k_data_free_space+0x2ce/0x450
[  185.685789][ T6662]  btrfs_buffered_write+0x46c/0x16c0
[  185.685820][ T6662]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  185.685831][ T6662]  ? aa_file_perm+0x11f/0xed0
[  185.685850][ T6662]  ? aa_file_perm+0x3e7/0xed0
[  185.685864][ T6662]  btrfs_do_write_iter+0x238/0x710
[  185.685882][ T6662]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  185.685907][ T6662]  do_iter_readv_writev+0x56b/0x7f0
[  185.685920][ T6662]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  185.685928][ T6662]  ? rcu_read_lock_any_held+0xb3/0x120
[  185.685951][ T6662]  vfs_writev+0x31a/0x960
[  185.685966][ T6662]  ? __lock_acquire+0xab9/0xd20
[  185.685982][ T6662]  ? __pfx_vfs_writev+0x10/0x10
[  185.686005][ T6662]  ? __fget_files+0x2a/0x420
[  185.686020][ T6662]  ? __fget_files+0x3a0/0x420
[  185.686029][ T6662]  ? __fget_files+0x2a/0x420
[  185.686048][ T6662]  __se_sys_pwritev2+0x179/0x290
[  185.686060][ T6662]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  185.686071][ T6662]  ? rcu_is_watching+0x15/0xb0
[  185.686089][ T6662]  ? do_syscall_64+0xbe/0x3b0
[  185.686097][ T6662]  ? __x64_sys_pwritev2+0x20/0xc0
[  185.686111][ T6662]  do_syscall_64+0xfa/0x3b0
[  185.686119][ T6662]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.686132][ T6662]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.686143][ T6662]  ? clear_bhb_loop+0x60/0xb0
[  185.686155][ T6662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.686164][ T6662] RIP: 0033:0x7f0dec57e719
[  185.686176][ T6662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.686184][ T6662] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  185.686196][ T6662] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  185.686202][ T6662] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  185.686210][ T6662] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  185.686216][ T6662] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  185.686222][ T6662] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  185.686239][ T6662]  </TASK>
[  185.686356][ T6662] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  185.980643][ T6662] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  185.988078][ T6662] BTRFS info (device loop0 state EA): forced readonly
[  185.991187][ T6662] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  185.998510][ T6662] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  186.004744][ T6662] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  186.017115][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  186.022490][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  186.027574][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  186.392333][ T6681] loop0: detected capacity change from 0 to 32768
[  186.401378][ T6681] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.57 (6681)
[  186.423031][ T6681] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  186.433553][ T6681] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  186.461083][ T6681] BTRFS info (device loop0): using free-space-tree
[  186.573302][ T6681] FAULT_INJECTION: forcing a failure.
[  186.573302][ T6681] name failslab, interval 1, probability 0, space 0, times 0
[  186.587179][ T6681] CPU: 0 UID: 0 PID: 6681 Comm: syz.0.57 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  186.587198][ T6681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.587204][ T6681] Call Trace:
[  186.587209][ T6681]  <TASK>
[  186.587215][ T6681]  dump_stack_lvl+0x189/0x250
[  186.587236][ T6681]  ? __pfx____ratelimit+0x10/0x10
[  186.587252][ T6681]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.587267][ T6681]  ? __pfx__printk+0x10/0x10
[  186.587281][ T6681]  ? __pfx___might_resched+0x10/0x10
[  186.587297][ T6681]  ? fs_reclaim_acquire+0x7d/0x100
[  186.587313][ T6681]  should_fail_ex+0x414/0x560
[  186.587331][ T6681]  should_failslab+0xa8/0x100
[  186.587345][ T6681]  kmem_cache_alloc_noprof+0x73/0x3c0
[  186.587360][ T6681]  ? alloc_extent_state+0x22/0x2f0
[  186.587379][ T6681]  alloc_extent_state+0x22/0x2f0
[  186.587394][ T6681]  set_extent_bit+0x270/0x2180
[  186.587424][ T6681]  ? __pfx_set_extent_bit+0x10/0x10
[  186.587446][ T6681]  btrfs_set_extent_bit+0x38/0x50
[  186.587462][ T6681]  btrfs_alloc_tree_block+0x967/0x12b0
[  186.587490][ T6681]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  186.587504][ T6681]  ? is_bpf_text_address+0x292/0x2b0
[  186.587519][ T6681]  ? is_bpf_text_address+0x26/0x2b0
[  186.587535][ T6681]  ? kernel_text_address+0xa5/0xe0
[  186.587546][ T6681]  ? __kernel_text_address+0xd/0x40
[  186.587557][ T6681]  ? read_extent_buffer+0x120/0x680
[  186.587570][ T6681]  btrfs_force_cow_block+0x575/0x1e10
[  186.587596][ T6681]  ? btrfs_tree_lock_nested+0x31/0x230
[  186.587613][ T6681]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  186.587628][ T6681]  ? down_write_nested+0x169/0x200
[  186.587639][ T6681]  ? __pfx_down_write_nested+0x10/0x10
[  186.587653][ T6681]  btrfs_cow_block+0x40a/0x830
[  186.587675][ T6681]  btrfs_search_slot+0xcd7/0x2d90
[  186.587706][ T6681]  ? __pfx_btrfs_search_slot+0x10/0x10
[  186.587723][ T6681]  ? kasan_save_track+0x4f/0x80
[  186.587738][ T6681]  ? __kasan_slab_alloc+0x6c/0x80
[  186.587746][ T6681]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  186.587760][ T6681]  ? __btrfs_free_extent+0x2fb/0x2eb0
[  186.587771][ T6681]  ? __btrfs_run_delayed_refs+0xe7b/0x3a50
[  186.587783][ T6681]  lookup_inline_extent_backref+0x33e/0x15c0
[  186.587795][ T6681]  ? do_iter_readv_writev+0x56b/0x7f0
[  186.587804][ T6681]  ? vfs_writev+0x31a/0x960
[  186.587814][ T6681]  ? __se_sys_pwritev2+0x179/0x290
[  186.587822][ T6681]  ? do_syscall_64+0xfa/0x3b0
[  186.587830][ T6681]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.587855][ T6681]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  186.587880][ T6681]  ? rcu_is_watching+0x15/0xb0
[  186.587897][ T6681]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  186.587910][ T6681]  ? kmem_cache_alloc_noprof+0x21a/0x3c0
[  186.587934][ T6681]  __btrfs_free_extent+0x40d/0x2eb0
[  186.587962][ T6681]  ? __pfx___btrfs_free_extent+0x10/0x10
[  186.587988][ T6681]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  186.588030][ T6681]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  186.588044][ T6681]  ? kernel_text_address+0xa5/0xe0
[  186.588056][ T6681]  ? __kernel_text_address+0xd/0x40
[  186.588068][ T6681]  ? unwind_get_return_address+0x4d/0x90
[  186.588083][ T6681]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  186.588095][ T6681]  ? arch_stack_walk+0xfc/0x150
[  186.588113][ T6681]  ? __lock_acquire+0xab9/0xd20
[  186.588133][ T6681]  ? btrfs_commit_transaction+0x161/0x37f0
[  186.588153][ T6681]  btrfs_run_delayed_refs+0xe6/0x300
[  186.588168][ T6681]  btrfs_commit_transaction+0x274/0x37f0
[  186.588181][ T6681]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.588194][ T6681]  ? btrfs_commit_transaction+0x161/0x37f0
[  186.588213][ T6681]  ? __lock_acquire+0xab9/0xd20
[  186.588234][ T6681]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  186.588253][ T6681]  ? do_raw_spin_unlock+0x4d/0x240
[  186.588264][ T6681]  ? join_transaction+0x41b/0xd70
[  186.588283][ T6681]  ? btrfs_record_root_in_trans+0x124/0x180
[  186.588300][ T6681]  ? start_transaction+0x439/0x1620
[  186.588327][ T6681]  try_flush_qgroup+0x1dd/0x380
[  186.588341][ T6681]  ? kfree+0x18e/0x440
[  186.588357][ T6681]  ? __pfx_try_flush_qgroup+0x10/0x10
[  186.588371][ T6681]  ? qgroup_reserve_data+0x6cc/0x8d0
[  186.588392][ T6681]  btrfs_qgroup_reserve_data+0x69/0xb0
[  186.588408][ T6681]  btrfs_check_data_free_space+0x2ce/0x450
[  186.588425][ T6681]  btrfs_buffered_write+0x46c/0x16c0
[  186.588455][ T6681]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  186.588466][ T6681]  ? aa_file_perm+0x11f/0xed0
[  186.588484][ T6681]  ? aa_file_perm+0x3e7/0xed0
[  186.588533][ T6681]  btrfs_do_write_iter+0x238/0x710
[  186.588551][ T6681]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  186.588568][ T6681]  do_iter_readv_writev+0x56b/0x7f0
[  186.588582][ T6681]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  186.588591][ T6681]  ? rcu_read_lock_any_held+0xb3/0x120
[  186.588613][ T6681]  vfs_writev+0x31a/0x960
[  186.588629][ T6681]  ? __lock_acquire+0xab9/0xd20
[  186.588643][ T6681]  ? __pfx_vfs_writev+0x10/0x10
[  186.588664][ T6681]  ? __fget_files+0x2a/0x420
[  186.588679][ T6681]  ? __fget_files+0x3a0/0x420
[  186.588688][ T6681]  ? __fget_files+0x2a/0x420
[  186.588703][ T6681]  __se_sys_pwritev2+0x179/0x290
[  186.588717][ T6681]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  186.588726][ T6681]  ? rcu_is_watching+0x15/0xb0
[  186.588744][ T6681]  ? do_syscall_64+0xbe/0x3b0
[  186.588752][ T6681]  ? __x64_sys_pwritev2+0x20/0xc0
[  186.588764][ T6681]  do_syscall_64+0xfa/0x3b0
[  186.588772][ T6681]  ? lockdep_hardirqs_on+0x9c/0x150
[  186.588787][ T6681]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.588796][ T6681]  ? clear_bhb_loop+0x60/0xb0
[  186.588809][ T6681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.588819][ T6681] RIP: 0033:0x7f0dec57e719
[  186.588829][ T6681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.588838][ T6681] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  186.588852][ T6681] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  186.588859][ T6681] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  186.588865][ T6681] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  186.588871][ T6681] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  186.588877][ T6681] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  186.588896][ T6681]  </TASK>
[  186.874703][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  186.901523][ T5788] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
2025/06/25 05:36:00 executed programs: 45
[  187.313328][ T6700] loop0: detected capacity change from 0 to 32768
[  187.324997][ T6700] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.58 (6700)
[  187.356187][ T6700] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  187.373356][ T6700] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  187.378510][ T6700] BTRFS info (device loop0): using free-space-tree
[  187.460141][ T6700] FAULT_INJECTION: forcing a failure.
[  187.460141][ T6700] name failslab, interval 1, probability 0, space 0, times 0
[  187.469419][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  187.494518][ T6700] CPU: 0 UID: 0 PID: 6700 Comm: syz.0.58 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  187.494539][ T6700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.494546][ T6700] Call Trace:
[  187.494551][ T6700]  <TASK>
[  187.494556][ T6700]  dump_stack_lvl+0x189/0x250
[  187.494594][ T6700]  ? __pfx____ratelimit+0x10/0x10
[  187.494618][ T6700]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.494634][ T6700]  ? __pfx__printk+0x10/0x10
[  187.494649][ T6700]  ? __pfx___might_resched+0x10/0x10
[  187.494685][ T6700]  should_fail_ex+0x414/0x560
[  187.494711][ T6700]  should_failslab+0xa8/0x100
[  187.494723][ T6700]  kmem_cache_alloc_noprof+0x73/0x3c0
[  187.494737][ T6700]  ? add_to_free_space_tree+0xdf/0x440
[  187.494753][ T6700]  add_to_free_space_tree+0xdf/0x440
[  187.494768][ T6700]  __btrfs_free_extent+0x16cf/0x2eb0
[  187.494793][ T6700]  ? __pfx___btrfs_free_extent+0x10/0x10
[  187.494820][ T6700]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  187.494858][ T6700]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  187.494872][ T6700]  ? kernel_text_address+0xa5/0xe0
[  187.494886][ T6700]  ? __kernel_text_address+0xd/0x40
[  187.494897][ T6700]  ? unwind_get_return_address+0x4d/0x90
[  187.494913][ T6700]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  187.494923][ T6700]  ? arch_stack_walk+0xfc/0x150
[  187.494939][ T6700]  ? __lock_acquire+0xab9/0xd20
[  187.494961][ T6700]  ? btrfs_commit_transaction+0x161/0x37f0
[  187.494980][ T6700]  btrfs_run_delayed_refs+0xe6/0x300
[  187.494994][ T6700]  btrfs_commit_transaction+0x274/0x37f0
[  187.495008][ T6700]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.495022][ T6700]  ? btrfs_commit_transaction+0x161/0x37f0
[  187.495040][ T6700]  ? __lock_acquire+0xab9/0xd20
[  187.495058][ T6700]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  187.495076][ T6700]  ? do_raw_spin_unlock+0x4d/0x240
[  187.495087][ T6700]  ? join_transaction+0x41b/0xd70
[  187.495107][ T6700]  ? btrfs_record_root_in_trans+0x124/0x180
[  187.495124][ T6700]  ? start_transaction+0x439/0x1620
[  187.495156][ T6700]  try_flush_qgroup+0x1dd/0x380
[  187.495170][ T6700]  ? kfree+0x18e/0x440
[  187.495186][ T6700]  ? __pfx_try_flush_qgroup+0x10/0x10
[  187.495201][ T6700]  ? qgroup_reserve_data+0x6cc/0x8d0
[  187.495222][ T6700]  btrfs_qgroup_reserve_data+0x69/0xb0
[  187.495233][ T6700]  btrfs_check_data_free_space+0x2ce/0x450
[  187.495244][ T6700]  btrfs_buffered_write+0x46c/0x16c0
[  187.495263][ T6700]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  187.495269][ T6700]  ? aa_file_perm+0x11f/0xed0
[  187.495283][ T6700]  ? aa_file_perm+0x3e7/0xed0
[  187.495297][ T6700]  btrfs_do_write_iter+0x238/0x710
[  187.495313][ T6700]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  187.495331][ T6700]  do_iter_readv_writev+0x56b/0x7f0
[  187.495345][ T6700]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  187.495354][ T6700]  ? rcu_read_lock_any_held+0xb3/0x120
[  187.495377][ T6700]  vfs_writev+0x31a/0x960
[  187.495391][ T6700]  ? __lock_acquire+0xab9/0xd20
[  187.495404][ T6700]  ? __pfx_vfs_writev+0x10/0x10
[  187.495426][ T6700]  ? __fget_files+0x2a/0x420
[  187.495441][ T6700]  ? __fget_files+0x3a0/0x420
[  187.495451][ T6700]  ? __fget_files+0x2a/0x420
[  187.495469][ T6700]  __se_sys_pwritev2+0x179/0x290
[  187.495482][ T6700]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  187.495490][ T6700]  ? rcu_is_watching+0x15/0xb0
[  187.495508][ T6700]  ? do_syscall_64+0xbe/0x3b0
[  187.495516][ T6700]  ? __x64_sys_pwritev2+0x20/0xc0
[  187.495528][ T6700]  do_syscall_64+0xfa/0x3b0
[  187.495537][ T6700]  ? lockdep_hardirqs_on+0x9c/0x150
[  187.495549][ T6700]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.495558][ T6700]  ? clear_bhb_loop+0x60/0xb0
[  187.495572][ T6700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.495582][ T6700] RIP: 0033:0x7f0dec57e719
[  187.495593][ T6700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.495602][ T6700] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  187.495614][ T6700] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  187.495621][ T6700] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  187.495627][ T6700] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  187.495633][ T6700] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  187.495639][ T6700] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  187.495658][ T6700]  </TASK>
[  187.495668][ T6700] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  187.769341][ T6700] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  187.775706][ T6700] BTRFS info (device loop0 state EA): forced readonly
[  187.778689][ T6700] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  187.783199][ T6700] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  187.790670][ T6700] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  187.802234][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  187.808456][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  187.812659][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  188.196966][ T6721] loop0: detected capacity change from 0 to 32768
[  188.206812][ T6721] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.59 (6721)
[  188.226941][ T6721] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  188.244644][ T6721] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  188.248544][ T6721] BTRFS info (device loop0): using free-space-tree
[  188.318770][ T6721] FAULT_INJECTION: forcing a failure.
[  188.318770][ T6721] name failslab, interval 1, probability 0, space 0, times 0
[  188.335816][ T1039] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  188.340394][ T6721] CPU: 0 UID: 0 PID: 6721 Comm: syz.0.59 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  188.340406][ T6721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  188.340410][ T6721] Call Trace:
[  188.340415][ T6721]  <TASK>
[  188.340419][ T6721]  dump_stack_lvl+0x189/0x250
[  188.340434][ T6721]  ? __pfx____ratelimit+0x10/0x10
[  188.340445][ T6721]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.340454][ T6721]  ? __pfx__printk+0x10/0x10
[  188.340464][ T6721]  ? __pfx___might_resched+0x10/0x10
[  188.340508][ T6721]  should_fail_ex+0x414/0x560
[  188.340526][ T6721]  should_failslab+0xa8/0x100
[  188.340539][ T6721]  kmem_cache_alloc_noprof+0x73/0x3c0
[  188.340555][ T6721]  ? add_to_free_space_tree+0xdf/0x440
[  188.340571][ T6721]  add_to_free_space_tree+0xdf/0x440
[  188.340587][ T6721]  __btrfs_free_extent+0x16cf/0x2eb0
[  188.340606][ T6721]  ? __pfx___btrfs_free_extent+0x10/0x10
[  188.340622][ T6721]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  188.340646][ T6721]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  188.340654][ T6721]  ? kernel_text_address+0xa5/0xe0
[  188.340663][ T6721]  ? __kernel_text_address+0xd/0x40
[  188.340670][ T6721]  ? unwind_get_return_address+0x4d/0x90
[  188.340681][ T6721]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  188.340692][ T6721]  ? arch_stack_walk+0xfc/0x150
[  188.340707][ T6721]  ? __lock_acquire+0xab9/0xd20
[  188.340728][ T6721]  ? btrfs_commit_transaction+0x161/0x37f0
[  188.340746][ T6721]  btrfs_run_delayed_refs+0xe6/0x300
[  188.340759][ T6721]  btrfs_commit_transaction+0x274/0x37f0
[  188.340772][ T6721]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.340785][ T6721]  ? btrfs_commit_transaction+0x161/0x37f0
[  188.340804][ T6721]  ? __lock_acquire+0xab9/0xd20
[  188.340823][ T6721]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  188.340835][ T6721]  ? do_raw_spin_unlock+0x4d/0x240
[  188.340842][ T6721]  ? join_transaction+0x41b/0xd70
[  188.340856][ T6721]  ? btrfs_record_root_in_trans+0x124/0x180
[  188.340867][ T6721]  ? start_transaction+0x439/0x1620
[  188.340884][ T6721]  try_flush_qgroup+0x1dd/0x380
[  188.340893][ T6721]  ? kfree+0x18e/0x440
[  188.340902][ T6721]  ? __pfx_try_flush_qgroup+0x10/0x10
[  188.340911][ T6721]  ? qgroup_reserve_data+0x6cc/0x8d0
[  188.340930][ T6721]  btrfs_qgroup_reserve_data+0x69/0xb0
[  188.340945][ T6721]  btrfs_check_data_free_space+0x2ce/0x450
[  188.340959][ T6721]  btrfs_buffered_write+0x46c/0x16c0
[  188.340988][ T6721]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  188.340999][ T6721]  ? aa_file_perm+0x11f/0xed0
[  188.341015][ T6721]  ? aa_file_perm+0x3e7/0xed0
[  188.341029][ T6721]  btrfs_do_write_iter+0x238/0x710
[  188.341045][ T6721]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  188.341061][ T6721]  do_iter_readv_writev+0x56b/0x7f0
[  188.341073][ T6721]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  188.341083][ T6721]  ? rcu_read_lock_any_held+0xb3/0x120
[  188.341111][ T6721]  vfs_writev+0x31a/0x960
[  188.341125][ T6721]  ? __lock_acquire+0xab9/0xd20
[  188.341138][ T6721]  ? __pfx_vfs_writev+0x10/0x10
[  188.341161][ T6721]  ? __fget_files+0x2a/0x420
[  188.341176][ T6721]  ? __fget_files+0x3a0/0x420
[  188.341186][ T6721]  ? __fget_files+0x2a/0x420
[  188.341202][ T6721]  __se_sys_pwritev2+0x179/0x290
[  188.341211][ T6721]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  188.341217][ T6721]  ? rcu_is_watching+0x15/0xb0
[  188.341228][ T6721]  ? do_syscall_64+0xbe/0x3b0
[  188.341234][ T6721]  ? __x64_sys_pwritev2+0x20/0xc0
[  188.341242][ T6721]  do_syscall_64+0xfa/0x3b0
[  188.341247][ T6721]  ? lockdep_hardirqs_on+0x9c/0x150
[  188.341256][ T6721]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.341262][ T6721]  ? clear_bhb_loop+0x60/0xb0
[  188.341270][ T6721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.341276][ T6721] RIP: 0033:0x7f0dec57e719
[  188.341284][ T6721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.341290][ T6721] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  188.341300][ T6721] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  188.341307][ T6721] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  188.341313][ T6721] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  188.341318][ T6721] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  188.341324][ T6721] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  188.341340][ T6721]  </TASK>
[  188.341349][ T6721] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  188.609126][ T6721] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  188.613669][ T6721] BTRFS info (device loop0 state EA): forced readonly
[  188.620062][ T6721] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  188.626181][ T6721] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  188.631965][ T6721] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  188.645122][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  188.650442][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  188.655656][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  189.009686][ T6741] loop0: detected capacity change from 0 to 32768
[  189.021945][ T6741] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.60 (6741)
[  189.041622][ T6741] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  189.053500][ T6741] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  189.063645][ T6741] BTRFS info (device loop0): using free-space-tree
[  189.175601][ T6741] FAULT_INJECTION: forcing a failure.
[  189.175601][ T6741] name failslab, interval 1, probability 0, space 0, times 0
[  189.180955][ T6741] CPU: 0 UID: 0 PID: 6741 Comm: syz.0.60 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  189.180971][ T6741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  189.180979][ T6741] Call Trace:
[  189.180985][ T6741]  <TASK>
[  189.180991][ T6741]  dump_stack_lvl+0x189/0x250
[  189.181091][ T6741]  ? __pfx____ratelimit+0x10/0x10
[  189.181137][ T6741]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.181151][ T6741]  ? __pfx__printk+0x10/0x10
[  189.181165][ T6741]  ? __pfx___might_resched+0x10/0x10
[  189.181179][ T6741]  ? fs_reclaim_acquire+0x7d/0x100
[  189.181250][ T6741]  should_fail_ex+0x414/0x560
[  189.181273][ T6741]  should_failslab+0xa8/0x100
[  189.181284][ T6741]  kmem_cache_alloc_noprof+0x73/0x3c0
[  189.181299][ T6741]  ? alloc_extent_state+0x22/0x2f0
[  189.181317][ T6741]  alloc_extent_state+0x22/0x2f0
[  189.181333][ T6741]  set_extent_bit+0x270/0x2180
[  189.181361][ T6741]  ? __pfx_set_extent_bit+0x10/0x10
[  189.181382][ T6741]  btrfs_set_extent_bit+0x38/0x50
[  189.181404][ T6741]  btrfs_alloc_tree_block+0x967/0x12b0
[  189.181429][ T6741]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  189.181444][ T6741]  ? is_bpf_text_address+0x292/0x2b0
[  189.181459][ T6741]  ? is_bpf_text_address+0x26/0x2b0
[  189.181475][ T6741]  ? kernel_text_address+0xa5/0xe0
[  189.181487][ T6741]  ? __kernel_text_address+0xd/0x40
[  189.181503][ T6741]  ? read_extent_buffer+0x120/0x680
[  189.181516][ T6741]  btrfs_force_cow_block+0x575/0x1e10
[  189.181544][ T6741]  ? btrfs_tree_lock_nested+0x31/0x230
[  189.181565][ T6741]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  189.181581][ T6741]  ? down_write_nested+0x169/0x200
[  189.181593][ T6741]  ? __pfx_down_write_nested+0x10/0x10
[  189.181606][ T6741]  btrfs_cow_block+0x40a/0x830
[  189.181629][ T6741]  btrfs_search_slot+0xcd7/0x2d90
[  189.181666][ T6741]  ? __pfx_btrfs_search_slot+0x10/0x10
[  189.181682][ T6741]  ? kasan_save_track+0x4f/0x80
[  189.181696][ T6741]  ? __kasan_slab_alloc+0x6c/0x80
[  189.181703][ T6741]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  189.181716][ T6741]  ? __btrfs_free_extent+0x2fb/0x2eb0
[  189.181726][ T6741]  ? __btrfs_run_delayed_refs+0xe7b/0x3a50
[  189.181738][ T6741]  lookup_inline_extent_backref+0x33e/0x15c0
[  189.181750][ T6741]  ? do_iter_readv_writev+0x56b/0x7f0
[  189.181758][ T6741]  ? vfs_writev+0x31a/0x960
[  189.181769][ T6741]  ? __se_sys_pwritev2+0x179/0x290
[  189.181777][ T6741]  ? do_syscall_64+0xfa/0x3b0
[  189.181785][ T6741]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.181818][ T6741]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  189.181844][ T6741]  ? rcu_is_watching+0x15/0xb0
[  189.181860][ T6741]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  189.181873][ T6741]  ? kmem_cache_alloc_noprof+0x21a/0x3c0
[  189.181889][ T6741]  __btrfs_free_extent+0x40d/0x2eb0
[  189.181918][ T6741]  ? __pfx___btrfs_free_extent+0x10/0x10
[  189.181944][ T6741]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  189.181985][ T6741]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  189.181999][ T6741]  ? kernel_text_address+0xa5/0xe0
[  189.182011][ T6741]  ? __kernel_text_address+0xd/0x40
[  189.182023][ T6741]  ? unwind_get_return_address+0x4d/0x90
[  189.182037][ T6741]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  189.182048][ T6741]  ? arch_stack_walk+0xfc/0x150
[  189.182067][ T6741]  ? __lock_acquire+0xab9/0xd20
[  189.182088][ T6741]  ? btrfs_commit_transaction+0x161/0x37f0
[  189.182109][ T6741]  btrfs_run_delayed_refs+0xe6/0x300
[  189.182124][ T6741]  btrfs_commit_transaction+0x274/0x37f0
[  189.182136][ T6741]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.182149][ T6741]  ? btrfs_commit_transaction+0x161/0x37f0
[  189.182168][ T6741]  ? __lock_acquire+0xab9/0xd20
[  189.182190][ T6741]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  189.182206][ T6741]  ? do_raw_spin_unlock+0x4d/0x240
[  189.182216][ T6741]  ? join_transaction+0x41b/0xd70
[  189.182234][ T6741]  ? btrfs_record_root_in_trans+0x124/0x180
[  189.182250][ T6741]  ? start_transaction+0x439/0x1620
[  189.182276][ T6741]  try_flush_qgroup+0x1dd/0x380
[  189.182291][ T6741]  ? kfree+0x18e/0x440
[  189.182305][ T6741]  ? __pfx_try_flush_qgroup+0x10/0x10
[  189.182321][ T6741]  ? qgroup_reserve_data+0x6cc/0x8d0
[  189.182344][ T6741]  btrfs_qgroup_reserve_data+0x69/0xb0
[  189.182360][ T6741]  btrfs_check_data_free_space+0x2ce/0x450
[  189.182375][ T6741]  btrfs_buffered_write+0x46c/0x16c0
[  189.182405][ T6741]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  189.182416][ T6741]  ? aa_file_perm+0x11f/0xed0
[  189.182434][ T6741]  ? aa_file_perm+0x3e7/0xed0
[  189.182454][ T6741]  btrfs_do_write_iter+0x238/0x710
[  189.182471][ T6741]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  189.182493][ T6741]  do_iter_readv_writev+0x56b/0x7f0
[  189.182506][ T6741]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  189.182515][ T6741]  ? rcu_read_lock_any_held+0xb3/0x120
[  189.182541][ T6741]  vfs_writev+0x31a/0x960
[  189.182556][ T6741]  ? __lock_acquire+0xab9/0xd20
[  189.182568][ T6741]  ? __pfx_vfs_writev+0x10/0x10
[  189.182591][ T6741]  ? __fget_files+0x2a/0x420
[  189.182606][ T6741]  ? __fget_files+0x3a0/0x420
[  189.182616][ T6741]  ? __fget_files+0x2a/0x420
[  189.182632][ T6741]  __se_sys_pwritev2+0x179/0x290
[  189.182646][ T6741]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  189.182655][ T6741]  ? rcu_is_watching+0x15/0xb0
[  189.182676][ T6741]  ? do_syscall_64+0xbe/0x3b0
[  189.182684][ T6741]  ? __x64_sys_pwritev2+0x20/0xc0
[  189.182695][ T6741]  do_syscall_64+0xfa/0x3b0
[  189.182704][ T6741]  ? lockdep_hardirqs_on+0x9c/0x150
[  189.182718][ T6741]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.182727][ T6741]  ? clear_bhb_loop+0x60/0xb0
[  189.182739][ T6741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.182750][ T6741] RIP: 0033:0x7f0dec57e719
[  189.182761][ T6741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.182773][ T6741] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  189.182786][ T6741] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  189.182798][ T6741] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  189.182805][ T6741] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  189.182811][ T6741] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  189.182817][ T6741] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  189.182836][ T6741]  </TASK>
[  189.554503][ T1039] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  189.635039][ T5788] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  189.993552][ T6760] loop0: detected capacity change from 0 to 32768
[  190.008175][ T6760] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.61 (6760)
[  190.029518][ T6760] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  190.044830][ T6760] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  190.048602][ T6760] BTRFS info (device loop0): using free-space-tree
[  190.129698][ T6760] FAULT_INJECTION: forcing a failure.
