./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1634495932

<...>
Warning: Permanently added '10.128.0.102' (ED25519) to the list of known hosts.
execve("./syz-executor1634495932", ["./syz-executor1634495932"], 0x7ffdb3f2cc20 /* 10 vars */) = 0
brk(NULL)                               = 0x55559500a000
brk(0x55559500ad00)                     = 0x55559500ad00
arch_prctl(ARCH_SET_FS, 0x55559500a380) = 0
set_tid_address(0x55559500a650)         = 5840
set_robust_list(0x55559500a660, 24)     = 0
rseq(0x55559500aca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1634495932", 4096) = 28
getrandom("\x42\x60\x3c\xab\x46\xbf\x26\x5f", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55559500ad00
brk(0x55559502bd00)                     = 0x55559502bd00
brk(0x55559502c000)                     = 0x55559502c000
mprotect(0x7f2a1b065000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
executing program
write(1, "executing program\n", 18)     = 18
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2a12a00000
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
munmap(0x7f2a12a00000, 138412032)       = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
close(4)                                = 0
mkdir("./file1", 0777)                  = 0
[   85.381741][ T5840] loop0: detected capacity change from 0 to 32768
[   85.426379][ T5840] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor163 (5840)
[   85.458691][ T5840] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   85.469660][ T5840] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[   85.479545][ T5840] BTRFS info (device loop0): using free-space-tree
[   85.521429][  T163] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[   85.546213][ T5840] BTRFS error (device loop0): failed to load root extent
[   85.554275][ T3009] BTRFS warning (device loop0): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[   85.577332][ T5840] BTRFS error (device loop0): failed to load root free space
[   85.585666][  T163] BTRFS warning (device loop0): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xceda3bc49047826ec4468b88ec74a14d6cd3232f25b2c41331ed48993507590e level 0
[   85.609412][ T3009] BTRFS warning (device loop0): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[   85.639753][ T5840] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] SMP KASAN PTI
[   85.651767][ T5840] KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]
[   85.660209][ T5840] CPU: 0 UID: 0 PID: 5840 Comm: syz-executor163 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[   85.670992][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   85.681090][ T5840] RIP: 0010:btrfs_root_node+0x7f/0x3b0
[   85.686556][ T5840] Code: b7 c3 e3 fd 48 83 c4 08 e8 5e 96 ad 07 89 c5 31 ff 89 c6 e8 c3 bf 05 fe 85 ed 74 17 e8 3a b5 ec fd 84 c0 74 1c e8 71 bb 05 fe <42> 80 3c 2b 00 75 4b eb 51 e8 63 bb 05 fe 42 80 3c 2b 00 75 3d eb
[   85.706163][ T5840] RSP: 0018:ffffc9000403f710 EFLAGS: 00010293
[   85.712230][ T5840] RAX: ffffffff83ba696f RBX: 0000000000000003 RCX: ffff888033858000
[   85.720195][ T5840] RDX: 0000000000000000 RSI: ffffffff8be1c1e0 RDI: ffffffff8be1c1a0
[   85.728163][ T5840] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff83ba692c
[   85.736126][ T5840] R10: dffffc0000000000 R11: ffffed100e6c500e R12: ffffffff83ba692c
[   85.744098][ T5840] R13: dffffc0000000000 R14: 0000000000000018 R15: 0000000000000000
[   85.752071][ T5840] FS:  000055559500a380(0000) GS:ffff888125c51000(0000) knlGS:0000000000000000
[   85.761087][ T5840] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.767674][ T5840] CR2: 000055e309b8c168 CR3: 0000000071dd2000 CR4: 00000000003526f0
[   85.775648][ T5840] Call Trace:
[   85.778931][ T5840]  <TASK>
[   85.781888][ T5840]  btrfs_read_lock_root_node+0x27/0xd0
[   85.787361][ T5840]  btrfs_build_ref_tree+0x110/0x13e0
[   85.792646][ T5840]  ? preempt_schedule_common+0x83/0xd0
