fd0
[  436.290000][T13386]  ? __pfx_lock_acquire+0x10/0x10
[  436.290023][T13386]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  436.290039][T13386]  ? btrfs_qgroup_add_swapped_blocks+0x8d0/0x9b0
[  436.290057][T13386]  ? down_write_nested+0x195/0x220
[  436.290070][T13386]  ? __pfx_down_write_nested+0x10/0x10
[  436.290085][T13386]  btrfs_cow_block+0x371/0x830
[  436.290108][T13386]  btrfs_search_slot+0xc01/0x3180
[  436.290125][T13386]  ? unwind_get_return_address+0x4d/0x90
[  436.290158][T13386]  ? __pfx_btrfs_search_slot+0x10/0x10
[  436.290172][T13386]  ? btrfs_extent_root+0x2a1/0x3b0
[  436.290192][T13386]  ? __pfx_btrfs_extent_root+0x10/0x10
[  436.290219][T13386]  ? stack_depot_save_flags+0x37/0x940
[  436.290237][T13386]  ? __btrfs_free_extent+0x357/0x3980
[  436.290255][T13386]  lookup_inline_extent_backref+0x448/0x1b40
[  436.290268][T13386]  ? btrfs_commit_transaction+0x4b9/0x3760
[  436.290284][T13386]  ? try_flush_qgroup+0x1ec/0x340
[  436.290295][T13386]  ? btrfs_qgroup_reserve_data+0x68/0xb0
[  436.290308][T13386]  ? btrfs_buffered_write+0x519/0x1250
[  436.290326][T13386]  ? __se_sys_pwritev2+0x196/0x2b0
[  436.290344][T13386]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.290374][T13386]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  436.290402][T13386]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  436.290417][T13386]  __btrfs_free_extent+0x436/0x3980
[  436.290446][T13386]  ? __pfx___btrfs_free_extent+0x10/0x10
[  436.290461][T13386]  ? __lock_acquire+0x2100/0x2100
[  436.290477][T13386]  ? do_raw_read_unlock+0x3c/0x80
[  436.290496][T13386]  ? do_raw_spin_unlock+0x58/0x8b0
[  436.290544][T13386]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  436.290579][T13386]  ? validate_chain+0x11e/0x5920
[  436.290610][T13386]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  436.290631][T13386]  ? unwind_get_return_address+0x4d/0x90
[  436.290650][T13386]  ? arch_stack_walk+0xfd/0x150
[  436.290680][T13386]  ? __pfx_lock_acquire+0x10/0x10
[  436.290703][T13386]  ? __lock_acquire+0x1397/0x2100
[  436.290722][T13386]  btrfs_run_delayed_refs+0xe3/0x2f0
[  436.290743][T13386]  btrfs_commit_transaction+0x4b9/0x3760
[  436.290763][T13386]  ? btrfs_commit_transaction+0x177/0x3760
[  436.290787][T13386]  ? __asan_memset+0x23/0x50
[  436.290803][T13386]  ? lockdep_init_map_type+0xa1/0x910
[  436.290821][T13386]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  436.290836][T13386]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  436.290857][T13386]  ? join_transaction+0x405/0xda0
[  436.290876][T13386]  ? btrfs_record_root_in_trans+0x12d/0x190
[  436.290894][T13386]  ? start_transaction+0x45f/0x16b0
[  436.290921][T13386]  try_flush_qgroup+0x1ec/0x340
[  436.290935][T13386]  ? kfree+0x196/0x430
[  436.290948][T13386]  ? __pfx_try_flush_qgroup+0x10/0x10
[  436.290963][T13386]  ? qgroup_reserve_data+0x6ab/0x8c0
[  436.290984][T13386]  btrfs_qgroup_reserve_data+0x68/0xb0
[  436.291000][T13386]  btrfs_check_data_free_space+0x149/0x240
[  436.291019][T13386]  btrfs_buffered_write+0x519/0x1250
[  436.291053][T13386]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  436.291078][T13386]  ? __lock_acquire+0x1397/0x2100
[  436.291097][T13386]  btrfs_do_write_iter+0x279/0x7b0
[  436.291118][T13386]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  436.291140][T13386]  do_iter_readv_writev+0x71a/0x9d0
[  436.291161][T13386]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  436.291173][T13386]  ? rcu_read_lock_any_held+0xb7/0x160
[  436.291195][T13386]  vfs_writev+0x38b/0xbc0
[  436.291225][T13386]  ? __pfx_vfs_writev+0x10/0x10
[  436.291234][T13386]  ? vfs_write+0x7fa/0xd10
[  436.291259][T13386]  ? __fget_files+0x2a/0x410
[  436.291272][T13386]  ? __fget_files+0x395/0x410
[  436.291283][T13386]  ? __fget_files+0x2a/0x410
[  436.291300][T13386]  __se_sys_pwritev2+0x196/0x2b0
[  436.291316][T13386]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  436.291331][T13386]  ? do_syscall_64+0x100/0x230
[  436.291346][T13386]  ? __x64_sys_pwritev2+0x21/0xf0
[  436.291363][T13386]  do_syscall_64+0xf3/0x230
[  436.291376][T13386]  ? clear_bhb_loop+0x35/0x90
[  436.291392][T13386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.291406][T13386] RIP: 0033:0x7f844d97e719
[  436.291418][T13386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  436.291426][T13386] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  436.291439][T13386] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  436.291447][T13386] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  436.291453][T13386] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  436.291460][T13386] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  436.291467][T13386] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  436.291483][T13386]  </TASK>
[  436.563165][ T1040] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  436.579333][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
2025/02/05 04:06:44 executed programs: 421
[  436.941387][T13404] loop0: detected capacity change from 0 to 32768
[  436.950322][T13404] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.434 (13404)
[  436.978948][T13404] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  436.989251][T13404] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  436.999433][T13404] BTRFS info (device loop0): using free-space-tree
[  437.070446][T13404] FAULT_INJECTION: forcing a failure.
[  437.070446][T13404] name failslab, interval 1, probability 0, space 0, times 0
[  437.083378][T13404] CPU: 0 UID: 0 PID: 13404 Comm: syz.0.434 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  437.083399][T13404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  437.083408][T13404] Call Trace:
[  437.083413][T13404]  <TASK>
[  437.083419][T13404]  dump_stack_lvl+0x241/0x360
[  437.083439][T13404]  ? __pfx_dump_stack_lvl+0x10/0x10
[  437.083451][T13404]  ? __pfx__printk+0x10/0x10
[  437.083468][T13404]  ? fs_reclaim_acquire+0x93/0x130
[  437.083483][T13404]  ? __pfx___might_resched+0x10/0x10
[  437.083500][T13404]  should_fail_ex+0x40a/0x550
[  437.083517][T13404]  should_failslab+0xac/0x100
[  437.083529][T13404]  ? alloc_extent_state+0x25/0x310
[  437.083544][T13404]  kmem_cache_alloc_noprof+0x70/0x380
[  437.083583][T13404]  alloc_extent_state+0x25/0x310
[  437.083599][T13404]  __set_extent_bit+0x1fd/0x1e60
[  437.083624][T13404]  ? __asan_memcpy+0x40/0x70
[  437.083642][T13404]  set_extent_bit+0x3b/0x50
[  437.083658][T13404]  btrfs_alloc_tree_block+0x96b/0x1440
[  437.083680][T13404]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  437.083696][T13404]  ? __lock_acquire+0x1397/0x2100
[  437.083713][T13404]  ? read_extent_buffer+0x11b/0x540
[  437.083735][T13404]  btrfs_force_cow_block+0x526/0x1fd0
[  437.083757][T13404]  ? __pfx_lock_acquire+0x10/0x10
[  437.083793][T13404]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  437.083806][T13404]  ? btrfs_qgroup_add_swapped_blocks+0x8d0/0x9b0
[  437.083823][T13404]  ? down_write_nested+0x195/0x220
[  437.083834][T13404]  ? __pfx_down_write_nested+0x10/0x10
[  437.083847][T13404]  btrfs_cow_block+0x371/0x830
[  437.083868][T13404]  btrfs_search_slot+0xc01/0x3180
[  437.083882][T13404]  ? unwind_get_return_address+0x4d/0x90
[  437.083911][T13404]  ? __pfx_btrfs_search_slot+0x10/0x10
[  437.083923][T13404]  ? btrfs_extent_root+0x2a1/0x3b0
[  437.083940][T13404]  ? __pfx_btrfs_extent_root+0x10/0x10
[  437.083959][T13404]  ? stack_depot_save_flags+0x37/0x940
[  437.083975][T13404]  ? __btrfs_free_extent+0x357/0x3980
[  437.083989][T13404]  lookup_inline_extent_backref+0x448/0x1b40
[  437.084000][T13404]  ? btrfs_commit_transaction+0x4b9/0x3760
[  437.084012][T13404]  ? try_flush_qgroup+0x1ec/0x340
[  437.084022][T13404]  ? btrfs_qgroup_reserve_data+0x68/0xb0
[  437.084033][T13404]  ? btrfs_buffered_write+0x519/0x1250
[  437.084048][T13404]  ? __se_sys_pwritev2+0x196/0x2b0
[  437.084063][T13404]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.084092][T13404]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  437.084119][T13404]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  437.084131][T13404]  __btrfs_free_extent+0x436/0x3980
[  437.084160][T13404]  ? __pfx___btrfs_free_extent+0x10/0x10
[  437.084173][T13404]  ? __lock_acquire+0x2100/0x2100
[  437.084189][T13404]  ? do_raw_read_unlock+0x3c/0x80
[  437.084205][T13404]  ? do_raw_spin_unlock+0x58/0x8b0
[  437.084222][T13404]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  437.084251][T13404]  ? validate_chain+0x11e/0x5920
[  437.084285][T13404]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  437.084305][T13404]  ? unwind_get_return_address+0x4d/0x90
[  437.084321][T13404]  ? arch_stack_walk+0xfd/0x150
[  437.084351][T13404]  ? __pfx_lock_acquire+0x10/0x10
[  437.084369][T13404]  ? __lock_acquire+0x1397/0x2100
[  437.084387][T13404]  btrfs_run_delayed_refs+0xe3/0x2f0
[  437.084407][T13404]  btrfs_commit_transaction+0x4b9/0x3760
[  437.084424][T13404]  ? btrfs_commit_transaction+0x177/0x3760
[  437.084447][T13404]  ? __asan_memset+0x23/0x50
[  437.084463][T13404]  ? lockdep_init_map_type+0xa1/0x910
[  437.084478][T13404]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  437.084491][T13404]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  437.084510][T13404]  ? join_transaction+0x405/0xda0
[  437.084528][T13404]  ? btrfs_record_root_in_trans+0x12d/0x190
[  437.084544][T13404]  ? start_transaction+0x45f/0x16b0
[  437.084570][T13404]  try_flush_qgroup+0x1ec/0x340
[  437.084581][T13404]  ? kfree+0x196/0x430
[  437.084592][T13404]  ? __pfx_try_flush_qgroup+0x10/0x10
[  437.084606][T13404]  ? qgroup_reserve_data+0x6ab/0x8c0
[  437.084625][T13404]  btrfs_qgroup_reserve_data+0x68/0xb0
[  437.084640][T13404]  btrfs_check_data_free_space+0x149/0x240
[  437.084657][T13404]  btrfs_buffered_write+0x519/0x1250
[  437.084691][T13404]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  437.084713][T13404]  ? __lock_acquire+0x1397/0x2100
[  437.084733][T13404]  btrfs_do_write_iter+0x279/0x7b0
[  437.084754][T13404]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  437.084773][T13404]  do_iter_readv_writev+0x71a/0x9d0
[  437.084791][T13404]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  437.084803][T13404]  ? rcu_read_lock_any_held+0xb7/0x160
[  437.084826][T13404]  vfs_writev+0x38b/0xbc0
[  437.084847][T13404]  ? __pfx_vfs_writev+0x10/0x10
[  437.084856][T13404]  ? vfs_write+0x7fa/0xd10
[  437.084878][T13404]  ? __fget_files+0x2a/0x410
[  437.084891][T13404]  ? __fget_files+0x395/0x410
[  437.084901][T13404]  ? __fget_files+0x2a/0x410
[  437.084919][T13404]  __se_sys_pwritev2+0x196/0x2b0
[  437.084935][T13404]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  437.084957][T13404]  ? do_syscall_64+0x100/0x230
[  437.084973][T13404]  ? __x64_sys_pwritev2+0x21/0xf0
[  437.084988][T13404]  do_syscall_64+0xf3/0x230
[  437.085002][T13404]  ? clear_bhb_loop+0x35/0x90
[  437.085018][T13404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.085031][T13404] RIP: 0033:0x7f844d97e719
[  437.085044][T13404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.085053][T13404] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  437.085066][T13404] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  437.085074][T13404] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  437.085081][T13404] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  437.085088][T13404] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  437.085094][T13404] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  437.085112][T13404]  </TASK>
[  437.334798][ T1040] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  437.347583][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  437.707420][T13422] loop0: detected capacity change from 0 to 32768
[  437.717893][T13422] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.435 (13422)
[  437.741204][T13422] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  437.750032][T13422] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  437.762857][T13422] BTRFS info (device loop0): using free-space-tree
[  437.817219][T13422] FAULT_INJECTION: forcing a failure.
[  437.817219][T13422] name failslab, interval 1, probability 0, space 0, times 0
[  437.834798][T13422] CPU: 0 UID: 0 PID: 13422 Comm: syz.0.435 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  437.834818][T13422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  437.834827][T13422] Call Trace:
[  437.834832][T13422]  <TASK>
[  437.834838][T13422]  dump_stack_lvl+0x241/0x360
[  437.834857][T13422]  ? __pfx_dump_stack_lvl+0x10/0x10
[  437.834868][T13422]  ? __pfx__printk+0x10/0x10
[  437.834884][T13422]  ? fs_reclaim_acquire+0x93/0x130
[  437.834899][T13422]  ? __pfx___might_resched+0x10/0x10
[  437.834916][T13422]  should_fail_ex+0x40a/0x550
[  437.834932][T13422]  should_failslab+0xac/0x100
[  437.834945][T13422]  ? add_to_free_space_tree+0xc9/0x320
[  437.834959][T13422]  kmem_cache_alloc_noprof+0x70/0x380
[  437.834973][T13422]  add_to_free_space_tree+0xc9/0x320
[  437.834984][T13422]  __btrfs_free_extent+0x1ce9/0x3980
[  437.834998][T13422]  ? __pfx___btrfs_free_extent+0x10/0x10
[  437.835005][T13422]  ? __lock_acquire+0x2100/0x2100
[  437.835017][T13422]  ? do_raw_read_unlock+0x3c/0x80
[  437.835031][T13422]  ? do_raw_spin_unlock+0x58/0x8b0
[  437.835047][T13422]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  437.835074][T13422]  ? validate_chain+0x11e/0x5920
[  437.835103][T13422]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  437.835122][T13422]  ? unwind_get_return_address+0x4d/0x90
[  437.835137][T13422]  ? arch_stack_walk+0xfd/0x150
[  437.835167][T13422]  ? __pfx_lock_acquire+0x10/0x10
[  437.835180][T13422]  ? __lock_acquire+0x1397/0x2100
[  437.835189][T13422]  btrfs_run_delayed_refs+0xe3/0x2f0
[  437.835200][T13422]  btrfs_commit_transaction+0x4b9/0x3760
[  437.835217][T13422]  ? btrfs_commit_transaction+0x177/0x3760
[  437.835237][T13422]  ? __asan_memset+0x23/0x50
[  437.835250][T13422]  ? lockdep_init_map_type+0xa1/0x910
[  437.835266][T13422]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  437.835280][T13422]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  437.835299][T13422]  ? join_transaction+0x405/0xda0
[  437.835316][T13422]  ? btrfs_record_root_in_trans+0x12d/0x190
[  437.835331][T13422]  ? start_transaction+0x45f/0x16b0
[  437.835356][T13422]  try_flush_qgroup+0x1ec/0x340
[  437.835368][T13422]  ? kfree+0x196/0x430
[  437.835379][T13422]  ? __pfx_try_flush_qgroup+0x10/0x10
[  437.835392][T13422]  ? qgroup_reserve_data+0x6ab/0x8c0
[  437.835412][T13422]  btrfs_qgroup_reserve_data+0x68/0xb0
[  437.835426][T13422]  btrfs_check_data_free_space+0x149/0x240
[  437.835444][T13422]  btrfs_buffered_write+0x519/0x1250
[  437.835475][T13422]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  437.835500][T13422]  ? __lock_acquire+0x1397/0x2100
[  437.835517][T13422]  btrfs_do_write_iter+0x279/0x7b0
[  437.835538][T13422]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  437.835560][T13422]  do_iter_readv_writev+0x71a/0x9d0
[  437.835580][T13422]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  437.835593][T13422]  ? rcu_read_lock_any_held+0xb7/0x160
[  437.835616][T13422]  vfs_writev+0x38b/0xbc0
[  437.835635][T13422]  ? __pfx_vfs_writev+0x10/0x10
[  437.835644][T13422]  ? vfs_write+0x7fa/0xd10
[  437.835667][T13422]  ? __fget_files+0x2a/0x410
[  437.835681][T13422]  ? __fget_files+0x395/0x410
[  437.835691][T13422]  ? __fget_files+0x2a/0x410
[  437.835708][T13422]  __se_sys_pwritev2+0x196/0x2b0
[  437.835726][T13422]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  437.835742][T13422]  ? do_syscall_64+0x100/0x230
[  437.835758][T13422]  ? __x64_sys_pwritev2+0x21/0xf0
[  437.835775][T13422]  do_syscall_64+0xf3/0x230
[  437.835789][T13422]  ? clear_bhb_loop+0x35/0x90
[  437.835806][T13422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.835819][T13422] RIP: 0033:0x7f844d97e719
[  437.835830][T13422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.835839][T13422] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  437.835852][T13422] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  437.835859][T13422] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  437.835865][T13422] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  437.835872][T13422] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  437.835879][T13422] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  437.835894][T13422]  </TASK>
[  437.835904][T13422] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  438.036773][ T1040] BTRFS info (device loop0 state A): qgroup scan completed (inconsistency flag cleared)
[  438.040671][T13422] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  438.046573][T13422] BTRFS info (device loop0 state EA): forced readonly
[  438.049198][T13422] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  438.054155][T13422] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  438.059156][T13422] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  438.069337][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  438.074447][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  438.078271][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  438.440621][T13440] loop0: detected capacity change from 0 to 32768
[  438.452978][T13440] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.436 (13440)
[  438.473751][T13440] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  438.478485][T13440] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  438.481780][T13440] BTRFS info (device loop0): using free-space-tree
[  438.564717][T13440] FAULT_INJECTION: forcing a failure.
