Warning: Permanently added '[localhost]:21790' (ED25519) to the list of known hosts.
syzkaller login: [   91.869863][   T54] cfg80211: failed to load regulatory.db
2025/09/30 17:40:51 parsed 1 programs
[   96.067089][ T5334] cgroup: Unknown subsys name 'net'
[   96.138419][ T5334] cgroup: Unknown subsys name 'cpuset'
[   96.143530][ T5334] cgroup: Unknown subsys name 'rlimit'
[   97.738413][ T5334] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  101.334726][ T5344] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  101.338733][ T5344] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  101.343506][ T5344] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  101.349166][ T5344] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  101.352437][ T5344] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  101.559490][ T5342] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  104.884237][ T5398] chnl_net:caif_netlink_parms(): no params data found
[  104.960716][ T5398] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.964666][ T5398] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.967679][ T5398] bridge_slave_0: entered allmulticast mode
[  104.971607][ T5398] bridge_slave_0: entered promiscuous mode
[  104.978216][ T5398] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.981314][ T5398] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.984915][ T5398] bridge_slave_1: entered allmulticast mode
[  104.988775][ T5398] bridge_slave_1: entered promiscuous mode
[  105.013878][ T5398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.021009][ T5398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.047208][ T5398] team0: Port device team_slave_0 added
[  105.051883][ T5398] team0: Port device team_slave_1 added
[  105.075918][ T5398] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.078798][ T5398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.090048][ T5398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.097982][ T5398] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.101195][ T5398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.115097][ T5398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.153503][ T5398] hsr_slave_0: entered promiscuous mode
[  105.157751][ T5398] hsr_slave_1: entered promiscuous mode
[  105.317242][ T5398] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  105.327274][ T5398] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  105.334290][ T5398] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  105.342365][ T5398] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  105.373823][ T5398] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.377301][ T5398] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.381242][ T5398] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.384584][ T5398] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.451509][ T5398] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.466418][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.470485][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.483623][ T5398] 8021q: adding VLAN 0 to HW filter on device team0
[  105.497227][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.500502][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.517442][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.520580][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.695732][ T5398] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.736802][ T5398] veth0_vlan: entered promiscuous mode
[  105.746379][ T5398] veth1_vlan: entered promiscuous mode
[  105.774933][ T5398] veth0_macvtap: entered promiscuous mode
[  105.780858][ T5398] veth1_macvtap: entered promiscuous mode
[  105.802807][ T5398] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.815826][ T5398] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.829053][ T1040] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.832833][ T1040] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.848591][ T1040] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.852112][ T1040] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.985367][ T5398] syz-executor (5398) used greatest stack depth: 19704 bytes left
[  106.008675][ T1040] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.058412][ T1040] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.111307][ T1040] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.169047][ T1040] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.180338][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.183770][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.219613][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.222856][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/09/30 17:41:05 executed programs: 0
[  107.434154][ T4683] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  107.440018][ T4683] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  107.443599][ T4683] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  107.450074][ T4683] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  107.453246][ T4683] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  107.633514][ T5438] chnl_net:caif_netlink_parms(): no params data found
[  107.695200][ T5438] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.699067][ T5438] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.702154][ T5438] bridge_slave_0: entered allmulticast mode
[  107.707184][ T5438] bridge_slave_0: entered promiscuous mode
[  107.712391][ T5438] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.716761][ T5438] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.719986][ T5438] bridge_slave_1: entered allmulticast mode
[  107.723802][ T5438] bridge_slave_1: entered promiscuous mode
[  107.750486][ T5438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.757656][ T5438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.782493][ T5438] team0: Port device team_slave_0 added
[  107.788215][ T5438] team0: Port device team_slave_1 added
[  107.812663][ T5438] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.817104][ T5438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.829034][ T5438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.836032][ T5438] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.839051][ T5438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.852087][ T5438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.903019][ T5438] hsr_slave_0: entered promiscuous mode
[  107.907574][ T5438] hsr_slave_1: entered promiscuous mode
[  107.910515][ T5438] debugfs: 'hsr0' already exists in 'hsr'
[  107.913106][ T5438] Cannot create hsr debugfs directory
[  108.771053][ T1040] bridge_slave_1: left allmulticast mode
[  108.773658][ T1040] bridge_slave_1: left promiscuous mode
[  108.786813][ T1040] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.798540][ T1040] bridge_slave_0: left allmulticast mode
[  108.801056][ T1040] bridge_slave_0: left promiscuous mode
[  108.803639][ T1040] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.239759][ T1040] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  109.246207][ T1040] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  109.250704][ T1040] bond0 (unregistering): Released all slaves
[  109.358113][ T1040] hsr_slave_0: left promiscuous mode
[  109.367499][ T1040] hsr_slave_1: left promiscuous mode
[  109.375752][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  109.379066][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_0
[  109.394304][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  109.399198][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_1
[  109.427600][ T1040] veth1_macvtap: left promiscuous mode
[  109.430505][ T1040] veth0_macvtap: left promiscuous mode
[  109.433669][ T1040] veth1_vlan: left promiscuous mode
[  109.450641][ T1040] veth0_vlan: left promiscuous mode
[  109.465788][ T4683] Bluetooth: hci0: command tx timeout
[  109.859200][ T1040] team0 (unregistering): Port device team_slave_1 removed
[  109.879506][ T1040] team0 (unregistering): Port device team_slave_0 removed
[  110.357077][ T5438] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  110.380356][ T5438] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  110.399641][ T5438] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  110.405833][ T5438] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  111.108367][ T5438] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.150538][ T5438] 8021q: adding VLAN 0 to HW filter on device team0
[  111.176593][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.180025][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.221705][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.224882][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.544682][ T4683] Bluetooth: hci0: command tx timeout
[  111.553256][ T5438] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.616133][ T5438] veth0_vlan: entered promiscuous mode
[  111.622919][ T5438] veth1_vlan: entered promiscuous mode
[  111.648405][ T5438] veth0_macvtap: entered promiscuous mode
[  111.653417][ T5438] veth1_macvtap: entered promiscuous mode
[  111.667789][ T5438] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.679076][ T5438] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.690301][ T1038] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.700565][ T1038] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.710736][ T1038] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.723606][ T1038] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.767118][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.777274][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.810281][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.813801][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.060603][ T5485] loop0: detected capacity change from 0 to 32768
[  112.078791][ T5485] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.17 (5485)
[  112.113618][ T5485] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  112.126397][ T5485] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  112.178048][ T5485] BTRFS info (device loop0): rebuilding free space tree
[  112.221414][ T5485] BTRFS info (device loop0): disabling free space tree
[  112.231848][ T5485] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  112.243075][ T5485] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  112.269057][ T5485] BTRFS info (device loop0): enabling ssd optimizations
[  112.271941][ T5485] BTRFS info (device loop0): force clearing of disk cache
[  112.285103][ T5485] BTRFS info (device loop0): enabling auto defrag
[  112.287495][ T5485] BTRFS info (device loop0): doing ref verification
[  112.290207][ T5485] BTRFS info (device loop0): max_inline set to 4096
[  112.331536][ T5485] BTRFS info (device loop0): balance: start -d -m
[  112.351681][ T5485] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  112.392319][ T5485] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  112.470311][ T5485] BTRFS info (device loop0): found 8 extents, stage: move data extents
[  112.494280][ T5485] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[  112.520019][ T5485] BTRFS info (device loop0): balance: ended with status: 0
[  112.535393][ T5485] FAULT_INJECTION: forcing a failure.
