syzkaller login: [ 98.376987][ T786] cfg80211: failed to load regulatory.db Warning: Permanently added '[localhost]:2663' (ED25519) to the list of known hosts. executing program [ 102.079174][ T5104] loop0: detected capacity change from 0 to 32768 [ 102.176279][ T5104] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor873 (5104) [ 102.328562][ T5104] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 102.333659][ T5104] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 102.346763][ T5104] BTRFS info (device loop0): using free-space-tree [ 102.541741][ T13] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0 [ 102.552486][ T1028] BTRFS warning (device loop0): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0 [ 102.580044][ T1079] BTRFS warning (device loop0): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xceda3bc49047826ec4468b88ec74a14d6cd3232f25b2c41331ed48993507590e level 0 [ 102.603047][ T13] BTRFS warning (device loop0): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0 [ 102.679349][ T5104] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000041: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 102.684132][ T5104] KASAN: null-ptr-deref in range [0x0000000000000208-0x000000000000020f] [ 102.703702][ T5104] CPU: 0 UID: 0 PID: 5104 Comm: syz-executor873 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 102.708027][ T5104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.726238][ T5104] RIP: 0010:btrfs_search_slot+0xc5/0x30d0 [ 102.728924][ T5104] Code: 08 43 c7 44 2c 10 04 f2 04 f3 e8 f6 ed e6 fd 48 89 5c 24 38 48 81 c3 08 02 00 00 48 89 d8 48 c1 e8 03 48 89 84 24 d0 00 00 00 <42> 80 3c 28 00 74 08 48 89 df e8 5c b2 50 fe 48 8b 03 48 89 84 24 [ 102.751694][ T5104] RSP: 0018:ffffc90002ee79e0 EFLAGS: 00010206 [ 102.754588][ T5104] RAX: 0000000000000041 RBX: 0000000000000208 RCX: ffff8880003ac880 [ 102.758021][ T5104] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 102.770869][ T5104] RBP: ffffc90002ee7bb0 R08: 0000000000000000 R09: 0000000000000000 [ 102.781359][ T5104] R10: dffffc0000000000 R11: ffffed10065b780e R12: 1ffff920005dcf58 [ 102.784656][ T5104] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88803c6b4bb0 [ 102.787726][ T5104] FS: 000055557ee88380(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000 [ 102.791264][ T5104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.812772][ T5104] CR2: 00007ffdf929ff08 CR3: 000000003d5ce000 CR4: 0000000000352ef0 [ 102.819219][ T5104] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 102.822508][ T5104] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 102.836877][ T5104] Call Trace: [ 102.843027][ T5104] [ 102.846818][ T5104] ? __die_body+0x5f/0xb0 [ 102.849777][ T5104] ? die_addr+0xb0/0xe0 [ 102.851554][ T5104] ? exc_general_protection+0x3dd/0x5d0 [ 102.853944][ T5104] ? asm_exc_general_protection+0x26/0x30 [ 102.856328][ T5104] ? btrfs_search_slot+0xc5/0x30d0 [ 102.858483][ T5104] ? __pfx_lock_release+0x10/0x10 [ 102.874751][ T5104] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 102.881788][ T5104] ? __pfx_btrfs_search_slot+0x10/0x10 [ 102.885927][ T5104] ? btrfs_extent_root+0x2a1/0x3b0 [ 102.887818][ T5104] ? __pfx_btrfs_extent_root+0x10/0x10 [ 102.889864][ T5104] extent_from_logical+0x1c8/0x880 [ 102.891738][ T5104] ? __kasan_slab_alloc+0x66/0x80 [ 102.893586][ T5104] ? kmem_cache_alloc_noprof+0x135/0x2a0 [ 102.895658][ T5104] ? btrfs_ioctl_logical_to_ino+0xf3/0x2a0 [ 102.898079][ T5104] ? __pfx_extent_from_logical+0x10/0x10 [ 102.902202][ T5104] iterate_inodes_from_logical+0x13b/0x330 [ 102.921675][ T5104] ? __pfx_iterate_inodes_from_logical+0x10/0x10 [ 102.933063][ T5104] ? btrfs_ioctl_logical_to_ino+0xf3/0x2a0 [ 102.939226][ T5104] ? rcu_is_watching+0x15/0xb0 [ 102.942271][ T5104] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 102.946034][ T5104] ? kmem_cache_alloc_noprof+0x185/0x2a0 [ 102.951084][ T5104] btrfs_ioctl_logical_to_ino+0x133/0x2a0 [ 102.953198][ T5104] ? __pfx_btrfs_ioctl+0x10/0x10 [ 102.955050][ T5104] __se_sys_ioctl+0xf9/0x170 [ 102.956772][ T5104] do_syscall_64+0xf3/0x230 [ 102.958464][ T5104] ? clear_bhb_loop+0x35/0x90 [ 102.960246][ T5104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.977293][ T5104] RIP: 0033:0x7f76047af839 [ 102.979164][ T5104] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 102.995155][ T5104] RSP: 002b:00007ffcf662dfd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 103.014656][ T5104] RAX: ffffffffffffffda RBX: 00007ffcf662e1a8 RCX: 00007f76047af839 [ 103.024747][ T5104] RDX: 0000000020000080 RSI: 00000000c0389424 RDI: 0000000000000004 [ 103.034265][ T5104] RBP: 00007f7604827610 R08: 0000000000000000 R09: 00007ffcf662e1a8 [ 103.039227][ T5104] R10: 000000000000002e R11: 0000000000000246 R12: 0000000000000001 [ 103.042123][ T5104] R13: 00007ffcf662e198 R14: 0000000000000001 R15: 0000000000000001 [ 103.044985][ T5104] [ 103.058538][ T5104] Modules linked in: [ 103.060211][ T5104] ---[ end trace 0000000000000000 ]--- [ 103.128862][ T5104] RIP: 0010:btrfs_search_slot+0xc5/0x30d0 [ 103.135194][ T5104] Code: 08 43 c7 44 2c 10 04 f2 04 f3 e8 f6 ed e6 fd 48 89 5c 24 38 48 81 c3 08 02 00 00 48 89 d8 48 c1 e8 03 48 89 84 24 d0 00 00 00 <42> 80 3c 28 00 74 08 48 89 df e8 5c b2 50 fe 48 8b 03 48 89 84 24 [ 103.168425][ T5104] RSP: 0018:ffffc90002ee79e0 EFLAGS: 00010206 [ 103.226221][ T5104] RAX: 0000000000000041 RBX: 0000000000000208 RCX: ffff8880003ac880 [ 103.230610][ T5104] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 103.234267][ T5104] RBP: ffffc90002ee7bb0 R08: 0000000000000000 R09: 0000000000000000 [ 103.283024][ T5104] R10: dffffc0000000000 R11: ffffed10065b780e R12: 1ffff920005dcf58 [ 103.296796][ T5104] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88803c6b4bb0 [ 103.323911][ T5104] FS: 000055557ee88380(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000 [ 103.328994][ T5104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.332847][ T5104] CR2: 000056048968c008 CR3: 000000003d5ce000 CR4: 0000000000352ef0 [ 103.335773][ T5104] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 103.346185][ T5104] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 103.353155][ T5104] Kernel panic - not syncing: Fatal exception [ 103.355936][ T5104] Kernel Offset: disabled [ 103.364828][ T5104] Rebooting in 86400 seconds.. VM DIAGNOSIS: 03:54:52 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000030 RBX=ffffffff9a715e60 RCX=0000000000000000 RDX=00000000000003f8 RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc90002ee7110 R8 =ffffffff854a6dbb R9 =1ffff110067b0046 R10=dffffc0000000000 R11=ffffffff854a6d70 R12=dffffc0000000000 R13=ffffffff9a410f1e R14=0000000000000030 R15=00000000000003f8 RIP=ffffffff854a6dee RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055557ee88380 ffffffff 00c00000 GS =0000 ffff88801fc00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffdf929ff08 CR3=000000003d5ce000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0000000 Opmask01=0000000000000000 Opmask02=000000000000001f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf662d5d0 00007ffcf662d5b0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf662d710 00007ffcf662d590 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7604819724 00007f760482c260 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf662d5d0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf662d710 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf662d710 00007ffcf662d590 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf662d5d0 00007ffcf662d5b0 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007366727462 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6563726f662d7373 6572706d6f632c64 7261637369646f6e 2c73746f6f726461 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00002c6461657270 735f6473732c636e 7973613d64726163 7369642c6c63612c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000