[  438.564717][T13440] name failslab, interval 1, probability 0, space 0, times 0
[  438.575578][ T3025] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  438.586008][T13440] CPU: 0 UID: 0 PID: 13440 Comm: syz.0.436 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  438.586025][T13440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  438.586032][T13440] Call Trace:
[  438.586038][T13440]  <TASK>
[  438.586043][T13440]  dump_stack_lvl+0x241/0x360
[  438.586061][T13440]  ? __pfx_dump_stack_lvl+0x10/0x10
[  438.586073][T13440]  ? __pfx__printk+0x10/0x10
[  438.586092][T13440]  ? fs_reclaim_acquire+0x93/0x130
[  438.586107][T13440]  ? __pfx___might_resched+0x10/0x10
[  438.586123][T13440]  should_fail_ex+0x40a/0x550
[  438.586138][T13440]  should_failslab+0xac/0x100
[  438.586149][T13440]  ? add_to_free_space_tree+0xc9/0x320
[  438.586164][T13440]  kmem_cache_alloc_noprof+0x70/0x380
[  438.586177][T13440]  add_to_free_space_tree+0xc9/0x320
[  438.586195][T13440]  __btrfs_free_extent+0x1ce9/0x3980
[  438.586220][T13440]  ? __pfx___btrfs_free_extent+0x10/0x10
[  438.586239][T13440]  ? __lock_acquire+0x2100/0x2100
[  438.586254][T13440]  ? do_raw_read_unlock+0x3c/0x80
[  438.586271][T13440]  ? do_raw_spin_unlock+0x58/0x8b0
[  438.586288][T13440]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  438.586317][T13440]  ? validate_chain+0x11e/0x5920
[  438.586351][T13440]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  438.586370][T13440]  ? unwind_get_return_address+0x4d/0x90
[  438.586385][T13440]  ? arch_stack_walk+0xfd/0x150
[  438.586412][T13440]  ? __pfx_lock_acquire+0x10/0x10
[  438.586430][T13440]  ? __lock_acquire+0x1397/0x2100
[  438.586445][T13440]  btrfs_run_delayed_refs+0xe3/0x2f0
[  438.586464][T13440]  btrfs_commit_transaction+0x4b9/0x3760
[  438.586480][T13440]  ? btrfs_commit_transaction+0x177/0x3760
[  438.586502][T13440]  ? __asan_memset+0x23/0x50
[  438.586539][T13440]  ? lockdep_init_map_type+0xa1/0x910
[  438.586556][T13440]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  438.586573][T13440]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  438.586596][T13440]  ? join_transaction+0x405/0xda0
[  438.586614][T13440]  ? btrfs_record_root_in_trans+0x12d/0x190
[  438.586628][T13440]  ? start_transaction+0x45f/0x16b0
[  438.586651][T13440]  try_flush_qgroup+0x1ec/0x340
[  438.586663][T13440]  ? kfree+0x196/0x430
[  438.586675][T13440]  ? __pfx_try_flush_qgroup+0x10/0x10
[  438.586688][T13440]  ? qgroup_reserve_data+0x6ab/0x8c0
[  438.586710][T13440]  btrfs_qgroup_reserve_data+0x68/0xb0
[  438.586728][T13440]  btrfs_check_data_free_space+0x149/0x240
[  438.586746][T13440]  btrfs_buffered_write+0x519/0x1250
[  438.586769][T13440]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  438.586782][T13440]  ? __lock_acquire+0x1397/0x2100
[  438.586793][T13440]  btrfs_do_write_iter+0x279/0x7b0
[  438.586806][T13440]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  438.586819][T13440]  do_iter_readv_writev+0x71a/0x9d0
[  438.586830][T13440]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  438.586838][T13440]  ? rcu_read_lock_any_held+0xb7/0x160
[  438.586851][T13440]  vfs_writev+0x38b/0xbc0
[  438.586863][T13440]  ? __pfx_vfs_writev+0x10/0x10
[  438.586869][T13440]  ? vfs_write+0x7fa/0xd10
[  438.586886][T13440]  ? __fget_files+0x2a/0x410
[  438.586899][T13440]  ? __fget_files+0x395/0x410
[  438.586910][T13440]  ? __fget_files+0x2a/0x410
[  438.586927][T13440]  __se_sys_pwritev2+0x196/0x2b0
[  438.586945][T13440]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  438.586960][T13440]  ? do_syscall_64+0x100/0x230
[  438.586975][T13440]  ? __x64_sys_pwritev2+0x21/0xf0
[  438.586992][T13440]  do_syscall_64+0xf3/0x230
[  438.587006][T13440]  ? clear_bhb_loop+0x35/0x90
[  438.587023][T13440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.587036][T13440] RIP: 0033:0x7f844d97e719
[  438.587045][T13440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.587051][T13440] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  438.587060][T13440] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  438.587064][T13440] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  438.587068][T13440] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  438.587072][T13440] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  438.587076][T13440] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  438.587087][T13440]  </TASK>
[  438.587093][T13440] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  438.781342][T13440] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  438.785525][T13440] BTRFS info (device loop0 state EA): forced readonly
[  438.788144][T13440] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  438.793826][T13440] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  438.798947][T13440] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  438.808547][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  438.814361][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  438.818212][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  439.168351][T13458] loop0: detected capacity change from 0 to 32768
[  439.180316][T13458] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.437 (13458)
[  439.202665][T13458] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  439.206689][T13458] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  439.209987][T13458] BTRFS info (device loop0): using free-space-tree
[  439.288722][T13458] FAULT_INJECTION: forcing a failure.
[  439.288722][T13458] name failslab, interval 1, probability 0, space 0, times 0
[  439.297958][ T1040] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  439.301493][T13458] CPU: 0 UID: 0 PID: 13458 Comm: syz.0.437 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  439.301510][T13458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  439.301517][T13458] Call Trace:
[  439.301523][T13458]  <TASK>
[  439.301530][T13458]  dump_stack_lvl+0x241/0x360
[  439.301549][T13458]  ? __pfx_dump_stack_lvl+0x10/0x10
[  439.301562][T13458]  ? __pfx__printk+0x10/0x10
[  439.301579][T13458]  ? fs_reclaim_acquire+0x93/0x130
[  439.301594][T13458]  ? __pfx___might_resched+0x10/0x10
[  439.301611][T13458]  should_fail_ex+0x40a/0x550
[  439.301628][T13458]  should_failslab+0xac/0x100
[  439.301639][T13458]  ? add_to_free_space_tree+0xc9/0x320
[  439.301654][T13458]  kmem_cache_alloc_noprof+0x70/0x380
[  439.301669][T13458]  add_to_free_space_tree+0xc9/0x320
[  439.301687][T13458]  __btrfs_free_extent+0x1ce9/0x3980
[  439.301710][T13458]  ? __pfx___btrfs_free_extent+0x10/0x10
[  439.301722][T13458]  ? __lock_acquire+0x2100/0x2100
[  439.301737][T13458]  ? do_raw_read_unlock+0x3c/0x80
[  439.301752][T13458]  ? do_raw_spin_unlock+0x58/0x8b0
[  439.301769][T13458]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  439.301795][T13458]  ? validate_chain+0x11e/0x5920
[  439.301822][T13458]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  439.301841][T13458]  ? unwind_get_return_address+0x4d/0x90
[  439.301857][T13458]  ? arch_stack_walk+0xfd/0x150
[  439.301885][T13458]  ? __pfx_lock_acquire+0x10/0x10
[  439.301898][T13458]  ? __lock_acquire+0x1397/0x2100
[  439.301908][T13458]  btrfs_run_delayed_refs+0xe3/0x2f0
[  439.301923][T13458]  btrfs_commit_transaction+0x4b9/0x3760
[  439.301938][T13458]  ? btrfs_commit_transaction+0x177/0x3760
[  439.301987][T13458]  ? __asan_memset+0x23/0x50
[  439.302002][T13458]  ? lockdep_init_map_type+0xa1/0x910
[  439.302017][T13458]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  439.302032][T13458]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  439.302051][T13458]  ? join_transaction+0x405/0xda0
[  439.302069][T13458]  ? btrfs_record_root_in_trans+0x12d/0x190
[  439.302085][T13458]  ? start_transaction+0x45f/0x16b0
[  439.302111][T13458]  try_flush_qgroup+0x1ec/0x340
[  439.302123][T13458]  ? kfree+0x196/0x430
[  439.302134][T13458]  ? __pfx_try_flush_qgroup+0x10/0x10
[  439.302147][T13458]  ? qgroup_reserve_data+0x6ab/0x8c0
[  439.302168][T13458]  btrfs_qgroup_reserve_data+0x68/0xb0
[  439.302182][T13458]  btrfs_check_data_free_space+0x149/0x240
[  439.302198][T13458]  btrfs_buffered_write+0x519/0x1250
[  439.302231][T13458]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  439.302254][T13458]  ? __lock_acquire+0x1397/0x2100
[  439.302274][T13458]  btrfs_do_write_iter+0x279/0x7b0
[  439.302294][T13458]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  439.302316][T13458]  do_iter_readv_writev+0x71a/0x9d0
[  439.302335][T13458]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  439.302349][T13458]  ? rcu_read_lock_any_held+0xb7/0x160
[  439.302371][T13458]  vfs_writev+0x38b/0xbc0
[  439.302393][T13458]  ? __pfx_vfs_writev+0x10/0x10
[  439.302403][T13458]  ? vfs_write+0x7fa/0xd10
[  439.302427][T13458]  ? __fget_files+0x2a/0x410
[  439.302440][T13458]  ? __fget_files+0x395/0x410
[  439.302450][T13458]  ? __fget_files+0x2a/0x410
[  439.302465][T13458]  __se_sys_pwritev2+0x196/0x2b0
[  439.302482][T13458]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  439.302496][T13458]  ? do_syscall_64+0x100/0x230
[  439.302511][T13458]  ? __x64_sys_pwritev2+0x21/0xf0
[  439.302556][T13458]  do_syscall_64+0xf3/0x230
[  439.302570][T13458]  ? clear_bhb_loop+0x35/0x90
[  439.302586][T13458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.302600][T13458] RIP: 0033:0x7f844d97e719
[  439.302612][T13458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.302620][T13458] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  439.302634][T13458] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  439.302641][T13458] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  439.302648][T13458] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  439.302655][T13458] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  439.302662][T13458] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  439.302678][T13458]  </TASK>
[  439.491302][T13458] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  439.494950][T13458] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  439.498832][T13458] BTRFS info (device loop0 state EA): forced readonly
[  439.501609][T13458] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  439.507653][T13458] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  439.513335][T13458] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  439.523406][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  439.528233][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  439.532549][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  439.906567][T13476] loop0: detected capacity change from 0 to 32768
[  439.915857][T13476] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.438 (13476)
[  439.938867][T13476] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  439.953258][T13476] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  439.956597][T13476] BTRFS info (device loop0): using free-space-tree
[  440.019771][T13476] FAULT_INJECTION: forcing a failure.
[  440.019771][T13476] name failslab, interval 1, probability 0, space 0, times 0
[  440.032228][T13476] CPU: 0 UID: 0 PID: 13476 Comm: syz.0.438 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  440.032249][T13476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  440.032257][T13476] Call Trace:
[  440.032261][T13476]  <TASK>
[  440.032267][T13476]  dump_stack_lvl+0x241/0x360
[  440.032296][T13476]  ? __pfx_dump_stack_lvl+0x10/0x10
[  440.032307][T13476]  ? __pfx__printk+0x10/0x10
[  440.032326][T13476]  ? fs_reclaim_acquire+0x93/0x130
[  440.032342][T13476]  ? __pfx___might_resched+0x10/0x10
[  440.032357][T13476]  should_fail_ex+0x40a/0x550
[  440.032368][T13476]  should_failslab+0xac/0x100
[  440.032375][T13476]  ? __btrfs_run_delayed_items+0x92/0x4b0
[  440.032385][T13476]  kmem_cache_alloc_noprof+0x70/0x380
[  440.032393][T13476]  ? btrfs_commit_transaction+0x177/0x3760
[  440.032407][T13476]  __btrfs_run_delayed_items+0x92/0x4b0
[  440.032423][T13476]  ? finish_wait+0xd4/0x1e0
[  440.032437][T13476]  ? btrfs_commit_transaction+0x177/0x3760
[  440.032450][T13476]  btrfs_commit_transaction+0xa4d/0x3760
[  440.032465][T13476]  ? btrfs_commit_transaction+0x177/0x3760
[  440.032486][T13476]  ? __asan_memset+0x23/0x50
[  440.032503][T13476]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  440.032518][T13476]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  440.032534][T13476]  ? join_transaction+0x405/0xda0
[  440.032543][T13476]  ? __pfx_autoremove_wake_function+0x10/0x10
[  440.032552][T13476]  ? start_transaction+0x45f/0x16b0
[  440.032566][T13476]  try_flush_qgroup+0x1ec/0x340
[  440.032574][T13476]  ? kfree+0x196/0x430
[  440.032580][T13476]  ? __pfx_try_flush_qgroup+0x10/0x10
[  440.032593][T13476]  ? qgroup_reserve_data+0x6ab/0x8c0
[  440.032610][T13476]  btrfs_qgroup_reserve_data+0x68/0xb0
[  440.032623][T13476]  btrfs_check_data_free_space+0x149/0x240
[  440.032640][T13476]  btrfs_buffered_write+0x519/0x1250
[  440.032673][T13476]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  440.032696][T13476]  ? __lock_acquire+0x1397/0x2100
[  440.032714][T13476]  btrfs_do_write_iter+0x279/0x7b0
[  440.032733][T13476]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  440.032755][T13476]  do_iter_readv_writev+0x71a/0x9d0
[  440.032774][T13476]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  440.032787][T13476]  ? rcu_read_lock_any_held+0xb7/0x160
[  440.032806][T13476]  vfs_writev+0x38b/0xbc0
[  440.032828][T13476]  ? __pfx_vfs_writev+0x10/0x10
[  440.032838][T13476]  ? vfs_write+0x7fa/0xd10
[  440.032861][T13476]  ? __fget_files+0x2a/0x410
[  440.032873][T13476]  ? __fget_files+0x395/0x410
[  440.032880][T13476]  ? __fget_files+0x2a/0x410
[  440.032896][T13476]  __se_sys_pwritev2+0x196/0x2b0
[  440.032913][T13476]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  440.032934][T13476]  ? do_syscall_64+0x100/0x230
[  440.032951][T13476]  ? __x64_sys_pwritev2+0x21/0xf0
[  440.032968][T13476]  do_syscall_64+0xf3/0x230
[  440.032981][T13476]  ? clear_bhb_loop+0x35/0x90
[  440.032996][T13476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.033011][T13476] RIP: 0033:0x7f844d97e719
[  440.033022][T13476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  440.033030][T13476] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  440.033049][T13476] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  440.033057][T13476] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  440.033065][T13476] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  440.033072][T13476] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  440.033078][T13476] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  440.033094][T13476]  </TASK>
[  440.033104][T13476] BTRFS warning (device loop0): Skipping commit of aborted transaction.
[  440.202456][T13476] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  440.205402][T13476] BTRFS: error (device loop0 state A) in cleanup_transaction:2014: errno=-12 Out of memory
[  440.209035][T13476] BTRFS info (device loop0 state EA): forced readonly
[  440.216664][   T12] BTRFS error (device loop0 state EA): fail to start transaction for status update: -30
[  440.226376][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  440.231154][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  440.236021][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  440.605792][T13494] loop0: detected capacity change from 0 to 32768
[  440.612397][T13494] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.439 (13494)
[  440.628716][T13494] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  440.643706][T13494] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  440.647021][T13494] BTRFS info (device loop0): using free-space-tree
[  440.731623][T13494] FAULT_INJECTION: forcing a failure.
[  440.731623][T13494] name failslab, interval 1, probability 0, space 0, times 0
[  440.752371][T13494] CPU: 0 UID: 0 PID: 13494 Comm: syz.0.439 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  440.752391][T13494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  440.752399][T13494] Call Trace:
[  440.752404][T13494]  <TASK>
[  440.752409][T13494]  dump_stack_lvl+0x241/0x360
[  440.752428][T13494]  ? __pfx_dump_stack_lvl+0x10/0x10
[  440.752441][T13494]  ? __pfx__printk+0x10/0x10
[  440.752460][T13494]  ? fs_reclaim_acquire+0x93/0x130
[  440.752477][T13494]  ? __pfx___might_resched+0x10/0x10
[  440.752496][T13494]  should_fail_ex+0x40a/0x550
[  440.752515][T13494]  should_failslab+0xac/0x100
[  440.752529][T13494]  ? alloc_extent_state+0x25/0x310
[  440.752546][T13494]  kmem_cache_alloc_noprof+0x70/0x380
[  440.752564][T13494]  alloc_extent_state+0x25/0x310
[  440.752584][T13494]  __set_extent_bit+0x1fd/0x1e60
[  440.752611][T13494]  ? __asan_memcpy+0x40/0x70
[  440.752631][T13494]  set_extent_bit+0x3b/0x50
[  440.752651][T13494]  btrfs_alloc_tree_block+0x96b/0x1440
[  440.752678][T13494]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  440.752696][T13494]  ? __lock_acquire+0x1397/0x2100
[  440.752717][T13494]  ? read_extent_buffer+0x11b/0x540
[  440.752741][T13494]  btrfs_force_cow_block+0x526/0x1fd0
[  440.752765][T13494]  ? __pfx_lock_acquire+0x10/0x10
[  440.752790][T13494]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  440.752805][T13494]  ? btrfs_qgroup_add_swapped_blocks+0x8d0/0x9b0
[  440.752825][T13494]  ? down_write_nested+0x195/0x220
[  440.752838][T13494]  ? __pfx_down_write_nested+0x10/0x10
[  440.752854][T13494]  btrfs_cow_block+0x371/0x830
[  440.752878][T13494]  btrfs_search_slot+0xc01/0x3180
[  440.752894][T13494]  ? unwind_get_return_address+0x4d/0x90
[  440.752929][T13494]  ? __pfx_btrfs_search_slot+0x10/0x10
[  440.752942][T13494]  ? btrfs_extent_root+0x2a1/0x3b0
[  440.752960][T13494]  ? __pfx_btrfs_extent_root+0x10/0x10
[  440.752975][T13494]  ? stack_depot_save_flags+0x37/0x940
[  440.752995][T13494]  ? __btrfs_free_extent+0x357/0x3980
[  440.753012][T13494]  lookup_inline_extent_backref+0x448/0x1b40
[  440.753024][T13494]  ? btrfs_commit_transaction+0x4b9/0x3760
[  440.753039][T13494]  ? try_flush_qgroup+0x1ec/0x340
[  440.753050][T13494]  ? btrfs_qgroup_reserve_data+0x68/0xb0
[  440.753063][T13494]  ? btrfs_buffered_write+0x519/0x1250
[  440.753080][T13494]  ? __se_sys_pwritev2+0x196/0x2b0
[  440.753096][T13494]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.753128][T13494]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  440.753159][T13494]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  440.753174][T13494]  __btrfs_free_extent+0x436/0x3980
[  440.753212][T13494]  ? __pfx___btrfs_free_extent+0x10/0x10
[  440.753226][T13494]  ? __lock_acquire+0x2100/0x2100
[  440.753241][T13494]  ? do_raw_read_unlock+0x3c/0x80
[  440.753260][T13494]  ? do_raw_spin_unlock+0x58/0x8b0
[  440.753280][T13494]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  440.753310][T13494]  ? validate_chain+0x11e/0x5920
[  440.753347][T13494]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  440.753370][T13494]  ? unwind_get_return_address+0x4d/0x90
[  440.753386][T13494]  ? arch_stack_walk+0xfd/0x150
[  440.753419][T13494]  ? __pfx_lock_acquire+0x10/0x10
[  440.753442][T13494]  ? __lock_acquire+0x1397/0x2100
[  440.753461][T13494]  btrfs_run_delayed_refs+0xe3/0x2f0
[  440.753482][T13494]  btrfs_commit_transaction+0x4b9/0x3760
[  440.753502][T13494]  ? btrfs_commit_transaction+0x177/0x3760
[  440.753528][T13494]  ? __asan_memset+0x23/0x50
[  440.753543][T13494]  ? lockdep_init_map_type+0xa1/0x910
[  440.753560][T13494]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  440.753577][T13494]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  440.753599][T13494]  ? join_transaction+0x405/0xda0
[  440.753619][T13494]  ? btrfs_record_root_in_trans+0x12d/0x190
[  440.753637][T13494]  ? start_transaction+0x45f/0x16b0
[  440.753668][T13494]  try_flush_qgroup+0x1ec/0x340
[  440.753681][T13494]  ? kfree+0x196/0x430
[  440.753693][T13494]  ? __pfx_try_flush_qgroup+0x10/0x10
[  440.753708][T13494]  ? qgroup_reserve_data+0x6ab/0x8c0
[  440.753732][T13494]  btrfs_qgroup_reserve_data+0x68/0xb0
[  440.753748][T13494]  btrfs_check_data_free_space+0x149/0x240
[  440.753767][T13494]  btrfs_buffered_write+0x519/0x1250
[  440.753806][T13494]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  440.753835][T13494]  ? __lock_acquire+0x1397/0x2100
[  440.753857][T13494]  btrfs_do_write_iter+0x279/0x7b0
[  440.753881][T13494]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  440.753907][T13494]  do_iter_readv_writev+0x71a/0x9d0
[  440.753928][T13494]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  440.753943][T13494]  ? rcu_read_lock_any_held+0xb7/0x160
[  440.753969][T13494]  vfs_writev+0x38b/0xbc0
[  440.753994][T13494]  ? __pfx_vfs_writev+0x10/0x10
[  440.754006][T13494]  ? vfs_write+0x7fa/0xd10
[  440.754033][T13494]  ? __fget_files+0x2a/0x410
[  440.754048][T13494]  ? __fget_files+0x395/0x410
[  440.754060][T13494]  ? __fget_files+0x2a/0x410
[  440.754080][T13494]  __se_sys_pwritev2+0x196/0x2b0
[  440.754100][T13494]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  440.754117][T13494]  ? do_syscall_64+0x100/0x230
[  440.754136][T13494]  ? __x64_sys_pwritev2+0x21/0xf0
[  440.754156][T13494]  do_syscall_64+0xf3/0x230
[  440.754171][T13494]  ? clear_bhb_loop+0x35/0x90
[  440.754190][T13494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.754209][T13494] RIP: 0033:0x7f844d97e719
[  440.754222][T13494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  440.754232][T13494] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  440.754247][T13494] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  440.754255][T13494] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  440.754262][T13494] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  440.754269][T13494] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  440.754276][T13494] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  440.754297][T13494]  </TASK>
[  440.993024][ T3025] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  441.027599][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  441.380712][T13512] loop0: detected capacity change from 0 to 32768
[  441.404432][T13512] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.440 (13512)
[  441.425777][T13512] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  441.442565][T13512] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  441.445877][T13512] BTRFS info (device loop0): using free-space-tree
[  441.501714][T13512] FAULT_INJECTION: forcing a failure.