[  190.129698][ T6760] name failslab, interval 1, probability 0, space 0, times 0
[  190.138530][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  190.142430][ T6760] CPU: 0 UID: 0 PID: 6760 Comm: syz.0.61 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  190.142446][ T6760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.142452][ T6760] Call Trace:
[  190.142458][ T6760]  <TASK>
[  190.142463][ T6760]  dump_stack_lvl+0x189/0x250
[  190.142483][ T6760]  ? __pfx____ratelimit+0x10/0x10
[  190.142498][ T6760]  ? __pfx_dump_stack_lvl+0x10/0x10
[  190.142510][ T6760]  ? __pfx__printk+0x10/0x10
[  190.142524][ T6760]  ? __pfx___might_resched+0x10/0x10
[  190.142541][ T6760]  should_fail_ex+0x414/0x560
[  190.142559][ T6760]  should_failslab+0xa8/0x100
[  190.142571][ T6760]  kmem_cache_alloc_noprof+0x73/0x3c0
[  190.142585][ T6760]  ? add_to_free_space_tree+0xdf/0x440
[  190.142599][ T6760]  add_to_free_space_tree+0xdf/0x440
[  190.142613][ T6760]  __btrfs_free_extent+0x16cf/0x2eb0
[  190.142637][ T6760]  ? __pfx___btrfs_free_extent+0x10/0x10
[  190.142666][ T6760]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  190.142710][ T6760]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  190.142724][ T6760]  ? kernel_text_address+0xa5/0xe0
[  190.142737][ T6760]  ? __kernel_text_address+0xd/0x40
[  190.142749][ T6760]  ? unwind_get_return_address+0x4d/0x90
[  190.142766][ T6760]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  190.142801][ T6760]  ? arch_stack_walk+0xfc/0x150
[  190.142817][ T6760]  ? __lock_acquire+0xab9/0xd20
[  190.142841][ T6760]  ? btrfs_commit_transaction+0x161/0x37f0
[  190.142863][ T6760]  btrfs_run_delayed_refs+0xe6/0x300
[  190.142879][ T6760]  btrfs_commit_transaction+0x274/0x37f0
[  190.142893][ T6760]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.142908][ T6760]  ? btrfs_commit_transaction+0x161/0x37f0
[  190.142929][ T6760]  ? __lock_acquire+0xab9/0xd20
[  190.142948][ T6760]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  190.142967][ T6760]  ? do_raw_spin_unlock+0x4d/0x240
[  190.142976][ T6760]  ? join_transaction+0x41b/0xd70
[  190.142994][ T6760]  ? btrfs_record_root_in_trans+0x124/0x180
[  190.143010][ T6760]  ? start_transaction+0x439/0x1620
[  190.143034][ T6760]  try_flush_qgroup+0x1dd/0x380
[  190.143048][ T6760]  ? kfree+0x18e/0x440
[  190.143061][ T6760]  ? __pfx_try_flush_qgroup+0x10/0x10
[  190.143074][ T6760]  ? qgroup_reserve_data+0x6cc/0x8d0
[  190.143095][ T6760]  btrfs_qgroup_reserve_data+0x69/0xb0
[  190.143109][ T6760]  btrfs_check_data_free_space+0x2ce/0x450
[  190.143123][ T6760]  btrfs_buffered_write+0x46c/0x16c0
[  190.143150][ T6760]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  190.143160][ T6760]  ? aa_file_perm+0x11f/0xed0
[  190.143178][ T6760]  ? aa_file_perm+0x3e7/0xed0
[  190.143193][ T6760]  btrfs_do_write_iter+0x238/0x710
[  190.143208][ T6760]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  190.143225][ T6760]  do_iter_readv_writev+0x56b/0x7f0
[  190.143238][ T6760]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  190.143245][ T6760]  ? rcu_read_lock_any_held+0xb3/0x120
[  190.143266][ T6760]  vfs_writev+0x31a/0x960
[  190.143282][ T6760]  ? __lock_acquire+0xab9/0xd20
[  190.143297][ T6760]  ? __pfx_vfs_writev+0x10/0x10
[  190.143319][ T6760]  ? __fget_files+0x2a/0x420
[  190.143334][ T6760]  ? __fget_files+0x3a0/0x420
[  190.143343][ T6760]  ? __fget_files+0x2a/0x420
[  190.143360][ T6760]  __se_sys_pwritev2+0x179/0x290
[  190.143373][ T6760]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  190.143383][ T6760]  ? rcu_is_watching+0x15/0xb0
[  190.143402][ T6760]  ? do_syscall_64+0xbe/0x3b0
[  190.143410][ T6760]  ? __x64_sys_pwritev2+0x20/0xc0
[  190.143421][ T6760]  do_syscall_64+0xfa/0x3b0
[  190.143429][ T6760]  ? lockdep_hardirqs_on+0x9c/0x150
[  190.143442][ T6760]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.143451][ T6760]  ? clear_bhb_loop+0x60/0xb0
[  190.143464][ T6760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.143474][ T6760] RIP: 0033:0x7f0dec57e719
[  190.143485][ T6760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.143494][ T6760] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  190.143506][ T6760] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  190.143513][ T6760] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  190.143520][ T6760] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  190.143526][ T6760] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  190.143532][ T6760] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  190.143550][ T6760]  </TASK>
[  190.143559][ T6760] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  190.398747][ T6760] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  190.403370][ T6760] BTRFS info (device loop0 state EA): forced readonly
[  190.409441][ T6760] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  190.416509][ T6760] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  190.422573][ T6760] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  190.434734][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  190.440079][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  190.446101][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  190.800339][ T6778] loop0: detected capacity change from 0 to 32768
[  190.811567][ T6778] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.62 (6778)
[  190.855220][ T6778] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  190.864505][ T6778] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  190.868277][ T6778] BTRFS info (device loop0): using free-space-tree
[  190.955985][ T6778] FAULT_INJECTION: forcing a failure.
[  190.955985][ T6778] name failslab, interval 1, probability 0, space 0, times 0
[  190.975992][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  190.979994][ T6778] CPU: 0 UID: 0 PID: 6778 Comm: syz.0.62 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  190.980011][ T6778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.980017][ T6778] Call Trace:
[  190.980022][ T6778]  <TASK>
[  190.980029][ T6778]  dump_stack_lvl+0x189/0x250
[  190.980048][ T6778]  ? __pfx____ratelimit+0x10/0x10
[  190.980064][ T6778]  ? __pfx_dump_stack_lvl+0x10/0x10
[  190.980089][ T6778]  ? __pfx__printk+0x10/0x10
[  190.980103][ T6778]  ? __pfx___might_resched+0x10/0x10
[  190.980122][ T6778]  should_fail_ex+0x414/0x560
[  190.980139][ T6778]  should_failslab+0xa8/0x100
[  190.980153][ T6778]  kmem_cache_alloc_noprof+0x73/0x3c0
[  190.980168][ T6778]  ? add_to_free_space_tree+0xdf/0x440
[  190.980182][ T6778]  add_to_free_space_tree+0xdf/0x440
[  190.980192][ T6778]  __btrfs_free_extent+0x16cf/0x2eb0
[  190.980209][ T6778]  ? __pfx___btrfs_free_extent+0x10/0x10
[  190.980229][ T6778]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  190.980267][ T6778]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  190.980281][ T6778]  ? kernel_text_address+0xa5/0xe0
[  190.980294][ T6778]  ? __kernel_text_address+0xd/0x40
[  190.980305][ T6778]  ? unwind_get_return_address+0x4d/0x90
[  190.980319][ T6778]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  190.980330][ T6778]  ? arch_stack_walk+0xfc/0x150
[  190.980348][ T6778]  ? __lock_acquire+0xab9/0xd20
[  190.980370][ T6778]  ? btrfs_commit_transaction+0x161/0x37f0
[  190.980385][ T6778]  btrfs_run_delayed_refs+0xe6/0x300
[  190.980394][ T6778]  btrfs_commit_transaction+0x274/0x37f0
[  190.980403][ T6778]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.980414][ T6778]  ? btrfs_commit_transaction+0x161/0x37f0
[  190.980431][ T6778]  ? __lock_acquire+0xab9/0xd20
[  190.980477][ T6778]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  190.980498][ T6778]  ? do_raw_spin_unlock+0x4d/0x240
[  190.980508][ T6778]  ? join_transaction+0x41b/0xd70
[  190.980526][ T6778]  ? btrfs_record_root_in_trans+0x124/0x180
[  190.980542][ T6778]  ? start_transaction+0x439/0x1620
[  190.980568][ T6778]  try_flush_qgroup+0x1dd/0x380
[  190.980582][ T6778]  ? kfree+0x18e/0x440
[  190.980596][ T6778]  ? __pfx_try_flush_qgroup+0x10/0x10
[  190.980609][ T6778]  ? qgroup_reserve_data+0x6cc/0x8d0
[  190.980633][ T6778]  btrfs_qgroup_reserve_data+0x69/0xb0
[  190.980648][ T6778]  btrfs_check_data_free_space+0x2ce/0x450
[  190.980663][ T6778]  btrfs_buffered_write+0x46c/0x16c0
[  190.980694][ T6778]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  190.980705][ T6778]  ? aa_file_perm+0x11f/0xed0
[  190.980722][ T6778]  ? aa_file_perm+0x3e7/0xed0
[  190.980734][ T6778]  btrfs_do_write_iter+0x238/0x710
[  190.980744][ T6778]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  190.980758][ T6778]  do_iter_readv_writev+0x56b/0x7f0
[  190.980770][ T6778]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  190.980779][ T6778]  ? rcu_read_lock_any_held+0xb3/0x120
[  190.980801][ T6778]  vfs_writev+0x31a/0x960
[  190.980816][ T6778]  ? __lock_acquire+0xab9/0xd20
[  190.980831][ T6778]  ? __pfx_vfs_writev+0x10/0x10
[  190.980852][ T6778]  ? __fget_files+0x2a/0x420
[  190.980866][ T6778]  ? __fget_files+0x3a0/0x420
[  190.980875][ T6778]  ? __fget_files+0x2a/0x420
[  190.980891][ T6778]  __se_sys_pwritev2+0x179/0x290
[  190.980903][ T6778]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  190.980911][ T6778]  ? rcu_is_watching+0x15/0xb0
[  190.980927][ T6778]  ? do_syscall_64+0xbe/0x3b0
[  190.980935][ T6778]  ? __x64_sys_pwritev2+0x20/0xc0
[  190.980946][ T6778]  do_syscall_64+0xfa/0x3b0
[  190.980954][ T6778]  ? lockdep_hardirqs_on+0x9c/0x150
[  190.980967][ T6778]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.980976][ T6778]  ? clear_bhb_loop+0x60/0xb0
[  190.980988][ T6778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.980997][ T6778] RIP: 0033:0x7f0dec57e719
[  190.981008][ T6778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.981017][ T6778] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  190.981030][ T6778] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  190.981037][ T6778] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  190.981043][ T6778] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  190.981049][ T6778] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  190.981055][ T6778] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  190.981072][ T6778]  </TASK>
[  190.981087][ T6778] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  191.218864][ T6778] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  191.223349][ T6778] BTRFS info (device loop0 state EA): forced readonly
[  191.228704][ T6778] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  191.233412][ T6778] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  191.241701][ T6778] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  191.254212][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  191.260051][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  191.265421][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  191.637199][ T6796] loop0: detected capacity change from 0 to 32768
[  191.645740][ T6796] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.63 (6796)
[  191.666658][ T6796] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  191.676062][ T6796] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  191.680170][ T6796] BTRFS info (device loop0): using free-space-tree
[  191.760923][ T6796] FAULT_INJECTION: forcing a failure.
[  191.760923][ T6796] name failslab, interval 1, probability 0, space 0, times 0
[  191.783996][ T6796] CPU: 0 UID: 0 PID: 6796 Comm: syz.0.63 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  191.784016][ T6796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  191.784023][ T6796] Call Trace:
[  191.784028][ T6796]  <TASK>
[  191.784032][ T6796]  dump_stack_lvl+0x189/0x250
[  191.784077][ T6796]  ? __pfx____ratelimit+0x10/0x10
[  191.784103][ T6796]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.784117][ T6796]  ? __pfx__printk+0x10/0x10
[  191.784131][ T6796]  ? __pfx___might_resched+0x10/0x10
[  191.784146][ T6796]  ? fs_reclaim_acquire+0x7d/0x100
[  191.784171][ T6796]  should_fail_ex+0x414/0x560
[  191.784188][ T6796]  should_failslab+0xa8/0x100
[  191.784200][ T6796]  kmem_cache_alloc_noprof+0x73/0x3c0
[  191.784216][ T6796]  ? alloc_extent_state+0x22/0x2f0
[  191.784236][ T6796]  alloc_extent_state+0x22/0x2f0
[  191.784254][ T6796]  set_extent_bit+0x270/0x2180
[  191.784286][ T6796]  ? __pfx_set_extent_bit+0x10/0x10
[  191.784308][ T6796]  btrfs_set_extent_bit+0x38/0x50
[  191.784324][ T6796]  btrfs_alloc_tree_block+0x967/0x12b0
[  191.784351][ T6796]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  191.784365][ T6796]  ? is_bpf_text_address+0x292/0x2b0
[  191.784378][ T6796]  ? is_bpf_text_address+0x26/0x2b0
[  191.784395][ T6796]  ? kernel_text_address+0xa5/0xe0
[  191.784411][ T6796]  ? __kernel_text_address+0xd/0x40
[  191.784423][ T6796]  ? read_extent_buffer+0x120/0x680
[  191.784439][ T6796]  btrfs_force_cow_block+0x575/0x1e10
[  191.784490][ T6796]  ? btrfs_tree_lock_nested+0x31/0x230
[  191.784506][ T6796]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  191.784522][ T6796]  ? down_write_nested+0x169/0x200
[  191.784534][ T6796]  ? __pfx_down_write_nested+0x10/0x10
[  191.784547][ T6796]  btrfs_cow_block+0x40a/0x830
[  191.784571][ T6796]  btrfs_search_slot+0xcd7/0x2d90
[  191.784608][ T6796]  ? __pfx_btrfs_search_slot+0x10/0x10
[  191.784631][ T6796]  ? kasan_save_track+0x4f/0x80
[  191.784648][ T6796]  ? __kasan_slab_alloc+0x6c/0x80
[  191.784656][ T6796]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  191.784669][ T6796]  ? __btrfs_free_extent+0x2fb/0x2eb0
[  191.784679][ T6796]  ? __btrfs_run_delayed_refs+0xe7b/0x3a50
[  191.784692][ T6796]  lookup_inline_extent_backref+0x33e/0x15c0
[  191.784703][ T6796]  ? do_iter_readv_writev+0x56b/0x7f0
[  191.784712][ T6796]  ? vfs_writev+0x31a/0x960
[  191.784723][ T6796]  ? __se_sys_pwritev2+0x179/0x290
[  191.784732][ T6796]  ? do_syscall_64+0xfa/0x3b0
[  191.784740][ T6796]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.784768][ T6796]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  191.784793][ T6796]  ? rcu_is_watching+0x15/0xb0
[  191.784808][ T6796]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  191.784820][ T6796]  ? kmem_cache_alloc_noprof+0x21a/0x3c0
[  191.784835][ T6796]  __btrfs_free_extent+0x40d/0x2eb0
[  191.784864][ T6796]  ? __pfx___btrfs_free_extent+0x10/0x10
[  191.784890][ T6796]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  191.784933][ T6796]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  191.784947][ T6796]  ? kernel_text_address+0xa5/0xe0
[  191.784959][ T6796]  ? __kernel_text_address+0xd/0x40
[  191.784972][ T6796]  ? unwind_get_return_address+0x4d/0x90
[  191.784987][ T6796]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  191.785000][ T6796]  ? arch_stack_walk+0xfc/0x150
[  191.785018][ T6796]  ? __lock_acquire+0xab9/0xd20
[  191.785042][ T6796]  ? btrfs_commit_transaction+0x161/0x37f0
[  191.785063][ T6796]  btrfs_run_delayed_refs+0xe6/0x300
[  191.785087][ T6796]  btrfs_commit_transaction+0x274/0x37f0
[  191.785102][ T6796]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.785115][ T6796]  ? btrfs_commit_transaction+0x161/0x37f0
[  191.785134][ T6796]  ? __lock_acquire+0xab9/0xd20
[  191.785155][ T6796]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  191.785173][ T6796]  ? do_raw_spin_unlock+0x4d/0x240
[  191.785184][ T6796]  ? join_transaction+0x41b/0xd70
[  191.785203][ T6796]  ? btrfs_record_root_in_trans+0x124/0x180
[  191.785218][ T6796]  ? start_transaction+0x439/0x1620
[  191.785249][ T6796]  try_flush_qgroup+0x1dd/0x380
[  191.785266][ T6796]  ? kfree+0x18e/0x440
[  191.785281][ T6796]  ? __pfx_try_flush_qgroup+0x10/0x10
[  191.785295][ T6796]  ? qgroup_reserve_data+0x6cc/0x8d0
[  191.785318][ T6796]  btrfs_qgroup_reserve_data+0x69/0xb0
[  191.785334][ T6796]  btrfs_check_data_free_space+0x2ce/0x450
[  191.785349][ T6796]  btrfs_buffered_write+0x46c/0x16c0
[  191.785380][ T6796]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  191.785392][ T6796]  ? aa_file_perm+0x11f/0xed0
[  191.785411][ T6796]  ? aa_file_perm+0x3e7/0xed0
[  191.785429][ T6796]  btrfs_do_write_iter+0x238/0x710
[  191.785447][ T6796]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  191.785465][ T6796]  do_iter_readv_writev+0x56b/0x7f0
[  191.785478][ T6796]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  191.785486][ T6796]  ? rcu_read_lock_any_held+0xb3/0x120
[  191.785509][ T6796]  vfs_writev+0x31a/0x960
[  191.785524][ T6796]  ? __lock_acquire+0xab9/0xd20
[  191.785538][ T6796]  ? __pfx_vfs_writev+0x10/0x10
[  191.785562][ T6796]  ? __fget_files+0x2a/0x420
[  191.785579][ T6796]  ? __fget_files+0x3a0/0x420
[  191.785592][ T6796]  ? __fget_files+0x2a/0x420
[  191.785609][ T6796]  __se_sys_pwritev2+0x179/0x290
[  191.785622][ T6796]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  191.785631][ T6796]  ? rcu_is_watching+0x15/0xb0
[  191.785649][ T6796]  ? do_syscall_64+0xbe/0x3b0
[  191.785656][ T6796]  ? __x64_sys_pwritev2+0x20/0xc0
[  191.785669][ T6796]  do_syscall_64+0xfa/0x3b0
[  191.785676][ T6796]  ? lockdep_hardirqs_on+0x9c/0x150
[  191.785689][ T6796]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.785698][ T6796]  ? clear_bhb_loop+0x60/0xb0
[  191.785710][ T6796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.785722][ T6796] RIP: 0033:0x7f0dec57e719
[  191.785733][ T6796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.785744][ T6796] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  191.785758][ T6796] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  191.785765][ T6796] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  191.785771][ T6796] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  191.785778][ T6796] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  191.785783][ T6796] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  191.785802][ T6796]  </TASK>
[  191.788076][ T1082] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  192.148493][ T5788] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
2025/06/25 05:36:05 executed programs: 51
[  192.514484][ T6814] loop0: detected capacity change from 0 to 32768
[  192.522861][ T6814] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.64 (6814)
[  192.543751][ T6814] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  192.556264][ T6814] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  192.560091][ T6814] BTRFS info (device loop0): using free-space-tree
[  192.651085][ T6814] FAULT_INJECTION: forcing a failure.
[  192.651085][ T6814] name failslab, interval 1, probability 0, space 0, times 0
[  192.659084][ T1082] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  192.674038][ T6814] CPU: 0 UID: 0 PID: 6814 Comm: syz.0.64 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  192.674064][ T6814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  192.674071][ T6814] Call Trace:
[  192.674076][ T6814]  <TASK>
[  192.674082][ T6814]  dump_stack_lvl+0x189/0x250
[  192.674102][ T6814]  ? __pfx____ratelimit+0x10/0x10
[  192.674118][ T6814]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.674133][ T6814]  ? __pfx__printk+0x10/0x10
[  192.674148][ T6814]  ? __pfx___might_resched+0x10/0x10
[  192.674165][ T6814]  should_fail_ex+0x414/0x560
[  192.674184][ T6814]  should_failslab+0xa8/0x100
[  192.674198][ T6814]  kmem_cache_alloc_noprof+0x73/0x3c0
[  192.674215][ T6814]  ? add_to_free_space_tree+0xdf/0x440
[  192.674232][ T6814]  add_to_free_space_tree+0xdf/0x440
[  192.674247][ T6814]  __btrfs_free_extent+0x16cf/0x2eb0
[  192.674273][ T6814]  ? __pfx___btrfs_free_extent+0x10/0x10
[  192.674299][ T6814]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  192.674337][ T6814]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  192.674350][ T6814]  ? kernel_text_address+0xa5/0xe0
[  192.674364][ T6814]  ? __kernel_text_address+0xd/0x40
[  192.674374][ T6814]  ? unwind_get_return_address+0x4d/0x90
[  192.674389][ T6814]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  192.674400][ T6814]  ? arch_stack_walk+0xfc/0x150
[  192.674418][ T6814]  ? __lock_acquire+0xab9/0xd20
[  192.674437][ T6814]  ? btrfs_commit_transaction+0x161/0x37f0
[  192.674456][ T6814]  btrfs_run_delayed_refs+0xe6/0x300
[  192.674471][ T6814]  btrfs_commit_transaction+0x274/0x37f0
[  192.674484][ T6814]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.674497][ T6814]  ? btrfs_commit_transaction+0x161/0x37f0
[  192.674516][ T6814]  ? __lock_acquire+0xab9/0xd20
[  192.674538][ T6814]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  192.674554][ T6814]  ? do_raw_spin_unlock+0x4d/0x240
[  192.674564][ T6814]  ? join_transaction+0x41b/0xd70
[  192.674583][ T6814]  ? btrfs_record_root_in_trans+0x124/0x180
[  192.674600][ T6814]  ? start_transaction+0x439/0x1620
[  192.674640][ T6814]  try_flush_qgroup+0x1dd/0x380
[  192.674655][ T6814]  ? kfree+0x18e/0x440
[  192.674671][ T6814]  ? __pfx_try_flush_qgroup+0x10/0x10
[  192.674686][ T6814]  ? qgroup_reserve_data+0x6cc/0x8d0
[  192.674710][ T6814]  btrfs_qgroup_reserve_data+0x69/0xb0
[  192.674726][ T6814]  btrfs_check_data_free_space+0x2ce/0x450
[  192.674742][ T6814]  btrfs_buffered_write+0x46c/0x16c0
[  192.674772][ T6814]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  192.674783][ T6814]  ? aa_file_perm+0x11f/0xed0
[  192.674800][ T6814]  ? aa_file_perm+0x3e7/0xed0
[  192.674815][ T6814]  btrfs_do_write_iter+0x238/0x710
[  192.674832][ T6814]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  192.674849][ T6814]  do_iter_readv_writev+0x56b/0x7f0
[  192.674864][ T6814]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  192.674873][ T6814]  ? rcu_read_lock_any_held+0xb3/0x120
[  192.674896][ T6814]  vfs_writev+0x31a/0x960
[  192.674911][ T6814]  ? __lock_acquire+0xab9/0xd20
[  192.674925][ T6814]  ? __pfx_vfs_writev+0x10/0x10
[  192.674948][ T6814]  ? __fget_files+0x2a/0x420
[  192.674962][ T6814]  ? __fget_files+0x3a0/0x420
[  192.674973][ T6814]  ? __fget_files+0x2a/0x420
[  192.674989][ T6814]  __se_sys_pwritev2+0x179/0x290
[  192.675003][ T6814]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  192.675013][ T6814]  ? rcu_is_watching+0x15/0xb0
[  192.675031][ T6814]  ? do_syscall_64+0xbe/0x3b0
[  192.675040][ T6814]  ? __x64_sys_pwritev2+0x20/0xc0
[  192.675056][ T6814]  do_syscall_64+0xfa/0x3b0
[  192.675064][ T6814]  ? lockdep_hardirqs_on+0x9c/0x150
[  192.675077][ T6814]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.675086][ T6814]  ? clear_bhb_loop+0x60/0xb0
[  192.675100][ T6814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.675110][ T6814] RIP: 0033:0x7f0dec57e719
[  192.675121][ T6814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.675131][ T6814] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  192.675143][ T6814] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  192.675151][ T6814] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  192.675157][ T6814] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  192.675162][ T6814] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  192.675167][ T6814] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  192.675185][ T6814]  </TASK>
[  192.675195][ T6814] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  192.922455][ T6814] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  192.928200][ T6814] BTRFS info (device loop0 state EA): forced readonly
[  192.931294][ T6814] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  192.939339][ T6814] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  192.946082][ T6814] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  192.958130][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  192.963593][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  192.968508][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  193.339122][ T6832] loop0: detected capacity change from 0 to 32768
[  193.350173][ T6832] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.65 (6832)
[  193.371569][ T6832] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  193.382416][ T6832] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  193.392958][ T6832] BTRFS info (device loop0): using free-space-tree
[  193.496766][ T1082] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  193.501734][ T6832] FAULT_INJECTION: forcing a failure.
[  193.501734][ T6832] name failslab, interval 1, probability 0, space 0, times 0
[  193.514454][ T6832] CPU: 0 UID: 0 PID: 6832 Comm: syz.0.65 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  193.514472][ T6832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.514480][ T6832] Call Trace:
[  193.514485][ T6832]  <TASK>
[  193.514491][ T6832]  dump_stack_lvl+0x189/0x250
[  193.514531][ T6832]  ? __pfx____ratelimit+0x10/0x10
[  193.514555][ T6832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  193.514570][ T6832]  ? __pfx__printk+0x10/0x10
[  193.514586][ T6832]  ? __pfx___might_resched+0x10/0x10
[  193.514605][ T6832]  should_fail_ex+0x414/0x560
[  193.514642][ T6832]  should_failslab+0xa8/0x100
[  193.514656][ T6832]  kmem_cache_alloc_noprof+0x73/0x3c0
[  193.514672][ T6832]  ? add_to_free_space_tree+0xdf/0x440
[  193.514688][ T6832]  add_to_free_space_tree+0xdf/0x440
[  193.514704][ T6832]  __btrfs_free_extent+0x16cf/0x2eb0
[  193.514731][ T6832]  ? __pfx___btrfs_free_extent+0x10/0x10
[  193.514756][ T6832]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  193.514803][ T6832]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  193.514816][ T6832]  ? kernel_text_address+0xa5/0xe0
[  193.514828][ T6832]  ? __kernel_text_address+0xd/0x40
[  193.514839][ T6832]  ? unwind_get_return_address+0x4d/0x90
[  193.514854][ T6832]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  193.514866][ T6832]  ? arch_stack_walk+0xfc/0x150
[  193.514885][ T6832]  ? __lock_acquire+0xab9/0xd20
[  193.514905][ T6832]  ? btrfs_commit_transaction+0x161/0x37f0
[  193.514923][ T6832]  btrfs_run_delayed_refs+0xe6/0x300
[  193.514938][ T6832]  btrfs_commit_transaction+0x274/0x37f0
[  193.514952][ T6832]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.514965][ T6832]  ? btrfs_commit_transaction+0x161/0x37f0
[  193.514984][ T6832]  ? __lock_acquire+0xab9/0xd20
[  193.515005][ T6832]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  193.515025][ T6832]  ? do_raw_spin_unlock+0x4d/0x240
[  193.515035][ T6832]  ? join_transaction+0x41b/0xd70
[  193.515054][ T6832]  ? btrfs_record_root_in_trans+0x124/0x180
[  193.515070][ T6832]  ? start_transaction+0x439/0x1620
[  193.515098][ T6832]  try_flush_qgroup+0x1dd/0x380
[  193.515111][ T6832]  ? kfree+0x18e/0x440
[  193.515127][ T6832]  ? __pfx_try_flush_qgroup+0x10/0x10
[  193.515140][ T6832]  ? qgroup_reserve_data+0x6cc/0x8d0
[  193.515164][ T6832]  btrfs_qgroup_reserve_data+0x69/0xb0
[  193.515180][ T6832]  btrfs_check_data_free_space+0x2ce/0x450
[  193.515196][ T6832]  btrfs_buffered_write+0x46c/0x16c0
[  193.515232][ T6832]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  193.515241][ T6832]  ? aa_file_perm+0x11f/0xed0
[  193.515259][ T6832]  ? aa_file_perm+0x3e7/0xed0
[  193.515274][ T6832]  btrfs_do_write_iter+0x238/0x710
[  193.515291][ T6832]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  193.515309][ T6832]  do_iter_readv_writev+0x56b/0x7f0
[  193.515322][ T6832]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  193.515330][ T6832]  ? rcu_read_lock_any_held+0xb3/0x120
[  193.515352][ T6832]  vfs_writev+0x31a/0x960
[  193.515368][ T6832]  ? __lock_acquire+0xab9/0xd20
[  193.515382][ T6832]  ? __pfx_vfs_writev+0x10/0x10
[  193.515403][ T6832]  ? __fget_files+0x2a/0x420
[  193.515418][ T6832]  ? __fget_files+0x3a0/0x420
[  193.515429][ T6832]  ? __fget_files+0x2a/0x420
[  193.515446][ T6832]  __se_sys_pwritev2+0x179/0x290
[  193.515459][ T6832]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  193.515465][ T6832]  ? rcu_is_watching+0x15/0xb0
[  193.515477][ T6832]  ? do_syscall_64+0xbe/0x3b0
[  193.515483][ T6832]  ? __x64_sys_pwritev2+0x20/0xc0
[  193.515491][ T6832]  do_syscall_64+0xfa/0x3b0
[  193.515499][ T6832]  ? lockdep_hardirqs_on+0x9c/0x150
[  193.515511][ T6832]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.515520][ T6832]  ? clear_bhb_loop+0x60/0xb0
[  193.515533][ T6832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.515543][ T6832] RIP: 0033:0x7f0dec57e719
[  193.515554][ T6832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.515563][ T6832] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  193.515575][ T6832] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  193.515583][ T6832] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  193.515589][ T6832] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  193.515593][ T6832] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  193.515597][ T6832] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  193.515608][ T6832]  </TASK>
[  193.515616][ T6832] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  193.748318][ T6832] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  193.752968][ T6832] BTRFS info (device loop0 state EA): forced readonly
[  193.757689][ T6832] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  193.762632][ T6832] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  193.771981][ T6832] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  193.783514][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  193.789693][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  193.794430][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  194.142729][ T6850] loop0: detected capacity change from 0 to 32768
[  194.151681][ T6850] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.66 (6850)
[  194.173463][ T6850] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  194.185834][ T6850] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  194.189645][ T6850] BTRFS info (device loop0): using free-space-tree
[  194.269393][ T6850] FAULT_INJECTION: forcing a failure.