[  112.535393][ T5485] name failslab, interval 1, probability 0, space 0, times 1
[  112.541187][ T5485] CPU: 0 UID: 0 PID: 5485 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  112.541204][ T5485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.541211][ T5485] Call Trace:
[  112.541218][ T5485]  <TASK>
[  112.541225][ T5485]  dump_stack_lvl+0x189/0x250
[  112.541367][ T5485]  ? __pfx____ratelimit+0x10/0x10
[  112.541410][ T5485]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.541425][ T5485]  ? __pfx__printk+0x10/0x10
[  112.541439][ T5485]  ? __pfx___might_resched+0x10/0x10
[  112.541451][ T5485]  ? fs_reclaim_acquire+0x7d/0x100
[  112.541507][ T5485]  should_fail_ex+0x414/0x560
[  112.541527][ T5485]  should_failslab+0xa8/0x100
[  112.541543][ T5485]  kmem_cache_alloc_noprof+0x73/0x3c0
[  112.541557][ T5485]  ? add_delayed_ref+0x139/0x1d80
[  112.541573][ T5485]  add_delayed_ref+0x139/0x1d80
[  112.541586][ T5485]  ? do_raw_spin_unlock+0x4d/0x240
[  112.541616][ T5485]  ? __pfx_btrfs_get_64+0x10/0x10
[  112.541635][ T5485]  btrfs_inc_extent_ref+0x10c/0x1f0
[  112.541651][ T5485]  __btrfs_mod_ref+0x498/0x8e0
[  112.541674][ T5485]  ? __pfx___btrfs_mod_ref+0x10/0x10
[  112.541687][ T5485]  ? __write_extent_buffer+0x1b0/0x6c0
[  112.541701][ T5485]  ? copy_extent_buffer_full+0x36e/0x530
[  112.541719][ T5485]  ? __write_extent_buffer+0x277/0x6c0
[  112.541732][ T5485]  ? btrfs_copy_root+0x7e5/0x1090
[  112.541751][ T5485]  btrfs_copy_root+0x949/0x1090
[  112.541772][ T5485]  ? __pfx_btrfs_copy_root+0x10/0x10
[  112.541786][ T5485]  ? btrfs_cow_block+0x40a/0x9a0
[  112.541810][ T5485]  create_pending_snapshot+0xa76/0x3280
[  112.541840][ T5485]  ? __pfx_create_pending_snapshot+0x10/0x10
[  112.541861][ T5485]  ? rcu_is_watching+0x15/0xb0
[  112.541875][ T5485]  ? trace_contention_end+0x39/0x120
[  112.541890][ T5485]  ? __mutex_lock+0x335/0x1350
[  112.541909][ T5485]  ? __lock_acquire+0xab9/0xd20
[  112.541918][ T5485]  ? btrfs_commit_transaction+0xedd/0x3950
[  112.541948][ T5485]  create_pending_snapshots+0x17c/0x1c0
[  112.541964][ T5485]  btrfs_commit_transaction+0xeea/0x3950
[  112.541985][ T5485]  ? btrfs_commit_transaction+0x161/0x3950
[  112.542011][ T5485]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  112.542026][ T5485]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  112.542043][ T5485]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  112.542054][ T5485]  ? do_raw_spin_unlock+0x4d/0x240
[  112.542072][ T5485]  ? record_root_in_trans+0x2d8/0x370
[  112.542094][ T5485]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  112.542108][ T5485]  ? start_transaction+0x439/0x1620
[  112.542128][ T5485]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  112.542143][ T5485]  ? btrfs_record_root_in_trans+0x124/0x180
[  112.542163][ T5485]  create_snapshot+0x6bc/0xba0
[  112.542183][ T5485]  btrfs_mksubvol+0x545/0x6d0
[  112.542202][ T5485]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  112.542217][ T5485]  ? mnt_get_write_access+0x223/0x2a0
[  112.542231][ T5485]  btrfs_mksnapshot+0xab/0xf0
[  112.542247][ T5485]  __btrfs_ioctl_snap_create+0x520/0x730
[  112.542263][ T5485]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  112.542277][ T5485]  ? rep_movs_alternative+0x4a/0x90
[  112.542294][ T5485]  ? _copy_from_user+0x94/0xb0
[  112.542310][ T5485]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  112.542331][ T5485]  btrfs_ioctl+0xa62/0xd00
[  112.542342][ T5485]  ? __pfx_btrfs_ioctl+0x10/0x10
[  112.542355][ T5485]  __se_sys_ioctl+0xf9/0x170
[  112.542369][ T5485]  do_syscall_64+0xfa/0x3b0
[  112.542381][ T5485]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.542391][ T5485]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.542401][ T5485]  ? clear_bhb_loop+0x60/0xb0
[  112.542415][ T5485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.542425][ T5485] RIP: 0033:0x7f4f9358eec9
[  112.542436][ T5485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.542445][ T5485] RSP: 002b:00007fffe2df5c18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  112.542458][ T5485] RAX: ffffffffffffffda RBX: 00007f4f937e5fa0 RCX: 00007f4f9358eec9
[  112.542464][ T5485] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  112.542471][ T5485] RBP: 00007fffe2df5c70 R08: 0000000000000000 R09: 0000000000000000
[  112.542477][ T5485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  112.542482][ T5485] R13: 00007f4f937e5fa0 R14: 00007f4f937e5fa0 R15: 0000000000000003
[  112.542498][ T5485]  </TASK>
[  112.542773][ T5485] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  112.753600][ T5485] BTRFS: error (device loop0 state A) in btrfs_copy_root:301: errno=-12 Out of memory
[  112.758272][ T5485] BTRFS info (device loop0 state EA): forced readonly
[  112.761327][ T5485] BTRFS: error (device loop0 state EA) in create_pending_snapshot:1804: errno=-12 Out of memory
[  112.767604][ T5485] BTRFS warning (device loop0 state EA): Skipping commit of aborted transaction.
[  112.774093][ T5485] BTRFS: error (device loop0 state EA) in cleanup_transaction:2023: errno=-12 Out of memory
[  113.291322][ T5438] BTRFS info (device loop0 state EA): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
2025/09/30 17:41:11 executed programs: 3
[  113.625947][ T4683] Bluetooth: hci0: command tx timeout
[  113.667022][ T5502] loop0: detected capacity change from 0 to 32768
[  113.677962][ T5502] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.18 (5502)
[  113.702493][ T5502] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  113.716033][ T5502] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  113.752036][ T5502] BTRFS info (device loop0): rebuilding free space tree
[  113.775880][ T5502] BTRFS info (device loop0): disabling free space tree
[  113.778985][ T5502] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  113.798073][ T5502] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  113.816548][ T5502] BTRFS info (device loop0): enabling ssd optimizations
[  113.819288][ T5502] BTRFS info (device loop0): force clearing of disk cache
[  113.822055][ T5502] BTRFS info (device loop0): enabling auto defrag
[  113.835760][ T5502] BTRFS info (device loop0): doing ref verification
[  113.838336][ T5502] BTRFS info (device loop0): max_inline set to 4096
[  113.857395][ T5502] BTRFS info (device loop0): balance: start -d -m
[  113.875654][ T5502] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  113.899012][ T5502] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  113.958961][ T5502] BTRFS info (device loop0): found 8 extents, stage: move data extents
[  113.987244][ T5502] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[  114.008913][ T5502] BTRFS info (device loop0): balance: ended with status: 0
[  114.022641][ T5502] FAULT_INJECTION: forcing a failure.
[  114.022641][ T5502] name failslab, interval 1, probability 0, space 0, times 0
[  114.030309][ T5502] CPU: 0 UID: 0 PID: 5502 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full) 
[  114.030326][ T5502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.030333][ T5502] Call Trace:
[  114.030347][ T5502]  <TASK>
[  114.030352][ T5502]  dump_stack_lvl+0x189/0x250
[  114.030392][ T5502]  ? __pfx____ratelimit+0x10/0x10
[  114.030410][ T5502]  ? __pfx_dump_stack_lvl+0x10/0x10
[  114.030424][ T5502]  ? __pfx__printk+0x10/0x10
[  114.030464][ T5502]  ? __pfx___might_resched+0x10/0x10
[  114.030479][ T5502]  should_fail_ex+0x414/0x560
[  114.030507][ T5502]  should_failslab+0xa8/0x100
[  114.030525][ T5502]  __kmalloc_cache_noprof+0x70/0x3d0
[  114.030540][ T5502]  ? btrfs_ref_tree_mod+0x24e/0x1ab0
[  114.030561][ T5502]  btrfs_ref_tree_mod+0x24e/0x1ab0
[  114.030577][ T5502]  ? __pfx_set_extent_bit+0x10/0x10
[  114.030602][ T5502]  btrfs_alloc_tree_block+0xd2f/0x1290
[  114.030616][ T5502]  ? __pfx_hlock_conflict+0x10/0x10
[  114.030641][ T5502]  ? lockdep_lock+0x90/0xc0
[  114.030656][ T5502]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  114.030681][ T5502]  ? read_extent_buffer+0x120/0x5e0
[  114.030698][ T5502]  btrfs_force_cow_block+0x578/0x2460
[  114.030715][ T5502]  ? __lock_acquire+0xab9/0xd20
[  114.030731][ T5502]  ? btrfs_qgroup_trace_subtree_after_cow+0x1cd/0x930
[  114.030751][ T5502]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  114.030771][ T5502]  ? down_write_nested+0x169/0x200
[  114.030785][ T5502]  ? __pfx_down_write_nested+0x10/0x10
[  114.030801][ T5502]  btrfs_cow_block+0x40a/0x9a0
[  114.030827][ T5502]  btrfs_search_slot+0xd11/0x2b90
[  114.030861][ T5502]  ? __pfx_btrfs_search_slot+0x10/0x10
[  114.030877][ T5502]  ? rcu_is_watching+0x15/0xb0
[  114.030898][ T5502]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  114.030912][ T5502]  ? btrfs_insert_item+0xa9/0x2e0
[  114.030926][ T5502]  btrfs_insert_item+0x110/0x2e0
[  114.030941][ T5502]  ? __pfx_btrfs_insert_item+0x10/0x10
[  114.030960][ T5502]  ? up_write+0x1c4/0x420
[  114.030970][ T5502]  ? rcu_is_watching+0x15/0xb0
[  114.030980][ T5502]  ? btrfs_insert_root+0x2a/0x160
[  114.030999][ T5502]  create_pending_snapshot+0xb0e/0x3280
[  114.031033][ T5502]  ? __pfx_create_pending_snapshot+0x10/0x10
[  114.031042][ T5502]  ? rcu_is_watching+0x15/0xb0
[  114.031054][ T5502]  ? trace_contention_end+0x39/0x120
[  114.031067][ T5502]  ? __mutex_lock+0x335/0x1350
[  114.031089][ T5502]  ? __lock_acquire+0xab9/0xd20
[  114.031099][ T5502]  ? btrfs_commit_transaction+0xedd/0x3950
[  114.031128][ T5502]  create_pending_snapshots+0x17c/0x1c0