[  441.501714][T13512] name failslab, interval 1, probability 0, space 0, times 0
[  441.511888][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  441.522336][T13512] CPU: 0 UID: 0 PID: 13512 Comm: syz.0.440 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  441.522354][T13512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  441.522362][T13512] Call Trace:
[  441.522367][T13512]  <TASK>
[  441.522372][T13512]  dump_stack_lvl+0x241/0x360
[  441.522391][T13512]  ? __pfx_dump_stack_lvl+0x10/0x10
[  441.522403][T13512]  ? __pfx__printk+0x10/0x10
[  441.522418][T13512]  ? fs_reclaim_acquire+0x93/0x130
[  441.522427][T13512]  ? __pfx___might_resched+0x10/0x10
[  441.522437][T13512]  should_fail_ex+0x40a/0x550
[  441.522447][T13512]  should_failslab+0xac/0x100
[  441.522454][T13512]  ? add_to_free_space_tree+0xc9/0x320
[  441.522463][T13512]  kmem_cache_alloc_noprof+0x70/0x380
[  441.522473][T13512]  add_to_free_space_tree+0xc9/0x320
[  441.522483][T13512]  __btrfs_free_extent+0x1ce9/0x3980
[  441.522506][T13512]  ? __pfx___btrfs_free_extent+0x10/0x10
[  441.522546][T13512]  ? __lock_acquire+0x2100/0x2100
[  441.522561][T13512]  ? do_raw_read_unlock+0x3c/0x80
[  441.522577][T13512]  ? do_raw_spin_unlock+0x58/0x8b0
[  441.522593][T13512]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  441.522621][T13512]  ? validate_chain+0x11e/0x5920
[  441.522650][T13512]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  441.522671][T13512]  ? unwind_get_return_address+0x4d/0x90
[  441.522687][T13512]  ? arch_stack_walk+0xfd/0x150
[  441.522717][T13512]  ? __pfx_lock_acquire+0x10/0x10
[  441.522735][T13512]  ? __lock_acquire+0x1397/0x2100
[  441.522752][T13512]  btrfs_run_delayed_refs+0xe3/0x2f0
[  441.522771][T13512]  btrfs_commit_transaction+0x4b9/0x3760
[  441.522789][T13512]  ? btrfs_commit_transaction+0x177/0x3760
[  441.522810][T13512]  ? __asan_memset+0x23/0x50
[  441.522824][T13512]  ? lockdep_init_map_type+0xa1/0x910
[  441.522841][T13512]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  441.522855][T13512]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  441.522877][T13512]  ? join_transaction+0x405/0xda0
[  441.522893][T13512]  ? btrfs_record_root_in_trans+0x12d/0x190
[  441.522908][T13512]  ? start_transaction+0x45f/0x16b0
[  441.522936][T13512]  try_flush_qgroup+0x1ec/0x340
[  441.522948][T13512]  ? kfree+0x196/0x430
[  441.522958][T13512]  ? __pfx_try_flush_qgroup+0x10/0x10
[  441.522979][T13512]  ? qgroup_reserve_data+0x6ab/0x8c0
[  441.522999][T13512]  btrfs_qgroup_reserve_data+0x68/0xb0
[  441.523014][T13512]  btrfs_check_data_free_space+0x149/0x240
[  441.523032][T13512]  btrfs_buffered_write+0x519/0x1250
[  441.523066][T13512]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  441.523091][T13512]  ? __lock_acquire+0x1397/0x2100
[  441.523111][T13512]  btrfs_do_write_iter+0x279/0x7b0
[  441.523130][T13512]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  441.523151][T13512]  do_iter_readv_writev+0x71a/0x9d0
[  441.523171][T13512]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  441.523184][T13512]  ? rcu_read_lock_any_held+0xb7/0x160
[  441.523207][T13512]  vfs_writev+0x38b/0xbc0
[  441.523227][T13512]  ? __pfx_vfs_writev+0x10/0x10
[  441.523237][T13512]  ? vfs_write+0x7fa/0xd10
[  441.523261][T13512]  ? __fget_files+0x2a/0x410
[  441.523274][T13512]  ? __fget_files+0x395/0x410
[  441.523284][T13512]  ? __fget_files+0x2a/0x410
[  441.523299][T13512]  __se_sys_pwritev2+0x196/0x2b0
[  441.523315][T13512]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  441.523331][T13512]  ? do_syscall_64+0x100/0x230
[  441.523347][T13512]  ? __x64_sys_pwritev2+0x21/0xf0
[  441.523364][T13512]  do_syscall_64+0xf3/0x230
[  441.523373][T13512]  ? clear_bhb_loop+0x35/0x90
[  441.523382][T13512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.523390][T13512] RIP: 0033:0x7f844d97e719
[  441.523398][T13512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  441.523403][T13512] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  441.523412][T13512] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  441.523417][T13512] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  441.523421][T13512] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  441.523427][T13512] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  441.523433][T13512] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  441.523449][T13512]  </TASK>
[  441.523459][T13512] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  441.724057][T13512] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  441.727963][T13512] BTRFS info (device loop0 state EA): forced readonly
[  441.730581][T13512] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  441.735705][T13512] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  441.740730][T13512] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  441.750821][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  441.756084][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  441.759871][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
2025/02/05 04:06:49 executed programs: 428
[  442.118655][T13530] loop0: detected capacity change from 0 to 32768
[  442.130235][T13530] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.441 (13530)
[  442.150932][T13530] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  442.163364][T13530] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  442.166666][T13530] BTRFS info (device loop0): using free-space-tree
[  442.233688][T13530] FAULT_INJECTION: forcing a failure.
[  442.233688][T13530] name failslab, interval 1, probability 0, space 0, times 0
[  442.238714][T13530] CPU: 0 UID: 0 PID: 13530 Comm: syz.0.441 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  442.238730][T13530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  442.238737][T13530] Call Trace:
[  442.238743][T13530]  <TASK>
[  442.238750][T13530]  dump_stack_lvl+0x241/0x360
[  442.238768][T13530]  ? __pfx_dump_stack_lvl+0x10/0x10
[  442.238779][T13530]  ? __pfx__printk+0x10/0x10
[  442.238797][T13530]  ? fs_reclaim_acquire+0x93/0x130
[  442.238810][T13530]  ? __pfx___might_resched+0x10/0x10
[  442.238826][T13530]  should_fail_ex+0x40a/0x550
[  442.238842][T13530]  should_failslab+0xac/0x100
[  442.238854][T13530]  ? add_to_free_space_tree+0xc9/0x320
[  442.238869][T13530]  kmem_cache_alloc_noprof+0x70/0x380
[  442.238884][T13530]  add_to_free_space_tree+0xc9/0x320
[  442.238903][T13530]  __btrfs_free_extent+0x1ce9/0x3980
[  442.238927][T13530]  ? __pfx___btrfs_free_extent+0x10/0x10
[  442.238939][T13530]  ? __lock_acquire+0x2100/0x2100
[  442.238953][T13530]  ? do_raw_read_unlock+0x3c/0x80
[  442.238968][T13530]  ? do_raw_spin_unlock+0x58/0x8b0
[  442.238984][T13530]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  442.239020][T13530]  ? validate_chain+0x11e/0x5920
[  442.239052][T13530]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  442.239070][T13530]  ? unwind_get_return_address+0x4d/0x90
[  442.239085][T13530]  ? arch_stack_walk+0xfd/0x150
[  442.239114][T13530]  ? __pfx_lock_acquire+0x10/0x10
[  442.239132][T13530]  ? __lock_acquire+0x1397/0x2100
[  442.239148][T13530]  btrfs_run_delayed_refs+0xe3/0x2f0
[  442.239166][T13530]  btrfs_commit_transaction+0x4b9/0x3760
[  442.239184][T13530]  ? btrfs_commit_transaction+0x177/0x3760
[  442.239204][T13530]  ? __asan_memset+0x23/0x50
[  442.239218][T13530]  ? lockdep_init_map_type+0xa1/0x910
[  442.239231][T13530]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  442.239245][T13530]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  442.239264][T13530]  ? join_transaction+0x405/0xda0
[  442.239282][T13530]  ? btrfs_record_root_in_trans+0x12d/0x190
[  442.239298][T13530]  ? start_transaction+0x45f/0x16b0
[  442.239318][T13530]  try_flush_qgroup+0x1ec/0x340
[  442.239330][T13530]  ? kfree+0x196/0x430
[  442.239340][T13530]  ? __pfx_try_flush_qgroup+0x10/0x10
[  442.239353][T13530]  ? qgroup_reserve_data+0x6ab/0x8c0
[  442.239373][T13530]  btrfs_qgroup_reserve_data+0x68/0xb0
[  442.239386][T13530]  btrfs_check_data_free_space+0x149/0x240
[  442.239403][T13530]  btrfs_buffered_write+0x519/0x1250
[  442.239436][T13530]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  442.239460][T13530]  ? __lock_acquire+0x1397/0x2100
[  442.239478][T13530]  btrfs_do_write_iter+0x279/0x7b0
[  442.239498][T13530]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  442.239519][T13530]  do_iter_readv_writev+0x71a/0x9d0
[  442.239537][T13530]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  442.239550][T13530]  ? rcu_read_lock_any_held+0xb7/0x160
[  442.239573][T13530]  vfs_writev+0x38b/0xbc0
[  442.239614][T13530]  ? __pfx_vfs_writev+0x10/0x10
[  442.239626][T13530]  ? vfs_write+0x7fa/0xd10
[  442.239648][T13530]  ? __fget_files+0x2a/0x410
[  442.239662][T13530]  ? __fget_files+0x395/0x410
[  442.239672][T13530]  ? __fget_files+0x2a/0x410
[  442.239690][T13530]  __se_sys_pwritev2+0x196/0x2b0
[  442.239705][T13530]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  442.239717][T13530]  ? do_syscall_64+0x100/0x230
[  442.239732][T13530]  ? __x64_sys_pwritev2+0x21/0xf0
[  442.239748][T13530]  do_syscall_64+0xf3/0x230
[  442.239763][T13530]  ? clear_bhb_loop+0x35/0x90
[  442.239780][T13530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.239794][T13530] RIP: 0033:0x7f844d97e719
[  442.239805][T13530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.239811][T13530] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  442.239820][T13530] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  442.239824][T13530] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  442.239830][T13530] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  442.239836][T13530] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  442.239842][T13530] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  442.239858][T13530]  </TASK>
[  442.412206][T13530] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  442.415544][T13530] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  442.422138][T13530] BTRFS info (device loop0 state EA): forced readonly
[  442.432158][T13530] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  442.436252][T13530] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  442.451716][T13530] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  442.470509][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  442.502579][   T41] BTRFS error (device loop0 state EA): fail to start transaction for status update: -30
[  442.509540][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  442.515403][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  442.865883][T13548] loop0: detected capacity change from 0 to 32768
[  442.875587][T13548] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.442 (13548)
[  442.894462][T13548] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  442.906722][T13548] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  442.909985][T13548] BTRFS info (device loop0): using free-space-tree
[  442.973861][T13548] FAULT_INJECTION: forcing a failure.
[  442.973861][T13548] name failslab, interval 1, probability 0, space 0, times 0
[  442.978708][T13548] CPU: 0 UID: 0 PID: 13548 Comm: syz.0.442 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  442.978725][T13548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  442.978732][T13548] Call Trace:
[  442.978737][T13548]  <TASK>
[  442.978742][T13548]  dump_stack_lvl+0x241/0x360
[  442.978761][T13548]  ? __pfx_dump_stack_lvl+0x10/0x10
[  442.978772][T13548]  ? __pfx__printk+0x10/0x10
[  442.978795][T13548]  ? fs_reclaim_acquire+0x93/0x130
[  442.978809][T13548]  ? __pfx___might_resched+0x10/0x10
[  442.978826][T13548]  should_fail_ex+0x40a/0x550
[  442.978843][T13548]  should_failslab+0xac/0x100
[  442.978854][T13548]  ? add_to_free_space_tree+0xc9/0x320
[  442.978869][T13548]  kmem_cache_alloc_noprof+0x70/0x380
[  442.978884][T13548]  add_to_free_space_tree+0xc9/0x320
[  442.978903][T13548]  __btrfs_free_extent+0x1ce9/0x3980
[  442.978928][T13548]  ? __pfx___btrfs_free_extent+0x10/0x10
[  442.978939][T13548]  ? __lock_acquire+0x2100/0x2100
[  442.978953][T13548]  ? do_raw_read_unlock+0x3c/0x80
[  442.978970][T13548]  ? do_raw_spin_unlock+0x58/0x8b0
[  442.978992][T13548]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  442.979024][T13548]  ? validate_chain+0x11e/0x5920
[  442.979056][T13548]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  442.979075][T13548]  ? unwind_get_return_address+0x4d/0x90
[  442.979090][T13548]  ? arch_stack_walk+0xfd/0x150
[  442.979119][T13548]  ? __pfx_lock_acquire+0x10/0x10
[  442.979139][T13548]  ? __lock_acquire+0x1397/0x2100
[  442.979154][T13548]  btrfs_run_delayed_refs+0xe3/0x2f0
[  442.979173][T13548]  btrfs_commit_transaction+0x4b9/0x3760
[  442.979197][T13548]  ? btrfs_commit_transaction+0x177/0x3760
[  442.979220][T13548]  ? __asan_memset+0x23/0x50
[  442.979234][T13548]  ? lockdep_init_map_type+0xa1/0x910
[  442.979249][T13548]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  442.979262][T13548]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  442.979281][T13548]  ? join_transaction+0x405/0xda0
[  442.979299][T13548]  ? btrfs_record_root_in_trans+0x12d/0x190
[  442.979314][T13548]  ? start_transaction+0x45f/0x16b0
[  442.979341][T13548]  try_flush_qgroup+0x1ec/0x340
[  442.979353][T13548]  ? kfree+0x196/0x430
[  442.979364][T13548]  ? __pfx_try_flush_qgroup+0x10/0x10
[  442.979377][T13548]  ? qgroup_reserve_data+0x6ab/0x8c0
[  442.979398][T13548]  btrfs_qgroup_reserve_data+0x68/0xb0
[  442.979411][T13548]  btrfs_check_data_free_space+0x149/0x240
[  442.979428][T13548]  btrfs_buffered_write+0x519/0x1250
[  442.979463][T13548]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  442.979488][T13548]  ? __lock_acquire+0x1397/0x2100
[  442.979507][T13548]  btrfs_do_write_iter+0x279/0x7b0
[  442.979528][T13548]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  442.979550][T13548]  do_iter_readv_writev+0x71a/0x9d0
[  442.979569][T13548]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  442.979582][T13548]  ? rcu_read_lock_any_held+0xb7/0x160
[  442.979605][T13548]  vfs_writev+0x38b/0xbc0
[  442.979628][T13548]  ? __pfx_vfs_writev+0x10/0x10
[  442.979637][T13548]  ? vfs_write+0x7fa/0xd10
[  442.979668][T13548]  ? __fget_files+0x2a/0x410
[  442.979681][T13548]  ? __fget_files+0x395/0x410
[  442.979691][T13548]  ? __fget_files+0x2a/0x410
[  442.979709][T13548]  __se_sys_pwritev2+0x196/0x2b0
[  442.979726][T13548]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  442.979741][T13548]  ? do_syscall_64+0x100/0x230
[  442.979758][T13548]  ? __x64_sys_pwritev2+0x21/0xf0
[  442.979774][T13548]  do_syscall_64+0xf3/0x230
[  442.979787][T13548]  ? clear_bhb_loop+0x35/0x90
[  442.979804][T13548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.979817][T13548] RIP: 0033:0x7f844d97e719
[  442.979828][T13548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.979837][T13548] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  442.979850][T13548] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  442.979858][T13548] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  442.979865][T13548] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  442.979871][T13548] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  442.979877][T13548] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  442.979896][T13548]  </TASK>
[  442.979906][T13548] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  443.201487][   T12] BTRFS info (device loop0 state A): qgroup scan completed (inconsistency flag cleared)
[  443.205789][T13548] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  443.209600][T13548] BTRFS info (device loop0 state EA): forced readonly
[  443.214086][T13548] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  443.218156][T13548] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  443.224559][T13548] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  443.234952][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  443.239803][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  443.244184][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  443.597812][T13566] loop0: detected capacity change from 0 to 32768
[  443.603203][T13566] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.443 (13566)
[  443.622456][T13566] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  443.626243][T13566] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  443.652407][T13566] BTRFS info (device loop0): using free-space-tree
[  443.708881][T13566] FAULT_INJECTION: forcing a failure.