[  194.269393][ T6850] name failslab, interval 1, probability 0, space 0, times 0
[  194.287157][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  194.291362][ T6850] CPU: 0 UID: 0 PID: 6850 Comm: syz.0.66 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  194.291379][ T6850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  194.291386][ T6850] Call Trace:
[  194.291391][ T6850]  <TASK>
[  194.291397][ T6850]  dump_stack_lvl+0x189/0x250
[  194.291418][ T6850]  ? __pfx____ratelimit+0x10/0x10
[  194.291434][ T6850]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.291449][ T6850]  ? __pfx__printk+0x10/0x10
[  194.291466][ T6850]  ? __pfx___might_resched+0x10/0x10
[  194.291480][ T6850]  should_fail_ex+0x414/0x560
[  194.291491][ T6850]  should_failslab+0xa8/0x100
[  194.291500][ T6850]  kmem_cache_alloc_noprof+0x73/0x3c0
[  194.291514][ T6850]  ? add_to_free_space_tree+0xdf/0x440
[  194.291527][ T6850]  add_to_free_space_tree+0xdf/0x440
[  194.291543][ T6850]  __btrfs_free_extent+0x16cf/0x2eb0
[  194.291570][ T6850]  ? __pfx___btrfs_free_extent+0x10/0x10
[  194.291597][ T6850]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  194.291636][ T6850]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  194.291649][ T6850]  ? kernel_text_address+0xa5/0xe0
[  194.291661][ T6850]  ? __kernel_text_address+0xd/0x40
[  194.291672][ T6850]  ? unwind_get_return_address+0x4d/0x90
[  194.291688][ T6850]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  194.291699][ T6850]  ? arch_stack_walk+0xfc/0x150
[  194.291716][ T6850]  ? __lock_acquire+0xab9/0xd20
[  194.291737][ T6850]  ? btrfs_commit_transaction+0x161/0x37f0
[  194.291756][ T6850]  btrfs_run_delayed_refs+0xe6/0x300
[  194.291770][ T6850]  btrfs_commit_transaction+0x274/0x37f0
[  194.291783][ T6850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.291796][ T6850]  ? btrfs_commit_transaction+0x161/0x37f0
[  194.291822][ T6850]  ? __lock_acquire+0xab9/0xd20
[  194.291842][ T6850]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  194.291861][ T6850]  ? do_raw_spin_unlock+0x4d/0x240
[  194.291871][ T6850]  ? join_transaction+0x41b/0xd70
[  194.291891][ T6850]  ? btrfs_record_root_in_trans+0x124/0x180
[  194.291906][ T6850]  ? start_transaction+0x439/0x1620
[  194.291932][ T6850]  try_flush_qgroup+0x1dd/0x380
[  194.291945][ T6850]  ? kfree+0x18e/0x440
[  194.291961][ T6850]  ? __pfx_try_flush_qgroup+0x10/0x10
[  194.291975][ T6850]  ? qgroup_reserve_data+0x6cc/0x8d0
[  194.291999][ T6850]  btrfs_qgroup_reserve_data+0x69/0xb0
[  194.292013][ T6850]  btrfs_check_data_free_space+0x2ce/0x450
[  194.292023][ T6850]  btrfs_buffered_write+0x46c/0x16c0
[  194.292042][ T6850]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  194.292051][ T6850]  ? aa_file_perm+0x11f/0xed0
[  194.292067][ T6850]  ? aa_file_perm+0x3e7/0xed0
[  194.292082][ T6850]  btrfs_do_write_iter+0x238/0x710
[  194.292099][ T6850]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  194.292116][ T6850]  do_iter_readv_writev+0x56b/0x7f0
[  194.292130][ T6850]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  194.292138][ T6850]  ? rcu_read_lock_any_held+0xb3/0x120
[  194.292160][ T6850]  vfs_writev+0x31a/0x960
[  194.292175][ T6850]  ? __lock_acquire+0xab9/0xd20
[  194.292190][ T6850]  ? __pfx_vfs_writev+0x10/0x10
[  194.292212][ T6850]  ? __fget_files+0x2a/0x420
[  194.292227][ T6850]  ? __fget_files+0x3a0/0x420
[  194.292236][ T6850]  ? __fget_files+0x2a/0x420
[  194.292251][ T6850]  __se_sys_pwritev2+0x179/0x290
[  194.292265][ T6850]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  194.292274][ T6850]  ? rcu_is_watching+0x15/0xb0
[  194.292293][ T6850]  ? do_syscall_64+0xbe/0x3b0
[  194.292302][ T6850]  ? __x64_sys_pwritev2+0x20/0xc0
[  194.292313][ T6850]  do_syscall_64+0xfa/0x3b0
[  194.292321][ T6850]  ? lockdep_hardirqs_on+0x9c/0x150
[  194.292335][ T6850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.292344][ T6850]  ? clear_bhb_loop+0x60/0xb0
[  194.292358][ T6850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.292368][ T6850] RIP: 0033:0x7f0dec57e719
[  194.292379][ T6850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.292388][ T6850] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  194.292398][ T6850] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  194.292403][ T6850] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  194.292407][ T6850] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  194.292414][ T6850] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  194.292419][ T6850] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  194.292474][ T6850]  </TASK>
[  194.292482][ T6850] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  194.546972][ T6850] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  194.551436][ T6850] BTRFS info (device loop0 state EA): forced readonly
[  194.558155][ T6850] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  194.562746][ T6850] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  194.569388][ T6850] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  194.582547][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  194.588293][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  194.592563][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  194.942631][ T6868] loop0: detected capacity change from 0 to 32768
[  194.952103][ T6868] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.67 (6868)
[  194.979119][ T6868] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  194.991894][ T6868] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  195.004181][ T6868] BTRFS info (device loop0): using free-space-tree
[  195.079852][ T6868] FAULT_INJECTION: forcing a failure.
[  195.079852][ T6868] name failslab, interval 1, probability 0, space 0, times 0
[  195.090328][ T1082] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  195.104024][ T6868] CPU: 0 UID: 0 PID: 6868 Comm: syz.0.67 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  195.104043][ T6868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  195.104050][ T6868] Call Trace:
[  195.104055][ T6868]  <TASK>
[  195.104060][ T6868]  dump_stack_lvl+0x189/0x250
[  195.104090][ T6868]  ? __pfx____ratelimit+0x10/0x10
[  195.104111][ T6868]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.104126][ T6868]  ? __pfx__printk+0x10/0x10
[  195.104142][ T6868]  ? __pfx___might_resched+0x10/0x10
[  195.104169][ T6868]  should_fail_ex+0x414/0x560
[  195.104186][ T6868]  should_failslab+0xa8/0x100
[  195.104198][ T6868]  kmem_cache_alloc_noprof+0x73/0x3c0
[  195.104219][ T6868]  ? add_to_free_space_tree+0xdf/0x440
[  195.104236][ T6868]  add_to_free_space_tree+0xdf/0x440
[  195.104252][ T6868]  __btrfs_free_extent+0x16cf/0x2eb0
[  195.104276][ T6868]  ? __pfx___btrfs_free_extent+0x10/0x10
[  195.104292][ T6868]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  195.104316][ T6868]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  195.104325][ T6868]  ? kernel_text_address+0xa5/0xe0
[  195.104333][ T6868]  ? __kernel_text_address+0xd/0x40
[  195.104341][ T6868]  ? unwind_get_return_address+0x4d/0x90
[  195.104351][ T6868]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  195.104359][ T6868]  ? arch_stack_walk+0xfc/0x150
[  195.104370][ T6868]  ? __lock_acquire+0xab9/0xd20
[  195.104390][ T6868]  ? btrfs_commit_transaction+0x161/0x37f0
[  195.104408][ T6868]  btrfs_run_delayed_refs+0xe6/0x300
[  195.104451][ T6868]  btrfs_commit_transaction+0x274/0x37f0
[  195.104466][ T6868]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.104480][ T6868]  ? btrfs_commit_transaction+0x161/0x37f0
[  195.104497][ T6868]  ? __lock_acquire+0xab9/0xd20
[  195.104518][ T6868]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  195.104537][ T6868]  ? do_raw_spin_unlock+0x4d/0x240
[  195.104549][ T6868]  ? join_transaction+0x41b/0xd70
[  195.104567][ T6868]  ? btrfs_record_root_in_trans+0x124/0x180
[  195.104583][ T6868]  ? start_transaction+0x439/0x1620
[  195.104611][ T6868]  try_flush_qgroup+0x1dd/0x380
[  195.104626][ T6868]  ? kfree+0x18e/0x440
[  195.104640][ T6868]  ? __pfx_try_flush_qgroup+0x10/0x10
[  195.104653][ T6868]  ? qgroup_reserve_data+0x6cc/0x8d0
[  195.104677][ T6868]  btrfs_qgroup_reserve_data+0x69/0xb0
[  195.104694][ T6868]  btrfs_check_data_free_space+0x2ce/0x450
[  195.104710][ T6868]  btrfs_buffered_write+0x46c/0x16c0
[  195.104739][ T6868]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  195.104749][ T6868]  ? aa_file_perm+0x11f/0xed0
[  195.104765][ T6868]  ? aa_file_perm+0x3e7/0xed0
[  195.104780][ T6868]  btrfs_do_write_iter+0x238/0x710
[  195.104797][ T6868]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  195.104813][ T6868]  do_iter_readv_writev+0x56b/0x7f0
[  195.104826][ T6868]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  195.104835][ T6868]  ? rcu_read_lock_any_held+0xb3/0x120
[  195.104855][ T6868]  vfs_writev+0x31a/0x960
[  195.104871][ T6868]  ? __lock_acquire+0xab9/0xd20
[  195.104886][ T6868]  ? __pfx_vfs_writev+0x10/0x10
[  195.104908][ T6868]  ? __fget_files+0x2a/0x420
[  195.104919][ T6868]  ? __fget_files+0x3a0/0x420
[  195.104925][ T6868]  ? __fget_files+0x2a/0x420
[  195.104940][ T6868]  __se_sys_pwritev2+0x179/0x290
[  195.104952][ T6868]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  195.104961][ T6868]  ? rcu_is_watching+0x15/0xb0
[  195.104980][ T6868]  ? do_syscall_64+0xbe/0x3b0
[  195.104989][ T6868]  ? __x64_sys_pwritev2+0x20/0xc0
[  195.105001][ T6868]  do_syscall_64+0xfa/0x3b0
[  195.105009][ T6868]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.105021][ T6868]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.105027][ T6868]  ? clear_bhb_loop+0x60/0xb0
[  195.105035][ T6868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.105041][ T6868] RIP: 0033:0x7f0dec57e719
[  195.105052][ T6868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.105060][ T6868] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  195.105079][ T6868] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  195.105086][ T6868] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  195.105092][ T6868] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  195.105098][ T6868] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  195.105104][ T6868] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  195.105124][ T6868]  </TASK>
[  195.105133][ T6868] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  195.353529][ T6868] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  195.363199][ T6868] BTRFS info (device loop0 state EA): forced readonly
[  195.368792][ T6868] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  195.373356][ T6868] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  195.379774][ T6868] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  195.392109][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  195.398594][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  195.402878][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  195.764585][ T6886] loop0: detected capacity change from 0 to 32768
[  195.771973][ T6886] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.68 (6886)
[  195.791646][ T6886] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  195.801742][ T6886] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  195.812200][ T6886] BTRFS info (device loop0): using free-space-tree
[  195.887907][ T6886] FAULT_INJECTION: forcing a failure.
[  195.887907][ T6886] name failslab, interval 1, probability 0, space 0, times 0
[  195.893437][ T6886] CPU: 0 UID: 0 PID: 6886 Comm: syz.0.68 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  195.893454][ T6886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  195.893461][ T6886] Call Trace:
[  195.893470][ T6886]  <TASK>
[  195.893477][ T6886]  dump_stack_lvl+0x189/0x250
[  195.893514][ T6886]  ? __pfx____ratelimit+0x10/0x10
[  195.893539][ T6886]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.893553][ T6886]  ? __pfx__printk+0x10/0x10
[  195.893569][ T6886]  ? __pfx___might_resched+0x10/0x10
[  195.893588][ T6886]  should_fail_ex+0x414/0x560
[  195.893613][ T6886]  should_failslab+0xa8/0x100
[  195.893626][ T6886]  kmem_cache_alloc_noprof+0x73/0x3c0
[  195.893642][ T6886]  ? __btrfs_run_delayed_items+0x94/0x490
[  195.893659][ T6886]  __btrfs_run_delayed_items+0x94/0x490
[  195.893673][ T6886]  ? schedule+0x16f/0x360
[  195.893689][ T6886]  btrfs_commit_transaction+0xa16/0x37f0
[  195.893705][ T6886]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.893718][ T6886]  ? btrfs_commit_transaction+0x161/0x37f0
[  195.893736][ T6886]  ? __lock_acquire+0xab9/0xd20
[  195.893755][ T6886]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  195.893772][ T6886]  ? do_raw_spin_unlock+0x4d/0x240
[  195.893803][ T6886]  ? join_transaction+0x41b/0xd70
[  195.893823][ T6886]  ? __pfx_autoremove_wake_function+0x10/0x10
[  195.893845][ T6886]  ? start_transaction+0x439/0x1620
[  195.893870][ T6886]  try_flush_qgroup+0x1dd/0x380
[  195.893884][ T6886]  ? kfree+0x18e/0x440
[  195.893899][ T6886]  ? __pfx_try_flush_qgroup+0x10/0x10
[  195.893912][ T6886]  ? qgroup_reserve_data+0x6cc/0x8d0
[  195.893933][ T6886]  btrfs_qgroup_reserve_data+0x69/0xb0
[  195.893949][ T6886]  btrfs_check_data_free_space+0x2ce/0x450
[  195.893964][ T6886]  btrfs_buffered_write+0x46c/0x16c0
[  195.893992][ T6886]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  195.894003][ T6886]  ? aa_file_perm+0x11f/0xed0
[  195.894021][ T6886]  ? aa_file_perm+0x3e7/0xed0
[  195.894035][ T6886]  btrfs_do_write_iter+0x238/0x710
[  195.894052][ T6886]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  195.894068][ T6886]  do_iter_readv_writev+0x56b/0x7f0
[  195.894081][ T6886]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  195.894090][ T6886]  ? rcu_read_lock_any_held+0xb3/0x120
[  195.894111][ T6886]  vfs_writev+0x31a/0x960
[  195.894125][ T6886]  ? __lock_acquire+0xab9/0xd20
[  195.894140][ T6886]  ? __pfx_vfs_writev+0x10/0x10
[  195.894161][ T6886]  ? __fget_files+0x2a/0x420
[  195.894176][ T6886]  ? __fget_files+0x3a0/0x420
[  195.894186][ T6886]  ? __fget_files+0x2a/0x420
[  195.894203][ T6886]  __se_sys_pwritev2+0x179/0x290
[  195.894215][ T6886]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  195.894225][ T6886]  ? rcu_is_watching+0x15/0xb0
[  195.894248][ T6886]  ? do_syscall_64+0xbe/0x3b0
[  195.894261][ T6886]  ? __x64_sys_pwritev2+0x20/0xc0
[  195.894273][ T6886]  do_syscall_64+0xfa/0x3b0
[  195.894281][ T6886]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.894295][ T6886]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.894305][ T6886]  ? clear_bhb_loop+0x60/0xb0
[  195.894318][ T6886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.894327][ T6886] RIP: 0033:0x7f0dec57e719
[  195.894339][ T6886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.894347][ T6886] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  195.894365][ T6886] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  195.894372][ T6886] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  195.894378][ T6886] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  195.894385][ T6886] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  195.894391][ T6886] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  195.894408][ T6886]  </TASK>
[  196.122647][ T6886] BTRFS warning (device loop0): Skipping commit of aborted transaction.
[  196.127079][ T6886] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  196.130625][ T6886] BTRFS: error (device loop0 state A) in cleanup_transaction:2021: errno=-12 Out of memory
[  196.137663][ T6886] BTRFS info (device loop0 state EA): forced readonly
[  196.141236][  T173] BTRFS error (device loop0 state EA): fail to start transaction for status update: -30
[  196.152499][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  196.158707][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  196.163105][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  196.533699][ T6904] loop0: detected capacity change from 0 to 32768
[  196.542422][ T6904] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.69 (6904)
[  196.562262][ T6904] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  196.573066][ T6904] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  196.583267][ T6904] BTRFS info (device loop0): using free-space-tree
[  196.674641][ T6904] FAULT_INJECTION: forcing a failure.
[  196.674641][ T6904] name failslab, interval 1, probability 0, space 0, times 0
[  196.686945][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  196.694473][ T6904] CPU: 0 UID: 0 PID: 6904 Comm: syz.0.69 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  196.694489][ T6904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  196.694495][ T6904] Call Trace:
[  196.694500][ T6904]  <TASK>
[  196.694505][ T6904]  dump_stack_lvl+0x189/0x250
[  196.694524][ T6904]  ? __pfx____ratelimit+0x10/0x10
[  196.694539][ T6904]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.694553][ T6904]  ? __pfx__printk+0x10/0x10
[  196.694567][ T6904]  ? __pfx___might_resched+0x10/0x10
[  196.694602][ T6904]  should_fail_ex+0x414/0x560
[  196.694618][ T6904]  should_failslab+0xa8/0x100
[  196.694630][ T6904]  kmem_cache_alloc_noprof+0x73/0x3c0
[  196.694645][ T6904]  ? add_to_free_space_tree+0xdf/0x440
[  196.694660][ T6904]  add_to_free_space_tree+0xdf/0x440
[  196.694675][ T6904]  __btrfs_free_extent+0x16cf/0x2eb0
[  196.694700][ T6904]  ? __pfx___btrfs_free_extent+0x10/0x10
[  196.694724][ T6904]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  196.694761][ T6904]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  196.694773][ T6904]  ? kernel_text_address+0xa5/0xe0
[  196.694785][ T6904]  ? __kernel_text_address+0xd/0x40
[  196.694795][ T6904]  ? unwind_get_return_address+0x4d/0x90
[  196.694809][ T6904]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  196.694827][ T6904]  ? arch_stack_walk+0xfc/0x150
[  196.694843][ T6904]  ? __lock_acquire+0xab9/0xd20
[  196.694863][ T6904]  ? btrfs_commit_transaction+0x161/0x37f0
[  196.694882][ T6904]  btrfs_run_delayed_refs+0xe6/0x300
[  196.694895][ T6904]  btrfs_commit_transaction+0x274/0x37f0
[  196.694907][ T6904]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.694919][ T6904]  ? btrfs_commit_transaction+0x161/0x37f0
[  196.694936][ T6904]  ? __lock_acquire+0xab9/0xd20
[  196.694955][ T6904]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  196.694972][ T6904]  ? do_raw_spin_unlock+0x4d/0x240
[  196.694982][ T6904]  ? join_transaction+0x41b/0xd70
[  196.694999][ T6904]  ? btrfs_record_root_in_trans+0x124/0x180
[  196.695014][ T6904]  ? start_transaction+0x439/0x1620
[  196.695039][ T6904]  try_flush_qgroup+0x1dd/0x380
[  196.695053][ T6904]  ? kfree+0x18e/0x440
[  196.695067][ T6904]  ? __pfx_try_flush_qgroup+0x10/0x10
[  196.695080][ T6904]  ? qgroup_reserve_data+0x6cc/0x8d0
[  196.695101][ T6904]  btrfs_qgroup_reserve_data+0x69/0xb0
[  196.695116][ T6904]  btrfs_check_data_free_space+0x2ce/0x450
[  196.695130][ T6904]  btrfs_buffered_write+0x46c/0x16c0
[  196.695158][ T6904]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  196.695168][ T6904]  ? aa_file_perm+0x11f/0xed0
[  196.695183][ T6904]  ? aa_file_perm+0x3e7/0xed0
[  196.695197][ T6904]  btrfs_do_write_iter+0x238/0x710
[  196.695213][ T6904]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  196.695229][ T6904]  do_iter_readv_writev+0x56b/0x7f0
[  196.695241][ T6904]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  196.695249][ T6904]  ? rcu_read_lock_any_held+0xb3/0x120
[  196.695269][ T6904]  vfs_writev+0x31a/0x960
[  196.695283][ T6904]  ? __lock_acquire+0xab9/0xd20
[  196.695296][ T6904]  ? __pfx_vfs_writev+0x10/0x10
[  196.695316][ T6904]  ? __fget_files+0x2a/0x420
[  196.695329][ T6904]  ? __fget_files+0x3a0/0x420
[  196.695338][ T6904]  ? __fget_files+0x2a/0x420
[  196.695354][ T6904]  __se_sys_pwritev2+0x179/0x290
[  196.695366][ T6904]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  196.695374][ T6904]  ? rcu_is_watching+0x15/0xb0
[  196.695391][ T6904]  ? do_syscall_64+0xbe/0x3b0
[  196.695399][ T6904]  ? __x64_sys_pwritev2+0x20/0xc0
[  196.695410][ T6904]  do_syscall_64+0xfa/0x3b0
[  196.695417][ T6904]  ? lockdep_hardirqs_on+0x9c/0x150
[  196.695430][ T6904]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.695439][ T6904]  ? clear_bhb_loop+0x60/0xb0
[  196.695450][ T6904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.695459][ T6904] RIP: 0033:0x7f0dec57e719
[  196.695470][ T6904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.695479][ T6904] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  196.695491][ T6904] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  196.695498][ T6904] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  196.695504][ T6904] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  196.695509][ T6904] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  196.695515][ T6904] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  196.695530][ T6904]  </TASK>
[  196.695539][ T6904] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  196.935725][ T6904] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  196.940064][ T6904] BTRFS info (device loop0 state EA): forced readonly
[  196.942961][ T6904] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  196.949623][ T6904] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  196.956867][ T6904] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  196.966968][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  196.972195][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  196.977298][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  197.323487][ T6922] loop0: detected capacity change from 0 to 32768
[  197.333618][ T6922] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.70 (6922)
[  197.357533][ T6922] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  197.368966][ T6922] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  197.372776][ T6922] BTRFS info (device loop0): using free-space-tree
[  197.468973][ T6922] FAULT_INJECTION: forcing a failure.
[  197.468973][ T6922] name failslab, interval 1, probability 0, space 0, times 0
[  197.478033][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  197.484215][ T6922] CPU: 0 UID: 0 PID: 6922 Comm: syz.0.70 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  197.484235][ T6922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  197.484242][ T6922] Call Trace:
[  197.484246][ T6922]  <TASK>
[  197.484251][ T6922]  dump_stack_lvl+0x189/0x250
[  197.484272][ T6922]  ? __pfx____ratelimit+0x10/0x10
[  197.484288][ T6922]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.484303][ T6922]  ? __pfx__printk+0x10/0x10
[  197.484320][ T6922]  ? __pfx___might_resched+0x10/0x10
[  197.484336][ T6922]  should_fail_ex+0x414/0x560
[  197.484354][ T6922]  should_failslab+0xa8/0x100
[  197.484368][ T6922]  kmem_cache_alloc_noprof+0x73/0x3c0
[  197.484384][ T6922]  ? add_to_free_space_tree+0xdf/0x440
[  197.484429][ T6922]  add_to_free_space_tree+0xdf/0x440
[  197.484446][ T6922]  __btrfs_free_extent+0x16cf/0x2eb0
[  197.484471][ T6922]  ? __pfx___btrfs_free_extent+0x10/0x10
[  197.484498][ T6922]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  197.484536][ T6922]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  197.484549][ T6922]  ? kernel_text_address+0xa5/0xe0
[  197.484563][ T6922]  ? __kernel_text_address+0xd/0x40
[  197.484575][ T6922]  ? unwind_get_return_address+0x4d/0x90
[  197.484590][ T6922]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  197.484601][ T6922]  ? arch_stack_walk+0xfc/0x150
[  197.484619][ T6922]  ? __lock_acquire+0xab9/0xd20
[  197.484640][ T6922]  ? btrfs_commit_transaction+0x161/0x37f0
[  197.484659][ T6922]  btrfs_run_delayed_refs+0xe6/0x300
[  197.484674][ T6922]  btrfs_commit_transaction+0x274/0x37f0
[  197.484686][ T6922]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.484699][ T6922]  ? btrfs_commit_transaction+0x161/0x37f0
[  197.484717][ T6922]  ? __lock_acquire+0xab9/0xd20
[  197.484738][ T6922]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  197.484757][ T6922]  ? do_raw_spin_unlock+0x4d/0x240
[  197.484767][ T6922]  ? join_transaction+0x41b/0xd70
[  197.484787][ T6922]  ? btrfs_record_root_in_trans+0x124/0x180
[  197.484797][ T6922]  ? start_transaction+0x439/0x1620
[  197.484814][ T6922]  try_flush_qgroup+0x1dd/0x380
[  197.484826][ T6922]  ? kfree+0x18e/0x440
[  197.484841][ T6922]  ? __pfx_try_flush_qgroup+0x10/0x10
[  197.484856][ T6922]  ? qgroup_reserve_data+0x6cc/0x8d0
[  197.484880][ T6922]  btrfs_qgroup_reserve_data+0x69/0xb0
[  197.484897][ T6922]  btrfs_check_data_free_space+0x2ce/0x450
[  197.484913][ T6922]  btrfs_buffered_write+0x46c/0x16c0
[  197.484944][ T6922]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  197.484955][ T6922]  ? aa_file_perm+0x11f/0xed0
[  197.484973][ T6922]  ? aa_file_perm+0x3e7/0xed0
[  197.484988][ T6922]  btrfs_do_write_iter+0x238/0x710
[  197.485005][ T6922]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  197.485024][ T6922]  do_iter_readv_writev+0x56b/0x7f0
[  197.485036][ T6922]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  197.485045][ T6922]  ? rcu_read_lock_any_held+0xb3/0x120
[  197.485068][ T6922]  vfs_writev+0x31a/0x960
[  197.485083][ T6922]  ? __lock_acquire+0xab9/0xd20
[  197.485098][ T6922]  ? __pfx_vfs_writev+0x10/0x10
[  197.485119][ T6922]  ? __fget_files+0x2a/0x420
[  197.485134][ T6922]  ? __fget_files+0x3a0/0x420
[  197.485144][ T6922]  ? __fget_files+0x2a/0x420
[  197.485161][ T6922]  __se_sys_pwritev2+0x179/0x290
[  197.485174][ T6922]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  197.485183][ T6922]  ? rcu_is_watching+0x15/0xb0
[  197.485201][ T6922]  ? do_syscall_64+0xbe/0x3b0
[  197.485210][ T6922]  ? __x64_sys_pwritev2+0x20/0xc0
[  197.485222][ T6922]  do_syscall_64+0xfa/0x3b0
[  197.485230][ T6922]  ? lockdep_hardirqs_on+0x9c/0x150
[  197.485244][ T6922]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.485254][ T6922]  ? clear_bhb_loop+0x60/0xb0
[  197.485266][ T6922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.485276][ T6922] RIP: 0033:0x7f0dec57e719
[  197.485287][ T6922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.485296][ T6922] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  197.485310][ T6922] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  197.485323][ T6922] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  197.485329][ T6922] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  197.485335][ T6922] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  197.485340][ T6922] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  197.485357][ T6922]  </TASK>
[  197.485367][ T6922] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  197.726668][ T6922] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  197.731071][ T6922] BTRFS info (device loop0 state EA): forced readonly
[  197.736465][ T6922] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  197.741219][ T6922] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  197.748778][ T6922] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  197.760747][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  197.766537][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  197.770641][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
2025/06/25 05:36:11 executed programs: 58
[  198.146061][ T6940] loop0: detected capacity change from 0 to 32768
[  198.158389][ T6940] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.71 (6940)
[  198.188784][ T6940] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  198.193162][ T6940] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  198.204902][ T6940] BTRFS info (device loop0): using free-space-tree
[  198.285319][ T6940] FAULT_INJECTION: forcing a failure.