[  114.031143][ T5502]  btrfs_commit_transaction+0xeea/0x3950
[  114.031163][ T5502]  ? btrfs_commit_transaction+0x161/0x3950
[  114.031194][ T5502]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  114.031208][ T5502]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  114.031225][ T5502]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  114.031236][ T5502]  ? do_raw_spin_unlock+0x4d/0x240
[  114.031254][ T5502]  ? record_root_in_trans+0x2d8/0x370
[  114.031278][ T5502]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  114.031292][ T5502]  ? start_transaction+0x439/0x1620
[  114.031310][ T5502]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  114.031324][ T5502]  ? btrfs_record_root_in_trans+0x124/0x180
[  114.031342][ T5502]  create_snapshot+0x6bc/0xba0
[  114.031362][ T5502]  btrfs_mksubvol+0x545/0x6d0
[  114.031381][ T5502]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  114.031396][ T5502]  ? mnt_get_write_access+0x223/0x2a0
[  114.031411][ T5502]  btrfs_mksnapshot+0xab/0xf0
[  114.031425][ T5502]  __btrfs_ioctl_snap_create+0x520/0x730
[  114.031442][ T5502]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  114.031457][ T5502]  ? rep_movs_alternative+0x4a/0x90
[  114.031474][ T5502]  ? _copy_from_user+0x94/0xb0
[  114.031488][ T5502]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  114.031511][ T5502]  btrfs_ioctl+0xa62/0xd00
[  114.031526][ T5502]  ? __pfx_btrfs_ioctl+0x10/0x10
[  114.031541][ T5502]  __se_sys_ioctl+0xf9/0x170
[  114.031556][ T5502]  do_syscall_64+0xfa/0x3b0
[  114.031567][ T5502]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.031578][ T5502]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.031588][ T5502]  ? clear_bhb_loop+0x60/0xb0
[  114.031601][ T5502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.031611][ T5502] RIP: 0033:0x7f4f9358eec9
[  114.031623][ T5502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.031632][ T5502] RSP: 002b:00007fffe2df5c18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  114.031644][ T5502] RAX: ffffffffffffffda RBX: 00007f4f937e5fa0 RCX: 00007f4f9358eec9
[  114.031651][ T5502] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  114.031658][ T5502] RBP: 00007fffe2df5c70 R08: 0000000000000000 R09: 0000000000000000
[  114.031665][ T5502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  114.031671][ T5502] R13: 00007f4f937e5fa0 R14: 00007f4f937e5fa0 R15: 0000000000000003
[  114.031692][ T5502]  </TASK>
[  114.776848][ T5438] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  115.150343][ T5519] loop0: detected capacity change from 0 to 32768
[  115.161803][ T5519] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.19 (5519)
[  115.204068][ T5519] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  115.215520][ T5519] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  115.263739][ T5519] BTRFS info (device loop0): rebuilding free space tree
[  115.289411][ T5519] BTRFS info (device loop0): disabling free space tree
[  115.292349][ T5519] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  115.310590][ T5519] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  115.329128][ T5519] BTRFS info (device loop0): enabling ssd optimizations
[  115.332126][ T5519] BTRFS info (device loop0): force clearing of disk cache
[  115.346946][ T5519] BTRFS info (device loop0): enabling auto defrag
[  115.349752][ T5519] BTRFS info (device loop0): doing ref verification
[  115.352599][ T5519] BTRFS info (device loop0): max_inline set to 4096
[  115.377123][ T5519] BTRFS info (device loop0): balance: start -d -m
[  115.386778][ T5519] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  115.418547][ T5519] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  115.488711][ T5519] BTRFS info (device loop0): found 8 extents, stage: move data extents
[  115.516990][ T5519] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[  115.538248][ T5519] BTRFS info (device loop0): balance: ended with status: 0
[  115.705141][ T4683] Bluetooth: hci0: command tx timeout
[  116.072512][ T5438] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  116.429977][ T5536] loop0: detected capacity change from 0 to 32768
[  116.440464][ T5536] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.20 (5536)
[  116.462815][ T5536] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  116.471982][ T5536] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  116.516699][ T5536] BTRFS info (device loop0): rebuilding free space tree
[  116.535569][ T5536] BTRFS info (device loop0): disabling free space tree
[  116.538043][ T5536] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  116.541242][ T5536] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  116.560335][ T5536] BTRFS info (device loop0): enabling ssd optimizations
[  116.563319][ T5536] BTRFS info (device loop0): force clearing of disk cache
[  116.585670][ T5536] BTRFS info (device loop0): enabling auto defrag
[  116.588259][ T5536] BTRFS info (device loop0): doing ref verification
[  116.590867][ T5536] BTRFS info (device loop0): max_inline set to 4096
[  116.607128][ T5536] BTRFS info (device loop0): balance: start -d -m
[  116.615727][ T5536] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  116.642941][ T5536] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  116.703636][ T5536] BTRFS info (device loop0): found 8 extents, stage: move data extents
[  116.728906][ T5536] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[  116.749470][ T5536] BTRFS info (device loop0): balance: ended with status: 0
[  116.761275][ T5536] FAULT_INJECTION: forcing a failure.
[  116.761275][ T5536] name failslab, interval 1, probability 0, space 0, times 0
[  116.767617][ T5536] CPU: 0 UID: 0 PID: 5536 Comm: syz.0.20 Not tainted syzkaller #0 PREEMPT(full) 
[  116.767634][ T5536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  116.767640][ T5536] Call Trace:
[  116.767645][ T5536]  <TASK>
[  116.767650][ T5536]  dump_stack_lvl+0x189/0x250
[  116.767693][ T5536]  ? __pfx____ratelimit+0x10/0x10
[  116.767711][ T5536]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.767725][ T5536]  ? __pfx__printk+0x10/0x10
[  116.767741][ T5536]  ? __pfx___might_resched+0x10/0x10
[  116.767757][ T5536]  should_fail_ex+0x414/0x560
[  116.767785][ T5536]  should_failslab+0xa8/0x100
[  116.767803][ T5536]  __kmalloc_cache_noprof+0x70/0x3d0
[  116.767817][ T5536]  ? btrfs_ref_tree_mod+0x654/0x1ab0
[  116.767835][ T5536]  btrfs_ref_tree_mod+0x654/0x1ab0
[  116.767874][ T5536]  btrfs_free_tree_block+0x2b9/0xcf0
[  116.767893][ T5536]  ? __pfx_btrfs_free_tree_block+0x10/0x10
[  116.767910][ T5536]  ? btrfs_tree_mod_log_insert_root+0xa7/0xb20
[  116.767922][ T5536]  ? __write_extent_buffer+0x277/0x6c0
[  116.767936][ T5536]  ? btrfs_force_cow_block+0x9ee/0x2460
[  116.767957][ T5536]  btrfs_force_cow_block+0xfeb/0x2460
[  116.767972][ T5536]  ? __lock_acquire+0xab9/0xd20
[  116.767999][ T5536]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  116.768017][ T5536]  ? down_write_nested+0x169/0x200
[  116.768033][ T5536]  ? __pfx_down_write_nested+0x10/0x10
[  116.768051][ T5536]  btrfs_cow_block+0x40a/0x9a0
[  116.768076][ T5536]  btrfs_search_slot+0xd11/0x2b90
[  116.768109][ T5536]  ? __pfx_btrfs_search_slot+0x10/0x10
[  116.768127][ T5536]  ? rcu_is_watching+0x15/0xb0
[  116.768141][ T5536]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  116.768153][ T5536]  ? btrfs_insert_item+0xa9/0x2e0
[  116.768194][ T5536]  btrfs_insert_item+0x110/0x2e0
[  116.768209][ T5536]  ? __pfx_btrfs_insert_item+0x10/0x10
[  116.768256][ T5536]  ? up_write+0x1c4/0x420
[  116.768268][ T5536]  ? rcu_is_watching+0x15/0xb0
[  116.768279][ T5536]  ? btrfs_insert_root+0x2a/0x160
[  116.768297][ T5536]  create_pending_snapshot+0xb0e/0x3280
[  116.768327][ T5536]  ? __pfx_create_pending_snapshot+0x10/0x10
[  116.768337][ T5536]  ? rcu_is_watching+0x15/0xb0
[  116.768349][ T5536]  ? trace_contention_end+0x39/0x120
[  116.768363][ T5536]  ? __mutex_lock+0x335/0x1350
[  116.768384][ T5536]  ? __lock_acquire+0xab9/0xd20
[  116.768391][ T5536]  ? btrfs_commit_transaction+0xedd/0x3950
[  116.768421][ T5536]  create_pending_snapshots+0x17c/0x1c0
[  116.768437][ T5536]  btrfs_commit_transaction+0xeea/0x3950
[  116.768455][ T5536]  ? btrfs_commit_transaction+0x161/0x3950
[  116.768485][ T5536]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  116.768498][ T5536]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  116.768515][ T5536]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  116.768526][ T5536]  ? do_raw_spin_unlock+0x4d/0x240
[  116.768543][ T5536]  ? record_root_in_trans+0x2d8/0x370
[  116.768566][ T5536]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  116.768581][ T5536]  ? start_transaction+0x439/0x1620
[  116.768600][ T5536]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  116.768614][ T5536]  ? btrfs_record_root_in_trans+0x124/0x180
[  116.768633][ T5536]  create_snapshot+0x6bc/0xba0
[  116.768653][ T5536]  btrfs_mksubvol+0x545/0x6d0
[  116.768672][ T5536]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  116.768687][ T5536]  ? mnt_get_write_access+0x223/0x2a0
[  116.768702][ T5536]  btrfs_mksnapshot+0xab/0xf0
[  116.768718][ T5536]  __btrfs_ioctl_snap_create+0x520/0x730
[  116.768732][ T5536]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  116.768741][ T5536]  ? rep_movs_alternative+0x4a/0x90
[  116.768752][ T5536]  ? _copy_from_user+0x94/0xb0
[  116.768791][ T5536]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  116.768814][ T5536]  btrfs_ioctl+0xa62/0xd00