[  443.708881][T13566] name failslab, interval 1, probability 0, space 0, times 0
[  443.724850][   T41] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  443.728747][T13566] CPU: 0 UID: 0 PID: 13566 Comm: syz.0.443 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  443.728765][T13566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  443.728772][T13566] Call Trace:
[  443.728777][T13566]  <TASK>
[  443.728782][T13566]  dump_stack_lvl+0x241/0x360
[  443.728801][T13566]  ? __pfx_dump_stack_lvl+0x10/0x10
[  443.728812][T13566]  ? __pfx__printk+0x10/0x10
[  443.728829][T13566]  ? fs_reclaim_acquire+0x93/0x130
[  443.728844][T13566]  ? __pfx___might_resched+0x10/0x10
[  443.728860][T13566]  should_fail_ex+0x40a/0x550
[  443.728877][T13566]  should_failslab+0xac/0x100
[  443.728888][T13566]  ? add_to_free_space_tree+0xc9/0x320
[  443.728899][T13566]  kmem_cache_alloc_noprof+0x70/0x380
[  443.728914][T13566]  add_to_free_space_tree+0xc9/0x320
[  443.728939][T13566]  __btrfs_free_extent+0x1ce9/0x3980
[  443.728961][T13566]  ? __pfx___btrfs_free_extent+0x10/0x10
[  443.728972][T13566]  ? __lock_acquire+0x2100/0x2100
[  443.728988][T13566]  ? do_raw_read_unlock+0x3c/0x80
[  443.729004][T13566]  ? do_raw_spin_unlock+0x58/0x8b0
[  443.729021][T13566]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  443.729049][T13566]  ? validate_chain+0x11e/0x5920
[  443.729081][T13566]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  443.729100][T13566]  ? unwind_get_return_address+0x4d/0x90
[  443.729114][T13566]  ? arch_stack_walk+0xfd/0x150
[  443.729143][T13566]  ? __pfx_lock_acquire+0x10/0x10
[  443.729161][T13566]  ? __lock_acquire+0x1397/0x2100
[  443.729177][T13566]  btrfs_run_delayed_refs+0xe3/0x2f0
[  443.729196][T13566]  btrfs_commit_transaction+0x4b9/0x3760
[  443.729211][T13566]  ? btrfs_commit_transaction+0x177/0x3760
[  443.729232][T13566]  ? __asan_memset+0x23/0x50
[  443.729246][T13566]  ? lockdep_init_map_type+0xa1/0x910
[  443.729262][T13566]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  443.729276][T13566]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  443.729292][T13566]  ? join_transaction+0x405/0xda0
[  443.729302][T13566]  ? btrfs_record_root_in_trans+0x12d/0x190
[  443.729312][T13566]  ? start_transaction+0x45f/0x16b0
[  443.729333][T13566]  try_flush_qgroup+0x1ec/0x340
[  443.729345][T13566]  ? kfree+0x196/0x430
[  443.729357][T13566]  ? __pfx_try_flush_qgroup+0x10/0x10
[  443.729370][T13566]  ? qgroup_reserve_data+0x6ab/0x8c0
[  443.729388][T13566]  btrfs_qgroup_reserve_data+0x68/0xb0
[  443.729401][T13566]  btrfs_check_data_free_space+0x149/0x240
[  443.729418][T13566]  btrfs_buffered_write+0x519/0x1250
[  443.729449][T13566]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  443.729473][T13566]  ? __lock_acquire+0x1397/0x2100
[  443.729490][T13566]  btrfs_do_write_iter+0x279/0x7b0
[  443.729509][T13566]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  443.729529][T13566]  do_iter_readv_writev+0x71a/0x9d0
[  443.729549][T13566]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  443.729562][T13566]  ? rcu_read_lock_any_held+0xb7/0x160
[  443.729584][T13566]  vfs_writev+0x38b/0xbc0
[  443.729606][T13566]  ? __pfx_vfs_writev+0x10/0x10
[  443.729616][T13566]  ? vfs_write+0x7fa/0xd10
[  443.729638][T13566]  ? __fget_files+0x2a/0x410
[  443.729651][T13566]  ? __fget_files+0x395/0x410
[  443.729662][T13566]  ? __fget_files+0x2a/0x410
[  443.729679][T13566]  __se_sys_pwritev2+0x196/0x2b0
[  443.729697][T13566]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  443.729719][T13566]  ? do_syscall_64+0x100/0x230
[  443.729736][T13566]  ? __x64_sys_pwritev2+0x21/0xf0
[  443.729753][T13566]  do_syscall_64+0xf3/0x230
[  443.729767][T13566]  ? clear_bhb_loop+0x35/0x90
[  443.729784][T13566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.729799][T13566] RIP: 0033:0x7f844d97e719
[  443.729810][T13566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  443.729819][T13566] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  443.729832][T13566] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  443.729839][T13566] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  443.729845][T13566] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  443.729852][T13566] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  443.729858][T13566] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  443.729877][T13566]  </TASK>
[  443.729888][T13566] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  443.930956][T13566] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  443.935439][T13566] BTRFS info (device loop0 state EA): forced readonly
[  443.938173][T13566] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  443.944320][T13566] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  443.949051][T13566] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  443.957881][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  443.964875][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  443.968381][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  444.321004][T13584] loop0: detected capacity change from 0 to 32768
[  444.347201][T13584] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.444 (13584)
[  444.365920][T13584] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  444.382315][T13584] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  444.386663][T13584] BTRFS info (device loop0): using free-space-tree
[  444.438780][T13584] FAULT_INJECTION: forcing a failure.
[  444.438780][T13584] name failslab, interval 1, probability 0, space 0, times 0
[  444.453213][T13584] CPU: 0 UID: 0 PID: 13584 Comm: syz.0.444 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  444.453234][T13584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  444.453244][T13584] Call Trace:
[  444.453249][T13584]  <TASK>
[  444.453256][T13584]  dump_stack_lvl+0x241/0x360
[  444.453275][T13584]  ? __pfx_dump_stack_lvl+0x10/0x10
[  444.453287][T13584]  ? __pfx__printk+0x10/0x10
[  444.453305][T13584]  ? fs_reclaim_acquire+0x93/0x130
[  444.453320][T13584]  ? __pfx___might_resched+0x10/0x10
[  444.453338][T13584]  should_fail_ex+0x40a/0x550
[  444.453353][T13584]  should_failslab+0xac/0x100
[  444.453365][T13584]  ? alloc_extent_state+0x25/0x310
[  444.453379][T13584]  kmem_cache_alloc_noprof+0x70/0x380
[  444.453395][T13584]  alloc_extent_state+0x25/0x310
[  444.453412][T13584]  __set_extent_bit+0x1fd/0x1e60
[  444.453436][T13584]  ? __asan_memcpy+0x40/0x70
[  444.453452][T13584]  set_extent_bit+0x3b/0x50
[  444.453469][T13584]  btrfs_alloc_tree_block+0x96b/0x1440
[  444.453493][T13584]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  444.453508][T13584]  ? __lock_acquire+0x1397/0x2100
[  444.453526][T13584]  ? read_extent_buffer+0x11b/0x540
[  444.453548][T13584]  btrfs_force_cow_block+0x526/0x1fd0
[  444.453569][T13584]  ? __pfx_lock_acquire+0x10/0x10
[  444.453592][T13584]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  444.453604][T13584]  ? btrfs_qgroup_add_swapped_blocks+0x8d0/0x9b0
[  444.453621][T13584]  ? down_write_nested+0x195/0x220
[  444.453632][T13584]  ? __pfx_down_write_nested+0x10/0x10
[  444.453647][T13584]  btrfs_cow_block+0x371/0x830
[  444.453666][T13584]  btrfs_search_slot+0xc01/0x3180
[  444.453680][T13584]  ? unwind_get_return_address+0x4d/0x90
[  444.453721][T13584]  ? __pfx_btrfs_search_slot+0x10/0x10
[  444.453733][T13584]  ? btrfs_extent_root+0x2a1/0x3b0
[  444.453752][T13584]  ? __pfx_btrfs_extent_root+0x10/0x10
[  444.453765][T13584]  ? stack_depot_save_flags+0x37/0x940
[  444.453782][T13584]  ? __btrfs_free_extent+0x357/0x3980
[  444.453798][T13584]  lookup_inline_extent_backref+0x448/0x1b40
[  444.453809][T13584]  ? btrfs_commit_transaction+0x4b9/0x3760
[  444.453821][T13584]  ? try_flush_qgroup+0x1ec/0x340
[  444.453832][T13584]  ? btrfs_qgroup_reserve_data+0x68/0xb0
[  444.453842][T13584]  ? btrfs_buffered_write+0x519/0x1250
[  444.453857][T13584]  ? __se_sys_pwritev2+0x196/0x2b0
[  444.453872][T13584]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.453898][T13584]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  444.453924][T13584]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  444.453938][T13584]  __btrfs_free_extent+0x436/0x3980
[  444.453966][T13584]  ? __pfx___btrfs_free_extent+0x10/0x10
[  444.453978][T13584]  ? __lock_acquire+0x2100/0x2100
[  444.453992][T13584]  ? do_raw_read_unlock+0x3c/0x80
[  444.454008][T13584]  ? do_raw_spin_unlock+0x58/0x8b0
[  444.454026][T13584]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  444.454053][T13584]  ? validate_chain+0x11e/0x5920
[  444.454086][T13584]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  444.454104][T13584]  ? unwind_get_return_address+0x4d/0x90
[  444.454119][T13584]  ? arch_stack_walk+0xfd/0x150
[  444.454150][T13584]  ? __pfx_lock_acquire+0x10/0x10
[  444.454169][T13584]  ? __lock_acquire+0x1397/0x2100
[  444.454186][T13584]  btrfs_run_delayed_refs+0xe3/0x2f0
[  444.454212][T13584]  btrfs_commit_transaction+0x4b9/0x3760
[  444.454229][T13584]  ? btrfs_commit_transaction+0x177/0x3760
[  444.454251][T13584]  ? __asan_memset+0x23/0x50
[  444.454264][T13584]  ? lockdep_init_map_type+0xa1/0x910
[  444.454279][T13584]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  444.454292][T13584]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  444.454313][T13584]  ? join_transaction+0x405/0xda0
[  444.454331][T13584]  ? btrfs_record_root_in_trans+0x12d/0x190
[  444.454346][T13584]  ? start_transaction+0x45f/0x16b0
[  444.454370][T13584]  try_flush_qgroup+0x1ec/0x340
[  444.454382][T13584]  ? kfree+0x196/0x430
[  444.454394][T13584]  ? __pfx_try_flush_qgroup+0x10/0x10
[  444.454407][T13584]  ? qgroup_reserve_data+0x6ab/0x8c0
[  444.454428][T13584]  btrfs_qgroup_reserve_data+0x68/0xb0
[  444.454441][T13584]  btrfs_check_data_free_space+0x149/0x240
[  444.454460][T13584]  btrfs_buffered_write+0x519/0x1250
[  444.454495][T13584]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  444.454554][T13584]  ? __lock_acquire+0x1397/0x2100
[  444.454577][T13584]  btrfs_do_write_iter+0x279/0x7b0
[  444.454594][T13584]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  444.454612][T13584]  do_iter_readv_writev+0x71a/0x9d0
[  444.454630][T13584]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  444.454643][T13584]  ? rcu_read_lock_any_held+0xb7/0x160
[  444.454667][T13584]  vfs_writev+0x38b/0xbc0
[  444.454688][T13584]  ? __pfx_vfs_writev+0x10/0x10
[  444.454698][T13584]  ? vfs_write+0x7fa/0xd10
[  444.454722][T13584]  ? __fget_files+0x2a/0x410
[  444.454735][T13584]  ? __fget_files+0x395/0x410
[  444.454745][T13584]  ? __fget_files+0x2a/0x410
[  444.454761][T13584]  __se_sys_pwritev2+0x196/0x2b0
[  444.454778][T13584]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  444.454794][T13584]  ? do_syscall_64+0x100/0x230
[  444.454811][T13584]  ? __x64_sys_pwritev2+0x21/0xf0
[  444.454827][T13584]  do_syscall_64+0xf3/0x230
[  444.454841][T13584]  ? clear_bhb_loop+0x35/0x90
[  444.454857][T13584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.454870][T13584] RIP: 0033:0x7f844d97e719
[  444.454882][T13584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.454891][T13584] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  444.454904][T13584] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  444.454911][T13584] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  444.454918][T13584] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  444.454924][T13584] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  444.454931][T13584] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  444.454947][T13584]  </TASK>
[  444.699345][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  444.712871][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  445.064884][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  445.067231][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  445.087716][T13602] loop0: detected capacity change from 0 to 32768
[  445.099442][T13602] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.445 (13602)
[  445.120666][T13602] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  445.132400][T13602] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  445.135575][T13602] BTRFS info (device loop0): using free-space-tree
[  445.201247][T13602] FAULT_INJECTION: forcing a failure.
[  445.201247][T13602] name failslab, interval 1, probability 0, space 0, times 0
[  445.214045][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  445.227468][T13602] CPU: 0 UID: 0 PID: 13602 Comm: syz.0.445 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  445.227491][T13602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  445.227498][T13602] Call Trace:
[  445.227502][T13602]  <TASK>
[  445.227508][T13602]  dump_stack_lvl+0x241/0x360
[  445.227529][T13602]  ? __pfx_dump_stack_lvl+0x10/0x10
[  445.227541][T13602]  ? __pfx__printk+0x10/0x10
[  445.227560][T13602]  ? fs_reclaim_acquire+0x93/0x130
[  445.227576][T13602]  ? __pfx___might_resched+0x10/0x10
[  445.227591][T13602]  should_fail_ex+0x40a/0x550
[  445.227608][T13602]  should_failslab+0xac/0x100
[  445.227620][T13602]  ? add_to_free_space_tree+0xc9/0x320
[  445.227634][T13602]  kmem_cache_alloc_noprof+0x70/0x380
[  445.227650][T13602]  add_to_free_space_tree+0xc9/0x320
[  445.227667][T13602]  __btrfs_free_extent+0x1ce9/0x3980
[  445.227691][T13602]  ? __pfx___btrfs_free_extent+0x10/0x10
[  445.227703][T13602]  ? __lock_acquire+0x2100/0x2100
[  445.227717][T13602]  ? do_raw_read_unlock+0x3c/0x80
[  445.227731][T13602]  ? do_raw_spin_unlock+0x58/0x8b0
[  445.227747][T13602]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  445.227775][T13602]  ? validate_chain+0x11e/0x5920
[  445.227806][T13602]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  445.227822][T13602]  ? unwind_get_return_address+0x4d/0x90
[  445.227837][T13602]  ? arch_stack_walk+0xfd/0x150
[  445.227866][T13602]  ? __pfx_lock_acquire+0x10/0x10
[  445.227884][T13602]  ? __lock_acquire+0x1397/0x2100
[  445.227900][T13602]  btrfs_run_delayed_refs+0xe3/0x2f0
[  445.227919][T13602]  btrfs_commit_transaction+0x4b9/0x3760
[  445.227937][T13602]  ? btrfs_commit_transaction+0x177/0x3760
[  445.227959][T13602]  ? __asan_memset+0x23/0x50
[  445.227973][T13602]  ? lockdep_init_map_type+0xa1/0x910
[  445.227988][T13602]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  445.228002][T13602]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  445.228020][T13602]  ? join_transaction+0x405/0xda0
[  445.228037][T13602]  ? btrfs_record_root_in_trans+0x12d/0x190
[  445.228052][T13602]  ? start_transaction+0x45f/0x16b0
[  445.228076][T13602]  try_flush_qgroup+0x1ec/0x340
[  445.228089][T13602]  ? kfree+0x196/0x430
[  445.228100][T13602]  ? __pfx_try_flush_qgroup+0x10/0x10
[  445.228113][T13602]  ? qgroup_reserve_data+0x6ab/0x8c0
[  445.228134][T13602]  btrfs_qgroup_reserve_data+0x68/0xb0
[  445.228149][T13602]  btrfs_check_data_free_space+0x149/0x240
[  445.228173][T13602]  btrfs_buffered_write+0x519/0x1250
[  445.228205][T13602]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  445.228231][T13602]  ? __lock_acquire+0x1397/0x2100
[  445.228249][T13602]  btrfs_do_write_iter+0x279/0x7b0
[  445.228270][T13602]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  445.228289][T13602]  do_iter_readv_writev+0x71a/0x9d0
[  445.228308][T13602]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  445.228321][T13602]  ? rcu_read_lock_any_held+0xb7/0x160
[  445.228341][T13602]  vfs_writev+0x38b/0xbc0
[  445.228363][T13602]  ? __pfx_vfs_writev+0x10/0x10
[  445.228373][T13602]  ? vfs_write+0x7fa/0xd10
[  445.228397][T13602]  ? __fget_files+0x2a/0x410
[  445.228410][T13602]  ? __fget_files+0x395/0x410
[  445.228420][T13602]  ? __fget_files+0x2a/0x410
[  445.228436][T13602]  __se_sys_pwritev2+0x196/0x2b0
[  445.228453][T13602]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  445.228468][T13602]  ? do_syscall_64+0x100/0x230
[  445.228486][T13602]  ? __x64_sys_pwritev2+0x21/0xf0
[  445.228501][T13602]  do_syscall_64+0xf3/0x230
[  445.228515][T13602]  ? clear_bhb_loop+0x35/0x90
[  445.228532][T13602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.228546][T13602] RIP: 0033:0x7f844d97e719
[  445.228557][T13602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.228565][T13602] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  445.228579][T13602] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  445.228587][T13602] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  445.228594][T13602] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  445.228599][T13602] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  445.228605][T13602] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  445.228622][T13602]  </TASK>
[  445.228632][T13602] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  445.426336][T13602] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  445.430605][T13602] BTRFS info (device loop0 state EA): forced readonly
[  445.434839][T13602] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  445.439054][T13602] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  445.445255][T13602] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  445.455930][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  445.460731][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  445.465068][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  445.827140][T13620] loop0: detected capacity change from 0 to 32768
[  445.853954][T13620] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.446 (13620)
[  445.882773][T13620] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  445.886949][T13620] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  445.890294][T13620] BTRFS info (device loop0): using free-space-tree
[  445.954664][T13620] FAULT_INJECTION: forcing a failure.