[  198.285319][ T6940] name failslab, interval 1, probability 0, space 0, times 0
[  198.291319][ T1082] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  198.306252][ T6940] CPU: 0 UID: 0 PID: 6940 Comm: syz.0.71 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  198.306272][ T6940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  198.306279][ T6940] Call Trace:
[  198.306284][ T6940]  <TASK>
[  198.306289][ T6940]  dump_stack_lvl+0x189/0x250
[  198.306310][ T6940]  ? __pfx____ratelimit+0x10/0x10
[  198.306328][ T6940]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.306344][ T6940]  ? __pfx__printk+0x10/0x10
[  198.306361][ T6940]  ? __pfx___might_resched+0x10/0x10
[  198.306377][ T6940]  ? fs_reclaim_acquire+0x7d/0x100
[  198.306394][ T6940]  should_fail_ex+0x414/0x560
[  198.306412][ T6940]  should_failslab+0xa8/0x100
[  198.306426][ T6940]  kmem_cache_alloc_noprof+0x73/0x3c0
[  198.306443][ T6940]  ? remove_from_free_space_tree+0x14d/0xcc0
[  198.306455][ T6940]  ? btrfs_run_delayed_refs+0xe6/0x300
[  198.306475][ T6940]  remove_from_free_space_tree+0x14d/0xcc0
[  198.306488][ T6940]  ? do_syscall_64+0xfa/0x3b0
[  198.306496][ T6940]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.306513][ T6940]  ? __pfx_remove_from_free_space_tree+0x10/0x10
[  198.306543][ T6940]  ? kasan_quarantine_put+0xdd/0x220
[  198.306560][ T6940]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.306582][ T6940]  alloc_reserved_extent+0x4a/0x2b0
[  198.306598][ T6940]  __btrfs_run_delayed_refs+0x1719/0x3a50
[  198.306642][ T6940]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  198.306656][ T6940]  ? kernel_text_address+0xa5/0xe0
[  198.306670][ T6940]  ? __kernel_text_address+0xd/0x40
[  198.306683][ T6940]  ? unwind_get_return_address+0x4d/0x90
[  198.306696][ T6940]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  198.306707][ T6940]  ? arch_stack_walk+0xfc/0x150
[  198.306724][ T6940]  ? __lock_acquire+0xab9/0xd20
[  198.306746][ T6940]  ? btrfs_commit_transaction+0x161/0x37f0
[  198.306767][ T6940]  btrfs_run_delayed_refs+0xe6/0x300
[  198.306782][ T6940]  btrfs_commit_transaction+0x274/0x37f0
[  198.306795][ T6940]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.306808][ T6940]  ? btrfs_commit_transaction+0x161/0x37f0
[  198.306827][ T6940]  ? __lock_acquire+0xab9/0xd20
[  198.306849][ T6940]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  198.306866][ T6940]  ? do_raw_spin_unlock+0x4d/0x240
[  198.306877][ T6940]  ? join_transaction+0x41b/0xd70
[  198.306896][ T6940]  ? btrfs_record_root_in_trans+0x124/0x180
[  198.306912][ T6940]  ? start_transaction+0x439/0x1620
[  198.306939][ T6940]  try_flush_qgroup+0x1dd/0x380
[  198.306955][ T6940]  ? kfree+0x18e/0x440
[  198.306968][ T6940]  ? __pfx_try_flush_qgroup+0x10/0x10
[  198.306983][ T6940]  ? qgroup_reserve_data+0x6cc/0x8d0
[  198.307013][ T6940]  btrfs_qgroup_reserve_data+0x69/0xb0
[  198.307030][ T6940]  btrfs_check_data_free_space+0x2ce/0x450
[  198.307047][ T6940]  btrfs_buffered_write+0x46c/0x16c0
[  198.307079][ T6940]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  198.307090][ T6940]  ? aa_file_perm+0x11f/0xed0
[  198.307107][ T6940]  ? aa_file_perm+0x3e7/0xed0
[  198.307123][ T6940]  btrfs_do_write_iter+0x238/0x710
[  198.307141][ T6940]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  198.307159][ T6940]  do_iter_readv_writev+0x56b/0x7f0
[  198.307173][ T6940]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  198.307182][ T6940]  ? rcu_read_lock_any_held+0xb3/0x120
[  198.307204][ T6940]  vfs_writev+0x31a/0x960
[  198.307221][ T6940]  ? __lock_acquire+0xab9/0xd20
[  198.307235][ T6940]  ? __pfx_vfs_writev+0x10/0x10
[  198.307259][ T6940]  ? __fget_files+0x2a/0x420
[  198.307273][ T6940]  ? __fget_files+0x3a0/0x420
[  198.307284][ T6940]  ? __fget_files+0x2a/0x420
[  198.307301][ T6940]  __se_sys_pwritev2+0x179/0x290
[  198.307314][ T6940]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  198.307324][ T6940]  ? rcu_is_watching+0x15/0xb0
[  198.307345][ T6940]  ? do_syscall_64+0xbe/0x3b0
[  198.307353][ T6940]  ? __x64_sys_pwritev2+0x20/0xc0
[  198.307365][ T6940]  do_syscall_64+0xfa/0x3b0
[  198.307374][ T6940]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.307387][ T6940]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.307397][ T6940]  ? clear_bhb_loop+0x60/0xb0
[  198.307410][ T6940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.307420][ T6940] RIP: 0033:0x7f0dec57e719
[  198.307433][ T6940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.307442][ T6940] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  198.307455][ T6940] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  198.307462][ T6940] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  198.307469][ T6940] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  198.307474][ T6940] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  198.307479][ T6940] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  198.307494][ T6940]  </TASK>
[  198.307504][ T6940] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  198.565941][ T6940] BTRFS: error (device loop0 state A) in remove_from_free_space_tree:853: errno=-12 Out of memory
[  198.571211][ T6940] BTRFS info (device loop0 state EA): forced readonly
[  198.578264][ T6940] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 6467584 num_bytes 4096 type 176 action 1 ref_mod 1: -12
[  198.584193][ T6940] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  198.594744][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  198.599940][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  198.604690][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  198.952698][ T6958] loop0: detected capacity change from 0 to 32768
[  198.965138][ T6958] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.72 (6958)
[  198.985280][ T6958] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  198.998707][ T6958] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  199.002541][ T6958] BTRFS info (device loop0): using free-space-tree
[  199.107539][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  199.113212][ T6958] FAULT_INJECTION: forcing a failure.
[  199.113212][ T6958] name failslab, interval 1, probability 0, space 0, times 0
[  199.134025][ T6958] CPU: 0 UID: 0 PID: 6958 Comm: syz.0.72 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  199.134051][ T6958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  199.134058][ T6958] Call Trace:
[  199.134063][ T6958]  <TASK>
[  199.134067][ T6958]  dump_stack_lvl+0x189/0x250
[  199.134087][ T6958]  ? __pfx____ratelimit+0x10/0x10
[  199.134104][ T6958]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.134119][ T6958]  ? __pfx__printk+0x10/0x10
[  199.134135][ T6958]  ? __pfx___might_resched+0x10/0x10
[  199.134152][ T6958]  should_fail_ex+0x414/0x560
[  199.134168][ T6958]  should_failslab+0xa8/0x100
[  199.134182][ T6958]  kmem_cache_alloc_noprof+0x73/0x3c0
[  199.134197][ T6958]  ? add_to_free_space_tree+0xdf/0x440
[  199.134212][ T6958]  add_to_free_space_tree+0xdf/0x440
[  199.134228][ T6958]  __btrfs_free_extent+0x16cf/0x2eb0
[  199.134253][ T6958]  ? __pfx___btrfs_free_extent+0x10/0x10
[  199.134278][ T6958]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  199.134316][ T6958]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  199.134329][ T6958]  ? kernel_text_address+0xa5/0xe0
[  199.134342][ T6958]  ? __kernel_text_address+0xd/0x40
[  199.134352][ T6958]  ? unwind_get_return_address+0x4d/0x90
[  199.134368][ T6958]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  199.134380][ T6958]  ? arch_stack_walk+0xfc/0x150
[  199.134396][ T6958]  ? __lock_acquire+0xab9/0xd20
[  199.134417][ T6958]  ? btrfs_commit_transaction+0x161/0x37f0
[  199.134436][ T6958]  btrfs_run_delayed_refs+0xe6/0x300
[  199.134451][ T6958]  btrfs_commit_transaction+0x274/0x37f0
[  199.134464][ T6958]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.134478][ T6958]  ? btrfs_commit_transaction+0x161/0x37f0
[  199.134496][ T6958]  ? __lock_acquire+0xab9/0xd20
[  199.134517][ T6958]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  199.134534][ T6958]  ? do_raw_spin_unlock+0x4d/0x240
[  199.134544][ T6958]  ? join_transaction+0x41b/0xd70
[  199.134562][ T6958]  ? btrfs_record_root_in_trans+0x124/0x180
[  199.134596][ T6958]  ? start_transaction+0x439/0x1620
[  199.134623][ T6958]  try_flush_qgroup+0x1dd/0x380
[  199.134637][ T6958]  ? kfree+0x18e/0x440
[  199.134652][ T6958]  ? __pfx_try_flush_qgroup+0x10/0x10
[  199.134667][ T6958]  ? qgroup_reserve_data+0x6cc/0x8d0
[  199.134687][ T6958]  btrfs_qgroup_reserve_data+0x69/0xb0
[  199.134703][ T6958]  btrfs_check_data_free_space+0x2ce/0x450
[  199.134718][ T6958]  btrfs_buffered_write+0x46c/0x16c0
[  199.134748][ T6958]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  199.134759][ T6958]  ? aa_file_perm+0x11f/0xed0
[  199.134775][ T6958]  ? aa_file_perm+0x3e7/0xed0
[  199.134791][ T6958]  btrfs_do_write_iter+0x238/0x710
[  199.134807][ T6958]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  199.134825][ T6958]  do_iter_readv_writev+0x56b/0x7f0
[  199.134838][ T6958]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  199.134847][ T6958]  ? rcu_read_lock_any_held+0xb3/0x120
[  199.134869][ T6958]  vfs_writev+0x31a/0x960
[  199.134884][ T6958]  ? __lock_acquire+0xab9/0xd20
[  199.134898][ T6958]  ? __pfx_vfs_writev+0x10/0x10
[  199.134920][ T6958]  ? __fget_files+0x2a/0x420
[  199.134934][ T6958]  ? __fget_files+0x3a0/0x420
[  199.134945][ T6958]  ? __fget_files+0x2a/0x420
[  199.134962][ T6958]  __se_sys_pwritev2+0x179/0x290
[  199.134975][ T6958]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  199.134984][ T6958]  ? rcu_is_watching+0x15/0xb0
[  199.135002][ T6958]  ? do_syscall_64+0xbe/0x3b0
[  199.135012][ T6958]  ? __x64_sys_pwritev2+0x20/0xc0
[  199.135024][ T6958]  do_syscall_64+0xfa/0x3b0
[  199.135032][ T6958]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.135051][ T6958]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.135060][ T6958]  ? clear_bhb_loop+0x60/0xb0
[  199.135073][ T6958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.135083][ T6958] RIP: 0033:0x7f0dec57e719
[  199.135094][ T6958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.135104][ T6958] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  199.135117][ T6958] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  199.135123][ T6958] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  199.135129][ T6958] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  199.135136][ T6958] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  199.135142][ T6958] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  199.135159][ T6958]  </TASK>
[  199.135169][ T6958] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  199.367145][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[  199.369805][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[  199.379930][ T6958] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  199.387240][ T6958] BTRFS info (device loop0 state EA): forced readonly
[  199.390216][ T6958] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  199.396576][ T6958] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  199.402322][ T6958] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  199.415006][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  199.420489][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  199.425290][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  199.781986][ T6976] loop0: detected capacity change from 0 to 32768
[  199.790410][ T6976] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.73 (6976)
[  199.808529][ T6976] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  199.818767][ T6976] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  199.822693][ T6976] BTRFS info (device loop0): using free-space-tree
[  199.917174][ T6976] FAULT_INJECTION: forcing a failure.
[  199.917174][ T6976] name failslab, interval 1, probability 0, space 0, times 0
[  199.922654][ T6976] CPU: 0 UID: 0 PID: 6976 Comm: syz.0.73 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  199.922671][ T6976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  199.922679][ T6976] Call Trace:
[  199.922693][ T6976]  <TASK>
[  199.922699][ T6976]  dump_stack_lvl+0x189/0x250
[  199.922720][ T6976]  ? __pfx____ratelimit+0x10/0x10
[  199.922735][ T6976]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.922749][ T6976]  ? __pfx__printk+0x10/0x10
[  199.922764][ T6976]  ? __pfx___might_resched+0x10/0x10
[  199.922780][ T6976]  ? fs_reclaim_acquire+0x7d/0x100
[  199.922796][ T6976]  should_fail_ex+0x414/0x560
[  199.922813][ T6976]  should_failslab+0xa8/0x100
[  199.922826][ T6976]  kmem_cache_alloc_noprof+0x73/0x3c0
[  199.922841][ T6976]  ? alloc_extent_state+0x22/0x2f0
[  199.922859][ T6976]  alloc_extent_state+0x22/0x2f0
[  199.922873][ T6976]  set_extent_bit+0x270/0x2180
[  199.922902][ T6976]  ? __pfx_set_extent_bit+0x10/0x10
[  199.922923][ T6976]  btrfs_set_extent_bit+0x38/0x50
[  199.922939][ T6976]  btrfs_alloc_tree_block+0x967/0x12b0
[  199.922966][ T6976]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  199.922979][ T6976]  ? is_bpf_text_address+0x292/0x2b0
[  199.922994][ T6976]  ? is_bpf_text_address+0x26/0x2b0
[  199.923010][ T6976]  ? kernel_text_address+0xa5/0xe0
[  199.923023][ T6976]  ? __kernel_text_address+0xd/0x40
[  199.923034][ T6976]  ? read_extent_buffer+0x120/0x680
[  199.923047][ T6976]  btrfs_force_cow_block+0x575/0x1e10
[  199.923072][ T6976]  ? btrfs_tree_lock_nested+0x31/0x230
[  199.923088][ T6976]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  199.923105][ T6976]  ? down_write_nested+0x169/0x200
[  199.923117][ T6976]  ? __pfx_down_write_nested+0x10/0x10
[  199.923130][ T6976]  btrfs_cow_block+0x40a/0x830
[  199.923152][ T6976]  btrfs_search_slot+0xcd7/0x2d90
[  199.923183][ T6976]  ? __pfx_btrfs_search_slot+0x10/0x10
[  199.923200][ T6976]  ? kasan_save_track+0x4f/0x80
[  199.923213][ T6976]  ? __kasan_slab_alloc+0x6c/0x80
[  199.923222][ T6976]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  199.923235][ T6976]  ? __btrfs_free_extent+0x2fb/0x2eb0
[  199.923245][ T6976]  ? __btrfs_run_delayed_refs+0xe7b/0x3a50
[  199.923258][ T6976]  lookup_inline_extent_backref+0x33e/0x15c0
[  199.923270][ T6976]  ? do_iter_readv_writev+0x56b/0x7f0
[  199.923286][ T6976]  ? vfs_writev+0x31a/0x960
[  199.923296][ T6976]  ? __se_sys_pwritev2+0x179/0x290
[  199.923310][ T6976]  ? do_syscall_64+0xfa/0x3b0
[  199.923318][ T6976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.923348][ T6976]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  199.923373][ T6976]  ? rcu_is_watching+0x15/0xb0
[  199.923389][ T6976]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  199.923401][ T6976]  ? kmem_cache_alloc_noprof+0x21a/0x3c0
[  199.923418][ T6976]  __btrfs_free_extent+0x40d/0x2eb0
[  199.923449][ T6976]  ? __pfx___btrfs_free_extent+0x10/0x10
[  199.923476][ T6976]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  199.923521][ T6976]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  199.923534][ T6976]  ? kernel_text_address+0xa5/0xe0
[  199.923547][ T6976]  ? __kernel_text_address+0xd/0x40
[  199.923557][ T6976]  ? unwind_get_return_address+0x4d/0x90
[  199.923575][ T6976]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  199.923587][ T6976]  ? arch_stack_walk+0xfc/0x150
[  199.923606][ T6976]  ? __lock_acquire+0xab9/0xd20
[  199.923632][ T6976]  ? btrfs_commit_transaction+0x161/0x37f0
[  199.923649][ T6976]  btrfs_run_delayed_refs+0xe6/0x300
[  199.923658][ T6976]  btrfs_commit_transaction+0x274/0x37f0
[  199.923666][ T6976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.923675][ T6976]  ? btrfs_commit_transaction+0x161/0x37f0
[  199.923693][ T6976]  ? __lock_acquire+0xab9/0xd20
[  199.923707][ T6976]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  199.923718][ T6976]  ? do_raw_spin_unlock+0x4d/0x240
[  199.923728][ T6976]  ? join_transaction+0x41b/0xd70
[  199.923745][ T6976]  ? btrfs_record_root_in_trans+0x124/0x180
[  199.923762][ T6976]  ? start_transaction+0x439/0x1620
[  199.923817][ T6976]  try_flush_qgroup+0x1dd/0x380
[  199.923833][ T6976]  ? kfree+0x18e/0x440
[  199.923848][ T6976]  ? __pfx_try_flush_qgroup+0x10/0x10
[  199.923863][ T6976]  ? qgroup_reserve_data+0x6cc/0x8d0
[  199.923887][ T6976]  btrfs_qgroup_reserve_data+0x69/0xb0
[  199.923902][ T6976]  btrfs_check_data_free_space+0x2ce/0x450
[  199.923913][ T6976]  btrfs_buffered_write+0x46c/0x16c0
[  199.923934][ T6976]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  199.923944][ T6976]  ? aa_file_perm+0x11f/0xed0
[  199.923961][ T6976]  ? aa_file_perm+0x3e7/0xed0
[  199.923975][ T6976]  btrfs_do_write_iter+0x238/0x710
[  199.923993][ T6976]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  199.924010][ T6976]  do_iter_readv_writev+0x56b/0x7f0
[  199.924023][ T6976]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  199.924036][ T6976]  ? rcu_read_lock_any_held+0xb3/0x120
[  199.924059][ T6976]  vfs_writev+0x31a/0x960
[  199.924075][ T6976]  ? __lock_acquire+0xab9/0xd20
[  199.924088][ T6976]  ? __pfx_vfs_writev+0x10/0x10
[  199.924111][ T6976]  ? __fget_files+0x2a/0x420
[  199.924126][ T6976]  ? __fget_files+0x3a0/0x420
[  199.924135][ T6976]  ? __fget_files+0x2a/0x420
[  199.924152][ T6976]  __se_sys_pwritev2+0x179/0x290
[  199.924166][ T6976]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  199.924175][ T6976]  ? rcu_is_watching+0x15/0xb0
[  199.924192][ T6976]  ? do_syscall_64+0xbe/0x3b0
[  199.924200][ T6976]  ? __x64_sys_pwritev2+0x20/0xc0
[  199.924212][ T6976]  do_syscall_64+0xfa/0x3b0
[  199.924221][ T6976]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.924235][ T6976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.924244][ T6976]  ? clear_bhb_loop+0x60/0xb0
[  199.924256][ T6976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.924266][ T6976] RIP: 0033:0x7f0dec57e719
[  199.924278][ T6976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.924286][ T6976] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  199.924299][ T6976] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  199.924306][ T6976] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  199.924312][ T6976] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  199.924317][ T6976] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  199.924323][ T6976] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  199.924343][ T6976]  </TASK>
[  200.273370][ T1035] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  200.289265][ T5788] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  200.678664][ T6994] loop0: detected capacity change from 0 to 32768
[  200.688294][ T6994] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.74 (6994)
[  200.710301][ T6994] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  200.721175][ T6994] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  200.735545][ T6994] BTRFS info (device loop0): using free-space-tree
[  200.830491][ T6994] FAULT_INJECTION: forcing a failure.
[  200.830491][ T6994] name failslab, interval 1, probability 0, space 0, times 0
[  200.839376][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  200.855033][ T6994] CPU: 0 UID: 0 PID: 6994 Comm: syz.0.74 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  200.855053][ T6994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  200.855060][ T6994] Call Trace:
[  200.855066][ T6994]  <TASK>
[  200.855071][ T6994]  dump_stack_lvl+0x189/0x250
[  200.855094][ T6994]  ? __pfx____ratelimit+0x10/0x10
[  200.855111][ T6994]  ? __pfx_dump_stack_lvl+0x10/0x10
[  200.855127][ T6994]  ? __pfx__printk+0x10/0x10
[  200.855144][ T6994]  ? __pfx___might_resched+0x10/0x10
[  200.855162][ T6994]  should_fail_ex+0x414/0x560
[  200.855182][ T6994]  should_failslab+0xa8/0x100
[  200.855196][ T6994]  kmem_cache_alloc_noprof+0x73/0x3c0
[  200.855212][ T6994]  ? add_to_free_space_tree+0xdf/0x440
[  200.855230][ T6994]  add_to_free_space_tree+0xdf/0x440
[  200.855248][ T6994]  __btrfs_free_extent+0x16cf/0x2eb0
[  200.855275][ T6994]  ? __pfx___btrfs_free_extent+0x10/0x10
[  200.855303][ T6994]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  200.855344][ T6994]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  200.855361][ T6994]  ? kernel_text_address+0xa5/0xe0
[  200.855376][ T6994]  ? __kernel_text_address+0xd/0x40
[  200.855388][ T6994]  ? unwind_get_return_address+0x4d/0x90
[  200.855404][ T6994]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  200.855416][ T6994]  ? arch_stack_walk+0xfc/0x150
[  200.855436][ T6994]  ? __lock_acquire+0xab9/0xd20
[  200.855459][ T6994]  ? btrfs_commit_transaction+0x161/0x37f0
[  200.855481][ T6994]  btrfs_run_delayed_refs+0xe6/0x300
[  200.855492][ T6994]  btrfs_commit_transaction+0x274/0x37f0
[  200.855509][ T6994]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.855523][ T6994]  ? btrfs_commit_transaction+0x161/0x37f0
[  200.855543][ T6994]  ? __lock_acquire+0xab9/0xd20
[  200.855569][ T6994]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  200.855588][ T6994]  ? do_raw_spin_unlock+0x4d/0x240
[  200.855597][ T6994]  ? join_transaction+0x41b/0xd70
[  200.855618][ T6994]  ? btrfs_record_root_in_trans+0x124/0x180
[  200.855636][ T6994]  ? start_transaction+0x439/0x1620
[  200.855664][ T6994]  try_flush_qgroup+0x1dd/0x380
[  200.855679][ T6994]  ? kfree+0x18e/0x440
[  200.855696][ T6994]  ? __pfx_try_flush_qgroup+0x10/0x10
[  200.855719][ T6994]  ? qgroup_reserve_data+0x6cc/0x8d0
[  200.855745][ T6994]  btrfs_qgroup_reserve_data+0x69/0xb0
[  200.855762][ T6994]  btrfs_check_data_free_space+0x2ce/0x450
[  200.855780][ T6994]  btrfs_buffered_write+0x46c/0x16c0
[  200.855812][ T6994]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  200.855824][ T6994]  ? aa_file_perm+0x11f/0xed0
[  200.855844][ T6994]  ? aa_file_perm+0x3e7/0xed0
[  200.855859][ T6994]  btrfs_do_write_iter+0x238/0x710
[  200.855878][ T6994]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  200.855897][ T6994]  do_iter_readv_writev+0x56b/0x7f0
[  200.855911][ T6994]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  200.855921][ T6994]  ? rcu_read_lock_any_held+0xb3/0x120
[  200.855945][ T6994]  vfs_writev+0x31a/0x960
[  200.855961][ T6994]  ? __lock_acquire+0xab9/0xd20
[  200.855977][ T6994]  ? __pfx_vfs_writev+0x10/0x10
[  200.856000][ T6994]  ? __fget_files+0x2a/0x420
[  200.856017][ T6994]  ? __fget_files+0x3a0/0x420
[  200.856028][ T6994]  ? __fget_files+0x2a/0x420
[  200.856047][ T6994]  __se_sys_pwritev2+0x179/0x290
[  200.856062][ T6994]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  200.856072][ T6994]  ? rcu_is_watching+0x15/0xb0
[  200.856094][ T6994]  ? do_syscall_64+0xbe/0x3b0
[  200.856102][ T6994]  ? __x64_sys_pwritev2+0x20/0xc0
[  200.856116][ T6994]  do_syscall_64+0xfa/0x3b0
[  200.856125][ T6994]  ? lockdep_hardirqs_on+0x9c/0x150
[  200.856140][ T6994]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.856150][ T6994]  ? clear_bhb_loop+0x60/0xb0
[  200.856165][ T6994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.856175][ T6994] RIP: 0033:0x7f0dec57e719
[  200.856188][ T6994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.856196][ T6994] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  200.856210][ T6994] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  200.856218][ T6994] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  200.856224][ T6994] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  200.856232][ T6994] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  200.856238][ T6994] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  200.856257][ T6994]  </TASK>
[  200.856265][ T6994] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  201.096559][ T6994] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  201.101299][ T6994] BTRFS info (device loop0 state EA): forced readonly
[  201.105742][ T6994] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  201.110657][ T6994] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  201.118068][ T6994] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  201.129599][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  201.136240][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  201.140748][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  201.486306][ T7012] loop0: detected capacity change from 0 to 32768
[  201.493271][ T7012] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.75 (7012)
[  201.512893][ T7012] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  201.526398][ T7012] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  201.529999][ T7012] BTRFS info (device loop0): using free-space-tree
[  201.606907][ T7012] FAULT_INJECTION: forcing a failure.