[  116.768830][ T5536]  ? __pfx_btrfs_ioctl+0x10/0x10
[  116.768854][ T5536]  __se_sys_ioctl+0xf9/0x170
[  116.768870][ T5536]  do_syscall_64+0xfa/0x3b0
[  116.768882][ T5536]  ? lockdep_hardirqs_on+0x9c/0x150
[  116.768893][ T5536]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.768904][ T5536]  ? clear_bhb_loop+0x60/0xb0
[  116.768918][ T5536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.768928][ T5536] RIP: 0033:0x7f4f9358eec9
[  116.768940][ T5536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.768949][ T5536] RSP: 002b:00007fffe2df5c18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  116.768961][ T5536] RAX: ffffffffffffffda RBX: 00007f4f937e5fa0 RCX: 00007f4f9358eec9
[  116.768969][ T5536] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  116.768975][ T5536] RBP: 00007fffe2df5c70 R08: 0000000000000000 R09: 0000000000000000
[  116.768981][ T5536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  116.768986][ T5536] R13: 00007f4f937e5fa0 R14: 00007f4f937e5fa0 R15: 0000000000000003
[  116.769004][ T5536]  </TASK>
[  117.502561][ T5438] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  117.841594][ T5553] loop0: detected capacity change from 0 to 32768
[  117.854239][ T5553] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.21 (5553)
[  117.871587][ T5553] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  117.881405][ T5553] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  117.937602][ T5553] BTRFS info (device loop0): rebuilding free space tree
[  117.958605][ T5553] BTRFS info (device loop0): disabling free space tree
[  117.961594][ T5553] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  117.974946][ T5553] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  117.985935][ T5553] BTRFS info (device loop0): enabling ssd optimizations
[  117.988966][ T5553] BTRFS info (device loop0): force clearing of disk cache
[  117.992083][ T5553] BTRFS info (device loop0): enabling auto defrag
[  118.014547][ T5553] BTRFS info (device loop0): doing ref verification
[  118.017515][ T5553] BTRFS info (device loop0): max_inline set to 4096
[  118.038105][ T5553] BTRFS info (device loop0): balance: start -d -m
[  118.055273][ T5553] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  118.078293][ T5553] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  118.117429][ T5553] BTRFS info (device loop0): found 8 extents, stage: move data extents
[  118.142489][ T5553] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[  118.161133][ T5553] BTRFS info (device loop0): balance: ended with status: 0
[  118.170983][ T5553] FAULT_INJECTION: forcing a failure.
[  118.170983][ T5553] name failslab, interval 1, probability 0, space 0, times 0
[  118.177729][ T5553] CPU: 0 UID: 0 PID: 5553 Comm: syz.0.21 Not tainted syzkaller #0 PREEMPT(full) 
[  118.177744][ T5553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.177751][ T5553] Call Trace:
[  118.177755][ T5553]  <TASK>
[  118.177760][ T5553]  dump_stack_lvl+0x189/0x250
[  118.177780][ T5553]  ? __pfx____ratelimit+0x10/0x10
[  118.177793][ T5553]  ? __pfx_dump_stack_lvl+0x10/0x10
[  118.177807][ T5553]  ? __pfx__printk+0x10/0x10
[  118.177822][ T5553]  ? __pfx___might_resched+0x10/0x10
[  118.177833][ T5553]  ? fs_reclaim_acquire+0x7d/0x100
[  118.177853][ T5553]  should_fail_ex+0x414/0x560
[  118.177873][ T5553]  should_failslab+0xa8/0x100
[  118.177890][ T5553]  __kmalloc_cache_noprof+0x70/0x3d0
[  118.177912][ T5553]  ? add_block_entry+0x98/0x530
[  118.177931][ T5553]  add_block_entry+0x98/0x530
[  118.177945][ T5553]  ? btrfs_ref_tree_mod+0x3c8/0x1ab0
[  118.177965][ T5553]  btrfs_ref_tree_mod+0x567/0x1ab0
[  118.177997][ T5553]  btrfs_alloc_tree_block+0xd2f/0x1290
[  118.178027][ T5553]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  118.178048][ T5553]  ? is_bpf_text_address+0x292/0x2b0
[  118.178059][ T5553]  ? is_bpf_text_address+0x26/0x2b0
[  118.178071][ T5553]  ? read_extent_buffer+0x120/0x5e0
[  118.178089][ T5553]  btrfs_force_cow_block+0x578/0x2460
[  118.178108][ T5553]  ? __lock_acquire+0xab9/0xd20
[  118.178126][ T5553]  ? btrfs_qgroup_trace_subtree_after_cow+0x1cd/0x930
[  118.178148][ T5553]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  118.178167][ T5553]  ? down_write_nested+0x169/0x200
[  118.178181][ T5553]  ? __pfx_down_write_nested+0x10/0x10
[  118.178197][ T5553]  btrfs_cow_block+0x40a/0x9a0
[  118.178222][ T5553]  btrfs_search_slot+0xd11/0x2b90
[  118.178256][ T5553]  ? __pfx_btrfs_search_slot+0x10/0x10
[  118.178271][ T5553]  ? rcu_is_watching+0x15/0xb0
[  118.178284][ T5553]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  118.178298][ T5553]  ? btrfs_insert_item+0xa9/0x2e0
[  118.178312][ T5553]  btrfs_insert_item+0x110/0x2e0
[  118.178328][ T5553]  ? __pfx_btrfs_insert_item+0x10/0x10
[  118.178345][ T5553]  ? up_write+0x1c4/0x420
[  118.178353][ T5553]  ? rcu_is_watching+0x15/0xb0
[  118.178360][ T5553]  ? btrfs_insert_root+0x2a/0x160
[  118.178372][ T5553]  create_pending_snapshot+0xb0e/0x3280
[  118.178391][ T5553]  ? __pfx_create_pending_snapshot+0x10/0x10
[  118.178397][ T5553]  ? rcu_is_watching+0x15/0xb0
[  118.178405][ T5553]  ? trace_contention_end+0x39/0x120
[  118.178417][ T5553]  ? __mutex_lock+0x335/0x1350
[  118.178436][ T5553]  ? __lock_acquire+0xab9/0xd20
[  118.178444][ T5553]  ? btrfs_commit_transaction+0xedd/0x3950
[  118.178474][ T5553]  create_pending_snapshots+0x17c/0x1c0
[  118.178490][ T5553]  btrfs_commit_transaction+0xeea/0x3950
[  118.178509][ T5553]  ? btrfs_commit_transaction+0x161/0x3950
[  118.178539][ T5553]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  118.178553][ T5553]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  118.178570][ T5553]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  118.178581][ T5553]  ? do_raw_spin_unlock+0x4d/0x240
[  118.178599][ T5553]  ? record_root_in_trans+0x2d8/0x370
[  118.178622][ T5553]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  118.178636][ T5553]  ? start_transaction+0x439/0x1620
[  118.178656][ T5553]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  118.178673][ T5553]  ? btrfs_record_root_in_trans+0x124/0x180
[  118.178687][ T5553]  create_snapshot+0x6bc/0xba0
[  118.178701][ T5553]  btrfs_mksubvol+0x545/0x6d0
[  118.178719][ T5553]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  118.178734][ T5553]  ? mnt_get_write_access+0x223/0x2a0
[  118.178750][ T5553]  btrfs_mksnapshot+0xab/0xf0
[  118.178765][ T5553]  __btrfs_ioctl_snap_create+0x520/0x730
[  118.178783][ T5553]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  118.178798][ T5553]  ? rep_movs_alternative+0x4a/0x90
[  118.178815][ T5553]  ? _copy_from_user+0x94/0xb0
[  118.178830][ T5553]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  118.178852][ T5553]  btrfs_ioctl+0xa62/0xd00
[  118.178868][ T5553]  ? __pfx_btrfs_ioctl+0x10/0x10
[  118.178883][ T5553]  __se_sys_ioctl+0xf9/0x170
[  118.178905][ T5553]  do_syscall_64+0xfa/0x3b0
[  118.178916][ T5553]  ? lockdep_hardirqs_on+0x9c/0x150
[  118.178928][ T5553]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.178939][ T5553]  ? clear_bhb_loop+0x60/0xb0
[  118.178953][ T5553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.178963][ T5553] RIP: 0033:0x7f4f9358eec9
[  118.178975][ T5553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.178984][ T5553] RSP: 002b:00007fffe2df5c18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  118.178996][ T5553] RAX: ffffffffffffffda RBX: 00007f4f937e5fa0 RCX: 00007f4f9358eec9
[  118.179003][ T5553] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  118.179009][ T5553] RBP: 00007fffe2df5c70 R08: 0000000000000000 R09: 0000000000000000
[  118.179015][ T5553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  118.179022][ T5553] R13: 00007f4f937e5fa0 R14: 00007f4f937e5fa0 R15: 0000000000000003
[  118.179039][ T5553]  </TASK>
[  118.916617][ T5438] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
2025/09/30 17:41:16 executed programs: 7
[  119.261963][ T5570] loop0: detected capacity change from 0 to 32768
[  119.273085][ T5570] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.22 (5570)
[  119.292173][ T5570] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  119.303424][ T5570] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  119.359034][ T5570] BTRFS info (device loop0): rebuilding free space tree
[  119.380868][ T5570] BTRFS info (device loop0): disabling free space tree
[  119.383987][ T5570] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  119.394810][ T5570] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  119.417986][ T5570] BTRFS info (device loop0): enabling ssd optimizations
[  119.421038][ T5570] BTRFS info (device loop0): force clearing of disk cache
[  119.423830][ T5570] BTRFS info (device loop0): enabling auto defrag
[  119.435648][ T5570] BTRFS info (device loop0): doing ref verification
[  119.444834][ T5570] BTRFS info (device loop0): max_inline set to 4096
[  119.456983][ T5570] BTRFS info (device loop0): balance: start -d -m
[  119.470164][ T5570] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  119.499111][ T5570] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  119.547607][ T5570] BTRFS info (device loop0): found 8 extents, stage: move data extents
[  119.570497][ T5570] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[  119.607945][ T5570] BTRFS info (device loop0): balance: ended with status: 0
[  119.620526][ T5570] FAULT_INJECTION: forcing a failure.