[  445.954664][T13620] name failslab, interval 1, probability 0, space 0, times 0
[  445.959588][T13620] CPU: 0 UID: 0 PID: 13620 Comm: syz.0.446 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  445.959604][T13620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  445.959612][T13620] Call Trace:
[  445.959619][T13620]  <TASK>
[  445.959625][T13620]  dump_stack_lvl+0x241/0x360
[  445.959644][T13620]  ? __pfx_dump_stack_lvl+0x10/0x10
[  445.959655][T13620]  ? __pfx__printk+0x10/0x10
[  445.959672][T13620]  ? fs_reclaim_acquire+0x93/0x130
[  445.959687][T13620]  ? __pfx___might_resched+0x10/0x10
[  445.959703][T13620]  should_fail_ex+0x40a/0x550
[  445.959719][T13620]  should_failslab+0xac/0x100
[  445.959731][T13620]  ? add_to_free_space_tree+0xc9/0x320
[  445.959745][T13620]  kmem_cache_alloc_noprof+0x70/0x380
[  445.959762][T13620]  add_to_free_space_tree+0xc9/0x320
[  445.959781][T13620]  __btrfs_free_extent+0x1ce9/0x3980
[  445.959807][T13620]  ? __pfx___btrfs_free_extent+0x10/0x10
[  445.959819][T13620]  ? __lock_acquire+0x2100/0x2100
[  445.959833][T13620]  ? do_raw_read_unlock+0x3c/0x80
[  445.959850][T13620]  ? do_raw_spin_unlock+0x58/0x8b0
[  445.959867][T13620]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  445.959895][T13620]  ? validate_chain+0x11e/0x5920
[  445.959924][T13620]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  445.959941][T13620]  ? unwind_get_return_address+0x4d/0x90
[  445.959957][T13620]  ? arch_stack_walk+0xfd/0x150
[  445.959985][T13620]  ? __pfx_lock_acquire+0x10/0x10
[  445.960014][T13620]  ? __lock_acquire+0x1397/0x2100
[  445.960030][T13620]  btrfs_run_delayed_refs+0xe3/0x2f0
[  445.960049][T13620]  btrfs_commit_transaction+0x4b9/0x3760
[  445.960066][T13620]  ? btrfs_commit_transaction+0x177/0x3760
[  445.960088][T13620]  ? __asan_memset+0x23/0x50
[  445.960102][T13620]  ? lockdep_init_map_type+0xa1/0x910
[  445.960117][T13620]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  445.960132][T13620]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  445.960152][T13620]  ? join_transaction+0x405/0xda0
[  445.960170][T13620]  ? btrfs_record_root_in_trans+0x12d/0x190
[  445.960185][T13620]  ? start_transaction+0x45f/0x16b0
[  445.960211][T13620]  try_flush_qgroup+0x1ec/0x340
[  445.960223][T13620]  ? kfree+0x196/0x430
[  445.960235][T13620]  ? __pfx_try_flush_qgroup+0x10/0x10
[  445.960247][T13620]  ? qgroup_reserve_data+0x6ab/0x8c0
[  445.960287][T13620]  btrfs_qgroup_reserve_data+0x68/0xb0
[  445.960303][T13620]  btrfs_check_data_free_space+0x149/0x240
[  445.960321][T13620]  btrfs_buffered_write+0x519/0x1250
[  445.960355][T13620]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  445.960380][T13620]  ? __lock_acquire+0x1397/0x2100
[  445.960400][T13620]  btrfs_do_write_iter+0x279/0x7b0
[  445.960420][T13620]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  445.960441][T13620]  do_iter_readv_writev+0x71a/0x9d0
[  445.960461][T13620]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  445.960475][T13620]  ? rcu_read_lock_any_held+0xb7/0x160
[  445.960496][T13620]  vfs_writev+0x38b/0xbc0
[  445.960518][T13620]  ? __pfx_vfs_writev+0x10/0x10
[  445.960527][T13620]  ? vfs_write+0x7fa/0xd10
[  445.960551][T13620]  ? __fget_files+0x2a/0x410
[  445.960565][T13620]  ? __fget_files+0x395/0x410
[  445.960575][T13620]  ? __fget_files+0x2a/0x410
[  445.960591][T13620]  __se_sys_pwritev2+0x196/0x2b0
[  445.960608][T13620]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  445.960624][T13620]  ? do_syscall_64+0x100/0x230
[  445.960641][T13620]  ? __x64_sys_pwritev2+0x21/0xf0
[  445.960658][T13620]  do_syscall_64+0xf3/0x230
[  445.960672][T13620]  ? clear_bhb_loop+0x35/0x90
[  445.960689][T13620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.960702][T13620] RIP: 0033:0x7f844d97e719
[  445.960714][T13620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.960724][T13620] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  445.960737][T13620] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  445.960743][T13620] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  445.960750][T13620] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  445.960756][T13620] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  445.960763][T13620] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  445.960780][T13620]  </TASK>
[  446.132451][T13620] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  446.143149][T13620] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  446.148410][T13620] BTRFS info (device loop0 state EA): forced readonly
[  446.162215][T13620] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  446.166727][T13620] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  446.175371][T13620] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  446.195834][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  446.232981][   T12] BTRFS error (device loop0 state EA): fail to start transaction for status update: -30
[  446.239564][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  446.245803][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  446.613777][T13638] loop0: detected capacity change from 0 to 32768
[  446.621827][T13638] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.447 (13638)
[  446.636050][T13638] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  446.639846][T13638] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  446.662213][T13638] BTRFS info (device loop0): using free-space-tree
[  446.754074][T13638] FAULT_INJECTION: forcing a failure.
[  446.754074][T13638] name failslab, interval 1, probability 0, space 0, times 0
[  446.758974][T13638] CPU: 0 UID: 0 PID: 13638 Comm: syz.0.447 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  446.758993][T13638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  446.759001][T13638] Call Trace:
[  446.759007][T13638]  <TASK>
[  446.759012][T13638]  dump_stack_lvl+0x241/0x360
[  446.759033][T13638]  ? __pfx_dump_stack_lvl+0x10/0x10
[  446.759046][T13638]  ? __pfx__printk+0x10/0x10
[  446.759066][T13638]  ? fs_reclaim_acquire+0x93/0x130
[  446.759083][T13638]  ? __pfx___might_resched+0x10/0x10
[  446.759101][T13638]  should_fail_ex+0x40a/0x550
[  446.759120][T13638]  should_failslab+0xac/0x100
[  446.759133][T13638]  ? alloc_extent_state+0x25/0x310
[  446.759149][T13638]  kmem_cache_alloc_noprof+0x70/0x380
[  446.759166][T13638]  alloc_extent_state+0x25/0x310
[  446.759185][T13638]  __set_extent_bit+0x1fd/0x1e60
[  446.759212][T13638]  ? __asan_memcpy+0x40/0x70
[  446.759230][T13638]  set_extent_bit+0x3b/0x50
[  446.759250][T13638]  btrfs_alloc_tree_block+0x96b/0x1440
[  446.759275][T13638]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  446.759292][T13638]  ? __lock_acquire+0x1397/0x2100
[  446.759312][T13638]  ? read_extent_buffer+0x11b/0x540
[  446.759337][T13638]  btrfs_force_cow_block+0x526/0x1fd0
[  446.759359][T13638]  ? __pfx_lock_acquire+0x10/0x10
[  446.759384][T13638]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  446.759399][T13638]  ? btrfs_qgroup_add_swapped_blocks+0x8d0/0x9b0
[  446.759417][T13638]  ? down_write_nested+0x195/0x220
[  446.759429][T13638]  ? __pfx_down_write_nested+0x10/0x10
[  446.759445][T13638]  btrfs_cow_block+0x371/0x830
[  446.759469][T13638]  btrfs_search_slot+0xc01/0x3180
[  446.759484][T13638]  ? unwind_get_return_address+0x4d/0x90
[  446.759518][T13638]  ? __pfx_btrfs_search_slot+0x10/0x10
[  446.759531][T13638]  ? btrfs_extent_root+0x2a1/0x3b0
[  446.759549][T13638]  ? __pfx_btrfs_extent_root+0x10/0x10
[  446.759565][T13638]  ? stack_depot_save_flags+0x37/0x940
[  446.759583][T13638]  ? __btrfs_free_extent+0x357/0x3980
[  446.759599][T13638]  lookup_inline_extent_backref+0x448/0x1b40
[  446.759612][T13638]  ? btrfs_commit_transaction+0x4b9/0x3760
[  446.759626][T13638]  ? try_flush_qgroup+0x1ec/0x340
[  446.759637][T13638]  ? btrfs_qgroup_reserve_data+0x68/0xb0
[  446.759649][T13638]  ? btrfs_buffered_write+0x519/0x1250
[  446.759666][T13638]  ? __se_sys_pwritev2+0x196/0x2b0
[  446.759682][T13638]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.759714][T13638]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  446.759744][T13638]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  446.759758][T13638]  __btrfs_free_extent+0x436/0x3980
[  446.759788][T13638]  ? __pfx___btrfs_free_extent+0x10/0x10
[  446.759801][T13638]  ? __lock_acquire+0x2100/0x2100
[  446.759816][T13638]  ? do_raw_read_unlock+0x3c/0x80
[  446.759834][T13638]  ? do_raw_spin_unlock+0x58/0x8b0
[  446.759854][T13638]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  446.759884][T13638]  ? validate_chain+0x11e/0x5920
[  446.759925][T13638]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  446.759946][T13638]  ? unwind_get_return_address+0x4d/0x90
[  446.759962][T13638]  ? arch_stack_walk+0xfd/0x150
[  446.759993][T13638]  ? __pfx_lock_acquire+0x10/0x10
[  446.760015][T13638]  ? __lock_acquire+0x1397/0x2100
[  446.760034][T13638]  btrfs_run_delayed_refs+0xe3/0x2f0
[  446.760054][T13638]  btrfs_commit_transaction+0x4b9/0x3760
[  446.760072][T13638]  ? btrfs_commit_transaction+0x177/0x3760
[  446.760098][T13638]  ? __asan_memset+0x23/0x50
[  446.760112][T13638]  ? lockdep_init_map_type+0xa1/0x910
[  446.760129][T13638]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  446.760145][T13638]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  446.760165][T13638]  ? join_transaction+0x405/0xda0
[  446.760184][T13638]  ? btrfs_record_root_in_trans+0x12d/0x190
[  446.760201][T13638]  ? start_transaction+0x45f/0x16b0
[  446.760232][T13638]  try_flush_qgroup+0x1ec/0x340
[  446.760244][T13638]  ? kfree+0x196/0x430
[  446.760256][T13638]  ? __pfx_try_flush_qgroup+0x10/0x10
[  446.760271][T13638]  ? qgroup_reserve_data+0x6ab/0x8c0
[  446.760294][T13638]  btrfs_qgroup_reserve_data+0x68/0xb0
[  446.760309][T13638]  btrfs_check_data_free_space+0x149/0x240
[  446.760327][T13638]  btrfs_buffered_write+0x519/0x1250
[  446.760366][T13638]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  446.760394][T13638]  ? __lock_acquire+0x1397/0x2100
[  446.760416][T13638]  btrfs_do_write_iter+0x279/0x7b0
[  446.760439][T13638]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  446.760463][T13638]  do_iter_readv_writev+0x71a/0x9d0
[  446.760484][T13638]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  446.760499][T13638]  ? rcu_read_lock_any_held+0xb7/0x160
[  446.760525][T13638]  vfs_writev+0x38b/0xbc0
[  446.760549][T13638]  ? __pfx_vfs_writev+0x10/0x10
[  446.760560][T13638]  ? vfs_write+0x7fa/0xd10
[  446.760586][T13638]  ? __fget_files+0x2a/0x410
[  446.760600][T13638]  ? __fget_files+0x395/0x410
[  446.760611][T13638]  ? __fget_files+0x2a/0x410
[  446.760631][T13638]  __se_sys_pwritev2+0x196/0x2b0
[  446.760649][T13638]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  446.760666][T13638]  ? do_syscall_64+0x100/0x230
[  446.760684][T13638]  ? __x64_sys_pwritev2+0x21/0xf0
[  446.760702][T13638]  do_syscall_64+0xf3/0x230
[  446.760718][T13638]  ? clear_bhb_loop+0x35/0x90
[  446.760735][T13638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.760750][T13638] RIP: 0033:0x7f844d97e719
[  446.760762][T13638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  446.760772][T13638] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  446.760785][T13638] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  446.760793][T13638] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  446.760800][T13638] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  446.760807][T13638] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  446.760814][T13638] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  446.760834][T13638]  </TASK>
[  447.025303][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  447.043070][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
2025/02/05 04:06:55 executed programs: 435
[  447.408576][T13656] loop0: detected capacity change from 0 to 32768
[  447.416035][T13656] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.448 (13656)
[  447.431753][T13656] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  447.449099][T13656] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  447.460360][T13656] BTRFS info (device loop0): using free-space-tree
[  447.508558][T13656] FAULT_INJECTION: forcing a failure.
[  447.508558][T13656] name failslab, interval 1, probability 0, space 0, times 0
[  447.517518][T13656] CPU: 0 UID: 0 PID: 13656 Comm: syz.0.448 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  447.517538][T13656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  447.517546][T13656] Call Trace:
[  447.517551][T13656]  <TASK>
[  447.517556][T13656]  dump_stack_lvl+0x241/0x360
[  447.517575][T13656]  ? __pfx_dump_stack_lvl+0x10/0x10
[  447.517586][T13656]  ? __pfx__printk+0x10/0x10
[  447.517605][T13656]  ? fs_reclaim_acquire+0x93/0x130
[  447.517619][T13656]  ? __pfx___might_resched+0x10/0x10
[  447.517636][T13656]  should_fail_ex+0x40a/0x550
[  447.517651][T13656]  should_failslab+0xac/0x100
[  447.517663][T13656]  ? add_to_free_space_tree+0xc9/0x320
[  447.517678][T13656]  kmem_cache_alloc_noprof+0x70/0x380
[  447.517693][T13656]  add_to_free_space_tree+0xc9/0x320
[  447.517710][T13656]  __btrfs_free_extent+0x1ce9/0x3980
[  447.517733][T13656]  ? __pfx___btrfs_free_extent+0x10/0x10
[  447.517745][T13656]  ? __lock_acquire+0x2100/0x2100
[  447.517760][T13656]  ? do_raw_read_unlock+0x3c/0x80
[  447.517777][T13656]  ? do_raw_spin_unlock+0x58/0x8b0
[  447.517792][T13656]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  447.517820][T13656]  ? validate_chain+0x11e/0x5920
[  447.517847][T13656]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  447.517865][T13656]  ? unwind_get_return_address+0x4d/0x90
[  447.517880][T13656]  ? arch_stack_walk+0xfd/0x150
[  447.517917][T13656]  ? __pfx_lock_acquire+0x10/0x10
[  447.517937][T13656]  ? __lock_acquire+0x1397/0x2100
[  447.517954][T13656]  btrfs_run_delayed_refs+0xe3/0x2f0
[  447.517972][T13656]  btrfs_commit_transaction+0x4b9/0x3760
[  447.517990][T13656]  ? btrfs_commit_transaction+0x177/0x3760
[  447.518011][T13656]  ? __asan_memset+0x23/0x50
[  447.518025][T13656]  ? lockdep_init_map_type+0xa1/0x910
[  447.518040][T13656]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  447.518054][T13656]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  447.518072][T13656]  ? join_transaction+0x405/0xda0
[  447.518090][T13656]  ? btrfs_record_root_in_trans+0x12d/0x190
[  447.518106][T13656]  ? start_transaction+0x45f/0x16b0
[  447.518130][T13656]  try_flush_qgroup+0x1ec/0x340
[  447.518143][T13656]  ? kfree+0x196/0x430
[  447.518154][T13656]  ? __pfx_try_flush_qgroup+0x10/0x10
[  447.518167][T13656]  ? qgroup_reserve_data+0x6ab/0x8c0
[  447.518186][T13656]  btrfs_qgroup_reserve_data+0x68/0xb0
[  447.518199][T13656]  btrfs_check_data_free_space+0x149/0x240
[  447.518216][T13656]  btrfs_buffered_write+0x519/0x1250
[  447.518249][T13656]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  447.518272][T13656]  ? __lock_acquire+0x1397/0x2100
[  447.518292][T13656]  btrfs_do_write_iter+0x279/0x7b0
[  447.518311][T13656]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  447.518332][T13656]  do_iter_readv_writev+0x71a/0x9d0
[  447.518351][T13656]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  447.518364][T13656]  ? rcu_read_lock_any_held+0xb7/0x160
[  447.518385][T13656]  vfs_writev+0x38b/0xbc0
[  447.518410][T13656]  ? __pfx_vfs_writev+0x10/0x10
[  447.518420][T13656]  ? vfs_write+0x7fa/0xd10
[  447.518443][T13656]  ? __fget_files+0x2a/0x410
[  447.518456][T13656]  ? __fget_files+0x395/0x410
[  447.518465][T13656]  ? __fget_files+0x2a/0x410
[  447.518481][T13656]  __se_sys_pwritev2+0x196/0x2b0
[  447.518497][T13656]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  447.518540][T13656]  ? do_syscall_64+0x100/0x230
[  447.518558][T13656]  ? __x64_sys_pwritev2+0x21/0xf0
[  447.518579][T13656]  do_syscall_64+0xf3/0x230
[  447.518593][T13656]  ? clear_bhb_loop+0x35/0x90
[  447.518610][T13656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  447.518623][T13656] RIP: 0033:0x7f844d97e719
[  447.518635][T13656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  447.518644][T13656] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  447.518657][T13656] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  447.518666][T13656] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  447.518672][T13656] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  447.518678][T13656] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  447.518684][T13656] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  447.518703][T13656]  </TASK>
[  447.518713][T13656] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  447.725361][T13656] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  447.729334][T13656] BTRFS info (device loop0 state EA): forced readonly
[  447.734053][T13656] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  447.738148][T13656] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  447.744145][T13656] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  447.748558][   T41] BTRFS warning (device loop0 state EA): Skipping commit of aborted transaction.
[  447.754098][   T41] BTRFS: error (device loop0 state EA) in cleanup_transaction:2014: errno=-12 Out of memory
[  447.765169][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  447.769317][   T41] BTRFS error (device loop0 state EA): fail to start transaction for status update: -30
[  447.776112][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  447.779917][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  448.146075][T13674] loop0: detected capacity change from 0 to 32768
[  448.163526][T13674] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.449 (13674)
[  448.183603][T13674] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  448.193484][T13674] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  448.196914][T13674] BTRFS info (device loop0): using free-space-tree
[  448.264317][T13674] FAULT_INJECTION: forcing a failure.