[  201.606907][ T7012] name failslab, interval 1, probability 0, space 0, times 0
[  201.612070][ T7012] CPU: 0 UID: 0 PID: 7012 Comm: syz.0.75 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  201.612086][ T7012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  201.612093][ T7012] Call Trace:
[  201.612099][ T7012]  <TASK>
[  201.612104][ T7012]  dump_stack_lvl+0x189/0x250
[  201.612123][ T7012]  ? __pfx____ratelimit+0x10/0x10
[  201.612139][ T7012]  ? __pfx_dump_stack_lvl+0x10/0x10
[  201.612154][ T7012]  ? __pfx__printk+0x10/0x10
[  201.612169][ T7012]  ? __pfx___might_resched+0x10/0x10
[  201.612185][ T7012]  ? fs_reclaim_acquire+0x7d/0x100
[  201.612201][ T7012]  should_fail_ex+0x414/0x560
[  201.612220][ T7012]  should_failslab+0xa8/0x100
[  201.612236][ T7012]  kmem_cache_alloc_noprof+0x73/0x3c0
[  201.612252][ T7012]  ? alloc_extent_state+0x22/0x2f0
[  201.612270][ T7012]  alloc_extent_state+0x22/0x2f0
[  201.612285][ T7012]  set_extent_bit+0x270/0x2180
[  201.612315][ T7012]  ? __pfx_set_extent_bit+0x10/0x10
[  201.612335][ T7012]  btrfs_set_extent_bit+0x38/0x50
[  201.612350][ T7012]  btrfs_alloc_tree_block+0x967/0x12b0
[  201.612400][ T7012]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  201.612414][ T7012]  ? is_bpf_text_address+0x292/0x2b0
[  201.612429][ T7012]  ? is_bpf_text_address+0x26/0x2b0
[  201.612446][ T7012]  ? kernel_text_address+0xa5/0xe0
[  201.612459][ T7012]  ? __kernel_text_address+0xd/0x40
[  201.612469][ T7012]  ? read_extent_buffer+0x120/0x680
[  201.612479][ T7012]  btrfs_force_cow_block+0x575/0x1e10
[  201.612495][ T7012]  ? btrfs_tree_lock_nested+0x31/0x230
[  201.612506][ T7012]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  201.612517][ T7012]  ? down_write_nested+0x169/0x200
[  201.612524][ T7012]  ? __pfx_down_write_nested+0x10/0x10
[  201.612533][ T7012]  btrfs_cow_block+0x40a/0x830
[  201.612547][ T7012]  btrfs_search_slot+0xcd7/0x2d90
[  201.612567][ T7012]  ? __pfx_btrfs_search_slot+0x10/0x10
[  201.612577][ T7012]  ? kasan_save_track+0x4f/0x80
[  201.612587][ T7012]  ? __kasan_slab_alloc+0x6c/0x80
[  201.612592][ T7012]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  201.612601][ T7012]  ? __btrfs_free_extent+0x2fb/0x2eb0
[  201.612608][ T7012]  ? __btrfs_run_delayed_refs+0xe7b/0x3a50
[  201.612616][ T7012]  lookup_inline_extent_backref+0x33e/0x15c0
[  201.612624][ T7012]  ? do_iter_readv_writev+0x56b/0x7f0
[  201.612631][ T7012]  ? vfs_writev+0x31a/0x960
[  201.612637][ T7012]  ? __se_sys_pwritev2+0x179/0x290
[  201.612644][ T7012]  ? do_syscall_64+0xfa/0x3b0
[  201.612651][ T7012]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.612681][ T7012]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  201.612700][ T7012]  ? rcu_is_watching+0x15/0xb0
[  201.612711][ T7012]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  201.612721][ T7012]  ? kmem_cache_alloc_noprof+0x21a/0x3c0
[  201.612737][ T7012]  __btrfs_free_extent+0x40d/0x2eb0
[  201.612763][ T7012]  ? __pfx___btrfs_free_extent+0x10/0x10
[  201.612790][ T7012]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  201.612818][ T7012]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  201.612826][ T7012]  ? kernel_text_address+0xa5/0xe0
[  201.612835][ T7012]  ? __kernel_text_address+0xd/0x40
[  201.612843][ T7012]  ? unwind_get_return_address+0x4d/0x90
[  201.612853][ T7012]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  201.612863][ T7012]  ? arch_stack_walk+0xfc/0x150
[  201.612879][ T7012]  ? __lock_acquire+0xab9/0xd20
[  201.612901][ T7012]  ? btrfs_commit_transaction+0x161/0x37f0
[  201.612918][ T7012]  btrfs_run_delayed_refs+0xe6/0x300
[  201.612927][ T7012]  btrfs_commit_transaction+0x274/0x37f0
[  201.612936][ T7012]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.612944][ T7012]  ? btrfs_commit_transaction+0x161/0x37f0
[  201.612961][ T7012]  ? __lock_acquire+0xab9/0xd20
[  201.612980][ T7012]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  201.612997][ T7012]  ? do_raw_spin_unlock+0x4d/0x240
[  201.613007][ T7012]  ? join_transaction+0x41b/0xd70
[  201.613026][ T7012]  ? btrfs_record_root_in_trans+0x124/0x180
[  201.613049][ T7012]  ? start_transaction+0x439/0x1620
[  201.613078][ T7012]  try_flush_qgroup+0x1dd/0x380
[  201.613088][ T7012]  ? kfree+0x18e/0x440
[  201.613097][ T7012]  ? __pfx_try_flush_qgroup+0x10/0x10
[  201.613107][ T7012]  ? qgroup_reserve_data+0x6cc/0x8d0
[  201.613121][ T7012]  btrfs_qgroup_reserve_data+0x69/0xb0
[  201.613132][ T7012]  btrfs_check_data_free_space+0x2ce/0x450
[  201.613142][ T7012]  btrfs_buffered_write+0x46c/0x16c0
[  201.613168][ T7012]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  201.613177][ T7012]  ? aa_file_perm+0x11f/0xed0
[  201.613194][ T7012]  ? aa_file_perm+0x3e7/0xed0
[  201.613210][ T7012]  btrfs_do_write_iter+0x238/0x710
[  201.613227][ T7012]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  201.613246][ T7012]  do_iter_readv_writev+0x56b/0x7f0
[  201.613256][ T7012]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  201.613262][ T7012]  ? rcu_read_lock_any_held+0xb3/0x120
[  201.613276][ T7012]  vfs_writev+0x31a/0x960
[  201.613286][ T7012]  ? __lock_acquire+0xab9/0xd20
[  201.613295][ T7012]  ? __pfx_vfs_writev+0x10/0x10
[  201.613309][ T7012]  ? __fget_files+0x2a/0x420
[  201.613318][ T7012]  ? __fget_files+0x3a0/0x420
[  201.613324][ T7012]  ? __fget_files+0x2a/0x420
[  201.613335][ T7012]  __se_sys_pwritev2+0x179/0x290
[  201.613344][ T7012]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  201.613350][ T7012]  ? rcu_is_watching+0x15/0xb0
[  201.613364][ T7012]  ? do_syscall_64+0xbe/0x3b0
[  201.613372][ T7012]  ? __x64_sys_pwritev2+0x20/0xc0
[  201.613383][ T7012]  do_syscall_64+0xfa/0x3b0
[  201.613392][ T7012]  ? lockdep_hardirqs_on+0x9c/0x150
[  201.613405][ T7012]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.613415][ T7012]  ? clear_bhb_loop+0x60/0xb0
[  201.613428][ T7012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.613438][ T7012] RIP: 0033:0x7f0dec57e719
[  201.613450][ T7012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.613458][ T7012] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  201.613471][ T7012] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  201.613478][ T7012] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  201.613484][ T7012] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  201.613490][ T7012] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  201.613497][ T7012] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  201.613516][ T7012]  </TASK>
[  201.961397][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  201.984796][ T5788] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  202.359136][ T7030] loop0: detected capacity change from 0 to 32768
[  202.368480][ T7030] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.76 (7030)
[  202.391852][ T7030] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  202.408739][ T7030] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  202.412446][ T7030] BTRFS info (device loop0): using free-space-tree
[  202.496590][ T7030] FAULT_INJECTION: forcing a failure.
[  202.496590][ T7030] name failslab, interval 1, probability 0, space 0, times 0
[  202.504039][ T7030] CPU: 0 UID: 0 PID: 7030 Comm: syz.0.76 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  202.504056][ T7030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  202.504063][ T7030] Call Trace:
[  202.504067][ T7030]  <TASK>
[  202.504072][ T7030]  dump_stack_lvl+0x189/0x250
[  202.504109][ T7030]  ? __pfx____ratelimit+0x10/0x10
[  202.504131][ T7030]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.504147][ T7030]  ? __pfx__printk+0x10/0x10
[  202.504162][ T7030]  ? __pfx___might_resched+0x10/0x10
[  202.504177][ T7030]  ? fs_reclaim_acquire+0x7d/0x100
[  202.504201][ T7030]  should_fail_ex+0x414/0x560
[  202.504217][ T7030]  should_failslab+0xa8/0x100
[  202.504231][ T7030]  kmem_cache_alloc_noprof+0x73/0x3c0
[  202.504246][ T7030]  ? __btrfs_run_delayed_refs+0x12fe/0x3a50
[  202.504261][ T7030]  __btrfs_run_delayed_refs+0x12fe/0x3a50
[  202.504300][ T7030]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  202.504310][ T7030]  ? __pfx___mutex_trylock_common+0x10/0x10
[  202.504325][ T7030]  ? rcu_is_watching+0x15/0xb0
[  202.504345][ T7030]  ? btrfs_start_dirty_block_groups+0xbfe/0xf70
[  202.504399][ T7030]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  202.504419][ T7030]  ? btrfs_block_rsv_release+0x529/0x5e0
[  202.504437][ T7030]  btrfs_run_delayed_refs+0xe6/0x300
[  202.504452][ T7030]  btrfs_start_dirty_block_groups+0xc08/0xf70
[  202.504480][ T7030]  ? __pfx_btrfs_start_dirty_block_groups+0x10/0x10
[  202.504495][ T7030]  ? __kasan_slab_alloc+0x6c/0x80
[  202.504504][ T7030]  ? btrfs_trans_release_metadata+0x22d/0x330
[  202.504523][ T7030]  btrfs_commit_transaction+0x666/0x37f0
[  202.504535][ T7030]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.504548][ T7030]  ? btrfs_commit_transaction+0x161/0x37f0
[  202.504567][ T7030]  ? __lock_acquire+0xab9/0xd20
[  202.504590][ T7030]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  202.504607][ T7030]  ? do_raw_spin_unlock+0x4d/0x240
[  202.504618][ T7030]  ? join_transaction+0x41b/0xd70
[  202.504637][ T7030]  ? btrfs_record_root_in_trans+0x124/0x180
[  202.504651][ T7030]  ? start_transaction+0x439/0x1620
[  202.504678][ T7030]  try_flush_qgroup+0x1dd/0x380
[  202.504691][ T7030]  ? kfree+0x18e/0x440
[  202.504706][ T7030]  ? __pfx_try_flush_qgroup+0x10/0x10
[  202.504720][ T7030]  ? qgroup_reserve_data+0x6cc/0x8d0
[  202.504741][ T7030]  btrfs_qgroup_reserve_data+0x69/0xb0
[  202.504764][ T7030]  btrfs_check_data_free_space+0x2ce/0x450
[  202.504779][ T7030]  btrfs_buffered_write+0x46c/0x16c0
[  202.504810][ T7030]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  202.504821][ T7030]  ? aa_file_perm+0x11f/0xed0
[  202.504838][ T7030]  ? aa_file_perm+0x3e7/0xed0
[  202.504852][ T7030]  btrfs_do_write_iter+0x238/0x710
[  202.504868][ T7030]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  202.504885][ T7030]  do_iter_readv_writev+0x56b/0x7f0
[  202.504897][ T7030]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  202.504906][ T7030]  ? rcu_read_lock_any_held+0xb3/0x120
[  202.504928][ T7030]  vfs_writev+0x31a/0x960
[  202.504944][ T7030]  ? __lock_acquire+0xab9/0xd20
[  202.504958][ T7030]  ? __pfx_vfs_writev+0x10/0x10
[  202.504980][ T7030]  ? __fget_files+0x2a/0x420
[  202.504995][ T7030]  ? __fget_files+0x3a0/0x420
[  202.505005][ T7030]  ? __fget_files+0x2a/0x420
[  202.505023][ T7030]  __se_sys_pwritev2+0x179/0x290
[  202.505036][ T7030]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  202.505044][ T7030]  ? rcu_is_watching+0x15/0xb0
[  202.505062][ T7030]  ? do_syscall_64+0xbe/0x3b0
[  202.505070][ T7030]  ? __x64_sys_pwritev2+0x20/0xc0
[  202.505082][ T7030]  do_syscall_64+0xfa/0x3b0
[  202.505090][ T7030]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.505104][ T7030]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.505113][ T7030]  ? clear_bhb_loop+0x60/0xb0
[  202.505126][ T7030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.505137][ T7030] RIP: 0033:0x7f0dec57e719
[  202.505147][ T7030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.505156][ T7030] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  202.505167][ T7030] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  202.505174][ T7030] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  202.505180][ T7030] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  202.505186][ T7030] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  202.505192][ T7030] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  202.505209][ T7030]  </TASK>
[  202.505242][ T7030] BTRFS error (device loop0): failed to run delayed ref for logical 5353472 num_bytes 4096 type 176 action 1 ref_mod 1: -12
[  202.762042][ T7030] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  202.767594][ T7030] BTRFS: error (device loop0 state A) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  202.772180][ T7030] BTRFS info (device loop0 state EA): forced readonly
[  202.778745][   T12] BTRFS warning (device loop0 state EA): Skipping commit of aborted transaction.
[  202.783050][   T12] BTRFS: error (device loop0 state EA) in cleanup_transaction:2021: errno=-12 Out of memory
[  202.794461][   T12] BTRFS error (device loop0 state EA): fail to start transaction for status update: -30
[  202.800486][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  202.806556][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  202.811125][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
2025/06/25 05:36:16 executed programs: 64
[  203.172506][ T7048] loop0: detected capacity change from 0 to 32768
[  203.185439][ T7048] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.77 (7048)
[  203.213182][ T7048] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  203.224565][ T7048] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  203.228473][ T7048] BTRFS info (device loop0): using free-space-tree
[  203.310647][ T7048] FAULT_INJECTION: forcing a failure.
[  203.310647][ T7048] name failslab, interval 1, probability 0, space 0, times 0
[  203.317961][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  203.336038][ T7048] CPU: 0 UID: 0 PID: 7048 Comm: syz.0.77 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  203.336053][ T7048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.336058][ T7048] Call Trace:
[  203.336061][ T7048]  <TASK>
[  203.336065][ T7048]  dump_stack_lvl+0x189/0x250
[  203.336079][ T7048]  ? __pfx____ratelimit+0x10/0x10
[  203.336091][ T7048]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.336107][ T7048]  ? __pfx__printk+0x10/0x10
[  203.336119][ T7048]  ? __pfx___might_resched+0x10/0x10
[  203.336135][ T7048]  ? fs_reclaim_acquire+0x7d/0x100
[  203.336151][ T7048]  should_fail_ex+0x414/0x560
[  203.336169][ T7048]  should_failslab+0xa8/0x100
[  203.336182][ T7048]  kmem_cache_alloc_noprof+0x73/0x3c0
[  203.336199][ T7048]  ? alloc_extent_state+0x22/0x2f0
[  203.336211][ T7048]  alloc_extent_state+0x22/0x2f0
[  203.336221][ T7048]  set_extent_bit+0x270/0x2180
[  203.336239][ T7048]  ? __pfx_set_extent_bit+0x10/0x10
[  203.336252][ T7048]  btrfs_set_extent_bit+0x38/0x50
[  203.336263][ T7048]  btrfs_alloc_tree_block+0x967/0x12b0
[  203.336280][ T7048]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  203.336291][ T7048]  ? rwsem_down_write_slowpath+0x507/0x1030
[  203.336308][ T7048]  ? read_extent_buffer+0x120/0x680
[  203.336321][ T7048]  btrfs_force_cow_block+0x575/0x1e10
[  203.336378][ T7048]  ? btrfs_tree_lock_nested+0x31/0x230
[  203.336398][ T7048]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  203.336415][ T7048]  ? down_write_nested+0x169/0x200
[  203.336426][ T7048]  ? __pfx_down_write_nested+0x10/0x10
[  203.336440][ T7048]  btrfs_cow_block+0x40a/0x830
[  203.336461][ T7048]  btrfs_search_slot+0xcd7/0x2d90
[  203.336490][ T7048]  ? __pfx_btrfs_search_slot+0x10/0x10
[  203.336508][ T7048]  ? kasan_save_track+0x4f/0x80
[  203.336522][ T7048]  ? __kasan_slab_alloc+0x6c/0x80
[  203.336532][ T7048]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  203.336545][ T7048]  ? __btrfs_free_extent+0x2fb/0x2eb0
[  203.336556][ T7048]  ? __btrfs_run_delayed_refs+0xe7b/0x3a50
[  203.336569][ T7048]  lookup_inline_extent_backref+0x33e/0x15c0
[  203.336583][ T7048]  ? do_iter_readv_writev+0x56b/0x7f0
[  203.336592][ T7048]  ? vfs_writev+0x31a/0x960
[  203.336602][ T7048]  ? __se_sys_pwritev2+0x179/0x290
[  203.336613][ T7048]  ? do_syscall_64+0xfa/0x3b0
[  203.336621][ T7048]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.336649][ T7048]  ? __pfx_lookup_inline_extent_backref+0x10/0x10
[  203.336675][ T7048]  ? rcu_is_watching+0x15/0xb0
[  203.336693][ T7048]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  203.336705][ T7048]  ? kmem_cache_alloc_noprof+0x21a/0x3c0
[  203.336730][ T7048]  __btrfs_free_extent+0x40d/0x2eb0
[  203.336763][ T7048]  ? __pfx___btrfs_free_extent+0x10/0x10
[  203.336792][ T7048]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  203.336833][ T7048]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  203.336846][ T7048]  ? kernel_text_address+0xa5/0xe0
[  203.336859][ T7048]  ? __kernel_text_address+0xd/0x40
[  203.336871][ T7048]  ? unwind_get_return_address+0x4d/0x90
[  203.336886][ T7048]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  203.336896][ T7048]  ? arch_stack_walk+0xfc/0x150
[  203.336922][ T7048]  ? __lock_acquire+0xab9/0xd20
[  203.336945][ T7048]  ? btrfs_commit_transaction+0x161/0x37f0
[  203.336965][ T7048]  btrfs_run_delayed_refs+0xe6/0x300
[  203.336978][ T7048]  btrfs_commit_transaction+0x274/0x37f0
[  203.336991][ T7048]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.337005][ T7048]  ? btrfs_commit_transaction+0x161/0x37f0
[  203.337022][ T7048]  ? __lock_acquire+0xab9/0xd20
[  203.337043][ T7048]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  203.337062][ T7048]  ? do_raw_spin_unlock+0x4d/0x240
[  203.337073][ T7048]  ? join_transaction+0x41b/0xd70
[  203.337092][ T7048]  ? btrfs_record_root_in_trans+0x124/0x180
[  203.337109][ T7048]  ? start_transaction+0x439/0x1620
[  203.337138][ T7048]  try_flush_qgroup+0x1dd/0x380
[  203.337152][ T7048]  ? kfree+0x18e/0x440
[  203.337168][ T7048]  ? __pfx_try_flush_qgroup+0x10/0x10
[  203.337183][ T7048]  ? qgroup_reserve_data+0x6cc/0x8d0
[  203.337207][ T7048]  btrfs_qgroup_reserve_data+0x69/0xb0
[  203.337223][ T7048]  btrfs_check_data_free_space+0x2ce/0x450
[  203.337238][ T7048]  btrfs_buffered_write+0x46c/0x16c0
[  203.337267][ T7048]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  203.337278][ T7048]  ? aa_file_perm+0x11f/0xed0
[  203.337296][ T7048]  ? aa_file_perm+0x3e7/0xed0
[  203.337312][ T7048]  btrfs_do_write_iter+0x238/0x710
[  203.337328][ T7048]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  203.337343][ T7048]  do_iter_readv_writev+0x56b/0x7f0
[  203.337356][ T7048]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  203.337364][ T7048]  ? rcu_read_lock_any_held+0xb3/0x120
[  203.337386][ T7048]  vfs_writev+0x31a/0x960
[  203.337402][ T7048]  ? __lock_acquire+0xab9/0xd20
[  203.337418][ T7048]  ? __pfx_vfs_writev+0x10/0x10
[  203.337441][ T7048]  ? __fget_files+0x2a/0x420
[  203.337456][ T7048]  ? __fget_files+0x3a0/0x420
[  203.337465][ T7048]  ? __fget_files+0x2a/0x420
[  203.337481][ T7048]  __se_sys_pwritev2+0x179/0x290
[  203.337495][ T7048]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  203.337504][ T7048]  ? rcu_is_watching+0x15/0xb0
[  203.337523][ T7048]  ? do_syscall_64+0xbe/0x3b0
[  203.337532][ T7048]  ? __x64_sys_pwritev2+0x20/0xc0
[  203.337545][ T7048]  do_syscall_64+0xfa/0x3b0
[  203.337553][ T7048]  ? lockdep_hardirqs_on+0x9c/0x150
[  203.337567][ T7048]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.337576][ T7048]  ? clear_bhb_loop+0x60/0xb0
[  203.337588][ T7048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.337598][ T7048] RIP: 0033:0x7f0dec57e719
[  203.337610][ T7048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.337620][ T7048] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  203.337633][ T7048] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  203.337640][ T7048] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  203.337647][ T7048] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  203.337653][ T7048] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  203.337657][ T7048] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  203.337672][ T7048]  </TASK>
[  203.672385][ T5788] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  204.035824][ T7066] loop0: detected capacity change from 0 to 32768
[  204.045005][ T7066] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.78 (7066)
[  204.065702][ T7066] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  204.076882][ T7066] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  204.080905][ T7066] BTRFS info (device loop0): using free-space-tree
[  204.174883][ T7066] FAULT_INJECTION: forcing a failure.
[  204.174883][ T7066] name failslab, interval 1, probability 0, space 0, times 0
[  204.180618][ T7066] CPU: 0 UID: 0 PID: 7066 Comm: syz.0.78 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  204.180635][ T7066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.180642][ T7066] Call Trace:
[  204.180651][ T7066]  <TASK>
[  204.180657][ T7066]  dump_stack_lvl+0x189/0x250
[  204.180679][ T7066]  ? __pfx____ratelimit+0x10/0x10
[  204.180695][ T7066]  ? __pfx_dump_stack_lvl+0x10/0x10
[  204.180707][ T7066]  ? __pfx__printk+0x10/0x10
[  204.180718][ T7066]  ? __pfx___might_resched+0x10/0x10
[  204.180731][ T7066]  should_fail_ex+0x414/0x560
[  204.180742][ T7066]  should_failslab+0xa8/0x100
[  204.180755][ T7066]  kmem_cache_alloc_noprof+0x73/0x3c0
[  204.180770][ T7066]  ? add_to_free_space_tree+0xdf/0x440
[  204.180785][ T7066]  add_to_free_space_tree+0xdf/0x440
[  204.180801][ T7066]  __btrfs_free_extent+0x16cf/0x2eb0
[  204.180829][ T7066]  ? __pfx___btrfs_free_extent+0x10/0x10
[  204.180852][ T7066]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  204.180876][ T7066]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  204.180888][ T7066]  ? kernel_text_address+0xa5/0xe0
[  204.180902][ T7066]  ? __kernel_text_address+0xd/0x40
[  204.180913][ T7066]  ? unwind_get_return_address+0x4d/0x90
[  204.180927][ T7066]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  204.180944][ T7066]  ? arch_stack_walk+0xfc/0x150
[  204.180961][ T7066]  ? __lock_acquire+0xab9/0xd20
[  204.180980][ T7066]  ? btrfs_commit_transaction+0x161/0x37f0
[  204.180999][ T7066]  btrfs_run_delayed_refs+0xe6/0x300
[  204.181012][ T7066]  btrfs_commit_transaction+0x274/0x37f0
[  204.181027][ T7066]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.181040][ T7066]  ? btrfs_commit_transaction+0x161/0x37f0
[  204.181057][ T7066]  ? __lock_acquire+0xab9/0xd20
[  204.181076][ T7066]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  204.181094][ T7066]  ? do_raw_spin_unlock+0x4d/0x240
[  204.181104][ T7066]  ? join_transaction+0x41b/0xd70
[  204.181122][ T7066]  ? btrfs_record_root_in_trans+0x124/0x180
[  204.181137][ T7066]  ? start_transaction+0x439/0x1620
[  204.181161][ T7066]  try_flush_qgroup+0x1dd/0x380
[  204.181175][ T7066]  ? kfree+0x18e/0x440
[  204.181192][ T7066]  ? __pfx_try_flush_qgroup+0x10/0x10
[  204.181207][ T7066]  ? qgroup_reserve_data+0x6cc/0x8d0
[  204.181228][ T7066]  btrfs_qgroup_reserve_data+0x69/0xb0
[  204.181244][ T7066]  btrfs_check_data_free_space+0x2ce/0x450
[  204.181261][ T7066]  btrfs_buffered_write+0x46c/0x16c0
[  204.181292][ T7066]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  204.181303][ T7066]  ? aa_file_perm+0x11f/0xed0
[  204.181319][ T7066]  ? aa_file_perm+0x3e7/0xed0
[  204.181333][ T7066]  btrfs_do_write_iter+0x238/0x710
[  204.181349][ T7066]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  204.181368][ T7066]  do_iter_readv_writev+0x56b/0x7f0
[  204.181381][ T7066]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  204.181390][ T7066]  ? rcu_read_lock_any_held+0xb3/0x120
[  204.181412][ T7066]  vfs_writev+0x31a/0x960
[  204.181426][ T7066]  ? __lock_acquire+0xab9/0xd20
[  204.181439][ T7066]  ? __pfx_vfs_writev+0x10/0x10
[  204.181462][ T7066]  ? __fget_files+0x2a/0x420
[  204.181477][ T7066]  ? __fget_files+0x3a0/0x420
[  204.181486][ T7066]  ? __fget_files+0x2a/0x420
[  204.181502][ T7066]  __se_sys_pwritev2+0x179/0x290
[  204.181515][ T7066]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  204.181524][ T7066]  ? rcu_is_watching+0x15/0xb0
[  204.181540][ T7066]  ? do_syscall_64+0xbe/0x3b0
[  204.181547][ T7066]  ? __x64_sys_pwritev2+0x20/0xc0
[  204.181558][ T7066]  do_syscall_64+0xfa/0x3b0
[  204.181567][ T7066]  ? lockdep_hardirqs_on+0x9c/0x150
[  204.181580][ T7066]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.181589][ T7066]  ? clear_bhb_loop+0x60/0xb0
[  204.181601][ T7066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.181611][ T7066] RIP: 0033:0x7f0dec57e719
[  204.181623][ T7066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.181631][ T7066] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  204.181643][ T7066] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  204.181650][ T7066] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  204.181656][ T7066] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  204.181662][ T7066] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  204.181667][ T7066] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  204.181686][ T7066]  </TASK>
[  204.181695][ T7066] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  204.456953][  T173] BTRFS info (device loop0 state A): qgroup scan completed (inconsistency flag cleared)
[  204.461452][ T7066] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  204.470218][ T7066] BTRFS info (device loop0 state EA): forced readonly
[  204.473297][ T7066] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  204.478888][ T7066] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  204.485568][ T7066] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  204.498714][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  204.505797][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  204.511126][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  204.879397][ T7084] loop0: detected capacity change from 0 to 32768
[  204.890231][ T7084] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.79 (7084)
[  204.911559][ T7084] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  204.925328][ T7084] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  204.929107][ T7084] BTRFS info (device loop0): using free-space-tree
[  205.030358][ T7084] FAULT_INJECTION: forcing a failure.
[  205.030358][ T7084] name failslab, interval 1, probability 0, space 0, times 0
[  205.045603][ T7084] CPU: 0 UID: 0 PID: 7084 Comm: syz.0.79 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  205.045616][ T7084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  205.045622][ T7084] Call Trace:
[  205.045627][ T7084]  <TASK>
[  205.045632][ T7084]  dump_stack_lvl+0x189/0x250
[  205.045749][ T7084]  ? __pfx____ratelimit+0x10/0x10
[  205.045793][ T7084]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.045802][ T7084]  ? __pfx__printk+0x10/0x10
[  205.045813][ T7084]  ? __pfx___might_resched+0x10/0x10
[  205.045823][ T7084]  ? fs_reclaim_acquire+0x7d/0x100
[  205.045857][ T7084]  should_fail_ex+0x414/0x560
[  205.045871][ T7084]  should_failslab+0xa8/0x100
[  205.045883][ T7084]  kmem_cache_alloc_noprof+0x73/0x3c0
[  205.045897][ T7084]  ? __btrfs_free_extent+0x2fb/0x2eb0
[  205.045914][ T7084]  __btrfs_free_extent+0x2fb/0x2eb0
[  205.045938][ T7084]  ? __pfx___btrfs_free_extent+0x10/0x10
[  205.045950][ T7084]  ? do_raw_read_unlock+0x3d/0x80
[  205.045975][ T7084]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  205.046012][ T7084]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  205.046025][ T7084]  ? __pfx___mutex_trylock_common+0x10/0x10
[  205.046039][ T7084]  ? rcu_is_watching+0x15/0xb0
[  205.046061][ T7084]  ? btrfs_start_dirty_block_groups+0xbfe/0xf70
[  205.046078][ T7084]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  205.046096][ T7084]  ? __pfx___mutex_lock+0x10/0x10
[  205.046111][ T7084]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  205.046129][ T7084]  ? btrfs_block_rsv_release+0x529/0x5e0
[  205.046147][ T7084]  btrfs_run_delayed_refs+0xe6/0x300
[  205.046164][ T7084]  btrfs_start_dirty_block_groups+0xc08/0xf70
[  205.046198][ T7084]  ? __pfx_btrfs_start_dirty_block_groups+0x10/0x10
[  205.046219][ T7084]  ? __kasan_slab_alloc+0x6c/0x80
[  205.046229][ T7084]  ? btrfs_trans_release_metadata+0x22d/0x330
[  205.046247][ T7084]  btrfs_commit_transaction+0x666/0x37f0
[  205.046266][ T7084]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.046279][ T7084]  ? btrfs_commit_transaction+0x161/0x37f0
[  205.046299][ T7084]  ? __lock_acquire+0xab9/0xd20
[  205.046320][ T7084]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  205.046340][ T7084]  ? do_raw_spin_unlock+0x4d/0x240
[  205.046350][ T7084]  ? join_transaction+0x41b/0xd70
[  205.046368][ T7084]  ? btrfs_record_root_in_trans+0x124/0x180
[  205.046384][ T7084]  ? start_transaction+0x439/0x1620
[  205.046410][ T7084]  try_flush_qgroup+0x1dd/0x380
[  205.046424][ T7084]  ? kfree+0x18e/0x440
[  205.046441][ T7084]  ? __pfx_try_flush_qgroup+0x10/0x10
[  205.046456][ T7084]  ? qgroup_reserve_data+0x6cc/0x8d0
[  205.046478][ T7084]  btrfs_qgroup_reserve_data+0x69/0xb0
[  205.046495][ T7084]  btrfs_check_data_free_space+0x2ce/0x450
[  205.046512][ T7084]  btrfs_buffered_write+0x46c/0x16c0
[  205.046542][ T7084]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  205.046552][ T7084]  ? aa_file_perm+0x11f/0xed0
[  205.046570][ T7084]  ? aa_file_perm+0x3e7/0xed0
[  205.046587][ T7084]  btrfs_do_write_iter+0x238/0x710
[  205.046601][ T7084]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  205.046618][ T7084]  do_iter_readv_writev+0x56b/0x7f0
[  205.046632][ T7084]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  205.046640][ T7084]  ? rcu_read_lock_any_held+0xb3/0x120
[  205.046661][ T7084]  vfs_writev+0x31a/0x960
[  205.046676][ T7084]  ? __lock_acquire+0xab9/0xd20
[  205.046691][ T7084]  ? __pfx_vfs_writev+0x10/0x10
[  205.046713][ T7084]  ? __fget_files+0x2a/0x420
[  205.046728][ T7084]  ? __fget_files+0x3a0/0x420
[  205.046738][ T7084]  ? __fget_files+0x2a/0x420
[  205.046763][ T7084]  __se_sys_pwritev2+0x179/0x290
[  205.046777][ T7084]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  205.046786][ T7084]  ? rcu_is_watching+0x15/0xb0
[  205.046806][ T7084]  ? do_syscall_64+0xbe/0x3b0
[  205.046814][ T7084]  ? __x64_sys_pwritev2+0x20/0xc0
[  205.046826][ T7084]  do_syscall_64+0xfa/0x3b0
[  205.046834][ T7084]  ? lockdep_hardirqs_on+0x9c/0x150
[  205.046848][ T7084]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.046858][ T7084]  ? clear_bhb_loop+0x60/0xb0
[  205.046872][ T7084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.046882][ T7084] RIP: 0033:0x7f0dec57e719
[  205.046894][ T7084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.046903][ T7084] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  205.046916][ T7084] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  205.046923][ T7084] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  205.046928][ T7084] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  205.046934][ T7084] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  205.046941][ T7084] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  205.046959][ T7084]  </TASK>
[  205.046968][ T7084] BTRFS error (device loop0): failed to run delayed ref for logical 5357568 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  205.300753][ T7084] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  205.307387][ T7084] BTRFS: error (device loop0 state A) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  205.312084][ T7084] BTRFS info (device loop0 state EA): forced readonly
[  205.317085][  T173] BTRFS warning (device loop0 state EA): Skipping commit of aborted transaction.