[  119.620526][ T5570] name failslab, interval 1, probability 0, space 0, times 0
[  119.626216][ T5570] CPU: 0 UID: 0 PID: 5570 Comm: syz.0.22 Not tainted syzkaller #0 PREEMPT(full) 
[  119.626233][ T5570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.626240][ T5570] Call Trace:
[  119.626246][ T5570]  <TASK>
[  119.626251][ T5570]  dump_stack_lvl+0x189/0x250
[  119.626272][ T5570]  ? __pfx____ratelimit+0x10/0x10
[  119.626284][ T5570]  ? __pfx_dump_stack_lvl+0x10/0x10
[  119.626298][ T5570]  ? __pfx__printk+0x10/0x10
[  119.626313][ T5570]  ? __pfx___might_resched+0x10/0x10
[  119.626329][ T5570]  should_fail_ex+0x414/0x560
[  119.626350][ T5570]  should_failslab+0xa8/0x100
[  119.626368][ T5570]  __kmalloc_cache_noprof+0x70/0x3d0
[  119.626382][ T5570]  ? btrfs_ref_tree_mod+0x285/0x1ab0
[  119.626403][ T5570]  btrfs_ref_tree_mod+0x285/0x1ab0
[  119.626423][ T5570]  ? btrfs_alloc_tree_block+0xd9a/0x1290
[  119.626440][ T5570]  ? btrfs_clear_buffer_dirty+0x1ca/0x9b0
[  119.626457][ T5570]  btrfs_free_tree_block+0x2b9/0xcf0
[  119.626475][ T5570]  ? __pfx_btrfs_free_tree_block+0x10/0x10
[  119.626494][ T5570]  ? btrfs_tree_mod_log_insert_root+0xa7/0xb20
[  119.626505][ T5570]  ? __write_extent_buffer+0x277/0x6c0
[  119.626518][ T5570]  ? btrfs_force_cow_block+0x9ee/0x2460
[  119.626538][ T5570]  btrfs_force_cow_block+0xfeb/0x2460
[  119.626553][ T5570]  ? __lock_acquire+0xab9/0xd20
[  119.626580][ T5570]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  119.626598][ T5570]  ? down_write_nested+0x169/0x200
[  119.626613][ T5570]  ? __pfx_down_write_nested+0x10/0x10
[  119.626631][ T5570]  btrfs_cow_block+0x40a/0x9a0
[  119.626656][ T5570]  btrfs_search_slot+0xd11/0x2b90
[  119.626691][ T5570]  ? __pfx_btrfs_search_slot+0x10/0x10
[  119.626707][ T5570]  ? rcu_is_watching+0x15/0xb0
[  119.626722][ T5570]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  119.626735][ T5570]  ? btrfs_insert_item+0xa9/0x2e0
[  119.626747][ T5570]  btrfs_insert_item+0x110/0x2e0
[  119.626761][ T5570]  ? __pfx_btrfs_insert_item+0x10/0x10
[  119.626781][ T5570]  ? up_write+0x1c4/0x420
[  119.626792][ T5570]  ? rcu_is_watching+0x15/0xb0
[  119.626801][ T5570]  ? btrfs_insert_root+0x2a/0x160
[  119.626819][ T5570]  create_pending_snapshot+0xb0e/0x3280
[  119.626858][ T5570]  ? __pfx_create_pending_snapshot+0x10/0x10
[  119.626868][ T5570]  ? rcu_is_watching+0x15/0xb0
[  119.626880][ T5570]  ? trace_contention_end+0x39/0x120
[  119.626894][ T5570]  ? __mutex_lock+0x335/0x1350
[  119.626912][ T5570]  ? __lock_acquire+0xab9/0xd20
[  119.626919][ T5570]  ? btrfs_commit_transaction+0xedd/0x3950
[  119.626947][ T5570]  create_pending_snapshots+0x17c/0x1c0
[  119.626963][ T5570]  btrfs_commit_transaction+0xeea/0x3950
[  119.626983][ T5570]  ? btrfs_commit_transaction+0x161/0x3950
[  119.627012][ T5570]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  119.627027][ T5570]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  119.627044][ T5570]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  119.627057][ T5570]  ? do_raw_spin_unlock+0x4d/0x240
[  119.627075][ T5570]  ? record_root_in_trans+0x2d8/0x370
[  119.627097][ T5570]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  119.627112][ T5570]  ? start_transaction+0x439/0x1620
[  119.627132][ T5570]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  119.627147][ T5570]  ? btrfs_record_root_in_trans+0x124/0x180
[  119.627166][ T5570]  create_snapshot+0x6bc/0xba0
[  119.627187][ T5570]  btrfs_mksubvol+0x545/0x6d0
[  119.627207][ T5570]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  119.627221][ T5570]  ? mnt_get_write_access+0x223/0x2a0
[  119.627235][ T5570]  btrfs_mksnapshot+0xab/0xf0
[  119.627251][ T5570]  __btrfs_ioctl_snap_create+0x520/0x730
[  119.627267][ T5570]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  119.627282][ T5570]  ? rep_movs_alternative+0x4a/0x90
[  119.627298][ T5570]  ? _copy_from_user+0x94/0xb0
[  119.627313][ T5570]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  119.627335][ T5570]  btrfs_ioctl+0xa62/0xd00
[  119.627352][ T5570]  ? __pfx_btrfs_ioctl+0x10/0x10
[  119.627366][ T5570]  __se_sys_ioctl+0xf9/0x170
[  119.627380][ T5570]  do_syscall_64+0xfa/0x3b0
[  119.627392][ T5570]  ? lockdep_hardirqs_on+0x9c/0x150
[  119.627402][ T5570]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.627412][ T5570]  ? clear_bhb_loop+0x60/0xb0
[  119.627427][ T5570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.627437][ T5570] RIP: 0033:0x7f4f9358eec9
[  119.627449][ T5570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.627458][ T5570] RSP: 002b:00007fffe2df5c18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  119.627470][ T5570] RAX: ffffffffffffffda RBX: 00007f4f937e5fa0 RCX: 00007f4f9358eec9
[  119.627477][ T5570] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  119.627484][ T5570] RBP: 00007fffe2df5c70 R08: 0000000000000000 R09: 0000000000000000
[  119.627491][ T5570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  119.627497][ T5570] R13: 00007f4f937e5fa0 R14: 00007f4f937e5fa0 R15: 0000000000000003
[  119.627518][ T5570]  </TASK>
[  120.357322][ T5438] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  120.740411][ T5588] loop0: detected capacity change from 0 to 32768
[  120.752076][ T5588] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.23 (5588)
[  120.778212][ T5588] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  120.782507][ T5588] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  120.831525][ T5588] BTRFS info (device loop0): rebuilding free space tree
[  120.856362][ T5588] BTRFS info (device loop0): disabling free space tree
[  120.859505][ T5588] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  120.863850][ T5588] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  120.890080][ T5588] BTRFS info (device loop0): enabling ssd optimizations
[  120.892973][ T5588] BTRFS info (device loop0): force clearing of disk cache
[  120.904840][ T5588] BTRFS info (device loop0): enabling auto defrag
[  120.911820][ T5588] BTRFS info (device loop0): doing ref verification
[  120.922176][ T5588] BTRFS info (device loop0): max_inline set to 4096
[  120.939728][ T5588] BTRFS info (device loop0): balance: start -d -m
[  120.956339][ T5588] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  120.982478][ T5588] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  121.030793][ T5588] BTRFS info (device loop0): found 8 extents, stage: move data extents
[  121.058585][ T5588] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[  121.075732][ T5588] BTRFS info (device loop0): balance: ended with status: 0
[  121.086573][ T5588] FAULT_INJECTION: forcing a failure.