[  448.264317][T13674] name failslab, interval 1, probability 0, space 0, times 0
[  448.283549][T13674] CPU: 0 UID: 0 PID: 13674 Comm: syz.0.449 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  448.283564][T13674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  448.283569][T13674] Call Trace:
[  448.283573][T13674]  <TASK>
[  448.283578][T13674]  dump_stack_lvl+0x241/0x360
[  448.283592][T13674]  ? __pfx_dump_stack_lvl+0x10/0x10
[  448.283599][T13674]  ? __pfx__printk+0x10/0x10
[  448.283609][T13674]  ? fs_reclaim_acquire+0x93/0x130
[  448.283622][T13674]  ? __pfx___might_resched+0x10/0x10
[  448.283637][T13674]  should_fail_ex+0x40a/0x550
[  448.283652][T13674]  should_failslab+0xac/0x100
[  448.283665][T13674]  ? alloc_extent_state+0x25/0x310
[  448.283680][T13674]  kmem_cache_alloc_noprof+0x70/0x380
[  448.283694][T13674]  alloc_extent_state+0x25/0x310
[  448.283711][T13674]  __set_extent_bit+0x1fd/0x1e60
[  448.283734][T13674]  ? __asan_memcpy+0x40/0x70
[  448.283751][T13674]  set_extent_bit+0x3b/0x50
[  448.283788][T13674]  btrfs_alloc_tree_block+0x96b/0x1440
[  448.283808][T13674]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  448.283820][T13674]  ? __lock_acquire+0x1397/0x2100
[  448.283837][T13674]  ? read_extent_buffer+0x11b/0x540
[  448.283863][T13674]  btrfs_force_cow_block+0x526/0x1fd0
[  448.283885][T13674]  ? __pfx_lock_acquire+0x10/0x10
[  448.283909][T13674]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  448.283931][T13674]  ? btrfs_qgroup_add_swapped_blocks+0x8d0/0x9b0
[  448.283948][T13674]  ? down_write_nested+0x195/0x220
[  448.283959][T13674]  ? __pfx_down_write_nested+0x10/0x10
[  448.283975][T13674]  btrfs_cow_block+0x371/0x830
[  448.283995][T13674]  btrfs_search_slot+0xc01/0x3180
[  448.284009][T13674]  ? unwind_get_return_address+0x4d/0x90
[  448.284041][T13674]  ? __pfx_btrfs_search_slot+0x10/0x10
[  448.284053][T13674]  ? btrfs_extent_root+0x2a1/0x3b0
[  448.284071][T13674]  ? __pfx_btrfs_extent_root+0x10/0x10
[  448.284085][T13674]  ? stack_depot_save_flags+0x37/0x940
[  448.284101][T13674]  ? __btrfs_free_extent+0x357/0x3980
[  448.284115][T13674]  lookup_inline_extent_backref+0x448/0x1b40
[  448.284126][T13674]  ? btrfs_commit_transaction+0x4b9/0x3760
[  448.284139][T13674]  ? try_flush_qgroup+0x1ec/0x340
[  448.284150][T13674]  ? btrfs_qgroup_reserve_data+0x68/0xb0
[  448.284162][T13674]  ? btrfs_buffered_write+0x519/0x1250
[  448.284179][T13674]  ? __se_sys_pwritev2+0x196/0x2b0
[  448.284194][T13674]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.284224][T13674]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  448.284250][T13674]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  448.284264][T13674]  __btrfs_free_extent+0x436/0x3980
[  448.284290][T13674]  ? __pfx___btrfs_free_extent+0x10/0x10
[  448.284302][T13674]  ? __lock_acquire+0x2100/0x2100
[  448.284315][T13674]  ? do_raw_read_unlock+0x3c/0x80
[  448.284333][T13674]  ? do_raw_spin_unlock+0x58/0x8b0
[  448.284349][T13674]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  448.284377][T13674]  ? validate_chain+0x11e/0x5920
[  448.284407][T13674]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  448.284424][T13674]  ? unwind_get_return_address+0x4d/0x90
[  448.284438][T13674]  ? arch_stack_walk+0xfd/0x150
[  448.284467][T13674]  ? __pfx_lock_acquire+0x10/0x10
[  448.284487][T13674]  ? __lock_acquire+0x1397/0x2100
[  448.284503][T13674]  btrfs_run_delayed_refs+0xe3/0x2f0
[  448.284522][T13674]  btrfs_commit_transaction+0x4b9/0x3760
[  448.284538][T13674]  ? btrfs_commit_transaction+0x177/0x3760
[  448.284561][T13674]  ? __asan_memset+0x23/0x50
[  448.284574][T13674]  ? lockdep_init_map_type+0xa1/0x910
[  448.284589][T13674]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  448.284602][T13674]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  448.284621][T13674]  ? join_transaction+0x405/0xda0
[  448.284639][T13674]  ? btrfs_record_root_in_trans+0x12d/0x190
[  448.284654][T13674]  ? start_transaction+0x45f/0x16b0
[  448.284680][T13674]  try_flush_qgroup+0x1ec/0x340
[  448.284690][T13674]  ? kfree+0x196/0x430
[  448.284700][T13674]  ? __pfx_try_flush_qgroup+0x10/0x10
[  448.284713][T13674]  ? qgroup_reserve_data+0x6ab/0x8c0
[  448.284732][T13674]  btrfs_qgroup_reserve_data+0x68/0xb0
[  448.284746][T13674]  btrfs_check_data_free_space+0x149/0x240
[  448.284764][T13674]  btrfs_buffered_write+0x519/0x1250
[  448.284797][T13674]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  448.284823][T13674]  ? __lock_acquire+0x1397/0x2100
[  448.284842][T13674]  btrfs_do_write_iter+0x279/0x7b0
[  448.284863][T13674]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  448.284887][T13674]  do_iter_readv_writev+0x71a/0x9d0
[  448.284904][T13674]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  448.284917][T13674]  ? rcu_read_lock_any_held+0xb7/0x160
[  448.284948][T13674]  vfs_writev+0x38b/0xbc0
[  448.284969][T13674]  ? __pfx_vfs_writev+0x10/0x10
[  448.284979][T13674]  ? vfs_write+0x7fa/0xd10
[  448.285003][T13674]  ? __fget_files+0x2a/0x410
[  448.285016][T13674]  ? __fget_files+0x395/0x410
[  448.285025][T13674]  ? __fget_files+0x2a/0x410
[  448.285044][T13674]  __se_sys_pwritev2+0x196/0x2b0
[  448.285060][T13674]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  448.285075][T13674]  ? do_syscall_64+0x100/0x230
[  448.285098][T13674]  ? __x64_sys_pwritev2+0x21/0xf0
[  448.285114][T13674]  do_syscall_64+0xf3/0x230
[  448.285127][T13674]  ? clear_bhb_loop+0x35/0x90
[  448.285144][T13674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.285156][T13674] RIP: 0033:0x7f844d97e719
[  448.285168][T13674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  448.285178][T13674] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  448.285191][T13674] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  448.285198][T13674] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  448.285204][T13674] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  448.285211][T13674] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  448.285217][T13674] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  448.285235][T13674]  </TASK>
[  448.576810][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  448.590295][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  448.943791][T13692] loop0: detected capacity change from 0 to 32768
[  448.954694][T13692] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.450 (13692)
[  448.977113][T13692] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  448.986282][T13692] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  449.002242][T13692] BTRFS info (device loop0): using free-space-tree
[  449.052976][T13692] FAULT_INJECTION: forcing a failure.
[  449.052976][T13692] name failslab, interval 1, probability 0, space 0, times 0
[  449.057779][T13692] CPU: 0 UID: 0 PID: 13692 Comm: syz.0.450 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  449.057796][T13692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  449.057804][T13692] Call Trace:
[  449.057810][T13692]  <TASK>
[  449.057816][T13692]  dump_stack_lvl+0x241/0x360
[  449.057835][T13692]  ? __pfx_dump_stack_lvl+0x10/0x10
[  449.057847][T13692]  ? __pfx__printk+0x10/0x10
[  449.057864][T13692]  ? fs_reclaim_acquire+0x93/0x130
[  449.057880][T13692]  ? __pfx___might_resched+0x10/0x10
[  449.057896][T13692]  should_fail_ex+0x40a/0x550
[  449.057913][T13692]  should_failslab+0xac/0x100
[  449.057925][T13692]  ? alloc_extent_state+0x25/0x310
[  449.057939][T13692]  kmem_cache_alloc_noprof+0x70/0x380
[  449.057956][T13692]  alloc_extent_state+0x25/0x310
[  449.057973][T13692]  __set_extent_bit+0x1fd/0x1e60
[  449.057996][T13692]  ? __asan_memcpy+0x40/0x70
[  449.058009][T13692]  set_extent_bit+0x3b/0x50
[  449.058026][T13692]  btrfs_alloc_tree_block+0x96b/0x1440
[  449.058050][T13692]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  449.058065][T13692]  ? __lock_acquire+0x1397/0x2100
[  449.058084][T13692]  ? read_extent_buffer+0x11b/0x540
[  449.058106][T13692]  btrfs_force_cow_block+0x526/0x1fd0
[  449.058127][T13692]  ? __pfx_lock_acquire+0x10/0x10
[  449.058149][T13692]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  449.058162][T13692]  ? btrfs_qgroup_add_swapped_blocks+0x8d0/0x9b0
[  449.058188][T13692]  ? down_write_nested+0x195/0x220
[  449.058199][T13692]  ? __pfx_down_write_nested+0x10/0x10
[  449.058213][T13692]  btrfs_cow_block+0x371/0x830
[  449.058234][T13692]  btrfs_search_slot+0xc01/0x3180
[  449.058248][T13692]  ? unwind_get_return_address+0x4d/0x90
[  449.058277][T13692]  ? __pfx_btrfs_search_slot+0x10/0x10
[  449.058289][T13692]  ? btrfs_extent_root+0x2a1/0x3b0
[  449.058307][T13692]  ? __pfx_btrfs_extent_root+0x10/0x10
[  449.058320][T13692]  ? stack_depot_save_flags+0x37/0x940
[  449.058336][T13692]  ? __btrfs_free_extent+0x357/0x3980
[  449.058351][T13692]  lookup_inline_extent_backref+0x448/0x1b40
[  449.058363][T13692]  ? btrfs_commit_transaction+0x4b9/0x3760
[  449.058375][T13692]  ? try_flush_qgroup+0x1ec/0x340
[  449.058387][T13692]  ? btrfs_qgroup_reserve_data+0x68/0xb0
[  449.058398][T13692]  ? btrfs_buffered_write+0x519/0x1250
[  449.058410][T13692]  ? __se_sys_pwritev2+0x196/0x2b0
[  449.058424][T13692]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.058453][T13692]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  449.058481][T13692]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  449.058494][T13692]  __btrfs_free_extent+0x436/0x3980
[  449.058548][T13692]  ? __pfx___btrfs_free_extent+0x10/0x10
[  449.058562][T13692]  ? __lock_acquire+0x2100/0x2100
[  449.058575][T13692]  ? do_raw_read_unlock+0x3c/0x80
[  449.058592][T13692]  ? do_raw_spin_unlock+0x58/0x8b0
[  449.058609][T13692]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  449.058637][T13692]  ? validate_chain+0x11e/0x5920
[  449.058668][T13692]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  449.058686][T13692]  ? unwind_get_return_address+0x4d/0x90
[  449.058700][T13692]  ? arch_stack_walk+0xfd/0x150
[  449.058728][T13692]  ? __pfx_lock_acquire+0x10/0x10
[  449.058747][T13692]  ? __lock_acquire+0x1397/0x2100
[  449.058763][T13692]  btrfs_run_delayed_refs+0xe3/0x2f0
[  449.058780][T13692]  btrfs_commit_transaction+0x4b9/0x3760
[  449.058797][T13692]  ? btrfs_commit_transaction+0x177/0x3760
[  449.058818][T13692]  ? __asan_memset+0x23/0x50
[  449.058832][T13692]  ? lockdep_init_map_type+0xa1/0x910
[  449.058847][T13692]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  449.058862][T13692]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  449.058881][T13692]  ? join_transaction+0x405/0xda0
[  449.058898][T13692]  ? btrfs_record_root_in_trans+0x12d/0x190
[  449.058915][T13692]  ? start_transaction+0x45f/0x16b0
[  449.058941][T13692]  try_flush_qgroup+0x1ec/0x340
[  449.058953][T13692]  ? kfree+0x196/0x430
[  449.058965][T13692]  ? __pfx_try_flush_qgroup+0x10/0x10
[  449.058977][T13692]  ? qgroup_reserve_data+0x6ab/0x8c0
[  449.058998][T13692]  btrfs_qgroup_reserve_data+0x68/0xb0
[  449.059011][T13692]  btrfs_check_data_free_space+0x149/0x240
[  449.059029][T13692]  btrfs_buffered_write+0x519/0x1250
[  449.059064][T13692]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  449.059090][T13692]  ? __lock_acquire+0x1397/0x2100
[  449.059110][T13692]  btrfs_do_write_iter+0x279/0x7b0
[  449.059129][T13692]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  449.059175][T13692]  do_iter_readv_writev+0x71a/0x9d0
[  449.059194][T13692]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  449.059206][T13692]  ? rcu_read_lock_any_held+0xb7/0x160
[  449.059228][T13692]  vfs_writev+0x38b/0xbc0
[  449.059251][T13692]  ? __pfx_vfs_writev+0x10/0x10
[  449.059260][T13692]  ? vfs_write+0x7fa/0xd10
[  449.059282][T13692]  ? __fget_files+0x2a/0x410
[  449.059295][T13692]  ? __fget_files+0x395/0x410
[  449.059304][T13692]  ? __fget_files+0x2a/0x410
[  449.059322][T13692]  __se_sys_pwritev2+0x196/0x2b0
[  449.059339][T13692]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  449.059355][T13692]  ? do_syscall_64+0x100/0x230
[  449.059372][T13692]  ? __x64_sys_pwritev2+0x21/0xf0
[  449.059388][T13692]  do_syscall_64+0xf3/0x230
[  449.059403][T13692]  ? clear_bhb_loop+0x35/0x90
[  449.059419][T13692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.059432][T13692] RIP: 0033:0x7f844d97e719
[  449.059443][T13692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  449.059452][T13692] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  449.059464][T13692] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  449.059472][T13692] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  449.059478][T13692] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  449.059484][T13692] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  449.059491][T13692] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  449.059509][T13692]  </TASK>
[  449.308024][ T3025] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  449.331481][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  449.699803][T13710] loop0: detected capacity change from 0 to 32768
[  449.732868][T13710] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.451 (13710)
[  449.746372][T13710] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  449.762483][T13710] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  449.765932][T13710] BTRFS info (device loop0): using free-space-tree
[  449.846125][T13710] FAULT_INJECTION: forcing a failure.
[  449.846125][T13710] name failslab, interval 1, probability 0, space 0, times 0
[  449.851091][T13710] CPU: 0 UID: 0 PID: 13710 Comm: syz.0.451 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  449.851108][T13710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  449.851115][T13710] Call Trace:
[  449.851120][T13710]  <TASK>
[  449.851126][T13710]  dump_stack_lvl+0x241/0x360
[  449.851144][T13710]  ? __pfx_dump_stack_lvl+0x10/0x10
[  449.851155][T13710]  ? __pfx__printk+0x10/0x10
[  449.851173][T13710]  ? fs_reclaim_acquire+0x93/0x130
[  449.851188][T13710]  ? __pfx___might_resched+0x10/0x10
[  449.851202][T13710]  should_fail_ex+0x40a/0x550
[  449.851217][T13710]  should_failslab+0xac/0x100
[  449.851229][T13710]  ? start_transaction+0x49b/0x16b0
[  449.851241][T13710]  kmem_cache_alloc_noprof+0x70/0x380
[  449.851256][T13710]  start_transaction+0x49b/0x16b0
[  449.851279][T13710]  btrfs_commit_current_transaction+0x26/0xd0
[  449.851294][T13710]  try_flush_qgroup+0x1ec/0x340
[  449.851306][T13710]  ? kfree+0x196/0x430
[  449.851316][T13710]  ? __pfx_try_flush_qgroup+0x10/0x10
[  449.851328][T13710]  ? qgroup_reserve_data+0x6ab/0x8c0
[  449.851347][T13710]  btrfs_qgroup_reserve_data+0x68/0xb0
[  449.851360][T13710]  btrfs_check_data_free_space+0x149/0x240
[  449.851376][T13710]  btrfs_buffered_write+0x519/0x1250
[  449.851406][T13710]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  449.851428][T13710]  ? __lock_acquire+0x1397/0x2100
[  449.851448][T13710]  btrfs_do_write_iter+0x279/0x7b0
[  449.851468][T13710]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  449.851488][T13710]  do_iter_readv_writev+0x71a/0x9d0
[  449.851506][T13710]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  449.851519][T13710]  ? rcu_read_lock_any_held+0xb7/0x160
[  449.851541][T13710]  vfs_writev+0x38b/0xbc0
[  449.851561][T13710]  ? __pfx_vfs_writev+0x10/0x10
[  449.851570][T13710]  ? vfs_write+0x7fa/0xd10
[  449.851593][T13710]  ? __fget_files+0x2a/0x410
[  449.851606][T13710]  ? __fget_files+0x395/0x410
[  449.851616][T13710]  ? __fget_files+0x2a/0x410
[  449.851631][T13710]  __se_sys_pwritev2+0x196/0x2b0
[  449.851647][T13710]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  449.851663][T13710]  ? do_syscall_64+0x100/0x230
[  449.851679][T13710]  ? __x64_sys_pwritev2+0x21/0xf0
[  449.851696][T13710]  do_syscall_64+0xf3/0x230
[  449.851709][T13710]  ? clear_bhb_loop+0x35/0x90
[  449.851721][T13710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.851734][T13710] RIP: 0033:0x7f844d97e719
[  449.851745][T13710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  449.851754][T13710] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  449.851768][T13710] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  449.851776][T13710] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  449.851782][T13710] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  449.851788][T13710] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  449.851794][T13710] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  449.851810][T13710]  </TASK>
[  449.998217][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  450.018292][ T5762] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  450.370064][T13728] loop0: detected capacity change from 0 to 32768
[  450.396459][T13728] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.452 (13728)
[  450.419957][T13728] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  450.430804][T13728] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  450.440821][T13728] BTRFS info (device loop0): using free-space-tree
[  450.503703][T13728] FAULT_INJECTION: forcing a failure.