[  205.322160][  T173] BTRFS: error (device loop0 state EA) in cleanup_transaction:2021: errno=-12 Out of memory
[  205.331777][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  205.339318][  T173] BTRFS error (device loop0 state EA): fail to start transaction for status update: -30
[  205.345656][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  205.350181][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  205.702746][ T7102] loop0: detected capacity change from 0 to 32768
[  205.714706][ T7102] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.80 (7102)
[  205.737593][ T7102] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  205.741857][ T7102] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  205.759146][ T7102] BTRFS info (device loop0): using free-space-tree
[  205.849017][ T7102] FAULT_INJECTION: forcing a failure.
[  205.849017][ T7102] name failslab, interval 1, probability 0, space 0, times 0
[  205.857890][ T1039] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  205.864287][ T7102] CPU: 0 UID: 0 PID: 7102 Comm: syz.0.80 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  205.864304][ T7102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  205.864310][ T7102] Call Trace:
[  205.864316][ T7102]  <TASK>
[  205.864320][ T7102]  dump_stack_lvl+0x189/0x250
[  205.864371][ T7102]  ? __pfx____ratelimit+0x10/0x10
[  205.864388][ T7102]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.864403][ T7102]  ? __pfx__printk+0x10/0x10
[  205.864420][ T7102]  ? __pfx___might_resched+0x10/0x10
[  205.864439][ T7102]  should_fail_ex+0x414/0x560
[  205.864457][ T7102]  should_failslab+0xa8/0x100
[  205.864470][ T7102]  kmem_cache_alloc_noprof+0x73/0x3c0
[  205.864485][ T7102]  ? add_to_free_space_tree+0xdf/0x440
[  205.864501][ T7102]  add_to_free_space_tree+0xdf/0x440
[  205.864516][ T7102]  __btrfs_free_extent+0x16cf/0x2eb0
[  205.864543][ T7102]  ? __pfx___btrfs_free_extent+0x10/0x10
[  205.864569][ T7102]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  205.864608][ T7102]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  205.864621][ T7102]  ? kernel_text_address+0xa5/0xe0
[  205.864635][ T7102]  ? __kernel_text_address+0xd/0x40
[  205.864646][ T7102]  ? unwind_get_return_address+0x4d/0x90
[  205.864662][ T7102]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  205.864674][ T7102]  ? arch_stack_walk+0xfc/0x150
[  205.864692][ T7102]  ? __lock_acquire+0xab9/0xd20
[  205.864714][ T7102]  ? btrfs_commit_transaction+0x161/0x37f0
[  205.864734][ T7102]  btrfs_run_delayed_refs+0xe6/0x300
[  205.864749][ T7102]  btrfs_commit_transaction+0x274/0x37f0
[  205.864761][ T7102]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.864776][ T7102]  ? btrfs_commit_transaction+0x161/0x37f0
[  205.864794][ T7102]  ? __lock_acquire+0xab9/0xd20
[  205.864815][ T7102]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  205.864834][ T7102]  ? do_raw_spin_unlock+0x4d/0x240
[  205.864846][ T7102]  ? join_transaction+0x41b/0xd70
[  205.864865][ T7102]  ? btrfs_record_root_in_trans+0x124/0x180
[  205.864882][ T7102]  ? start_transaction+0x439/0x1620
[  205.864908][ T7102]  try_flush_qgroup+0x1dd/0x380
[  205.864922][ T7102]  ? kfree+0x18e/0x440
[  205.864937][ T7102]  ? __pfx_try_flush_qgroup+0x10/0x10
[  205.864952][ T7102]  ? qgroup_reserve_data+0x6cc/0x8d0
[  205.864976][ T7102]  btrfs_qgroup_reserve_data+0x69/0xb0
[  205.864994][ T7102]  btrfs_check_data_free_space+0x2ce/0x450
[  205.865016][ T7102]  btrfs_buffered_write+0x46c/0x16c0
[  205.865045][ T7102]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  205.865056][ T7102]  ? aa_file_perm+0x11f/0xed0
[  205.865074][ T7102]  ? aa_file_perm+0x3e7/0xed0
[  205.865089][ T7102]  btrfs_do_write_iter+0x238/0x710
[  205.865105][ T7102]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  205.865123][ T7102]  do_iter_readv_writev+0x56b/0x7f0
[  205.865136][ T7102]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  205.865146][ T7102]  ? rcu_read_lock_any_held+0xb3/0x120
[  205.865167][ T7102]  vfs_writev+0x31a/0x960
[  205.865182][ T7102]  ? __lock_acquire+0xab9/0xd20
[  205.865196][ T7102]  ? __pfx_vfs_writev+0x10/0x10
[  205.865220][ T7102]  ? __fget_files+0x2a/0x420
[  205.865235][ T7102]  ? __fget_files+0x3a0/0x420
[  205.865246][ T7102]  ? __fget_files+0x2a/0x420
[  205.865263][ T7102]  __se_sys_pwritev2+0x179/0x290
[  205.865276][ T7102]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  205.865286][ T7102]  ? rcu_is_watching+0x15/0xb0
[  205.865306][ T7102]  ? do_syscall_64+0xbe/0x3b0
[  205.865315][ T7102]  ? __x64_sys_pwritev2+0x20/0xc0
[  205.865328][ T7102]  do_syscall_64+0xfa/0x3b0
[  205.865336][ T7102]  ? lockdep_hardirqs_on+0x9c/0x150
[  205.865351][ T7102]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.865360][ T7102]  ? clear_bhb_loop+0x60/0xb0
[  205.865372][ T7102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.865382][ T7102] RIP: 0033:0x7f0dec57e719
[  205.865393][ T7102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.865402][ T7102] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  205.865416][ T7102] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  205.865423][ T7102] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  205.865430][ T7102] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  205.865437][ T7102] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  205.865443][ T7102] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  205.865462][ T7102]  </TASK>
[  205.865471][ T7102] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  206.129782][ T7102] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  206.137550][ T7102] BTRFS info (device loop0 state EA): forced readonly
[  206.140720][ T7102] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  206.147337][ T7102] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  206.154695][ T7102] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  206.166594][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  206.172087][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  206.177805][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  206.566590][ T7120] loop0: detected capacity change from 0 to 32768
[  206.574970][ T7120] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.81 (7120)
[  206.612548][ T7120] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  206.624892][ T7120] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  206.628705][ T7120] BTRFS info (device loop0): using free-space-tree
[  206.729911][ T7120] FAULT_INJECTION: forcing a failure.
[  206.729911][ T7120] name failslab, interval 1, probability 0, space 0, times 0
[  206.741207][ T1039] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  206.755654][ T7120] CPU: 0 UID: 0 PID: 7120 Comm: syz.0.81 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  206.755672][ T7120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  206.755680][ T7120] Call Trace:
[  206.755687][ T7120]  <TASK>
[  206.755693][ T7120]  dump_stack_lvl+0x189/0x250
[  206.755715][ T7120]  ? __pfx____ratelimit+0x10/0x10
[  206.755733][ T7120]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.755750][ T7120]  ? __pfx__printk+0x10/0x10
[  206.755768][ T7120]  ? __pfx___might_resched+0x10/0x10
[  206.755789][ T7120]  should_fail_ex+0x414/0x560
[  206.755808][ T7120]  should_failslab+0xa8/0x100
[  206.755824][ T7120]  kmem_cache_alloc_noprof+0x73/0x3c0
[  206.755840][ T7120]  ? add_to_free_space_tree+0xdf/0x440
[  206.755859][ T7120]  add_to_free_space_tree+0xdf/0x440
[  206.755877][ T7120]  __btrfs_free_extent+0x16cf/0x2eb0
[  206.755913][ T7120]  ? __pfx___btrfs_free_extent+0x10/0x10
[  206.755943][ T7120]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  206.755986][ T7120]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  206.756003][ T7120]  ? kernel_text_address+0xa5/0xe0
[  206.756019][ T7120]  ? __kernel_text_address+0xd/0x40
[  206.756031][ T7120]  ? unwind_get_return_address+0x4d/0x90
[  206.756047][ T7120]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  206.756061][ T7120]  ? arch_stack_walk+0xfc/0x150
[  206.756080][ T7120]  ? __lock_acquire+0xab9/0xd20
[  206.756103][ T7120]  ? btrfs_commit_transaction+0x161/0x37f0
[  206.756124][ T7120]  btrfs_run_delayed_refs+0xe6/0x300
[  206.756140][ T7120]  btrfs_commit_transaction+0x274/0x37f0
[  206.756156][ T7120]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.756171][ T7120]  ? btrfs_commit_transaction+0x161/0x37f0
[  206.756191][ T7120]  ? __lock_acquire+0xab9/0xd20
[  206.756214][ T7120]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  206.756235][ T7120]  ? do_raw_spin_unlock+0x4d/0x240
[  206.756248][ T7120]  ? join_transaction+0x41b/0xd70
[  206.756268][ T7120]  ? btrfs_record_root_in_trans+0x124/0x180
[  206.756286][ T7120]  ? start_transaction+0x439/0x1620
[  206.756342][ T7120]  try_flush_qgroup+0x1dd/0x380
[  206.756359][ T7120]  ? kfree+0x18e/0x440
[  206.756376][ T7120]  ? __pfx_try_flush_qgroup+0x10/0x10
[  206.756392][ T7120]  ? qgroup_reserve_data+0x6cc/0x8d0
[  206.756417][ T7120]  btrfs_qgroup_reserve_data+0x69/0xb0
[  206.756436][ T7120]  btrfs_check_data_free_space+0x2ce/0x450
[  206.756453][ T7120]  btrfs_buffered_write+0x46c/0x16c0
[  206.756486][ T7120]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  206.756499][ T7120]  ? aa_file_perm+0x11f/0xed0
[  206.756517][ T7120]  ? aa_file_perm+0x3e7/0xed0
[  206.756534][ T7120]  btrfs_do_write_iter+0x238/0x710
[  206.756553][ T7120]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  206.756572][ T7120]  do_iter_readv_writev+0x56b/0x7f0
[  206.756586][ T7120]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  206.756596][ T7120]  ? rcu_read_lock_any_held+0xb3/0x120
[  206.756620][ T7120]  vfs_writev+0x31a/0x960
[  206.756637][ T7120]  ? __lock_acquire+0xab9/0xd20
[  206.756653][ T7120]  ? __pfx_vfs_writev+0x10/0x10
[  206.756677][ T7120]  ? __fget_files+0x2a/0x420
[  206.756693][ T7120]  ? __fget_files+0x3a0/0x420
[  206.756705][ T7120]  ? __fget_files+0x2a/0x420
[  206.756723][ T7120]  __se_sys_pwritev2+0x179/0x290
[  206.756738][ T7120]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  206.756750][ T7120]  ? rcu_is_watching+0x15/0xb0
[  206.756768][ T7120]  ? do_syscall_64+0xbe/0x3b0
[  206.756778][ T7120]  ? __x64_sys_pwritev2+0x20/0xc0
[  206.756792][ T7120]  do_syscall_64+0xfa/0x3b0
[  206.756801][ T7120]  ? lockdep_hardirqs_on+0x9c/0x150
[  206.756816][ T7120]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.756827][ T7120]  ? clear_bhb_loop+0x60/0xb0
[  206.756842][ T7120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.756851][ T7120] RIP: 0033:0x7f0dec57e719
[  206.756863][ T7120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.756872][ T7120] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  206.756887][ T7120] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  206.756902][ T7120] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  206.756910][ T7120] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  206.756917][ T7120] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  206.756924][ T7120] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  206.756943][ T7120]  </TASK>
[  206.756953][ T7120] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  207.085236][ T7120] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  207.096302][ T7120] BTRFS info (device loop0 state EA): forced readonly
[  207.105695][ T7120] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  207.116398][ T7120] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  207.126599][ T7120] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  207.148942][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  207.165342][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  207.170822][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  207.574766][ T7139] loop0: detected capacity change from 0 to 32768
[  207.588287][ T7139] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.82 (7139)
[  207.612187][ T7139] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  207.625030][ T7139] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  207.629385][ T7139] BTRFS info (device loop0): using free-space-tree
[  207.734898][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  207.745098][ T7139] FAULT_INJECTION: forcing a failure.
[  207.745098][ T7139] name failslab, interval 1, probability 0, space 0, times 0
[  207.750731][ T7139] CPU: 0 UID: 0 PID: 7139 Comm: syz.0.82 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  207.750748][ T7139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  207.750755][ T7139] Call Trace:
[  207.750762][ T7139]  <TASK>
[  207.750768][ T7139]  dump_stack_lvl+0x189/0x250
[  207.750806][ T7139]  ? __pfx____ratelimit+0x10/0x10
[  207.750830][ T7139]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.750846][ T7139]  ? __pfx__printk+0x10/0x10
[  207.750861][ T7139]  ? __pfx___might_resched+0x10/0x10
[  207.750879][ T7139]  ? fs_reclaim_acquire+0x7d/0x100
[  207.750901][ T7139]  should_fail_ex+0x414/0x560
[  207.750920][ T7139]  should_failslab+0xa8/0x100
[  207.750934][ T7139]  kmem_cache_alloc_noprof+0x73/0x3c0
[  207.750956][ T7139]  ? alloc_extent_state+0x22/0x2f0
[  207.750974][ T7139]  alloc_extent_state+0x22/0x2f0
[  207.750989][ T7139]  set_extent_bit+0x270/0x2180
[  207.751019][ T7139]  ? __pfx_set_extent_bit+0x10/0x10
[  207.751038][ T7139]  ? __kasan_kmalloc+0x93/0xb0
[  207.751052][ T7139]  btrfs_set_record_extent_bits+0x50/0x90
[  207.751072][ T7139]  qgroup_reserve_data+0x29e/0x8d0
[  207.751099][ T7139]  btrfs_check_data_free_space+0x2ce/0x450
[  207.751117][ T7139]  btrfs_buffered_write+0x46c/0x16c0
[  207.751146][ T7139]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  207.751158][ T7139]  ? aa_file_perm+0x11f/0xed0
[  207.751179][ T7139]  ? aa_file_perm+0x3e7/0xed0
[  207.751197][ T7139]  btrfs_do_write_iter+0x238/0x710
[  207.751214][ T7139]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  207.751232][ T7139]  do_iter_readv_writev+0x56b/0x7f0
[  207.751247][ T7139]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  207.751258][ T7139]  ? rcu_read_lock_any_held+0xb3/0x120
[  207.751282][ T7139]  vfs_writev+0x31a/0x960
[  207.751298][ T7139]  ? __lock_acquire+0xab9/0xd20
[  207.751317][ T7139]  ? __pfx_vfs_writev+0x10/0x10
[  207.751339][ T7139]  ? __fget_files+0x2a/0x420
[  207.751356][ T7139]  ? __fget_files+0x3a0/0x420
[  207.751367][ T7139]  ? __fget_files+0x2a/0x420
[  207.751384][ T7139]  __se_sys_pwritev2+0x179/0x290
[  207.751398][ T7139]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  207.751409][ T7139]  ? rcu_is_watching+0x15/0xb0
[  207.751428][ T7139]  ? do_syscall_64+0xbe/0x3b0
[  207.751437][ T7139]  ? __x64_sys_pwritev2+0x20/0xc0
[  207.751450][ T7139]  do_syscall_64+0xfa/0x3b0
[  207.751460][ T7139]  ? lockdep_hardirqs_on+0x9c/0x150
[  207.751475][ T7139]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.751486][ T7139]  ? clear_bhb_loop+0x60/0xb0
[  207.751499][ T7139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.751510][ T7139] RIP: 0033:0x7f0dec57e719
[  207.751523][ T7139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.751531][ T7139] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  207.751544][ T7139] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  207.751551][ T7139] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  207.751558][ T7139] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  207.751566][ T7139] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  207.751572][ T7139] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  207.751587][ T7139]  </TASK>
[  207.915145][ T5788] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
2025/06/25 05:36:21 executed programs: 70
[  208.313139][ T7157] loop0: detected capacity change from 0 to 32768
[  208.327746][ T7157] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.83 (7157)
[  208.349462][ T7157] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  208.362591][ T7157] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  208.372767][ T7157] BTRFS info (device loop0): using free-space-tree
[  208.465435][ T7157] FAULT_INJECTION: forcing a failure.
[  208.465435][ T7157] name failslab, interval 1, probability 0, space 0, times 0
[  208.475060][ T1039] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  208.484723][ T7157] CPU: 0 UID: 0 PID: 7157 Comm: syz.0.83 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  208.484741][ T7157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.484748][ T7157] Call Trace:
[  208.484753][ T7157]  <TASK>
[  208.484758][ T7157]  dump_stack_lvl+0x189/0x250
[  208.484778][ T7157]  ? __pfx____ratelimit+0x10/0x10
[  208.484793][ T7157]  ? __pfx_dump_stack_lvl+0x10/0x10
[  208.484809][ T7157]  ? __pfx__printk+0x10/0x10
[  208.484825][ T7157]  ? __pfx___might_resched+0x10/0x10
[  208.484843][ T7157]  should_fail_ex+0x414/0x560
[  208.484861][ T7157]  should_failslab+0xa8/0x100
[  208.484874][ T7157]  kmem_cache_alloc_noprof+0x73/0x3c0
[  208.484890][ T7157]  ? add_to_free_space_tree+0xdf/0x440
[  208.484905][ T7157]  add_to_free_space_tree+0xdf/0x440
[  208.484921][ T7157]  __btrfs_free_extent+0x16cf/0x2eb0
[  208.484945][ T7157]  ? __pfx___btrfs_free_extent+0x10/0x10
[  208.484972][ T7157]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  208.485009][ T7157]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  208.485023][ T7157]  ? kernel_text_address+0xa5/0xe0
[  208.485037][ T7157]  ? __kernel_text_address+0xd/0x40
[  208.485048][ T7157]  ? unwind_get_return_address+0x4d/0x90
[  208.485063][ T7157]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  208.485075][ T7157]  ? arch_stack_walk+0xfc/0x150
[  208.485092][ T7157]  ? __lock_acquire+0xab9/0xd20
[  208.485114][ T7157]  ? btrfs_commit_transaction+0x161/0x37f0
[  208.485134][ T7157]  btrfs_run_delayed_refs+0xe6/0x300
[  208.485149][ T7157]  btrfs_commit_transaction+0x274/0x37f0
[  208.485163][ T7157]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.485175][ T7157]  ? btrfs_commit_transaction+0x161/0x37f0
[  208.485195][ T7157]  ? __lock_acquire+0xab9/0xd20
[  208.485215][ T7157]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  208.485234][ T7157]  ? do_raw_spin_unlock+0x4d/0x240
[  208.485245][ T7157]  ? join_transaction+0x41b/0xd70
[  208.485263][ T7157]  ? btrfs_record_root_in_trans+0x124/0x180
[  208.485280][ T7157]  ? start_transaction+0x439/0x1620
[  208.485307][ T7157]  try_flush_qgroup+0x1dd/0x380
[  208.485323][ T7157]  ? kfree+0x18e/0x440
[  208.485339][ T7157]  ? __pfx_try_flush_qgroup+0x10/0x10
[  208.485354][ T7157]  ? qgroup_reserve_data+0x6cc/0x8d0
[  208.485377][ T7157]  btrfs_qgroup_reserve_data+0x69/0xb0
[  208.485393][ T7157]  btrfs_check_data_free_space+0x2ce/0x450
[  208.485410][ T7157]  btrfs_buffered_write+0x46c/0x16c0
[  208.485439][ T7157]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  208.485450][ T7157]  ? aa_file_perm+0x11f/0xed0
[  208.485468][ T7157]  ? aa_file_perm+0x3e7/0xed0
[  208.485484][ T7157]  btrfs_do_write_iter+0x238/0x710
[  208.485500][ T7157]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  208.485519][ T7157]  do_iter_readv_writev+0x56b/0x7f0
[  208.485533][ T7157]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  208.485542][ T7157]  ? rcu_read_lock_any_held+0xb3/0x120
[  208.485563][ T7157]  vfs_writev+0x31a/0x960
[  208.485578][ T7157]  ? __lock_acquire+0xab9/0xd20
[  208.485593][ T7157]  ? __pfx_vfs_writev+0x10/0x10
[  208.485616][ T7157]  ? __fget_files+0x2a/0x420
[  208.485640][ T7157]  ? __fget_files+0x3a0/0x420
[  208.485650][ T7157]  ? __fget_files+0x2a/0x420
[  208.485666][ T7157]  __se_sys_pwritev2+0x179/0x290
[  208.485680][ T7157]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  208.485689][ T7157]  ? rcu_is_watching+0x15/0xb0
[  208.485707][ T7157]  ? do_syscall_64+0xbe/0x3b0
[  208.485716][ T7157]  ? __x64_sys_pwritev2+0x20/0xc0
[  208.485729][ T7157]  do_syscall_64+0xfa/0x3b0
[  208.485737][ T7157]  ? lockdep_hardirqs_on+0x9c/0x150
[  208.485750][ T7157]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.485760][ T7157]  ? clear_bhb_loop+0x60/0xb0
[  208.485774][ T7157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.485783][ T7157] RIP: 0033:0x7f0dec57e719
[  208.485794][ T7157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.485803][ T7157] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  208.485816][ T7157] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  208.485825][ T7157] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  208.485831][ T7157] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  208.485837][ T7157] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  208.485842][ T7157] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  208.485861][ T7157]  </TASK>
[  208.485871][ T7157] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  208.718629][ T7157] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  208.723139][ T7157] BTRFS info (device loop0 state EA): forced readonly
[  208.728346][ T7157] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  208.732934][ T7157] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  208.741311][ T7157] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  208.753137][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  208.758993][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  208.763491][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  209.123141][ T7175] loop0: detected capacity change from 0 to 32768
[  209.131146][ T7175] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.84 (7175)
[  209.151090][ T7175] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  209.162728][ T7175] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  209.172886][ T7175] BTRFS info (device loop0): using free-space-tree
[  209.253527][ T7175] FAULT_INJECTION: forcing a failure.
[  209.253527][ T7175] name failslab, interval 1, probability 0, space 0, times 0
[  209.267811][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  209.274511][ T7175] CPU: 0 UID: 0 PID: 7175 Comm: syz.0.84 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  209.274529][ T7175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.274535][ T7175] Call Trace:
[  209.274541][ T7175]  <TASK>
[  209.274546][ T7175]  dump_stack_lvl+0x189/0x250
[  209.274567][ T7175]  ? __pfx____ratelimit+0x10/0x10
[  209.274583][ T7175]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.274598][ T7175]  ? __pfx__printk+0x10/0x10
[  209.274612][ T7175]  ? __pfx___might_resched+0x10/0x10
[  209.274638][ T7175]  should_fail_ex+0x414/0x560
[  209.274654][ T7175]  should_failslab+0xa8/0x100
[  209.274668][ T7175]  kmem_cache_alloc_noprof+0x73/0x3c0
[  209.274684][ T7175]  ? start_transaction+0x47b/0x1620
[  209.274703][ T7175]  start_transaction+0x47b/0x1620
[  209.274723][ T7175]  ? _raw_spin_unlock_irq+0x23/0x50
[  209.274739][ T7175]  btrfs_commit_current_transaction+0x26/0xd0
[  209.274754][ T7175]  try_flush_qgroup+0x1dd/0x380
[  209.274769][ T7175]  ? kfree+0x18e/0x440
[  209.274784][ T7175]  ? __pfx_try_flush_qgroup+0x10/0x10
[  209.274797][ T7175]  ? qgroup_reserve_data+0x6cc/0x8d0
[  209.274820][ T7175]  btrfs_qgroup_reserve_data+0x69/0xb0
[  209.274836][ T7175]  btrfs_check_data_free_space+0x2ce/0x450
[  209.274853][ T7175]  btrfs_buffered_write+0x46c/0x16c0
[  209.274880][ T7175]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  209.274890][ T7175]  ? aa_file_perm+0x11f/0xed0
[  209.274908][ T7175]  ? aa_file_perm+0x3e7/0xed0
[  209.274924][ T7175]  btrfs_do_write_iter+0x238/0x710
[  209.274941][ T7175]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  209.274957][ T7175]  do_iter_readv_writev+0x56b/0x7f0
[  209.274968][ T7175]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  209.274975][ T7175]  ? rcu_read_lock_any_held+0xb3/0x120
[  209.274995][ T7175]  vfs_writev+0x31a/0x960
[  209.275011][ T7175]  ? __lock_acquire+0xab9/0xd20
[  209.275027][ T7175]  ? __pfx_vfs_writev+0x10/0x10
[  209.275048][ T7175]  ? __fget_files+0x2a/0x420
[  209.275062][ T7175]  ? __fget_files+0x3a0/0x420
[  209.275073][ T7175]  ? __fget_files+0x2a/0x420
[  209.275089][ T7175]  __se_sys_pwritev2+0x179/0x290
[  209.275103][ T7175]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  209.275113][ T7175]  ? rcu_is_watching+0x15/0xb0
[  209.275130][ T7175]  ? do_syscall_64+0xbe/0x3b0
[  209.275139][ T7175]  ? __x64_sys_pwritev2+0x20/0xc0
[  209.275151][ T7175]  do_syscall_64+0xfa/0x3b0
[  209.275160][ T7175]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.275173][ T7175]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.275183][ T7175]  ? clear_bhb_loop+0x60/0xb0
[  209.275196][ T7175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.275207][ T7175] RIP: 0033:0x7f0dec57e719
[  209.275218][ T7175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.275226][ T7175] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  209.275239][ T7175] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  209.275246][ T7175] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  209.275253][ T7175] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  209.275260][ T7175] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  209.275266][ T7175] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  209.275284][ T7175]  </TASK>
[  209.458593][ T5788] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  209.857109][ T7193] loop0: detected capacity change from 0 to 32768
[  209.868141][ T7193] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.85 (7193)
[  209.900791][ T7193] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  209.915508][ T7193] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  209.919285][ T7193] BTRFS info (device loop0): using free-space-tree
[  209.990253][ T1039] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  210.001187][ T7193] FAULT_INJECTION: forcing a failure.