[  121.086573][ T5588] name failslab, interval 1, probability 0, space 0, times 0
[  121.092016][ T5588] CPU: 0 UID: 0 PID: 5588 Comm: syz.0.23 Not tainted syzkaller #0 PREEMPT(full) 
[  121.092032][ T5588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  121.092039][ T5588] Call Trace:
[  121.092045][ T5588]  <TASK>
[  121.092050][ T5588]  dump_stack_lvl+0x189/0x250
[  121.092188][ T5588]  ? __pfx____ratelimit+0x10/0x10
[  121.092240][ T5588]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.092254][ T5588]  ? __pfx__printk+0x10/0x10
[  121.092267][ T5588]  ? __pfx___might_resched+0x10/0x10
[  121.092278][ T5588]  ? fs_reclaim_acquire+0x7d/0x100
[  121.092324][ T5588]  should_fail_ex+0x414/0x560
[  121.092345][ T5588]  should_failslab+0xa8/0x100
[  121.092362][ T5588]  kmem_cache_alloc_noprof+0x73/0x3c0
[  121.092376][ T5588]  ? add_delayed_ref+0x11a/0x1d80
[  121.092391][ T5588]  add_delayed_ref+0x11a/0x1d80
[  121.092403][ T5588]  ? do_raw_spin_unlock+0x4d/0x240
[  121.092441][ T5588]  btrfs_free_tree_block+0x2c6/0xcf0
[  121.092460][ T5588]  ? __pfx_btrfs_free_tree_block+0x10/0x10
[  121.092474][ T5588]  ? btrfs_tree_mod_log_insert_root+0xa7/0xb20
[  121.092483][ T5588]  ? __write_extent_buffer+0x277/0x6c0
[  121.092492][ T5588]  ? btrfs_force_cow_block+0x9ee/0x2460
[  121.092505][ T5588]  btrfs_force_cow_block+0xfeb/0x2460
[  121.092514][ T5588]  ? __lock_acquire+0xab9/0xd20
[  121.092534][ T5588]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  121.092552][ T5588]  ? down_write_nested+0x169/0x200
[  121.092565][ T5588]  ? __pfx_down_write_nested+0x10/0x10
[  121.092582][ T5588]  btrfs_cow_block+0x40a/0x9a0
[  121.092605][ T5588]  btrfs_search_slot+0xd11/0x2b90
[  121.092640][ T5588]  ? __pfx_btrfs_search_slot+0x10/0x10
[  121.092657][ T5588]  ? rcu_is_watching+0x15/0xb0
[  121.092669][ T5588]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  121.092683][ T5588]  ? btrfs_insert_item+0xa9/0x2e0
[  121.092697][ T5588]  btrfs_insert_item+0x110/0x2e0
[  121.092717][ T5588]  ? __pfx_btrfs_insert_item+0x10/0x10
[  121.092735][ T5588]  ? up_write+0x1c4/0x420
[  121.092747][ T5588]  ? rcu_is_watching+0x15/0xb0
[  121.092757][ T5588]  ? btrfs_insert_root+0x2a/0x160
[  121.092797][ T5588]  create_pending_snapshot+0xb0e/0x3280
[  121.092827][ T5588]  ? __pfx_create_pending_snapshot+0x10/0x10
[  121.092837][ T5588]  ? rcu_is_watching+0x15/0xb0
[  121.092857][ T5588]  ? trace_contention_end+0x39/0x120
[  121.092869][ T5588]  ? __mutex_lock+0x335/0x1350
[  121.092891][ T5588]  ? __lock_acquire+0xab9/0xd20
[  121.092899][ T5588]  ? btrfs_commit_transaction+0xedd/0x3950
[  121.092930][ T5588]  create_pending_snapshots+0x17c/0x1c0
[  121.092947][ T5588]  btrfs_commit_transaction+0xeea/0x3950
[  121.092966][ T5588]  ? btrfs_commit_transaction+0x161/0x3950
[  121.092993][ T5588]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  121.093007][ T5588]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  121.093023][ T5588]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  121.093034][ T5588]  ? do_raw_spin_unlock+0x4d/0x240
[  121.093052][ T5588]  ? record_root_in_trans+0x2d8/0x370
[  121.093076][ T5588]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  121.093090][ T5588]  ? start_transaction+0x439/0x1620
[  121.093106][ T5588]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  121.093120][ T5588]  ? btrfs_record_root_in_trans+0x124/0x180
[  121.093137][ T5588]  create_snapshot+0x6bc/0xba0
[  121.093157][ T5588]  btrfs_mksubvol+0x545/0x6d0
[  121.093176][ T5588]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  121.093190][ T5588]  ? mnt_get_write_access+0x223/0x2a0
[  121.093205][ T5588]  btrfs_mksnapshot+0xab/0xf0
[  121.093220][ T5588]  __btrfs_ioctl_snap_create+0x520/0x730
[  121.093236][ T5588]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  121.093250][ T5588]  ? rep_movs_alternative+0x4a/0x90
[  121.093265][ T5588]  ? _copy_from_user+0x94/0xb0
[  121.093281][ T5588]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  121.093303][ T5588]  btrfs_ioctl+0xa62/0xd00
[  121.093319][ T5588]  ? __pfx_btrfs_ioctl+0x10/0x10
[  121.093335][ T5588]  __se_sys_ioctl+0xf9/0x170
[  121.093349][ T5588]  do_syscall_64+0xfa/0x3b0
[  121.093360][ T5588]  ? lockdep_hardirqs_on+0x9c/0x150
[  121.093372][ T5588]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.093383][ T5588]  ? clear_bhb_loop+0x60/0xb0
[  121.093397][ T5588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.093408][ T5588] RIP: 0033:0x7f4f9358eec9
[  121.093420][ T5588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.093429][ T5588] RSP: 002b:00007fffe2df5c18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  121.093441][ T5588] RAX: ffffffffffffffda RBX: 00007f4f937e5fa0 RCX: 00007f4f9358eec9
[  121.093448][ T5588] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  121.093455][ T5588] RBP: 00007fffe2df5c70 R08: 0000000000000000 R09: 0000000000000000
[  121.093461][ T5588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  121.093467][ T5588] R13: 00007f4f937e5fa0 R14: 00007f4f937e5fa0 R15: 0000000000000003
[  121.093487][ T5588]  </TASK>
[  121.093658][ T5588] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  121.327072][ T5588] BTRFS: error (device loop0 state A) in btrfs_force_cow_block:571: errno=-12 Out of memory
[  121.331409][ T5588] BTRFS info (device loop0 state EA): forced readonly
[  121.335469][ T5588] BTRFS: error (device loop0 state EA) in create_pending_snapshot:1818: errno=-12 Out of memory
[  121.339613][ T5588] BTRFS warning (device loop0 state EA): Skipping commit of aborted transaction.
[  121.343557][ T5588] BTRFS: error (device loop0 state EA) in cleanup_transaction:2023: errno=-12 Out of memory
[  121.856031][ T5438] BTRFS info (device loop0 state EA): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  122.220112][ T5609] loop0: detected capacity change from 0 to 32768
[  122.234269][ T5609] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.24 (5609)
[  122.256977][ T5609] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  122.261393][ T5609] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  122.317624][ T5609] BTRFS info (device loop0): rebuilding free space tree
[  122.337024][ T5609] BTRFS info (device loop0): disabling free space tree
[  122.345414][ T5609] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  122.364677][ T5609] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  122.372366][ T5609] BTRFS info (device loop0): enabling ssd optimizations
[  122.384547][ T5609] BTRFS info (device loop0): force clearing of disk cache
[  122.387472][ T5609] BTRFS info (device loop0): enabling auto defrag
[  122.390462][ T5609] BTRFS info (device loop0): doing ref verification
[  122.393178][ T5609] BTRFS info (device loop0): max_inline set to 4096
[  122.425136][ T5609] BTRFS info (device loop0): balance: start -d -m
[  122.438512][ T5609] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  122.477051][ T5609] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  122.512028][ T5609] BTRFS info (device loop0): found 8 extents, stage: move data extents
[  122.536957][ T5609] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[  122.556477][ T5609] BTRFS info (device loop0): balance: ended with status: 0
[  122.568560][ T5609] FAULT_INJECTION: forcing a failure.