[  450.503703][T13728] name failslab, interval 1, probability 0, space 0, times 0
[  450.522766][ T1037] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  450.526758][T13728] CPU: 0 UID: 0 PID: 13728 Comm: syz.0.452 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  450.526775][T13728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  450.526782][T13728] Call Trace:
[  450.526787][T13728]  <TASK>
[  450.526793][T13728]  dump_stack_lvl+0x241/0x360
[  450.526818][T13728]  ? __pfx_dump_stack_lvl+0x10/0x10
[  450.526830][T13728]  ? __pfx__printk+0x10/0x10
[  450.526848][T13728]  ? fs_reclaim_acquire+0x93/0x130
[  450.526863][T13728]  ? __pfx___might_resched+0x10/0x10
[  450.526878][T13728]  should_fail_ex+0x40a/0x550
[  450.526894][T13728]  should_failslab+0xac/0x100
[  450.526906][T13728]  ? add_to_free_space_tree+0xc9/0x320
[  450.526920][T13728]  kmem_cache_alloc_noprof+0x70/0x380
[  450.526936][T13728]  add_to_free_space_tree+0xc9/0x320
[  450.526952][T13728]  __btrfs_free_extent+0x1ce9/0x3980
[  450.526977][T13728]  ? __pfx___btrfs_free_extent+0x10/0x10
[  450.526989][T13728]  ? __lock_acquire+0x2100/0x2100
[  450.527004][T13728]  ? do_raw_read_unlock+0x3c/0x80
[  450.527018][T13728]  ? do_raw_spin_unlock+0x58/0x8b0
[  450.527034][T13728]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  450.527061][T13728]  ? validate_chain+0x11e/0x5920
[  450.527092][T13728]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  450.527111][T13728]  ? unwind_get_return_address+0x4d/0x90
[  450.527127][T13728]  ? arch_stack_walk+0xfd/0x150
[  450.527154][T13728]  ? __pfx_lock_acquire+0x10/0x10
[  450.527174][T13728]  ? __lock_acquire+0x1397/0x2100
[  450.527196][T13728]  btrfs_run_delayed_refs+0xe3/0x2f0
[  450.527213][T13728]  btrfs_commit_transaction+0x4b9/0x3760
[  450.527231][T13728]  ? btrfs_commit_transaction+0x177/0x3760
[  450.527250][T13728]  ? __asan_memset+0x23/0x50
[  450.527264][T13728]  ? lockdep_init_map_type+0xa1/0x910
[  450.527280][T13728]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  450.527294][T13728]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  450.527314][T13728]  ? join_transaction+0x405/0xda0
[  450.527330][T13728]  ? btrfs_record_root_in_trans+0x12d/0x190
[  450.527346][T13728]  ? start_transaction+0x45f/0x16b0
[  450.527371][T13728]  try_flush_qgroup+0x1ec/0x340
[  450.527384][T13728]  ? kfree+0x196/0x430
[  450.527394][T13728]  ? __pfx_try_flush_qgroup+0x10/0x10
[  450.527408][T13728]  ? qgroup_reserve_data+0x6ab/0x8c0
[  450.527429][T13728]  btrfs_qgroup_reserve_data+0x68/0xb0
[  450.527442][T13728]  btrfs_check_data_free_space+0x149/0x240
[  450.527459][T13728]  btrfs_buffered_write+0x519/0x1250
[  450.527491][T13728]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  450.527514][T13728]  ? __lock_acquire+0x1397/0x2100
[  450.527534][T13728]  btrfs_do_write_iter+0x279/0x7b0
[  450.527554][T13728]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  450.527577][T13728]  do_iter_readv_writev+0x71a/0x9d0
[  450.527595][T13728]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  450.527608][T13728]  ? rcu_read_lock_any_held+0xb7/0x160
[  450.527632][T13728]  vfs_writev+0x38b/0xbc0
[  450.527652][T13728]  ? __pfx_vfs_writev+0x10/0x10
[  450.527661][T13728]  ? vfs_write+0x7fa/0xd10
[  450.527682][T13728]  ? __fget_files+0x2a/0x410
[  450.527696][T13728]  ? __fget_files+0x395/0x410
[  450.527706][T13728]  ? __fget_files+0x2a/0x410
[  450.527724][T13728]  __se_sys_pwritev2+0x196/0x2b0
[  450.527740][T13728]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  450.527755][T13728]  ? do_syscall_64+0x100/0x230
[  450.527771][T13728]  ? __x64_sys_pwritev2+0x21/0xf0
[  450.527788][T13728]  do_syscall_64+0xf3/0x230
[  450.527801][T13728]  ? clear_bhb_loop+0x35/0x90
[  450.527817][T13728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.527831][T13728] RIP: 0033:0x7f844d97e719
[  450.527842][T13728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  450.527852][T13728] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  450.527865][T13728] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  450.527872][T13728] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  450.527879][T13728] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  450.527886][T13728] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  450.527893][T13728] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  450.527909][T13728]  </TASK>
[  450.527919][T13728] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  450.729045][T13728] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  450.737828][T13728] BTRFS info (device loop0 state EA): forced readonly
[  450.740491][T13728] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  450.745062][T13728] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  450.750199][T13728] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  450.760221][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  450.765203][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  450.768945][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  451.117999][T13746] loop0: detected capacity change from 0 to 32768
[  451.148228][T13746] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.453 (13746)
[  451.165576][T13746] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  451.182685][T13746] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  451.186141][T13746] BTRFS info (device loop0): using free-space-tree
[  451.254877][T13746] FAULT_INJECTION: forcing a failure.
[  451.254877][T13746] name failslab, interval 1, probability 0, space 0, times 0
[  451.259651][T13746] CPU: 0 UID: 0 PID: 13746 Comm: syz.0.453 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  451.259666][T13746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  451.259674][T13746] Call Trace:
[  451.259680][T13746]  <TASK>
[  451.259686][T13746]  dump_stack_lvl+0x241/0x360
[  451.259703][T13746]  ? __pfx_dump_stack_lvl+0x10/0x10
[  451.259713][T13746]  ? __pfx__printk+0x10/0x10
[  451.259729][T13746]  ? fs_reclaim_acquire+0x93/0x130
[  451.259744][T13746]  ? __pfx___might_resched+0x10/0x10
[  451.259760][T13746]  should_fail_ex+0x40a/0x550
[  451.259777][T13746]  should_failslab+0xac/0x100
[  451.259789][T13746]  ? add_to_free_space_tree+0xc9/0x320
[  451.259804][T13746]  kmem_cache_alloc_noprof+0x70/0x380
[  451.259821][T13746]  add_to_free_space_tree+0xc9/0x320
[  451.259837][T13746]  __btrfs_free_extent+0x1ce9/0x3980
[  451.259863][T13746]  ? __pfx___btrfs_free_extent+0x10/0x10
[  451.259874][T13746]  ? __lock_acquire+0x2100/0x2100
[  451.259889][T13746]  ? do_raw_read_unlock+0x3c/0x80
[  451.259904][T13746]  ? do_raw_spin_unlock+0x58/0x8b0
[  451.259922][T13746]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  451.259948][T13746]  ? validate_chain+0x11e/0x5920
[  451.259980][T13746]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  451.259997][T13746]  ? unwind_get_return_address+0x4d/0x90
[  451.260013][T13746]  ? arch_stack_walk+0xfd/0x150
[  451.260042][T13746]  ? __pfx_lock_acquire+0x10/0x10
[  451.260061][T13746]  ? __lock_acquire+0x1397/0x2100
[  451.260072][T13746]  btrfs_run_delayed_refs+0xe3/0x2f0
[  451.260083][T13746]  btrfs_commit_transaction+0x4b9/0x3760
[  451.260093][T13746]  ? btrfs_commit_transaction+0x177/0x3760
[  451.260106][T13746]  ? __asan_memset+0x23/0x50
[  451.260114][T13746]  ? lockdep_init_map_type+0xa1/0x910
[  451.260123][T13746]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  451.260131][T13746]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  451.260147][T13746]  ? join_transaction+0x405/0xda0
[  451.260163][T13746]  ? btrfs_record_root_in_trans+0x12d/0x190
[  451.260178][T13746]  ? start_transaction+0x45f/0x16b0
[  451.260211][T13746]  try_flush_qgroup+0x1ec/0x340
[  451.260224][T13746]  ? kfree+0x196/0x430
[  451.260234][T13746]  ? __pfx_try_flush_qgroup+0x10/0x10
[  451.260245][T13746]  ? qgroup_reserve_data+0x6ab/0x8c0
[  451.260265][T13746]  btrfs_qgroup_reserve_data+0x68/0xb0
[  451.260279][T13746]  btrfs_check_data_free_space+0x149/0x240
[  451.260297][T13746]  btrfs_buffered_write+0x519/0x1250
[  451.260326][T13746]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  451.260350][T13746]  ? __lock_acquire+0x1397/0x2100
[  451.260369][T13746]  btrfs_do_write_iter+0x279/0x7b0
[  451.260391][T13746]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  451.260411][T13746]  do_iter_readv_writev+0x71a/0x9d0
[  451.260431][T13746]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  451.260444][T13746]  ? rcu_read_lock_any_held+0xb7/0x160
[  451.260467][T13746]  vfs_writev+0x38b/0xbc0
[  451.260489][T13746]  ? __pfx_vfs_writev+0x10/0x10
[  451.260499][T13746]  ? vfs_write+0x7fa/0xd10
[  451.260524][T13746]  ? __fget_files+0x2a/0x410
[  451.260537][T13746]  ? __fget_files+0x395/0x410
[  451.260548][T13746]  ? __fget_files+0x2a/0x410
[  451.260563][T13746]  __se_sys_pwritev2+0x196/0x2b0
[  451.260581][T13746]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  451.260597][T13746]  ? do_syscall_64+0x100/0x230
[  451.260613][T13746]  ? __x64_sys_pwritev2+0x21/0xf0
[  451.260629][T13746]  do_syscall_64+0xf3/0x230
[  451.260641][T13746]  ? clear_bhb_loop+0x35/0x90
[  451.260659][T13746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.260673][T13746] RIP: 0033:0x7f844d97e719
[  451.260685][T13746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  451.260694][T13746] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  451.260707][T13746] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  451.260715][T13746] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  451.260722][T13746] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  451.260729][T13746] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  451.260736][T13746] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  451.260754][T13746]  </TASK>
[  451.260764][T13746] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  451.462902][ T3025] BTRFS info (device loop0 state A): qgroup scan completed (inconsistency flag cleared)
[  451.467977][T13746] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  451.471947][T13746] BTRFS info (device loop0 state EA): forced readonly
[  451.476075][T13746] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  451.480323][T13746] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  451.486854][T13746] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  451.497369][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  451.504148][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  451.508028][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  451.857886][T13764] loop0: detected capacity change from 0 to 32768
[  451.866993][T13764] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.454 (13764)
[  451.885142][T13764] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  451.896339][T13764] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  451.899729][T13764] BTRFS info (device loop0): using free-space-tree
[  451.968945][T13764] FAULT_INJECTION: forcing a failure.
[  451.968945][T13764] name failslab, interval 1, probability 0, space 0, times 0
[  451.978308][ T1037] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  451.992306][T13764] CPU: 0 UID: 0 PID: 13764 Comm: syz.0.454 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  451.992325][T13764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  451.992333][T13764] Call Trace:
[  451.992337][T13764]  <TASK>
[  451.992343][T13764]  dump_stack_lvl+0x241/0x360
[  451.992362][T13764]  ? __pfx_dump_stack_lvl+0x10/0x10
[  451.992373][T13764]  ? __pfx__printk+0x10/0x10
[  451.992390][T13764]  ? fs_reclaim_acquire+0x93/0x130
[  451.992405][T13764]  ? __pfx___might_resched+0x10/0x10
[  451.992420][T13764]  should_fail_ex+0x40a/0x550
[  451.992436][T13764]  should_failslab+0xac/0x100
[  451.992449][T13764]  ? add_to_free_space_tree+0xc9/0x320
[  451.992464][T13764]  kmem_cache_alloc_noprof+0x70/0x380
[  451.992478][T13764]  add_to_free_space_tree+0xc9/0x320
[  451.992497][T13764]  __btrfs_free_extent+0x1ce9/0x3980
[  451.992520][T13764]  ? __pfx___btrfs_free_extent+0x10/0x10
[  451.992531][T13764]  ? __lock_acquire+0x2100/0x2100
[  451.992547][T13764]  ? do_raw_read_unlock+0x3c/0x80
[  451.992563][T13764]  ? do_raw_spin_unlock+0x58/0x8b0
[  451.992580][T13764]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  451.992607][T13764]  ? validate_chain+0x11e/0x5920
[  451.992638][T13764]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  451.992657][T13764]  ? unwind_get_return_address+0x4d/0x90
[  451.992672][T13764]  ? arch_stack_walk+0xfd/0x150
[  451.992700][T13764]  ? __pfx_lock_acquire+0x10/0x10
[  451.992719][T13764]  ? __lock_acquire+0x1397/0x2100
[  451.992736][T13764]  btrfs_run_delayed_refs+0xe3/0x2f0
[  451.992754][T13764]  btrfs_commit_transaction+0x4b9/0x3760
[  451.992770][T13764]  ? btrfs_commit_transaction+0x177/0x3760
[  451.992791][T13764]  ? __asan_memset+0x23/0x50
[  451.992803][T13764]  ? lockdep_init_map_type+0xa1/0x910
[  451.992816][T13764]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  451.992830][T13764]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  451.992850][T13764]  ? join_transaction+0x405/0xda0
[  451.992867][T13764]  ? btrfs_record_root_in_trans+0x12d/0x190
[  451.992881][T13764]  ? start_transaction+0x45f/0x16b0
[  451.992903][T13764]  try_flush_qgroup+0x1ec/0x340
[  451.992925][T13764]  ? kfree+0x196/0x430
[  451.992936][T13764]  ? __pfx_try_flush_qgroup+0x10/0x10
[  451.992949][T13764]  ? qgroup_reserve_data+0x6ab/0x8c0
[  451.992974][T13764]  btrfs_qgroup_reserve_data+0x68/0xb0
[  451.992989][T13764]  btrfs_check_data_free_space+0x149/0x240
[  451.993011][T13764]  btrfs_buffered_write+0x519/0x1250
[  451.993046][T13764]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  451.993068][T13764]  ? __lock_acquire+0x1397/0x2100
[  451.993087][T13764]  btrfs_do_write_iter+0x279/0x7b0
[  451.993106][T13764]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  451.993128][T13764]  do_iter_readv_writev+0x71a/0x9d0
[  451.993148][T13764]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  451.993160][T13764]  ? rcu_read_lock_any_held+0xb7/0x160
[  451.993181][T13764]  vfs_writev+0x38b/0xbc0
[  451.993208][T13764]  ? __pfx_vfs_writev+0x10/0x10
[  451.993218][T13764]  ? vfs_write+0x7fa/0xd10
[  451.993238][T13764]  ? __fget_files+0x2a/0x410
[  451.993251][T13764]  ? __fget_files+0x395/0x410
[  451.993260][T13764]  ? __fget_files+0x2a/0x410
[  451.993280][T13764]  __se_sys_pwritev2+0x196/0x2b0
[  451.993302][T13764]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  451.993317][T13764]  ? do_syscall_64+0x100/0x230
[  451.993337][T13764]  ? __x64_sys_pwritev2+0x21/0xf0
[  451.993352][T13764]  do_syscall_64+0xf3/0x230
[  451.993365][T13764]  ? clear_bhb_loop+0x35/0x90
[  451.993386][T13764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.993398][T13764] RIP: 0033:0x7f844d97e719
[  451.993410][T13764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  451.993420][T13764] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  451.993433][T13764] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  451.993445][T13764] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  451.993452][T13764] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  451.993459][T13764] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  451.993465][T13764] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  451.993484][T13764]  </TASK>
[  451.993493][T13764] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  452.190111][T13764] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  452.195305][T13764] BTRFS info (device loop0 state EA): forced readonly
[  452.198064][T13764] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  452.203341][T13764] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  452.208647][T13764] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  452.219614][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  452.225054][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  452.229079][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
2025/02/05 04:07:00 executed programs: 442
[  452.585369][T13782] loop0: detected capacity change from 0 to 32768
[  452.614871][T13782] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.455 (13782)
[  452.634889][T13782] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  452.642460][T13782] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  452.645925][T13782] BTRFS info (device loop0): using free-space-tree
[  452.713434][T13782] FAULT_INJECTION: forcing a failure.