[  210.001187][ T7193] name failslab, interval 1, probability 0, space 0, times 0
[  210.015868][ T7193] CPU: 0 UID: 0 PID: 7193 Comm: syz.0.85 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  210.015897][ T7193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  210.015905][ T7193] Call Trace:
[  210.015910][ T7193]  <TASK>
[  210.015916][ T7193]  dump_stack_lvl+0x189/0x250
[  210.015953][ T7193]  ? __pfx____ratelimit+0x10/0x10
[  210.015978][ T7193]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.015993][ T7193]  ? __pfx__printk+0x10/0x10
[  210.016009][ T7193]  ? __pfx___might_resched+0x10/0x10
[  210.016027][ T7193]  should_fail_ex+0x414/0x560
[  210.016053][ T7193]  should_failslab+0xa8/0x100
[  210.016067][ T7193]  kmem_cache_alloc_noprof+0x73/0x3c0
[  210.016082][ T7193]  ? add_to_free_space_tree+0xdf/0x440
[  210.016098][ T7193]  add_to_free_space_tree+0xdf/0x440
[  210.016115][ T7193]  __btrfs_free_extent+0x16cf/0x2eb0
[  210.016141][ T7193]  ? __pfx___btrfs_free_extent+0x10/0x10
[  210.016168][ T7193]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  210.016208][ T7193]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  210.016222][ T7193]  ? kernel_text_address+0xa5/0xe0
[  210.016236][ T7193]  ? __kernel_text_address+0xd/0x40
[  210.016248][ T7193]  ? unwind_get_return_address+0x4d/0x90
[  210.016264][ T7193]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  210.016276][ T7193]  ? arch_stack_walk+0xfc/0x150
[  210.016324][ T7193]  ? __lock_acquire+0xab9/0xd20
[  210.016349][ T7193]  ? btrfs_commit_transaction+0x161/0x37f0
[  210.016369][ T7193]  btrfs_run_delayed_refs+0xe6/0x300
[  210.016384][ T7193]  btrfs_commit_transaction+0x274/0x37f0
[  210.016398][ T7193]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.016412][ T7193]  ? btrfs_commit_transaction+0x161/0x37f0
[  210.016440][ T7193]  ? __lock_acquire+0xab9/0xd20
[  210.016461][ T7193]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  210.016479][ T7193]  ? do_raw_spin_unlock+0x4d/0x240
[  210.016491][ T7193]  ? join_transaction+0x41b/0xd70
[  210.016510][ T7193]  ? btrfs_record_root_in_trans+0x124/0x180
[  210.016525][ T7193]  ? start_transaction+0x439/0x1620
[  210.016552][ T7193]  try_flush_qgroup+0x1dd/0x380
[  210.016566][ T7193]  ? kfree+0x18e/0x440
[  210.016582][ T7193]  ? __pfx_try_flush_qgroup+0x10/0x10
[  210.016597][ T7193]  ? qgroup_reserve_data+0x6cc/0x8d0
[  210.016618][ T7193]  btrfs_qgroup_reserve_data+0x69/0xb0
[  210.016634][ T7193]  btrfs_check_data_free_space+0x2ce/0x450
[  210.016651][ T7193]  btrfs_buffered_write+0x46c/0x16c0
[  210.016680][ T7193]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  210.016692][ T7193]  ? aa_file_perm+0x11f/0xed0
[  210.016708][ T7193]  ? aa_file_perm+0x3e7/0xed0
[  210.016723][ T7193]  btrfs_do_write_iter+0x238/0x710
[  210.016737][ T7193]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  210.016755][ T7193]  do_iter_readv_writev+0x56b/0x7f0
[  210.016768][ T7193]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  210.016777][ T7193]  ? rcu_read_lock_any_held+0xb3/0x120
[  210.016800][ T7193]  vfs_writev+0x31a/0x960
[  210.016818][ T7193]  ? __lock_acquire+0xab9/0xd20
[  210.016832][ T7193]  ? __pfx_vfs_writev+0x10/0x10
[  210.016854][ T7193]  ? __fget_files+0x2a/0x420
[  210.016869][ T7193]  ? __fget_files+0x3a0/0x420
[  210.016878][ T7193]  ? __fget_files+0x2a/0x420
[  210.016903][ T7193]  __se_sys_pwritev2+0x179/0x290
[  210.016917][ T7193]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  210.016926][ T7193]  ? rcu_is_watching+0x15/0xb0
[  210.016946][ T7193]  ? do_syscall_64+0xbe/0x3b0
[  210.016955][ T7193]  ? __x64_sys_pwritev2+0x20/0xc0
[  210.016966][ T7193]  do_syscall_64+0xfa/0x3b0
[  210.016974][ T7193]  ? lockdep_hardirqs_on+0x9c/0x150
[  210.016989][ T7193]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.016999][ T7193]  ? clear_bhb_loop+0x60/0xb0
[  210.017011][ T7193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.017021][ T7193] RIP: 0033:0x7f0dec57e719
[  210.017032][ T7193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.017042][ T7193] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  210.017056][ T7193] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  210.017063][ T7193] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  210.017069][ T7193] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  210.017076][ T7193] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  210.017082][ T7193] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  210.017101][ T7193]  </TASK>
[  210.017111][ T7193] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  210.293722][ T7193] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  210.299357][ T7193] BTRFS info (device loop0 state EA): forced readonly
[  210.302433][ T7193] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  210.308949][ T7193] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  210.318149][ T7193] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  210.329409][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  210.335468][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  210.339819][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  210.695615][ T7211] loop0: detected capacity change from 0 to 32768
[  210.705960][ T7211] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.86 (7211)
[  210.738425][ T7211] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  210.753627][ T7211] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  210.758366][ T7211] BTRFS info (device loop0): using free-space-tree
[  210.820696][ T7211] FAULT_INJECTION: forcing a failure.
[  210.820696][ T7211] name failslab, interval 1, probability 0, space 0, times 0
[  210.834163][ T7211] CPU: 0 UID: 0 PID: 7211 Comm: syz.0.86 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  210.834183][ T7211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  210.834190][ T7211] Call Trace:
[  210.834196][ T7211]  <TASK>
[  210.834201][ T7211]  dump_stack_lvl+0x189/0x250
[  210.834222][ T7211]  ? __pfx____ratelimit+0x10/0x10
[  210.834249][ T7211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.834263][ T7211]  ? __pfx__printk+0x10/0x10
[  210.834278][ T7211]  ? __pfx___might_resched+0x10/0x10
[  210.834294][ T7211]  ? fs_reclaim_acquire+0x7d/0x100
[  210.834309][ T7211]  should_fail_ex+0x414/0x560
[  210.834324][ T7211]  should_failslab+0xa8/0x100
[  210.834336][ T7211]  kmem_cache_alloc_noprof+0x73/0x3c0
[  210.834351][ T7211]  ? __btrfs_run_delayed_refs+0x12fe/0x3a50
[  210.834367][ T7211]  __btrfs_run_delayed_refs+0x12fe/0x3a50
[  210.834405][ T7211]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  210.834416][ T7211]  ? __pfx___mutex_trylock_common+0x10/0x10
[  210.834431][ T7211]  ? rcu_is_watching+0x15/0xb0
[  210.834454][ T7211]  ? btrfs_start_dirty_block_groups+0xbfe/0xf70
[  210.834497][ T7211]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  210.834518][ T7211]  ? btrfs_block_rsv_release+0x529/0x5e0
[  210.834536][ T7211]  btrfs_run_delayed_refs+0xe6/0x300
[  210.834549][ T7211]  btrfs_start_dirty_block_groups+0xc08/0xf70
[  210.834578][ T7211]  ? __pfx_btrfs_start_dirty_block_groups+0x10/0x10
[  210.834592][ T7211]  ? __kasan_slab_alloc+0x6c/0x80
[  210.834602][ T7211]  ? btrfs_trans_release_metadata+0x22d/0x330
[  210.834620][ T7211]  btrfs_commit_transaction+0x666/0x37f0
[  210.834634][ T7211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.834648][ T7211]  ? btrfs_commit_transaction+0x161/0x37f0
[  210.834665][ T7211]  ? __lock_acquire+0xab9/0xd20
[  210.834687][ T7211]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  210.834712][ T7211]  ? do_raw_spin_unlock+0x4d/0x240
[  210.834723][ T7211]  ? join_transaction+0x41b/0xd70
[  210.834739][ T7211]  ? btrfs_record_root_in_trans+0x124/0x180
[  210.834749][ T7211]  ? start_transaction+0x439/0x1620
[  210.834774][ T7211]  try_flush_qgroup+0x1dd/0x380
[  210.834789][ T7211]  ? kfree+0x18e/0x440
[  210.834805][ T7211]  ? __pfx_try_flush_qgroup+0x10/0x10
[  210.834820][ T7211]  ? qgroup_reserve_data+0x6cc/0x8d0
[  210.834844][ T7211]  btrfs_qgroup_reserve_data+0x69/0xb0
[  210.834859][ T7211]  btrfs_check_data_free_space+0x2ce/0x450
[  210.834874][ T7211]  btrfs_buffered_write+0x46c/0x16c0
[  210.834906][ T7211]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  210.834917][ T7211]  ? aa_file_perm+0x11f/0xed0
[  210.834931][ T7211]  ? aa_file_perm+0x3e7/0xed0
[  210.834940][ T7211]  btrfs_do_write_iter+0x238/0x710
[  210.834951][ T7211]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  210.834964][ T7211]  do_iter_readv_writev+0x56b/0x7f0
[  210.834973][ T7211]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  210.834979][ T7211]  ? rcu_read_lock_any_held+0xb3/0x120
[  210.834995][ T7211]  vfs_writev+0x31a/0x960
[  210.835010][ T7211]  ? __lock_acquire+0xab9/0xd20
[  210.835025][ T7211]  ? __pfx_vfs_writev+0x10/0x10
[  210.835047][ T7211]  ? __fget_files+0x2a/0x420
[  210.835062][ T7211]  ? __fget_files+0x3a0/0x420
[  210.835072][ T7211]  ? __fget_files+0x2a/0x420
[  210.835090][ T7211]  __se_sys_pwritev2+0x179/0x290
[  210.835104][ T7211]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  210.835114][ T7211]  ? rcu_is_watching+0x15/0xb0
[  210.835132][ T7211]  ? do_syscall_64+0xbe/0x3b0
[  210.835140][ T7211]  ? __x64_sys_pwritev2+0x20/0xc0
[  210.835159][ T7211]  do_syscall_64+0xfa/0x3b0
[  210.835167][ T7211]  ? lockdep_hardirqs_on+0x9c/0x150
[  210.835182][ T7211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.835191][ T7211]  ? clear_bhb_loop+0x60/0xb0
[  210.835204][ T7211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.835214][ T7211] RIP: 0033:0x7f0dec57e719
[  210.835226][ T7211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.835236][ T7211] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  210.835253][ T7211] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  210.835260][ T7211] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  210.835269][ T7211] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  210.835275][ T7211] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  210.835281][ T7211] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  210.835300][ T7211]  </TASK>
[  210.835336][ T7211] BTRFS error (device loop0): failed to run delayed ref for logical 5353472 num_bytes 4096 type 176 action 1 ref_mod 1: -12
[  211.111930][ T7211] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  211.120387][ T7211] BTRFS: error (device loop0 state A) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  211.129247][ T7211] BTRFS info (device loop0 state EA): forced readonly
[  211.132860][  T173] BTRFS warning (device loop0 state EA): Skipping commit of aborted transaction.
[  211.138270][  T173] BTRFS: error (device loop0 state EA) in cleanup_transaction:2021: errno=-12 Out of memory
[  211.149588][  T173] BTRFS error (device loop0 state EA): fail to start transaction for status update: -30
[  211.157606][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  211.165962][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  211.170683][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  211.534683][ T7229] loop0: detected capacity change from 0 to 32768
[  211.545185][ T7229] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.87 (7229)
[  211.576545][ T7229] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  211.580949][ T7229] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  211.596171][ T7229] BTRFS info (device loop0): using free-space-tree
[  211.671484][ T7229] FAULT_INJECTION: forcing a failure.
[  211.671484][ T7229] name failslab, interval 1, probability 0, space 0, times 0
[  211.680778][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  211.696144][ T7229] CPU: 0 UID: 0 PID: 7229 Comm: syz.0.87 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  211.696166][ T7229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  211.696173][ T7229] Call Trace:
[  211.696178][ T7229]  <TASK>
[  211.696184][ T7229]  dump_stack_lvl+0x189/0x250
[  211.696205][ T7229]  ? __pfx____ratelimit+0x10/0x10
[  211.696221][ T7229]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.696237][ T7229]  ? __pfx__printk+0x10/0x10
[  211.696252][ T7229]  ? __pfx___might_resched+0x10/0x10
[  211.696272][ T7229]  should_fail_ex+0x414/0x560
[  211.696325][ T7229]  should_failslab+0xa8/0x100
[  211.696338][ T7229]  kmem_cache_alloc_noprof+0x73/0x3c0
[  211.696355][ T7229]  ? add_to_free_space_tree+0xdf/0x440
[  211.696372][ T7229]  add_to_free_space_tree+0xdf/0x440
[  211.696389][ T7229]  __btrfs_free_extent+0x16cf/0x2eb0
[  211.696414][ T7229]  ? __pfx___btrfs_free_extent+0x10/0x10
[  211.696438][ T7229]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  211.696479][ T7229]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  211.696494][ T7229]  ? kernel_text_address+0xa5/0xe0
[  211.696508][ T7229]  ? __kernel_text_address+0xd/0x40
[  211.696518][ T7229]  ? unwind_get_return_address+0x4d/0x90
[  211.696534][ T7229]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  211.696547][ T7229]  ? arch_stack_walk+0xfc/0x150
[  211.696565][ T7229]  ? __lock_acquire+0xab9/0xd20
[  211.696587][ T7229]  ? btrfs_commit_transaction+0x161/0x37f0
[  211.696607][ T7229]  btrfs_run_delayed_refs+0xe6/0x300
[  211.696622][ T7229]  btrfs_commit_transaction+0x274/0x37f0
[  211.696635][ T7229]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.696649][ T7229]  ? btrfs_commit_transaction+0x161/0x37f0
[  211.696668][ T7229]  ? __lock_acquire+0xab9/0xd20
[  211.696689][ T7229]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  211.696708][ T7229]  ? do_raw_spin_unlock+0x4d/0x240
[  211.696719][ T7229]  ? join_transaction+0x41b/0xd70
[  211.696740][ T7229]  ? btrfs_record_root_in_trans+0x124/0x180
[  211.696757][ T7229]  ? start_transaction+0x439/0x1620
[  211.696787][ T7229]  try_flush_qgroup+0x1dd/0x380
[  211.696803][ T7229]  ? kfree+0x18e/0x440
[  211.696821][ T7229]  ? __pfx_try_flush_qgroup+0x10/0x10
[  211.696837][ T7229]  ? qgroup_reserve_data+0x6cc/0x8d0
[  211.696868][ T7229]  btrfs_qgroup_reserve_data+0x69/0xb0
[  211.696885][ T7229]  btrfs_check_data_free_space+0x2ce/0x450
[  211.696901][ T7229]  btrfs_buffered_write+0x46c/0x16c0
[  211.696936][ T7229]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  211.696947][ T7229]  ? aa_file_perm+0x11f/0xed0
[  211.696963][ T7229]  ? aa_file_perm+0x3e7/0xed0
[  211.696974][ T7229]  btrfs_do_write_iter+0x238/0x710
[  211.696985][ T7229]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  211.697000][ T7229]  do_iter_readv_writev+0x56b/0x7f0
[  211.697013][ T7229]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  211.697022][ T7229]  ? rcu_read_lock_any_held+0xb3/0x120
[  211.697047][ T7229]  vfs_writev+0x31a/0x960
[  211.697064][ T7229]  ? __lock_acquire+0xab9/0xd20
[  211.697079][ T7229]  ? __pfx_vfs_writev+0x10/0x10
[  211.697100][ T7229]  ? __fget_files+0x2a/0x420
[  211.697116][ T7229]  ? __fget_files+0x3a0/0x420
[  211.697125][ T7229]  ? __fget_files+0x2a/0x420
[  211.697142][ T7229]  __se_sys_pwritev2+0x179/0x290
[  211.697157][ T7229]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  211.697168][ T7229]  ? rcu_is_watching+0x15/0xb0
[  211.697188][ T7229]  ? do_syscall_64+0xbe/0x3b0
[  211.697197][ T7229]  ? __x64_sys_pwritev2+0x20/0xc0
[  211.697207][ T7229]  do_syscall_64+0xfa/0x3b0
[  211.697214][ T7229]  ? lockdep_hardirqs_on+0x9c/0x150
[  211.697223][ T7229]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.697230][ T7229]  ? clear_bhb_loop+0x60/0xb0
[  211.697240][ T7229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.697247][ T7229] RIP: 0033:0x7f0dec57e719
[  211.697256][ T7229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.697262][ T7229] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  211.697272][ T7229] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  211.697277][ T7229] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  211.697282][ T7229] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  211.697286][ T7229] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  211.697291][ T7229] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  211.697303][ T7229]  </TASK>
[  211.697311][ T7229] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  211.959031][ T7229] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  211.963601][ T7229] BTRFS info (device loop0 state EA): forced readonly
[  211.971071][ T7229] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  211.976470][ T7229] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  211.983761][ T7229] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  211.995897][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.001973][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  212.007132][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  212.377637][ T7247] loop0: detected capacity change from 0 to 32768
[  212.386056][ T7247] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.88 (7247)
[  212.408560][ T7247] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.412980][ T7247] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  212.434793][ T7247] BTRFS info (device loop0): using free-space-tree
[  212.508918][ T7247] FAULT_INJECTION: forcing a failure.
[  212.508918][ T7247] name failslab, interval 1, probability 0, space 0, times 0
[  212.517398][  T173] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  212.535114][ T7247] CPU: 0 UID: 0 PID: 7247 Comm: syz.0.88 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  212.535136][ T7247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.535143][ T7247] Call Trace:
[  212.535148][ T7247]  <TASK>
[  212.535155][ T7247]  dump_stack_lvl+0x189/0x250
[  212.535194][ T7247]  ? __pfx____ratelimit+0x10/0x10
[  212.535218][ T7247]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.535233][ T7247]  ? __pfx__printk+0x10/0x10
[  212.535250][ T7247]  ? __pfx___might_resched+0x10/0x10
[  212.535269][ T7247]  should_fail_ex+0x414/0x560
[  212.535293][ T7247]  should_failslab+0xa8/0x100
[  212.535306][ T7247]  kmem_cache_alloc_noprof+0x73/0x3c0
[  212.535321][ T7247]  ? add_to_free_space_tree+0xdf/0x440
[  212.535338][ T7247]  add_to_free_space_tree+0xdf/0x440
[  212.535355][ T7247]  __btrfs_free_extent+0x16cf/0x2eb0
[  212.535381][ T7247]  ? __pfx___btrfs_free_extent+0x10/0x10
[  212.535406][ T7247]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  212.535444][ T7247]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  212.535458][ T7247]  ? kernel_text_address+0xa5/0xe0
[  212.535472][ T7247]  ? __kernel_text_address+0xd/0x40
[  212.535484][ T7247]  ? unwind_get_return_address+0x4d/0x90
[  212.535501][ T7247]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  212.535513][ T7247]  ? arch_stack_walk+0xfc/0x150
[  212.535529][ T7247]  ? __lock_acquire+0xab9/0xd20
[  212.535550][ T7247]  ? btrfs_commit_transaction+0x161/0x37f0
[  212.535570][ T7247]  btrfs_run_delayed_refs+0xe6/0x300
[  212.535585][ T7247]  btrfs_commit_transaction+0x274/0x37f0
[  212.535598][ T7247]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.535610][ T7247]  ? btrfs_commit_transaction+0x161/0x37f0
[  212.535628][ T7247]  ? __lock_acquire+0xab9/0xd20
[  212.535649][ T7247]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  212.535667][ T7247]  ? do_raw_spin_unlock+0x4d/0x240
[  212.535678][ T7247]  ? join_transaction+0x41b/0xd70
[  212.535695][ T7247]  ? btrfs_record_root_in_trans+0x124/0x180
[  212.535711][ T7247]  ? start_transaction+0x439/0x1620
[  212.535737][ T7247]  try_flush_qgroup+0x1dd/0x380
[  212.535751][ T7247]  ? kfree+0x18e/0x440
[  212.535766][ T7247]  ? __pfx_try_flush_qgroup+0x10/0x10
[  212.535779][ T7247]  ? qgroup_reserve_data+0x6cc/0x8d0
[  212.535802][ T7247]  btrfs_qgroup_reserve_data+0x69/0xb0
[  212.535819][ T7247]  btrfs_check_data_free_space+0x2ce/0x450
[  212.535835][ T7247]  btrfs_buffered_write+0x46c/0x16c0
[  212.535865][ T7247]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  212.535882][ T7247]  ? aa_file_perm+0x11f/0xed0
[  212.535900][ T7247]  ? aa_file_perm+0x3e7/0xed0
[  212.535915][ T7247]  btrfs_do_write_iter+0x238/0x710
[  212.535931][ T7247]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  212.535948][ T7247]  do_iter_readv_writev+0x56b/0x7f0
[  212.535961][ T7247]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  212.535971][ T7247]  ? rcu_read_lock_any_held+0xb3/0x120
[  212.535991][ T7247]  vfs_writev+0x31a/0x960
[  212.536007][ T7247]  ? __lock_acquire+0xab9/0xd20
[  212.536022][ T7247]  ? __pfx_vfs_writev+0x10/0x10
[  212.536044][ T7247]  ? __fget_files+0x2a/0x420
[  212.536058][ T7247]  ? __fget_files+0x3a0/0x420
[  212.536068][ T7247]  ? __fget_files+0x2a/0x420
[  212.536085][ T7247]  __se_sys_pwritev2+0x179/0x290
[  212.536098][ T7247]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  212.536109][ T7247]  ? rcu_is_watching+0x15/0xb0
[  212.536126][ T7247]  ? do_syscall_64+0xbe/0x3b0
[  212.536136][ T7247]  ? __x64_sys_pwritev2+0x20/0xc0
[  212.536149][ T7247]  do_syscall_64+0xfa/0x3b0
[  212.536158][ T7247]  ? lockdep_hardirqs_on+0x9c/0x150
[  212.536171][ T7247]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.536180][ T7247]  ? clear_bhb_loop+0x60/0xb0
[  212.536193][ T7247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.536203][ T7247] RIP: 0033:0x7f0dec57e719
[  212.536213][ T7247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.536223][ T7247] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  212.536237][ T7247] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  212.536245][ T7247] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  212.536252][ T7247] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  212.536259][ T7247] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  212.536264][ T7247] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  212.536315][ T7247]  </TASK>
[  212.536323][ T7247] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  212.790411][ T7247] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  212.796047][ T7247] BTRFS info (device loop0 state EA): forced readonly
[  212.798899][ T7247] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  212.807484][ T7247] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  212.813411][ T7247] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  212.826169][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.831941][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  212.836898][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  213.186844][ T7265] loop0: detected capacity change from 0 to 32768
[  213.197132][ T7265] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.89 (7265)
[  213.218572][ T7265] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  213.229120][ T7265] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  213.233008][ T7265] BTRFS info (device loop0): using free-space-tree
[  213.310128][ T7265] FAULT_INJECTION: forcing a failure.
[  213.310128][ T7265] name failslab, interval 1, probability 0, space 0, times 0
[  213.328481][   T12] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  213.332760][ T7265] CPU: 0 UID: 0 PID: 7265 Comm: syz.0.89 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  213.332777][ T7265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  213.332784][ T7265] Call Trace:
[  213.332792][ T7265]  <TASK>
[  213.332798][ T7265]  dump_stack_lvl+0x189/0x250
[  213.332821][ T7265]  ? __pfx____ratelimit+0x10/0x10
[  213.332839][ T7265]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.332864][ T7265]  ? __pfx__printk+0x10/0x10
[  213.332881][ T7265]  ? __pfx___might_resched+0x10/0x10
[  213.332900][ T7265]  should_fail_ex+0x414/0x560
[  213.332919][ T7265]  should_failslab+0xa8/0x100
[  213.332934][ T7265]  kmem_cache_alloc_noprof+0x73/0x3c0
[  213.332952][ T7265]  ? add_to_free_space_tree+0xdf/0x440
[  213.332968][ T7265]  add_to_free_space_tree+0xdf/0x440
[  213.332983][ T7265]  __btrfs_free_extent+0x16cf/0x2eb0
[  213.333009][ T7265]  ? __pfx___btrfs_free_extent+0x10/0x10
[  213.333033][ T7265]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  213.333075][ T7265]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  213.333089][ T7265]  ? kernel_text_address+0xa5/0xe0
[  213.333101][ T7265]  ? __kernel_text_address+0xd/0x40
[  213.333108][ T7265]  ? unwind_get_return_address+0x4d/0x90
[  213.333119][ T7265]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  213.333127][ T7265]  ? arch_stack_walk+0xfc/0x150
[  213.333138][ T7265]  ? __lock_acquire+0xab9/0xd20
[  213.333153][ T7265]  ? btrfs_commit_transaction+0x161/0x37f0
[  213.333166][ T7265]  btrfs_run_delayed_refs+0xe6/0x300
[  213.333175][ T7265]  btrfs_commit_transaction+0x274/0x37f0
[  213.333184][ T7265]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.333193][ T7265]  ? btrfs_commit_transaction+0x161/0x37f0
[  213.333209][ T7265]  ? __lock_acquire+0xab9/0xd20
[  213.333230][ T7265]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  213.333248][ T7265]  ? do_raw_spin_unlock+0x4d/0x240
[  213.333261][ T7265]  ? join_transaction+0x41b/0xd70
[  213.333282][ T7265]  ? btrfs_record_root_in_trans+0x124/0x180
[  213.333298][ T7265]  ? start_transaction+0x439/0x1620
[  213.333325][ T7265]  try_flush_qgroup+0x1dd/0x380
[  213.333340][ T7265]  ? kfree+0x18e/0x440
[  213.333358][ T7265]  ? __pfx_try_flush_qgroup+0x10/0x10
[  213.333372][ T7265]  ? qgroup_reserve_data+0x6cc/0x8d0
[  213.333395][ T7265]  btrfs_qgroup_reserve_data+0x69/0xb0
[  213.333412][ T7265]  btrfs_check_data_free_space+0x2ce/0x450
[  213.333429][ T7265]  btrfs_buffered_write+0x46c/0x16c0
[  213.333459][ T7265]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  213.333470][ T7265]  ? aa_file_perm+0x11f/0xed0
[  213.333489][ T7265]  ? aa_file_perm+0x3e7/0xed0
[  213.333504][ T7265]  btrfs_do_write_iter+0x238/0x710
[  213.333521][ T7265]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  213.333537][ T7265]  do_iter_readv_writev+0x56b/0x7f0
[  213.333550][ T7265]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  213.333560][ T7265]  ? rcu_read_lock_any_held+0xb3/0x120
[  213.333583][ T7265]  vfs_writev+0x31a/0x960
[  213.333599][ T7265]  ? __lock_acquire+0xab9/0xd20
[  213.333613][ T7265]  ? __pfx_vfs_writev+0x10/0x10
[  213.333635][ T7265]  ? __fget_files+0x2a/0x420
[  213.333650][ T7265]  ? __fget_files+0x3a0/0x420
[  213.333660][ T7265]  ? __fget_files+0x2a/0x420
[  213.333677][ T7265]  __se_sys_pwritev2+0x179/0x290
[  213.333691][ T7265]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  213.333700][ T7265]  ? rcu_is_watching+0x15/0xb0
[  213.333717][ T7265]  ? do_syscall_64+0xbe/0x3b0
[  213.333726][ T7265]  ? __x64_sys_pwritev2+0x20/0xc0
[  213.333737][ T7265]  do_syscall_64+0xfa/0x3b0
[  213.333745][ T7265]  ? lockdep_hardirqs_on+0x9c/0x150
[  213.333758][ T7265]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.333768][ T7265]  ? clear_bhb_loop+0x60/0xb0
[  213.333809][ T7265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.333822][ T7265] RIP: 0033:0x7f0dec57e719
[  213.333834][ T7265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.333844][ T7265] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  213.333865][ T7265] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  213.333873][ T7265] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  213.333880][ T7265] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  213.333887][ T7265] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  213.333893][ T7265] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  213.333911][ T7265]  </TASK>
[  213.592304][ T7265] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  213.601061][ T7265] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  213.606544][ T7265] BTRFS info (device loop0 state EA): forced readonly
[  213.609587][ T7265] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  213.615152][ T7265] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  213.622789][ T7265] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  213.636096][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  213.641222][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  213.646298][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
2025/06/25 05:36:27 executed programs: 77
[  214.005067][ T7283] loop0: detected capacity change from 0 to 32768
[  214.013763][ T7283] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.90 (7283)
[  214.036021][ T7283] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  214.047920][ T7283] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  214.051906][ T7283] BTRFS info (device loop0): using free-space-tree
[  214.148324][ T7283] FAULT_INJECTION: forcing a failure.
[  214.148324][ T7283] name failslab, interval 1, probability 0, space 0, times 0
[  214.168597][ T1035] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  214.172917][ T7283] CPU: 0 UID: 0 PID: 7283 Comm: syz.0.90 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  214.172930][ T7283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  214.172936][ T7283] Call Trace:
[  214.172940][ T7283]  <TASK>
[  214.172944][ T7283]  dump_stack_lvl+0x189/0x250
[  214.172961][ T7283]  ? __pfx____ratelimit+0x10/0x10
[  214.172977][ T7283]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.172990][ T7283]  ? __pfx__printk+0x10/0x10
[  214.173007][ T7283]  ? __pfx___might_resched+0x10/0x10
[  214.173028][ T7283]  should_fail_ex+0x414/0x560
[  214.173044][ T7283]  should_failslab+0xa8/0x100
[  214.173057][ T7283]  kmem_cache_alloc_noprof+0x73/0x3c0
[  214.173074][ T7283]  ? add_to_free_space_tree+0xdf/0x440
[  214.173091][ T7283]  add_to_free_space_tree+0xdf/0x440
[  214.173107][ T7283]  __btrfs_free_extent+0x16cf/0x2eb0
[  214.173135][ T7283]  ? __pfx___btrfs_free_extent+0x10/0x10
[  214.173162][ T7283]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  214.173201][ T7283]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  214.173215][ T7283]  ? kernel_text_address+0xa5/0xe0
[  214.173229][ T7283]  ? __kernel_text_address+0xd/0x40
[  214.173241][ T7283]  ? unwind_get_return_address+0x4d/0x90
[  214.173257][ T7283]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  214.173269][ T7283]  ? arch_stack_walk+0xfc/0x150
[  214.173287][ T7283]  ? __lock_acquire+0xab9/0xd20
[  214.173307][ T7283]  ? btrfs_commit_transaction+0x161/0x37f0
[  214.173326][ T7283]  btrfs_run_delayed_refs+0xe6/0x300
[  214.173340][ T7283]  btrfs_commit_transaction+0x274/0x37f0
[  214.173352][ T7283]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.173366][ T7283]  ? btrfs_commit_transaction+0x161/0x37f0
[  214.173383][ T7283]  ? __lock_acquire+0xab9/0xd20
[  214.173403][ T7283]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  214.173422][ T7283]  ? do_raw_spin_unlock+0x4d/0x240
[  214.173432][ T7283]  ? join_transaction+0x41b/0xd70
[  214.173452][ T7283]  ? btrfs_record_root_in_trans+0x124/0x180
[  214.173469][ T7283]  ? start_transaction+0x439/0x1620
[  214.173496][ T7283]  try_flush_qgroup+0x1dd/0x380
[  214.173509][ T7283]  ? kfree+0x18e/0x440
[  214.173524][ T7283]  ? __pfx_try_flush_qgroup+0x10/0x10
[  214.173537][ T7283]  ? qgroup_reserve_data+0x6cc/0x8d0
[  214.173558][ T7283]  btrfs_qgroup_reserve_data+0x69/0xb0
[  214.173574][ T7283]  btrfs_check_data_free_space+0x2ce/0x450
[  214.173591][ T7283]  btrfs_buffered_write+0x46c/0x16c0
[  214.173620][ T7283]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  214.173631][ T7283]  ? aa_file_perm+0x11f/0xed0
[  214.173649][ T7283]  ? aa_file_perm+0x3e7/0xed0
[  214.173665][ T7283]  btrfs_do_write_iter+0x238/0x710
[  214.173683][ T7283]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  214.173699][ T7283]  do_iter_readv_writev+0x56b/0x7f0
[  214.173712][ T7283]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  214.173722][ T7283]  ? rcu_read_lock_any_held+0xb3/0x120
[  214.173742][ T7283]  vfs_writev+0x31a/0x960
[  214.173758][ T7283]  ? __lock_acquire+0xab9/0xd20
[  214.173773][ T7283]  ? __pfx_vfs_writev+0x10/0x10
[  214.173822][ T7283]  ? __fget_files+0x2a/0x420
[  214.173838][ T7283]  ? __fget_files+0x3a0/0x420
[  214.173848][ T7283]  ? __fget_files+0x2a/0x420
[  214.173866][ T7283]  __se_sys_pwritev2+0x179/0x290
[  214.173880][ T7283]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  214.173895][ T7283]  ? rcu_is_watching+0x15/0xb0
[  214.173913][ T7283]  ? do_syscall_64+0xbe/0x3b0
[  214.173923][ T7283]  ? __x64_sys_pwritev2+0x20/0xc0
[  214.173935][ T7283]  do_syscall_64+0xfa/0x3b0
[  214.173944][ T7283]  ? lockdep_hardirqs_on+0x9c/0x150
[  214.173958][ T7283]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.173968][ T7283]  ? clear_bhb_loop+0x60/0xb0
[  214.173982][ T7283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.173992][ T7283] RIP: 0033:0x7f0dec57e719
[  214.174005][ T7283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.174013][ T7283] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  214.174026][ T7283] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  214.174033][ T7283] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  214.174039][ T7283] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  214.174045][ T7283] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  214.174052][ T7283] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  214.174070][ T7283]  </TASK>
[  214.421564][ T7283] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  214.428755][ T7283] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  214.433331][ T7283] BTRFS info (device loop0 state EA): forced readonly
[  214.437229][ T7283] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  214.442735][ T7283] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  214.449637][ T7283] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  214.460517][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  214.467029][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  214.471461][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  214.851620][ T7301] loop0: detected capacity change from 0 to 32768
[  214.860844][ T7301] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.91 (7301)
[  214.879976][ T7301] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  214.891901][ T7301] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  214.902055][ T7301] BTRFS info (device loop0): using free-space-tree
[  214.993731][ T7301] FAULT_INJECTION: forcing a failure.