[  122.568560][ T5609] name failslab, interval 1, probability 0, space 0, times 0
[  122.574058][ T5609] CPU: 0 UID: 0 PID: 5609 Comm: syz.0.24 Not tainted syzkaller #0 PREEMPT(full) 
[  122.574075][ T5609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.574083][ T5609] Call Trace:
[  122.574090][ T5609]  <TASK>
[  122.574095][ T5609]  dump_stack_lvl+0x189/0x250
[  122.574140][ T5609]  ? __pfx____ratelimit+0x10/0x10
[  122.574160][ T5609]  ? __pfx_dump_stack_lvl+0x10/0x10
[  122.574175][ T5609]  ? __pfx__printk+0x10/0x10
[  122.574189][ T5609]  ? __pfx___might_resched+0x10/0x10
[  122.574201][ T5609]  ? fs_reclaim_acquire+0x7d/0x100
[  122.574230][ T5609]  should_fail_ex+0x414/0x560
[  122.574251][ T5609]  should_failslab+0xa8/0x100
[  122.574267][ T5609]  kmem_cache_alloc_noprof+0x73/0x3c0
[  122.574281][ T5609]  ? add_delayed_ref+0x139/0x1d80
[  122.574298][ T5609]  add_delayed_ref+0x139/0x1d80
[  122.574311][ T5609]  ? do_raw_spin_unlock+0x4d/0x240
[  122.574343][ T5609]  btrfs_alloc_tree_block+0xd42/0x1290
[  122.574373][ T5609]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  122.574411][ T5609]  ? is_bpf_text_address+0x292/0x2b0
[  122.574419][ T5609]  ? is_bpf_text_address+0x26/0x2b0
[  122.574426][ T5609]  ? read_extent_buffer+0x120/0x5e0
[  122.574437][ T5609]  btrfs_force_cow_block+0x578/0x2460
[  122.574448][ T5609]  ? __lock_acquire+0xab9/0xd20
[  122.574459][ T5609]  ? btrfs_qgroup_trace_subtree_after_cow+0x1cd/0x930
[  122.574472][ T5609]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  122.574484][ T5609]  ? down_write_nested+0x169/0x200
[  122.574494][ T5609]  ? __pfx_down_write_nested+0x10/0x10
[  122.574505][ T5609]  btrfs_cow_block+0x40a/0x9a0
[  122.574526][ T5609]  btrfs_search_slot+0xd11/0x2b90
[  122.574562][ T5609]  ? __pfx_btrfs_search_slot+0x10/0x10
[  122.574579][ T5609]  ? rcu_is_watching+0x15/0xb0
[  122.574593][ T5609]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  122.574607][ T5609]  ? btrfs_insert_item+0xa9/0x2e0
[  122.574620][ T5609]  btrfs_insert_item+0x110/0x2e0
[  122.574637][ T5609]  ? __pfx_btrfs_insert_item+0x10/0x10
[  122.574655][ T5609]  ? up_write+0x1c4/0x420
[  122.574666][ T5609]  ? rcu_is_watching+0x15/0xb0
[  122.574676][ T5609]  ? btrfs_insert_root+0x2a/0x160
[  122.574694][ T5609]  create_pending_snapshot+0xb0e/0x3280
[  122.574722][ T5609]  ? __pfx_create_pending_snapshot+0x10/0x10
[  122.574732][ T5609]  ? rcu_is_watching+0x15/0xb0
[  122.574744][ T5609]  ? trace_contention_end+0x39/0x120
[  122.574757][ T5609]  ? __mutex_lock+0x335/0x1350
[  122.574777][ T5609]  ? __lock_acquire+0xab9/0xd20
[  122.574786][ T5609]  ? btrfs_commit_transaction+0xedd/0x3950
[  122.574824][ T5609]  create_pending_snapshots+0x17c/0x1c0
[  122.574841][ T5609]  btrfs_commit_transaction+0xeea/0x3950
[  122.574859][ T5609]  ? btrfs_commit_transaction+0x161/0x3950
[  122.574891][ T5609]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  122.574906][ T5609]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  122.574923][ T5609]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  122.574935][ T5609]  ? do_raw_spin_unlock+0x4d/0x240
[  122.574952][ T5609]  ? record_root_in_trans+0x2d8/0x370
[  122.574976][ T5609]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  122.574991][ T5609]  ? start_transaction+0x439/0x1620
[  122.575010][ T5609]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  122.575027][ T5609]  ? btrfs_record_root_in_trans+0x124/0x180
[  122.575045][ T5609]  create_snapshot+0x6bc/0xba0
[  122.575067][ T5609]  btrfs_mksubvol+0x545/0x6d0
[  122.575086][ T5609]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  122.575101][ T5609]  ? mnt_get_write_access+0x223/0x2a0
[  122.575115][ T5609]  btrfs_mksnapshot+0xab/0xf0
[  122.575131][ T5609]  __btrfs_ioctl_snap_create+0x520/0x730
[  122.575149][ T5609]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  122.575164][ T5609]  ? rep_movs_alternative+0x4a/0x90
[  122.575181][ T5609]  ? _copy_from_user+0x94/0xb0
[  122.575197][ T5609]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  122.575221][ T5609]  btrfs_ioctl+0xa62/0xd00
[  122.575238][ T5609]  ? __pfx_btrfs_ioctl+0x10/0x10
[  122.575253][ T5609]  __se_sys_ioctl+0xf9/0x170
[  122.575268][ T5609]  do_syscall_64+0xfa/0x3b0
[  122.575280][ T5609]  ? lockdep_hardirqs_on+0x9c/0x150
[  122.575291][ T5609]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.575302][ T5609]  ? clear_bhb_loop+0x60/0xb0
[  122.575316][ T5609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.575327][ T5609] RIP: 0033:0x7f4f9358eec9
[  122.575340][ T5609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.575349][ T5609] RSP: 002b:00007fffe2df5c18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  122.575362][ T5609] RAX: ffffffffffffffda RBX: 00007f4f937e5fa0 RCX: 00007f4f9358eec9
[  122.575370][ T5609] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  122.575376][ T5609] RBP: 00007fffe2df5c70 R08: 0000000000000000 R09: 0000000000000000
[  122.575384][ T5609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  122.575390][ T5609] R13: 00007f4f937e5fa0 R14: 00007f4f937e5fa0 R15: 0000000000000003
[  122.575411][ T5609]  </TASK>
[  122.800344][ T5609] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  122.804057][ T5609] BTRFS: error (device loop0 state A) in create_pending_snapshot:1818: errno=-12 Out of memory
[  122.830037][ T5609] BTRFS info (device loop0 state EA): forced readonly
[  122.832978][ T5609] BTRFS warning (device loop0 state EA): Skipping commit of aborted transaction.
[  122.837913][ T5609] BTRFS: error (device loop0 state EA) in cleanup_transaction:2023: errno=-12 Out of memory
[  123.349522][ T5438] BTRFS info (device loop0 state EA): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  123.371367][ T5438] ------------[ cut here ]------------
[  123.373918][ T5438] WARNING: CPU: 0 PID: 5438 at fs/btrfs/space-info.h:265 btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  123.379709][ T5438] Modules linked in:
[  123.382693][ T5438] CPU: 0 UID: 0 PID: 5438 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  123.387350][ T5438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.391985][ T5438] RIP: 0010:btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  123.395738][ T5438] Code: 00 00 74 08 4c 89 ff e8 14 1f 37 fe 4d 8b 27 4c 89 e7 48 8b 6c 24 18 48 89 ee e8 e1 1f d2 fd 49 39 ec 73 1c e8 77 1d d2 fd 90 <0f> 0b 90 31 db 43 80 7c 35 00 00 0f 85 2e ff ff ff e9 31 ff ff ff
[  123.403645][ T5438] RSP: 0018:ffffc900029bfa10 EFLAGS: 00010293
[  123.406985][ T5438] RAX: ffffffff83ec07c9 RBX: fffffffffff10000 RCX: ffff888000282440
[  123.410401][ T5438] RDX: 0000000000000000 RSI: 00000000000f0000 RDI: 00000000000ef000
[  123.413821][ T5438] RBP: 00000000000f0000 R08: ffffffff8f5ccd37 R09: 1ffffffff1eb99a6
[  123.417532][ T5438] R10: dffffc0000000000 R11: fffffbfff1eb99a7 R12: 00000000000ef000
[  123.421248][ T5438] R13: 1ffff1100a1b8c10 R14: dffffc0000000000 R15: ffff888050dc6080
[  123.426045][ T5438] FS:  00005555820e0500(0000) GS:ffff88808d972000(0000) knlGS:0000000000000000
[  123.430443][ T5438] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.433302][ T5438] CR2: 00005555820fb5c8 CR3: 0000000043116000 CR4: 0000000000352ef0
[  123.437039][ T5438] Call Trace:
[  123.438596][ T5438]  <TASK>
[  123.439901][ T5438]  btrfs_block_rsv_release+0x4b3/0x5e0
[  123.442254][ T5438]  btrfs_release_global_block_rsv+0x33/0x270
[  123.445003][ T5438]  btrfs_free_block_groups+0xc2c/0xf40
[  123.447361][ T5438]  close_ctree+0x7bc/0x1380
[  123.449395][ T5438]  ? do_raw_spin_unlock+0x4d/0x240
[  123.451532][ T5438]  ? btrfs_put_super+0x48/0x1b0
[  123.453651][ T5438]  ? __pfx__btrfs_printk+0x10/0x10
[  123.455974][ T5438]  ? __pfx_close_ctree+0x10/0x10
[  123.458205][ T5438]  ? btrfs_put_super+0x48/0x1b0
[  123.460281][ T5438]  ? btrfs_put_super+0x48/0x1b0
[  123.462532][ T5438]  ? __pfx_btrfs_put_super+0x10/0x10
[  123.465283][ T5438]  generic_shutdown_super+0x135/0x2c0
[  123.468057][ T5438]  kill_anon_super+0x3b/0x70
[  123.470157][ T5438]  btrfs_kill_super+0x41/0x50
[  123.472293][ T5438]  deactivate_locked_super+0xb9/0x130
[  123.475429][ T5438]  cleanup_mnt+0x425/0x4c0
[  123.477527][ T5438]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.479804][ T5438]  task_work_run+0x1d4/0x260
[  123.481764][ T5438]  ? __pfx_task_work_run+0x10/0x10