[  452.713434][T13782] name failslab, interval 1, probability 0, space 0, times 0
[  452.718319][T13782] CPU: 0 UID: 0 PID: 13782 Comm: syz.0.455 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  452.718336][T13782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  452.718344][T13782] Call Trace:
[  452.718349][T13782]  <TASK>
[  452.718355][T13782]  dump_stack_lvl+0x241/0x360
[  452.718375][T13782]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.718387][T13782]  ? __pfx__printk+0x10/0x10
[  452.718404][T13782]  ? fs_reclaim_acquire+0x93/0x130
[  452.718420][T13782]  ? __pfx___might_resched+0x10/0x10
[  452.718435][T13782]  should_fail_ex+0x40a/0x550
[  452.718453][T13782]  should_failslab+0xac/0x100
[  452.718464][T13782]  ? add_to_free_space_tree+0xc9/0x320
[  452.718479][T13782]  kmem_cache_alloc_noprof+0x70/0x380
[  452.718495][T13782]  add_to_free_space_tree+0xc9/0x320
[  452.718537][T13782]  __btrfs_free_extent+0x1ce9/0x3980
[  452.718562][T13782]  ? __pfx___btrfs_free_extent+0x10/0x10
[  452.718574][T13782]  ? __lock_acquire+0x2100/0x2100
[  452.718589][T13782]  ? do_raw_read_unlock+0x3c/0x80
[  452.718606][T13782]  ? do_raw_spin_unlock+0x58/0x8b0
[  452.718623][T13782]  __btrfs_run_delayed_refs+0xf9f/0x40f0
[  452.718651][T13782]  ? validate_chain+0x11e/0x5920
[  452.718681][T13782]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  452.718700][T13782]  ? unwind_get_return_address+0x4d/0x90
[  452.718715][T13782]  ? arch_stack_walk+0xfd/0x150
[  452.718743][T13782]  ? __pfx_lock_acquire+0x10/0x10
[  452.718763][T13782]  ? __lock_acquire+0x1397/0x2100
[  452.718778][T13782]  btrfs_run_delayed_refs+0xe3/0x2f0
[  452.718797][T13782]  btrfs_commit_transaction+0x4b9/0x3760
[  452.718814][T13782]  ? btrfs_commit_transaction+0x177/0x3760
[  452.718837][T13782]  ? __asan_memset+0x23/0x50
[  452.718850][T13782]  ? lockdep_init_map_type+0xa1/0x910
[  452.718865][T13782]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  452.718878][T13782]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  452.718899][T13782]  ? join_transaction+0x405/0xda0
[  452.718924][T13782]  ? btrfs_record_root_in_trans+0x12d/0x190
[  452.718940][T13782]  ? start_transaction+0x45f/0x16b0
[  452.718966][T13782]  try_flush_qgroup+0x1ec/0x340
[  452.718978][T13782]  ? kfree+0x196/0x430
[  452.718987][T13782]  ? __pfx_try_flush_qgroup+0x10/0x10
[  452.719000][T13782]  ? qgroup_reserve_data+0x6ab/0x8c0
[  452.719035][T13782]  btrfs_qgroup_reserve_data+0x68/0xb0
[  452.719051][T13782]  btrfs_check_data_free_space+0x149/0x240
[  452.719067][T13782]  btrfs_buffered_write+0x519/0x1250
[  452.719097][T13782]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  452.719122][T13782]  ? __lock_acquire+0x1397/0x2100
[  452.719141][T13782]  btrfs_do_write_iter+0x279/0x7b0
[  452.719162][T13782]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  452.719176][T13782]  do_iter_readv_writev+0x71a/0x9d0
[  452.719188][T13782]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  452.719196][T13782]  ? rcu_read_lock_any_held+0xb7/0x160
[  452.719217][T13782]  vfs_writev+0x38b/0xbc0
[  452.719239][T13782]  ? __pfx_vfs_writev+0x10/0x10
[  452.719249][T13782]  ? vfs_write+0x7fa/0xd10
[  452.719273][T13782]  ? __fget_files+0x2a/0x410
[  452.719285][T13782]  ? __fget_files+0x395/0x410
[  452.719295][T13782]  ? __fget_files+0x2a/0x410
[  452.719312][T13782]  __se_sys_pwritev2+0x196/0x2b0
[  452.719329][T13782]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  452.719344][T13782]  ? do_syscall_64+0x100/0x230
[  452.719359][T13782]  ? __x64_sys_pwritev2+0x21/0xf0
[  452.719376][T13782]  do_syscall_64+0xf3/0x230
[  452.719389][T13782]  ? clear_bhb_loop+0x35/0x90
[  452.719405][T13782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.719420][T13782] RIP: 0033:0x7f844d97e719
[  452.719432][T13782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  452.719441][T13782] RSP: 002b:00007f844e845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  452.719454][T13782] RAX: ffffffffffffffda RBX: 00007f844db35f80 RCX: 00007f844d97e719
[  452.719462][T13782] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  452.719469][T13782] RBP: 00007f844e845090 R08: 0000000000000009 R09: 0000000000000008
[  452.719475][T13782] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  452.719482][T13782] R13: 0000000000000000 R14: 00007f844db35f80 R15: 00007ffc0b832ab8
[  452.719500][T13782]  </TASK>
[  452.892514][T13782] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  452.895734][T13782] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1052: errno=-12 Out of memory
[  452.912150][T13782] BTRFS info (device loop0 state EA): forced readonly
[  452.914983][T13782] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:2971: errno=-12 Out of memory
[  452.919166][T13782] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  452.932178][T13782] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-12 Out of memory
[  452.956738][ T5762] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  452.967838][ T5762] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  452.971687][ T5762] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  452.991198][ T3025] ==================================================================
[  452.994293][ T3025] BUG: KASAN: slab-use-after-free in __lock_acquire+0x78/0x2100
[  452.997320][ T3025] Read of size 8 at addr ffff888033220a28 by task kworker/u4:10/3025
[  453.001669][ T3025] 
[  453.002852][ T3025] CPU: 0 UID: 0 PID: 3025 Comm: kworker/u4:10 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  453.002869][ T3025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  453.002880][ T3025] Workqueue: btrfs-qgroup-rescan btrfs_work_helper
[  453.002911][ T3025] Call Trace:
[  453.002920][ T3025]  <TASK>
[  453.002926][ T3025]  dump_stack_lvl+0x241/0x360
[  453.002941][ T3025]  ? __pfx_dump_stack_lvl+0x10/0x10
[  453.002952][ T3025]  ? __pfx__printk+0x10/0x10
[  453.002968][ T3025]  ? _printk+0xd5/0x120
[  453.002982][ T3025]  ? __virt_addr_valid+0x183/0x530
[  453.002998][ T3025]  ? __virt_addr_valid+0x183/0x530
[  453.003013][ T3025]  print_report+0x169/0x550
[  453.003031][ T3025]  ? __virt_addr_valid+0x183/0x530
[  453.003045][ T3025]  ? __virt_addr_valid+0x183/0x530
[  453.003059][ T3025]  ? __virt_addr_valid+0x45f/0x530
[  453.003072][ T3025]  ? __phys_addr+0xba/0x170
[  453.003086][ T3025]  ? __lock_acquire+0x78/0x2100
[  453.003101][ T3025]  kasan_report+0x143/0x180
[  453.003118][ T3025]  ? __lock_acquire+0x78/0x2100
[  453.003133][ T3025]  __lock_acquire+0x78/0x2100
[  453.003149][ T3025]  ? stack_trace_save+0x118/0x1d0
[  453.003162][ T3025]  lock_acquire+0x1ed/0x550
[  453.003176][ T3025]  ? try_to_wake_up+0xc2/0x1470
[  453.003202][ T3025]  ? __pfx_lock_acquire+0x10/0x10
[  453.003217][ T3025]  ? kasan_save_track+0x51/0x80
[  453.003231][ T3025]  ? kasan_save_track+0x3f/0x80
[  453.003245][ T3025]  ? kasan_save_free_info+0x40/0x50
[  453.003254][ T3025]  ? __kasan_slab_free+0x59/0x70
[  453.003268][ T3025]  ? kfree+0x196/0x430
[  453.003278][ T3025]  ? __btrfs_end_transaction+0x3a9/0x630
[  453.003292][ T3025]  ? btrfs_qgroup_rescan_worker+0x1ac2/0x1c60
[  453.003305][ T3025]  ? btrfs_work_helper+0x3b5/0xc50
[  453.003315][ T3025]  ? process_scheduled_works+0xa66/0x1840
[  453.003328][ T3025]  ? worker_thread+0x870/0xd30
[  453.003339][ T3025]  ? kthread+0x7a9/0x920
[  453.003353][ T3025]  ? ret_from_fork+0x4b/0x80
[  453.003367][ T3025]  ? ret_from_fork_asm+0x1a/0x30
[  453.003382][ T3025]  _raw_spin_lock_irqsave+0xd5/0x120
[  453.003407][ T3025]  ? try_to_wake_up+0xc2/0x1470
[  453.003423][ T3025]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  453.003435][ T3025]  ? mark_lock+0x9a/0x360
[  453.003451][ T3025]  try_to_wake_up+0xc2/0x1470
[  453.003466][ T3025]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  453.003481][ T3025]  ? __pfx_try_to_wake_up+0x10/0x10
[  453.003495][ T3025]  ? kasan_quarantine_put+0xdc/0x230
[  453.003510][ T3025]  ? lockdep_hardirqs_on+0x99/0x150
[  453.003525][ T3025]  ? __btrfs_end_transaction+0x3a9/0x630
[  453.003539][ T3025]  ? kfree+0x196/0x430
[  453.003550][ T3025]  ? __btrfs_end_transaction+0x3a9/0x630
[  453.003563][ T3025]  __btrfs_end_transaction+0x4c7/0x630
[  453.003578][ T3025]  btrfs_qgroup_rescan_worker+0x1ac2/0x1c60
[  453.003598][ T3025]  ? __pfx_btrfs_qgroup_rescan_worker+0x10/0x10
[  453.003614][ T3025]  ? __pfx_lock_acquire+0x10/0x10
[  453.003629][ T3025]  btrfs_work_helper+0x3b5/0xc50
[  453.003640][ T3025]  ? process_scheduled_works+0x976/0x1840
[  453.003651][ T3025]  process_scheduled_works+0xa66/0x1840
[  453.003674][ T3025]  ? __pfx_process_scheduled_works+0x10/0x10
[  453.003687][ T3025]  ? assign_work+0x364/0x3d0
[  453.003699][ T3025]  worker_thread+0x870/0xd30
[  453.003713][ T3025]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  453.003726][ T3025]  ? __kthread_parkme+0x169/0x1d0
[  453.003738][ T3025]  ? __pfx_worker_thread+0x10/0x10
[  453.003749][ T3025]  kthread+0x7a9/0x920
[  453.003761][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.003787][ T3025]  ? __pfx_worker_thread+0x10/0x10
[  453.003797][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.003809][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.003822][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.003834][ T3025]  ? _raw_spin_unlock_irq+0x23/0x50
[  453.003846][ T3025]  ? lockdep_hardirqs_on+0x99/0x150
[  453.003858][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.003871][ T3025]  ret_from_fork+0x4b/0x80
[  453.003884][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.003893][ T3025]  ret_from_fork_asm+0x1a/0x30
[  453.003907][ T3025]  </TASK>
[  453.003911][ T3025] 
[  453.149398][ T3025] Allocated by task 2:
[  453.150903][ T3025]  kasan_save_track+0x3f/0x80
[  453.152692][ T3025]  __kasan_slab_alloc+0x66/0x80
[  453.154454][ T3025]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[  453.156657][ T3025]  dup_task_struct+0x57/0x8c0
[  453.158379][ T3025]  copy_process+0x5d1/0x3d50
[  453.160069][ T3025]  kernel_clone+0x226/0x8e0
[  453.161715][ T3025]  kernel_thread+0x1bc/0x240
[  453.163418][ T3025]  kthreadd+0x60d/0x810
[  453.164933][ T3025]  ret_from_fork+0x4b/0x80
[  453.166761][ T3025]  ret_from_fork_asm+0x1a/0x30
[  453.168532][ T3025] 
[  453.169440][ T3025] Freed by task 16:
[  453.170884][ T3025]  kasan_save_track+0x3f/0x80
[  453.172649][ T3025]  kasan_save_free_info+0x40/0x50
[  453.174506][ T3025]  __kasan_slab_free+0x59/0x70
[  453.176266][ T3025]  kmem_cache_free+0x195/0x410
[  453.178045][ T3025]  delayed_put_task_struct+0x125/0x300
[  453.180065][ T3025]  rcu_core+0xaaa/0x17a0
[  453.181684][ T3025]  handle_softirqs+0x2d4/0x9b0
[  453.183470][ T3025]  run_ksoftirqd+0xca/0x130
[  453.185235][ T3025]  smpboot_thread_fn+0x544/0xa30
[  453.187017][ T3025]  kthread+0x7a9/0x920
[  453.188546][ T3025]  ret_from_fork+0x4b/0x80
[  453.190210][ T3025]  ret_from_fork_asm+0x1a/0x30
[  453.192035][ T3025] 
[  453.192942][ T3025] Last potentially related work creation:
[  453.195123][ T3025]  kasan_save_stack+0x3f/0x60
[  453.196881][ T3025]  kasan_record_aux_stack+0xaa/0xc0
[  453.198829][ T3025]  call_rcu+0x168/0xac0
[  453.200374][ T3025]  __schedule+0x1916/0x4c90
[  453.202056][ T3025]  schedule+0x14b/0x320
[  453.203639][ T3025]  schedule_timeout+0xb0/0x290
[  453.205488][ T3025]  wait_for_completion+0x355/0x620
[  453.207368][ T3025]  kthread_stop+0x1a1/0x640
[  453.209035][ T3025]  close_ctree+0x52b/0xd90
[  453.210680][ T3025]  generic_shutdown_super+0x139/0x2d0
[  453.212638][ T3025]  kill_anon_super+0x3b/0x70
[  453.214345][ T3025]  btrfs_kill_super+0x41/0x50
[  453.216137][ T3025]  deactivate_locked_super+0xc4/0x130
[  453.218140][ T3025]  cleanup_mnt+0x41f/0x4b0
[  453.219822][ T3025]  task_work_run+0x24f/0x310
[  453.221620][ T3025]  syscall_exit_to_user_mode+0x13f/0x340
[  453.223686][ T3025]  do_syscall_64+0x100/0x230
[  453.225529][ T3025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.227772][ T3025] 
[  453.228671][ T3025] The buggy address belongs to the object at ffff888033220000
[  453.228671][ T3025]  which belongs to the cache task_struct of size 9024
[  453.233877][ T3025] The buggy address is located 2600 bytes inside of
[  453.233877][ T3025]  freed 9024-byte region [ffff888033220000, ffff888033222340)
[  453.238940][ T3025] 
[  453.239849][ T3025] The buggy address belongs to the physical page:
[  453.242151][ T3025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x33220
[  453.245382][ T3025] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  453.248424][ T3025] memcg:ffff888042c2cd41
[  453.249960][ T3025] ksm flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  453.252841][ T3025] page_type: f5(slab)
[  453.254354][ T3025] raw: 04fff00000000040 ffff88801be86500 ffffea0000d63e00 dead000000000003
[  453.257500][ T3025] raw: 0000000000000000 0000000080030003 00000000f5000000 ffff888042c2cd41
[  453.260638][ T3025] head: 04fff00000000040 ffff88801be86500 ffffea0000d63e00 dead000000000003
[  453.263781][ T3025] head: 0000000000000000 0000000080030003 00000000f5000000 ffff888042c2cd41
[  453.266925][ T3025] head: 04fff00000000003 ffffea0000cc8801 ffffffffffffffff 0000000000000000
[  453.270027][ T3025] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  453.273099][ T3025] page dumped because: kasan: bad access detected
[  453.275439][ T3025] page_owner tracks the page as allocated
[  453.277510][ T3025] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 73, tgid 73 (kworker/u4:4), ts 9345917675, free_ts 0
[  453.284709][ T3025]  post_alloc_hook+0x1f4/0x240
[  453.286583][ T3025]  get_page_from_freelist+0x365c/0x37a0
[  453.288668][ T3025]  __alloc_frozen_pages_noprof+0x292/0x710
[  453.291028][ T3025]  alloc_pages_mpol+0x311/0x660
[  453.292951][ T3025]  allocate_slab+0x8f/0x3a0
[  453.294720][ T3025]  ___slab_alloc+0xc27/0x14a0
[  453.296676][ T3025]  __slab_alloc+0x58/0xa0
[  453.298497][ T3025]  kmem_cache_alloc_node_noprof+0x269/0x380
[  453.301065][ T3025]  dup_task_struct+0x57/0x8c0
[  453.303315][ T3025]  copy_process+0x5d1/0x3d50
[  453.305537][ T3025]  kernel_clone+0x226/0x8e0
[  453.307830][ T3025]  user_mode_thread+0x132/0x1a0
[  453.310263][ T3025]  call_usermodehelper_exec_work+0x5c/0x230
[  453.313106][ T3025]  process_scheduled_works+0xa66/0x1840
[  453.315741][ T3025]  worker_thread+0x870/0xd30
[  453.317811][ T3025]  kthread+0x7a9/0x920
[  453.319542][ T3025] page_owner free stack trace missing
[  453.321715][ T3025] 
[  453.322690][ T3025] Memory state around the buggy address:
[  453.324840][ T3025]  ffff888033220900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  453.327786][ T3025]  ffff888033220980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  453.331033][ T3025] >ffff888033220a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  453.333874][ T3025]                                   ^
[  453.335866][ T3025]  ffff888033220a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  453.338967][ T3025]  ffff888033220b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  453.341949][ T3025] ==================================================================
[  453.344967][ T3025] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  453.347628][ T3025] CPU: 0 UID: 0 PID: 3025 Comm: kworker/u4:10 Not tainted 6.14.0-rc1-syzkaller-g5c8c229261f1 #0
[  453.351454][ T3025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  453.355532][ T3025] Workqueue: btrfs-qgroup-rescan btrfs_work_helper
[  453.358133][ T3025] Call Trace:
[  453.359420][ T3025]  <TASK>
[  453.360626][ T3025]  dump_stack_lvl+0x241/0x360
[  453.362451][ T3025]  ? __pfx_dump_stack_lvl+0x10/0x10
[  453.364380][ T3025]  ? __pfx__printk+0x10/0x10
[  453.366253][ T3025]  ? rcu_is_watching+0x15/0xb0
[  453.368060][ T3025]  ? lock_release+0xbf/0xa30
[  453.369756][ T3025]  ? vscnprintf+0x5d/0x90
[  453.371384][ T3025]  panic+0x349/0x880
[  453.372849][ T3025]  ? check_panic_on_warn+0x21/0xb0
[  453.374812][ T3025]  ? __pfx_panic+0x10/0x10
[  453.376584][ T3025]  ? do_raw_spin_unlock+0x58/0x8b0
[  453.378586][ T3025]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  453.380913][ T3025]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  453.383414][ T3025]  ? print_report+0x502/0x550
[  453.385279][ T3025]  check_panic_on_warn+0x86/0xb0
[  453.387263][ T3025]  ? __lock_acquire+0x78/0x2100
[  453.389117][ T3025]  end_report+0x77/0x160
[  453.390990][ T3025]  kasan_report+0x154/0x180
[  453.393080][ T3025]  ? __lock_acquire+0x78/0x2100
[  453.395072][ T3025]  __lock_acquire+0x78/0x2100
[  453.396956][ T3025]  ? stack_trace_save+0x118/0x1d0
[  453.399155][ T3025]  lock_acquire+0x1ed/0x550
[  453.400992][ T3025]  ? try_to_wake_up+0xc2/0x1470
[  453.402928][ T3025]  ? __pfx_lock_acquire+0x10/0x10
[  453.404876][ T3025]  ? kasan_save_track+0x51/0x80
[  453.406877][ T3025]  ? kasan_save_track+0x3f/0x80
[  453.408752][ T3025]  ? kasan_save_free_info+0x40/0x50
[  453.410787][ T3025]  ? __kasan_slab_free+0x59/0x70
[  453.412694][ T3025]  ? kfree+0x196/0x430
[  453.414279][ T3025]  ? __btrfs_end_transaction+0x3a9/0x630
[  453.416471][ T3025]  ? btrfs_qgroup_rescan_worker+0x1ac2/0x1c60
[  453.418786][ T3025]  ? btrfs_work_helper+0x3b5/0xc50
[  453.420772][ T3025]  ? process_scheduled_works+0xa66/0x1840
[  453.422966][ T3025]  ? worker_thread+0x870/0xd30
[  453.424832][ T3025]  ? kthread+0x7a9/0x920
[  453.426539][ T3025]  ? ret_from_fork+0x4b/0x80
[  453.428333][ T3025]  ? ret_from_fork_asm+0x1a/0x30
[  453.430271][ T3025]  _raw_spin_lock_irqsave+0xd5/0x120
[  453.432369][ T3025]  ? try_to_wake_up+0xc2/0x1470
[  453.434217][ T3025]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  453.436668][ T3025]  ? mark_lock+0x9a/0x360
[  453.438470][ T3025]  try_to_wake_up+0xc2/0x1470
[  453.440364][ T3025]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  453.442845][ T3025]  ? __pfx_try_to_wake_up+0x10/0x10
[  453.445103][ T3025]  ? kasan_quarantine_put+0xdc/0x230
[  453.447252][ T3025]  ? lockdep_hardirqs_on+0x99/0x150
[  453.449287][ T3025]  ? __btrfs_end_transaction+0x3a9/0x630
[  453.451517][ T3025]  ? kfree+0x196/0x430
[  453.453125][ T3025]  ? __btrfs_end_transaction+0x3a9/0x630
[  453.455421][ T3025]  __btrfs_end_transaction+0x4c7/0x630
[  453.457475][ T3025]  btrfs_qgroup_rescan_worker+0x1ac2/0x1c60
[  453.459839][ T3025]  ? __pfx_btrfs_qgroup_rescan_worker+0x10/0x10
[  453.462336][ T3025]  ? __pfx_lock_acquire+0x10/0x10
[  453.464509][ T3025]  btrfs_work_helper+0x3b5/0xc50
[  453.466803][ T3025]  ? process_scheduled_works+0x976/0x1840
[  453.469015][ T3025]  process_scheduled_works+0xa66/0x1840
[  453.471236][ T3025]  ? __pfx_process_scheduled_works+0x10/0x10
[  453.474062][ T3025]  ? assign_work+0x364/0x3d0
[  453.476030][ T3025]  worker_thread+0x870/0xd30
[  453.477919][ T3025]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  453.480236][ T3025]  ? __kthread_parkme+0x169/0x1d0
[  453.482194][ T3025]  ? __pfx_worker_thread+0x10/0x10
[  453.484241][ T3025]  kthread+0x7a9/0x920
[  453.485963][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.487801][ T3025]  ? __pfx_worker_thread+0x10/0x10
[  453.489834][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.491711][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.493657][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.495708][ T3025]  ? _raw_spin_unlock_irq+0x23/0x50
[  453.498038][ T3025]  ? lockdep_hardirqs_on+0x99/0x150
[  453.500240][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.502055][ T3025]  ret_from_fork+0x4b/0x80
[  453.503973][ T3025]  ? __pfx_kthread+0x10/0x10
[  453.505808][ T3025]  ret_from_fork_asm+0x1a/0x30
[  453.508081][ T3025]  </TASK>
[  453.509907][ T3025] Kernel Offset: disabled
[  453.511953][ T3025] Rebooting in 86400 seconds..