[  214.993731][ T7301] name failslab, interval 1, probability 0, space 0, times 0
[  215.003126][ T1035] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  215.014139][ T7301] CPU: 0 UID: 0 PID: 7301 Comm: syz.0.91 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  215.014158][ T7301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  215.014165][ T7301] Call Trace:
[  215.014171][ T7301]  <TASK>
[  215.014177][ T7301]  dump_stack_lvl+0x189/0x250
[  215.014198][ T7301]  ? __pfx____ratelimit+0x10/0x10
[  215.014214][ T7301]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.014229][ T7301]  ? __pfx__printk+0x10/0x10
[  215.014245][ T7301]  ? __pfx___might_resched+0x10/0x10
[  215.014263][ T7301]  should_fail_ex+0x414/0x560
[  215.014280][ T7301]  should_failslab+0xa8/0x100
[  215.014294][ T7301]  kmem_cache_alloc_noprof+0x73/0x3c0
[  215.014310][ T7301]  ? add_to_free_space_tree+0xdf/0x440
[  215.014327][ T7301]  add_to_free_space_tree+0xdf/0x440
[  215.014343][ T7301]  __btrfs_free_extent+0x16cf/0x2eb0
[  215.014369][ T7301]  ? __pfx___btrfs_free_extent+0x10/0x10
[  215.014394][ T7301]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  215.014452][ T7301]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  215.014465][ T7301]  ? kernel_text_address+0xa5/0xe0
[  215.014479][ T7301]  ? __kernel_text_address+0xd/0x40
[  215.014491][ T7301]  ? unwind_get_return_address+0x4d/0x90
[  215.014507][ T7301]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  215.014520][ T7301]  ? arch_stack_walk+0xfc/0x150
[  215.014537][ T7301]  ? __lock_acquire+0xab9/0xd20
[  215.014558][ T7301]  ? btrfs_commit_transaction+0x161/0x37f0
[  215.014579][ T7301]  btrfs_run_delayed_refs+0xe6/0x300
[  215.014594][ T7301]  btrfs_commit_transaction+0x274/0x37f0
[  215.014608][ T7301]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.014621][ T7301]  ? btrfs_commit_transaction+0x161/0x37f0
[  215.014641][ T7301]  ? __lock_acquire+0xab9/0xd20
[  215.014663][ T7301]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  215.014686][ T7301]  ? do_raw_spin_unlock+0x4d/0x240
[  215.014697][ T7301]  ? join_transaction+0x41b/0xd70
[  215.014717][ T7301]  ? btrfs_record_root_in_trans+0x124/0x180
[  215.014734][ T7301]  ? start_transaction+0x439/0x1620
[  215.014760][ T7301]  try_flush_qgroup+0x1dd/0x380
[  215.014774][ T7301]  ? kfree+0x18e/0x440
[  215.014790][ T7301]  ? __pfx_try_flush_qgroup+0x10/0x10
[  215.014804][ T7301]  ? qgroup_reserve_data+0x6cc/0x8d0
[  215.014827][ T7301]  btrfs_qgroup_reserve_data+0x69/0xb0
[  215.014844][ T7301]  btrfs_check_data_free_space+0x2ce/0x450
[  215.014860][ T7301]  btrfs_buffered_write+0x46c/0x16c0
[  215.014892][ T7301]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  215.014903][ T7301]  ? aa_file_perm+0x11f/0xed0
[  215.014921][ T7301]  ? aa_file_perm+0x3e7/0xed0
[  215.014935][ T7301]  btrfs_do_write_iter+0x238/0x710
[  215.014953][ T7301]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  215.014969][ T7301]  do_iter_readv_writev+0x56b/0x7f0
[  215.014984][ T7301]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  215.014993][ T7301]  ? rcu_read_lock_any_held+0xb3/0x120
[  215.015017][ T7301]  vfs_writev+0x31a/0x960
[  215.015032][ T7301]  ? __lock_acquire+0xab9/0xd20
[  215.015047][ T7301]  ? __pfx_vfs_writev+0x10/0x10
[  215.015069][ T7301]  ? __fget_files+0x2a/0x420
[  215.015084][ T7301]  ? __fget_files+0x3a0/0x420
[  215.015094][ T7301]  ? __fget_files+0x2a/0x420
[  215.015112][ T7301]  __se_sys_pwritev2+0x179/0x290
[  215.015125][ T7301]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  215.015135][ T7301]  ? rcu_is_watching+0x15/0xb0
[  215.015152][ T7301]  ? do_syscall_64+0xbe/0x3b0
[  215.015161][ T7301]  ? __x64_sys_pwritev2+0x20/0xc0
[  215.015175][ T7301]  do_syscall_64+0xfa/0x3b0
[  215.015183][ T7301]  ? lockdep_hardirqs_on+0x9c/0x150
[  215.015198][ T7301]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.015208][ T7301]  ? clear_bhb_loop+0x60/0xb0
[  215.015220][ T7301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.015227][ T7301] RIP: 0033:0x7f0dec57e719
[  215.015236][ T7301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.015242][ T7301] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  215.015251][ T7301] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  215.015256][ T7301] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  215.015261][ T7301] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  215.015267][ T7301] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  215.015273][ T7301] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  215.015291][ T7301]  </TASK>
[  215.015301][ T7301] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  215.251603][ T7301] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  215.256943][ T7301] BTRFS info (device loop0 state EA): forced readonly
[  215.260593][ T7301] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  215.268365][ T7301] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  215.277146][ T7301] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  215.288596][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  215.294946][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  215.298998][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  215.698582][ T7319] loop0: detected capacity change from 0 to 32768
[  215.709611][ T7319] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.92 (7319)
[  215.733715][ T7319] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  215.755352][ T7319] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  215.759394][ T7319] BTRFS info (device loop0): using free-space-tree
[  215.865660][ T7319] FAULT_INJECTION: forcing a failure.
[  215.865660][ T7319] name failslab, interval 1, probability 0, space 0, times 0
[  215.871122][ T7319] CPU: 0 UID: 0 PID: 7319 Comm: syz.0.92 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  215.871140][ T7319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  215.871148][ T7319] Call Trace:
[  215.871156][ T7319]  <TASK>
[  215.871164][ T7319]  dump_stack_lvl+0x189/0x250
[  215.871186][ T7319]  ? __pfx____ratelimit+0x10/0x10
[  215.871203][ T7319]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.871218][ T7319]  ? __pfx__printk+0x10/0x10
[  215.871237][ T7319]  ? __pfx___might_resched+0x10/0x10
[  215.871257][ T7319]  should_fail_ex+0x414/0x560
[  215.871275][ T7319]  should_failslab+0xa8/0x100
[  215.871288][ T7319]  kmem_cache_alloc_noprof+0x73/0x3c0
[  215.871302][ T7319]  ? add_to_free_space_tree+0xdf/0x440
[  215.871319][ T7319]  add_to_free_space_tree+0xdf/0x440
[  215.871337][ T7319]  __btrfs_free_extent+0x16cf/0x2eb0
[  215.871367][ T7319]  ? __pfx___btrfs_free_extent+0x10/0x10
[  215.871392][ T7319]  __btrfs_run_delayed_refs+0xe7b/0x3a50
[  215.871430][ T7319]  ? __pfx___btrfs_run_delayed_refs+0x10/0x10
[  215.871443][ T7319]  ? kernel_text_address+0xa5/0xe0
[  215.871454][ T7319]  ? __kernel_text_address+0xd/0x40
[  215.871464][ T7319]  ? unwind_get_return_address+0x4d/0x90
[  215.871478][ T7319]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  215.871497][ T7319]  ? arch_stack_walk+0xfc/0x150
[  215.871512][ T7319]  ? __lock_acquire+0xab9/0xd20
[  215.871531][ T7319]  ? btrfs_commit_transaction+0x161/0x37f0
[  215.871549][ T7319]  btrfs_run_delayed_refs+0xe6/0x300
[  215.871560][ T7319]  btrfs_commit_transaction+0x274/0x37f0
[  215.871572][ T7319]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.871583][ T7319]  ? btrfs_commit_transaction+0x161/0x37f0
[  215.871599][ T7319]  ? __lock_acquire+0xab9/0xd20
[  215.871617][ T7319]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  215.871632][ T7319]  ? do_raw_spin_unlock+0x4d/0x240
[  215.871641][ T7319]  ? join_transaction+0x41b/0xd70
[  215.871658][ T7319]  ? btrfs_record_root_in_trans+0x124/0x180
[  215.871671][ T7319]  ? start_transaction+0x439/0x1620
[  215.871694][ T7319]  try_flush_qgroup+0x1dd/0x380
[  215.871707][ T7319]  ? kfree+0x18e/0x440
[  215.871720][ T7319]  ? __pfx_try_flush_qgroup+0x10/0x10
[  215.871732][ T7319]  ? qgroup_reserve_data+0x6cc/0x8d0
[  215.871751][ T7319]  btrfs_qgroup_reserve_data+0x69/0xb0
[  215.871765][ T7319]  btrfs_check_data_free_space+0x2ce/0x450
[  215.871778][ T7319]  btrfs_buffered_write+0x46c/0x16c0
[  215.871805][ T7319]  ? __pfx_btrfs_buffered_write+0x10/0x10
[  215.871814][ T7319]  ? aa_file_perm+0x11f/0xed0
[  215.871828][ T7319]  ? aa_file_perm+0x3e7/0xed0
[  215.871917][ T7319]  btrfs_do_write_iter+0x238/0x710
[  215.871932][ T7319]  ? __pfx_btrfs_do_write_iter+0x10/0x10
[  215.871943][ T7319]  do_iter_readv_writev+0x56b/0x7f0
[  215.871952][ T7319]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  215.871958][ T7319]  ? rcu_read_lock_any_held+0xb3/0x120
[  215.871999][ T7319]  vfs_writev+0x31a/0x960
[  215.872011][ T7319]  ? __lock_acquire+0xab9/0xd20
[  215.872021][ T7319]  ? __pfx_vfs_writev+0x10/0x10
[  215.872035][ T7319]  ? __fget_files+0x2a/0x420
[  215.872045][ T7319]  ? __fget_files+0x3a0/0x420
[  215.872051][ T7319]  ? __fget_files+0x2a/0x420
[  215.872062][ T7319]  __se_sys_pwritev2+0x179/0x290
[  215.872071][ T7319]  ? __pfx___se_sys_pwritev2+0x10/0x10
[  215.872077][ T7319]  ? rcu_is_watching+0x15/0xb0
[  215.872090][ T7319]  ? do_syscall_64+0xbe/0x3b0
[  215.872096][ T7319]  ? __x64_sys_pwritev2+0x20/0xc0
[  215.872103][ T7319]  do_syscall_64+0xfa/0x3b0
[  215.872109][ T7319]  ? lockdep_hardirqs_on+0x9c/0x150
[  215.872118][ T7319]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.872125][ T7319]  ? clear_bhb_loop+0x60/0xb0
[  215.872134][ T7319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.872141][ T7319] RIP: 0033:0x7f0dec57e719
[  215.872149][ T7319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.872156][ T7319] RSP: 002b:00007f0ded2ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  215.872166][ T7319] RAX: ffffffffffffffda RBX: 00007f0dec735f80 RCX: 00007f0dec57e719
[  215.872171][ T7319] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  215.872175][ T7319] RBP: 00007f0ded2ee090 R08: 0000000000000009 R09: 0000000000000008
[  215.872180][ T7319] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  215.872184][ T7319] R13: 0000000000000000 R14: 00007f0dec735f80 R15: 00007fffb3780158
[  215.872196][ T7319]  </TASK>
[  216.073980][ T7319] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  216.084298][ T7319] BTRFS: error (device loop0 state A) in add_to_free_space_tree:1048: errno=-12 Out of memory
[  216.088798][ T7319] BTRFS info (device loop0 state EA): forced readonly
[  216.094662][ T7319] BTRFS: error (device loop0 state EA) in do_free_extent_accounting:3003: errno=-12 Out of memory
[  216.099218][ T7319] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -12
[  216.124000][ T7319] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2159: errno=-12 Out of memory
[  216.151201][ T5788] BTRFS info (device loop0 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  216.169058][ T5788] BTRFS warning (device loop0 state EA): qgroup 0/5 has unreleased space, type 0 rsv 1052672
[  216.173413][ T5788] BTRFS error (device loop0 state EA): qgroup reserved space leaked
[  216.197263][ T1035] ==================================================================
[  216.200771][ T1035] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0xa7/0xf0
[  216.204162][ T1035] Read of size 1 at addr ffff888037ed0a28 by task kworker/u4:5/1035
[  216.208520][ T1035] 
[  216.209602][ T1035] CPU: 0 UID: 0 PID: 1035 Comm: kworker/u4:5 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  216.209618][ T1035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.209626][ T1035] Workqueue: btrfs-qgroup-rescan btrfs_work_helper
[  216.209646][ T1035] Call Trace:
[  216.209655][ T1035]  <TASK>
[  216.209662][ T1035]  dump_stack_lvl+0x189/0x250
[  216.209679][ T1035]  ? __virt_addr_valid+0x1c8/0x5c0
[  216.209690][ T1035]  ? rcu_is_watching+0x15/0xb0
[  216.209705][ T1035]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.209719][ T1035]  ? rcu_is_watching+0x15/0xb0
[  216.209733][ T1035]  ? lock_release+0x4b/0x3e0
[  216.209748][ T1035]  ? __virt_addr_valid+0x1c8/0x5c0
[  216.209758][ T1035]  ? __virt_addr_valid+0x4a5/0x5c0
[  216.209768][ T1035]  print_report+0xd2/0x2b0
[  216.209782][ T1035]  ? _raw_spin_lock_irqsave+0xa7/0xf0
[  216.209797][ T1035]  kasan_report+0x118/0x150
[  216.209815][ T1035]  ? worker_thread+0x8a0/0xda0
[  216.209831][ T1035]  ? _raw_spin_lock_irqsave+0xa7/0xf0
[  216.209845][ T1035]  ? try_to_wake_up+0x6e/0x1290
[  216.209856][ T1035]  __kasan_check_byte+0x2a/0x40
[  216.209866][ T1035]  lock_acquire+0x8d/0x360
[  216.209880][ T1035]  _raw_spin_lock_irqsave+0xa7/0xf0
[  216.209893][ T1035]  ? try_to_wake_up+0x6e/0x1290
[  216.209904][ T1035]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  216.209915][ T1035]  ? kasan_quarantine_put+0xdd/0x220
[  216.209928][ T1035]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.209943][ T1035]  try_to_wake_up+0x6e/0x1290
[  216.209954][ T1035]  ? kfree+0x18e/0x440
[  216.209967][ T1035]  ? __btrfs_end_transaction+0x378/0x640
[  216.209983][ T1035]  __btrfs_end_transaction+0x4c1/0x640
[  216.209997][ T1035]  btrfs_qgroup_rescan_worker+0x1a66/0x1be0
[  216.210012][ T1035]  ? __pfx_btrfs_qgroup_rescan_worker+0x10/0x10
[  216.210029][ T1035]  btrfs_work_helper+0x39c/0xc20
[  216.210043][ T1035]  ? _raw_spin_unlock_irq+0x23/0x50
[  216.210056][ T1035]  ? process_scheduled_works+0x9ef/0x17b0
[  216.210070][ T1035]  process_scheduled_works+0xae1/0x17b0
[  216.210090][ T1035]  ? __pfx_process_scheduled_works+0x10/0x10
[  216.210107][ T1035]  worker_thread+0x8a0/0xda0
[  216.210127][ T1035]  kthread+0x70e/0x8a0
[  216.210138][ T1035]  ? __pfx_worker_thread+0x10/0x10
[  216.210151][ T1035]  ? __pfx_kthread+0x10/0x10
[  216.210162][ T1035]  ? _raw_spin_unlock_irq+0x23/0x50
[  216.210175][ T1035]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.210187][ T1035]  ? __pfx_kthread+0x10/0x10
[  216.210197][ T1035]  ret_from_fork+0x3fc/0x770
[  216.210212][ T1035]  ? __pfx_ret_from_fork+0x10/0x10
[  216.210225][ T1035]  ? __pfx_kthread+0x10/0x10
[  216.210235][ T1035]  ret_from_fork_asm+0x1a/0x30
[  216.210250][ T1035]  </TASK>
[  216.210254][ T1035] 
[  216.321891][ T1035] Allocated by task 2:
[  216.323772][ T1035]  kasan_save_track+0x3e/0x80
[  216.326015][ T1035]  __kasan_slab_alloc+0x6c/0x80
[  216.328218][ T1035]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  216.330802][ T1035]  dup_task_struct+0x52/0x860
[  216.332912][ T1035]  copy_process+0x54b/0x3c00
[  216.334998][ T1035]  kernel_clone+0x21e/0x870
[  216.336998][ T1035]  kernel_thread+0x10c/0x160
[  216.339051][ T1035]  kthreadd+0x575/0x770
[  216.340824][ T1035]  ret_from_fork+0x3fc/0x770
[  216.342823][ T1035]  ret_from_fork_asm+0x1a/0x30
[  216.345015][ T1035] 
[  216.346129][ T1035] Freed by task 15:
[  216.347929][ T1035]  kasan_save_track+0x3e/0x80
[  216.350083][ T1035]  kasan_save_free_info+0x46/0x50
[  216.352486][ T1035]  __kasan_slab_free+0x62/0x70
[  216.354667][ T1035]  kmem_cache_free+0x18f/0x400
[  216.356770][ T1035]  delayed_put_task_struct+0x11f/0x2f0
[  216.359119][ T1035]  rcu_core+0xca8/0x1710
[  216.360982][ T1035]  handle_softirqs+0x286/0x870
[  216.363038][ T1035]  run_ksoftirqd+0x9b/0x100
[  216.365102][ T1035]  smpboot_thread_fn+0x53f/0xa60
[  216.367244][ T1035]  kthread+0x70e/0x8a0
[  216.369083][ T1035]  ret_from_fork+0x3fc/0x770
[  216.371132][ T1035]  ret_from_fork_asm+0x1a/0x30
[  216.373334][ T1035] 
[  216.374443][ T1035] Last potentially related work creation:
[  216.376992][ T1035]  kasan_save_stack+0x3e/0x60
[  216.379107][ T1035]  kasan_record_aux_stack+0xbd/0xd0
[  216.381452][ T1035]  call_rcu+0x157/0x9c0
[  216.383398][ T1035]  __schedule+0x16fd/0x4d00
[  216.385477][ T1035]  schedule+0x165/0x360
[  216.387387][ T1035]  schedule_timeout+0x9a/0x270
[  216.389554][ T1035]  wait_for_completion+0x2bf/0x5d0
[  216.391754][ T1035]  kthread_stop+0x194/0x5f0
[  216.393858][ T1035]  close_ctree+0x56e/0xd60
[  216.395888][ T1035]  generic_shutdown_super+0x132/0x2c0
[  216.398327][ T1035]  kill_anon_super+0x3b/0x70
[  216.400475][ T1035]  btrfs_kill_super+0x41/0x50
[  216.402665][ T1035]  deactivate_locked_super+0xbc/0x130
[  216.405166][ T1035]  cleanup_mnt+0x425/0x4c0
[  216.407206][ T1035]  task_work_run+0x1d1/0x260
[  216.409302][ T1035]  exit_to_user_mode_loop+0xec/0x110
[  216.411642][ T1035]  do_syscall_64+0x2bd/0x3b0
[  216.413779][ T1035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.416468][ T1035] 
[  216.417588][ T1035] The buggy address belongs to the object at ffff888037ed0000
[  216.417588][ T1035]  which belongs to the cache task_struct of size 9024
[  216.423902][ T1035] The buggy address is located 2600 bytes inside of
[  216.423902][ T1035]  freed 9024-byte region [ffff888037ed0000, ffff888037ed2340)
[  216.430136][ T1035] 
[  216.431244][ T1035] The buggy address belongs to the physical page:
[  216.434138][ T1035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x37ed0
[  216.438097][ T1035] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  216.442012][ T1035] memcg:ffff8880441a2001
[  216.444032][ T1035] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  216.447703][ T1035] page_type: f5(slab)
[  216.449545][ T1035] raw: 04fff00000000040 ffff888030407500 0000000000000000 dead000000000001
[  216.453370][ T1035] raw: 0000000000000000 0000000080030003 00000000f5000000 ffff8880441a2001
[  216.457225][ T1035] head: 04fff00000000040 ffff888030407500 0000000000000000 dead000000000001
[  216.461058][ T1035] head: 0000000000000000 0000000080030003 00000000f5000000 ffff8880441a2001
[  216.464966][ T1035] head: 04fff00000000003 ffffea0000dfb401 00000000ffffffff 00000000ffffffff
[  216.468798][ T1035] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  216.472663][ T1035] page dumped because: kasan: bad access detected
[  216.475537][ T1035] page_owner tracks the page as allocated
[  216.478122][ T1035] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1038, tgid 1038 (kworker/u4:6), ts 20996644879, free_ts 0
[  216.486910][ T1035]  post_alloc_hook+0x240/0x2a0
[  216.489118][ T1035]  get_page_from_freelist+0x21e4/0x22c0
[  216.491666][ T1035]  __alloc_frozen_pages_noprof+0x181/0x370
[  216.494435][ T1035]  alloc_pages_mpol+0x232/0x4a0
[  216.496695][ T1035]  allocate_slab+0x8a/0x3b0
[  216.498719][ T1035]  ___slab_alloc+0xbfc/0x1480
[  216.500822][ T1035]  kmem_cache_alloc_node_noprof+0x280/0x3c0
[  216.503460][ T1035]  dup_task_struct+0x52/0x860
[  216.505613][ T1035]  copy_process+0x54b/0x3c00
[  216.507682][ T1035]  kernel_clone+0x21e/0x870
[  216.509746][ T1035]  user_mode_thread+0xdd/0x140
[  216.511818][ T1035]  call_usermodehelper_exec_work+0x5c/0x230
[  216.514582][ T1035]  process_scheduled_works+0xae1/0x17b0
[  216.517112][ T1035]  worker_thread+0x8a0/0xda0
[  216.519209][ T1035]  kthread+0x70e/0x8a0
[  216.521092][ T1035]  ret_from_fork+0x3fc/0x770
[  216.523166][ T1035] page_owner free stack trace missing
[  216.525586][ T1035] 
[  216.526739][ T1035] Memory state around the buggy address:
[  216.529307][ T1035]  ffff888037ed0900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  216.532938][ T1035]  ffff888037ed0980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  216.536666][ T1035] >ffff888037ed0a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  216.540381][ T1035]                                   ^
[  216.542890][ T1035]  ffff888037ed0a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  216.546526][ T1035]  ffff888037ed0b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  216.550072][ T1035] ==================================================================
[  216.553700][ T1035] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  216.556983][ T1035] CPU: 0 UID: 0 PID: 1035 Comm: kworker/u4:5 Not tainted 6.16.0-rc3-syzkaller-g7595b66ae9de #0 PREEMPT(full) 
[  216.562060][ T1035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.566826][ T1035] Workqueue: btrfs-qgroup-rescan btrfs_work_helper
[  216.569766][ T1035] Call Trace:
[  216.571265][ T1035]  <TASK>
[  216.572678][ T1035]  dump_stack_lvl+0x99/0x250
[  216.574821][ T1035]  ? __asan_memcpy+0x40/0x70
[  216.576928][ T1035]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.579263][ T1035]  ? __pfx__printk+0x10/0x10
[  216.581341][ T1035]  panic+0x2db/0x790
[  216.583158][ T1035]  ? __pfx_panic+0x10/0x10
[  216.585162][ T1035]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  216.587716][ T1035]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  216.590515][ T1035]  ? print_memory_metadata+0x314/0x400
[  216.592979][ T1035]  ? _raw_spin_lock_irqsave+0xa7/0xf0
[  216.595367][ T1035]  check_panic_on_warn+0x89/0xb0
[  216.597487][ T1035]  ? _raw_spin_lock_irqsave+0xa7/0xf0
[  216.599746][ T1035]  end_report+0x78/0x160
[  216.601703][ T1035]  kasan_report+0x129/0x150
[  216.603572][ T1035]  ? worker_thread+0x8a0/0xda0
[  216.605585][ T1035]  ? _raw_spin_lock_irqsave+0xa7/0xf0
[  216.607880][ T1035]  ? try_to_wake_up+0x6e/0x1290
[  216.610143][ T1035]  __kasan_check_byte+0x2a/0x40
[  216.612371][ T1035]  lock_acquire+0x8d/0x360
[  216.614267][ T1035]  _raw_spin_lock_irqsave+0xa7/0xf0
[  216.616519][ T1035]  ? try_to_wake_up+0x6e/0x1290
[  216.618594][ T1035]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  216.621146][ T1035]  ? kasan_quarantine_put+0xdd/0x220
[  216.623359][ T1035]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.625631][ T1035]  try_to_wake_up+0x6e/0x1290
[  216.627761][ T1035]  ? kfree+0x18e/0x440
[  216.629705][ T1035]  ? __btrfs_end_transaction+0x378/0x640
[  216.632030][ T1035]  __btrfs_end_transaction+0x4c1/0x640
[  216.634447][ T1035]  btrfs_qgroup_rescan_worker+0x1a66/0x1be0
[  216.637337][ T1035]  ? __pfx_btrfs_qgroup_rescan_worker+0x10/0x10
[  216.640967][ T1035]  btrfs_work_helper+0x39c/0xc20
[  216.643779][ T1035]  ? _raw_spin_unlock_irq+0x23/0x50
[  216.646606][ T1035]  ? process_scheduled_works+0x9ef/0x17b0
[  216.649103][ T1035]  process_scheduled_works+0xae1/0x17b0
[  216.651401][ T1035]  ? __pfx_process_scheduled_works+0x10/0x10
[  216.654160][ T1035]  worker_thread+0x8a0/0xda0
[  216.656288][ T1035]  kthread+0x70e/0x8a0
[  216.658191][ T1035]  ? __pfx_worker_thread+0x10/0x10
[  216.660479][ T1035]  ? __pfx_kthread+0x10/0x10
[  216.662557][ T1035]  ? _raw_spin_unlock_irq+0x23/0x50
[  216.665003][ T1035]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.667341][ T1035]  ? __pfx_kthread+0x10/0x10
[  216.669436][ T1035]  ret_from_fork+0x3fc/0x770
[  216.671519][ T1035]  ? __pfx_ret_from_fork+0x10/0x10
[  216.673914][ T1035]  ? __pfx_kthread+0x10/0x10
[  216.676001][ T1035]  ret_from_fork_asm+0x1a/0x30
[  216.678189][ T1035]  </TASK>
[  216.679928][ T1035] Kernel Offset: disabled
[  216.681890][ T1035] Rebooting in 86400 seconds..