[  123.483971][ T5438]  ? __x64_sys_umount+0x122/0x160
[  123.486317][ T5438]  ? exit_to_user_mode_loop+0x40/0x110
[  123.488805][ T5438]  exit_to_user_mode_loop+0xec/0x110
[  123.491145][ T5438]  do_syscall_64+0x2bd/0x3b0
[  123.493209][ T5438]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.495614][ T5438]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.498483][ T5438]  ? clear_bhb_loop+0x60/0xb0
[  123.500561][ T5438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.503104][ T5438] RIP: 0033:0x7f4f935901f7
[  123.505237][ T5438] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  123.513482][ T5438] RSP: 002b:00007fffe2df4df8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  123.517468][ T5438] RAX: 0000000000000000 RBX: 00007f4f93611d7d RCX: 00007f4f935901f7
[  123.520996][ T5438] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffe2df4eb0
[  123.524552][ T5438] RBP: 00007fffe2df4eb0 R08: 0000000000000000 R09: 0000000000000000
[  123.528001][ T5438] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffe2df5f40
[  123.531459][ T5438] R13: 00007f4f93611d7d R14: 000000000001df36 R15: 00007fffe2df5f80
[  123.535065][ T5438]  </TASK>
[  123.536491][ T5438] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  123.539684][ T5438] CPU: 0 UID: 0 PID: 5438 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  123.544057][ T5438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.549775][ T5438] Call Trace:
[  123.551495][ T5438]  <TASK>
[  123.552857][ T5438]  dump_stack_lvl+0x99/0x250
[  123.554728][ T5438]  ? __asan_memcpy+0x40/0x70
[  123.556612][ T5438]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.558732][ T5438]  ? __pfx__printk+0x10/0x10
[  123.560541][ T5438]  vpanic+0x281/0x750
[  123.562192][ T5438]  ? __pfx__printk+0x10/0x10
[  123.564123][ T5438]  ? __pfx_vpanic+0x10/0x10
[  123.566000][ T5438]  ? is_bpf_text_address+0x292/0x2b0
[  123.568153][ T5438]  panic+0xb9/0xc0
[  123.569827][ T5438]  ? __pfx_panic+0x10/0x10
[  123.571805][ T5438]  __warn+0x31b/0x4b0
[  123.573612][ T5438]  ? btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  123.576602][ T5438]  ? btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  123.579486][ T5438]  report_bug+0x2be/0x4f0
[  123.581396][ T5438]  ? btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  123.584550][ T5438]  ? btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  123.587548][ T5438]  ? btrfs_space_info_update_bytes_may_use+0x35c/0x640
[  123.590500][ T5438]  handle_bug+0x84/0x160
[  123.592469][ T5438]  exc_invalid_op+0x1a/0x50
[  123.594411][ T5438]  asm_exc_invalid_op+0x1a/0x20
[  123.596560][ T5438] RIP: 0010:btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  123.599874][ T5438] Code: 00 00 74 08 4c 89 ff e8 14 1f 37 fe 4d 8b 27 4c 89 e7 48 8b 6c 24 18 48 89 ee e8 e1 1f d2 fd 49 39 ec 73 1c e8 77 1d d2 fd 90 <0f> 0b 90 31 db 43 80 7c 35 00 00 0f 85 2e ff ff ff e9 31 ff ff ff
[  123.608164][ T5438] RSP: 0018:ffffc900029bfa10 EFLAGS: 00010293
[  123.610825][ T5438] RAX: ffffffff83ec07c9 RBX: fffffffffff10000 RCX: ffff888000282440
[  123.614407][ T5438] RDX: 0000000000000000 RSI: 00000000000f0000 RDI: 00000000000ef000
[  123.617842][ T5438] RBP: 00000000000f0000 R08: ffffffff8f5ccd37 R09: 1ffffffff1eb99a6
[  123.621370][ T5438] R10: dffffc0000000000 R11: fffffbfff1eb99a7 R12: 00000000000ef000
[  123.625520][ T5438] R13: 1ffff1100a1b8c10 R14: dffffc0000000000 R15: ffff888050dc6080
[  123.628949][ T5438]  ? btrfs_space_info_update_bytes_may_use+0x359/0x640
[  123.631946][ T5438]  btrfs_block_rsv_release+0x4b3/0x5e0
[  123.634324][ T5438]  btrfs_release_global_block_rsv+0x33/0x270
[  123.636988][ T5438]  btrfs_free_block_groups+0xc2c/0xf40
[  123.639347][ T5438]  close_ctree+0x7bc/0x1380
[  123.641389][ T5438]  ? do_raw_spin_unlock+0x4d/0x240
[  123.643494][ T5438]  ? btrfs_put_super+0x48/0x1b0
[  123.645552][ T5438]  ? __pfx__btrfs_printk+0x10/0x10
[  123.647869][ T5438]  ? __pfx_close_ctree+0x10/0x10
[  123.650045][ T5438]  ? btrfs_put_super+0x48/0x1b0
[  123.652227][ T5438]  ? btrfs_put_super+0x48/0x1b0
[  123.654411][ T5438]  ? __pfx_btrfs_put_super+0x10/0x10
[  123.656728][ T5438]  generic_shutdown_super+0x135/0x2c0
[  123.659090][ T5438]  kill_anon_super+0x3b/0x70
[  123.661163][ T5438]  btrfs_kill_super+0x41/0x50
[  123.663324][ T5438]  deactivate_locked_super+0xb9/0x130
[  123.665693][ T5438]  cleanup_mnt+0x425/0x4c0
[  123.667721][ T5438]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.669917][ T5438]  task_work_run+0x1d4/0x260
[  123.671954][ T5438]  ? __pfx_task_work_run+0x10/0x10
[  123.674097][ T5438]  ? __x64_sys_umount+0x122/0x160
[  123.676175][ T5438]  ? exit_to_user_mode_loop+0x40/0x110
[  123.678359][ T5438]  exit_to_user_mode_loop+0xec/0x110
[  123.680658][ T5438]  do_syscall_64+0x2bd/0x3b0
[  123.682741][ T5438]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.685056][ T5438]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.687568][ T5438]  ? clear_bhb_loop+0x60/0xb0
[  123.689511][ T5438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.691901][ T5438] RIP: 0033:0x7f4f935901f7
[  123.693790][ T5438] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  123.701862][ T5438] RSP: 002b:00007fffe2df4df8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  123.705293][ T5438] RAX: 0000000000000000 RBX: 00007f4f93611d7d RCX: 00007f4f935901f7
[  123.708622][ T5438] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffe2df4eb0
[  123.711803][ T5438] RBP: 00007fffe2df4eb0 R08: 0000000000000000 R09: 0000000000000000
[  123.715155][ T5438] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffe2df5f40
[  123.719257][ T5438] R13: 00007f4f93611d7d R14: 000000000001df36 R15: 00007fffe2df5f80
[  123.723069][ T5438]  </TASK>
[  123.725043][ T5438] Kernel Offset: disabled
[  123.727005][ T5438] Rebooting in 86400 seconds..

VM DIAGNOSIS:
17:41:21  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000006e RBX=000000000000006e RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900029bf170
R8 =ffff8880332d8237 R9 =1ffff1100665b046 R10=dffffc0000000000 R11=ffffffff850cd250
R12=dffffc0000000000 R13=ffffffff995a28e2 R14=ffffffff99895780 R15=0000000000000000
RIP=ffffffff850cd2cc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555820e0500 ffffffff 00c00000
GS =0000 ffff88808d972000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005555820fb5c8 CR3=0000000043116000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000001 Opmask01=0000000000004000 Opmask02=0000000000020000 Opmask03=0000000000000000
Opmask04=00000000fffdffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3b7dce1fbc4613a1 53df08f09c818626
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f7da80a4dd3f2d0 14cfaf95440dc314
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ca3e7b756fd9ee2c dc79351b31c76d44
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f96177c56038b33 ceaeaaa7591ad86a
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003380
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000521100000000 9686830000915000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000005211 0000000000005211
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005211007b0000 8d4298000066a500
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a06953000045b600 0000000083083300
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 de7c8c2823fbdac7 3b7c937234ef103b
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 246d692bf2ffac79 5f6cbb6af8fbc518
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 74696d6d6f632067 6e697070696b5320 3a29414520657461 74732030706f6f00
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7463676765632067 6463707063615320 3023414520657461 7473203070656500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 36316465206d6574 737973656c696620 666f20746e756f6d 6e75207473616c20
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3834203130203938 2034362038642037 6620666620666620 6666203861203163
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2037632038342033 6320313020333720 6666206666203066 203130206433203e
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 38343c2035302066 3020383020343220 6334206238206334 2038632039382064
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3420326320393820 6434206163203938 2038342036642039 3820383420376620
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000