[   85.798131][ T5840]  ? preempt_schedule+0xae/0xc0
[   85.802993][ T5840]  ? __pfx_preempt_schedule+0x10/0x10
[   85.808400][ T5840]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   85.814754][ T5840]  ? __pfx_btrfs_read_qgroup_config+0x10/0x10
[   85.820841][ T5840]  ? __pfx_btrfs_build_ref_tree+0x10/0x10
[   85.826568][ T5840]  ? try_to_wake_up+0x81b/0x1290
[   85.831515][ T5840]  open_ctree+0x1d81/0x2800
[   85.836041][ T5840]  ? bdi_register_va+0x58d/0x740
[   85.841003][ T5840]  ? __pfx_open_ctree+0x10/0x10
[   85.845875][ T5840]  ? __pfx_snprintf+0x10/0x10
[   85.850572][ T5840]  btrfs_fill_super+0x19d/0x2e0
[   85.855431][ T5840]  btrfs_get_tree+0x107c/0x1630
[   85.860299][ T5840]  ? __pfx_btrfs_get_tree+0x10/0x10
[   85.865530][ T5840]  ? rcu_is_watching+0x15/0xb0
[   85.870299][ T5840]  vfs_get_tree+0x8f/0x2b0
[   85.874729][ T5840]  fc_mount+0x1c/0xb0
[   85.878726][ T5840]  btrfs_get_tree+0x67d/0x1630
[   85.883499][ T5840]  ? vfs_parse_monolithic_sep+0x2df/0x310
[   85.889232][ T5840]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[   85.894875][ T5840]  ? __pfx_btrfs_get_tree+0x10/0x10
[   85.900070][ T5840]  ? rcu_is_watching+0x15/0xb0
[   85.904842][ T5840]  ? cap_capable+0x11f/0x460
[   85.909443][ T5840]  ? safesetid_security_capable+0xa9/0x1a0
[   85.915270][ T5840]  vfs_get_tree+0x8f/0x2b0
[   85.919698][ T5840]  do_new_mount+0x24a/0xa40
[   85.924219][ T5840]  __se_sys_mount+0x317/0x410
[   85.928901][ T5840]  ? __pfx___se_sys_mount+0x10/0x10
[   85.934101][ T5840]  ? rcu_is_watching+0x15/0xb0
[   85.938879][ T5840]  ? __x64_sys_mount+0x20/0xc0
[   85.943654][ T5840]  do_syscall_64+0xfa/0x3b0
[   85.948157][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.953360][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.959427][ T5840]  ? clear_bhb_loop+0x60/0xb0
[   85.964118][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.970026][ T5840] RIP: 0033:0x7f2a1afeea7a
[   85.974458][ T5840] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   85.994069][ T5840] RSP: 002b:00007fff597c50e8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5
[   86.002496][ T5840] RAX: ffffffffffffffda RBX: 00007fff597c5100 RCX: 00007f2a1afeea7a
[   86.010475][ T5840] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 00007fff597c5100
[   86.018447][ T5840] RBP: 00002000000000c0 R08: 00007fff597c5140 R09: 00000000000055c5
[   86.026460][ T5840] R10: 000000000001c005 R11: 0000000000000282 R12: 0000200000000080
[   86.034435][ T5840] R13: 0000000000000004 R14: 0000000000000003 R15: 00007fff597c5140
[   86.042478][ T5840]  </TASK>
[   86.045518][ T5840] Modules linked in:
[   86.049879][ T5840] ---[ end trace 0000000000000000 ]---
[   86.055630][ T5840] RIP: 0010:btrfs_root_node+0x7f/0x3b0
[   86.061653][ T5840] Code: b7 c3 e3 fd 48 83 c4 08 e8 5e 96 ad 07 89 c5 31 ff 89 c6 e8 c3 bf 05 fe 85 ed 74 17 e8 3a b5 ec fd 84 c0 74 1c e8 71 bb 05 fe <42> 80 3c 2b 00 75 4b eb 51 e8 63 bb 05 fe 42 80 3c 2b 00 75 3d eb
[   86.081345][ T5840] RSP: 0018:ffffc9000403f710 EFLAGS: 00010293
[   86.087472][ T5840] RAX: ffffffff83ba696f RBX: 0000000000000003 RCX: ffff888033858000
[   86.095452][ T5840] RDX: 0000000000000000 RSI: ffffffff8be1c1e0 RDI: ffffffff8be1c1a0
[   86.103514][ T5840] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff83ba692c
[   86.111512][ T5840] R10: dffffc0000000000 R11: ffffed100e6c500e R12: ffffffff83ba692c
[   86.119546][ T5840] R13: dffffc0000000000 R14: 0000000000000018 R15: 0000000000000000
[   86.127555][ T5840] FS:  000055559500a380(0000) GS:ffff888125c51000(0000) knlGS:0000000000000000
[   86.136489][ T5840] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   86.143110][ T5840] CR2: 000055e309b8c168 CR3: 0000000071dd2000 CR4: 00000000003526f0
[   86.151118][ T5840] Kernel panic - not syncing: Fatal exception
[   86.157528][ T5840] Kernel Offset: disabled
[   86.161876][ T5840] Rebooting in 86400 seconds..