Warning: Permanently added '[localhost]:12382' (ED25519) to the list of known hosts.
2025/08/13 19:22:30 ignoring optional flag "sandboxArg"="0"
2025/08/13 19:22:32 parsed 1 programs
syzkaller login: [   91.977203][   T54] cfg80211: failed to load regulatory.db
[   92.364673][ T5348] cgroup: Unknown subsys name 'net'
[   92.447241][ T5348] cgroup: Unknown subsys name 'cpuset'
[   92.452810][ T5348] cgroup: Unknown subsys name 'rlimit'
[   94.272266][ T5348] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   98.499976][   T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   98.505922][   T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   98.509584][   T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   98.513474][   T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   98.517554][   T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   99.450725][ T5368] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  102.687243][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.690887][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.071137][ T1036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.099865][ T1036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.905474][ T5416] chnl_net:caif_netlink_parms(): no params data found
[  105.112651][ T5416] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.125734][ T5416] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.129177][ T5416] bridge_slave_0: entered allmulticast mode
[  105.144148][ T5416] bridge_slave_0: entered promiscuous mode
[  105.165710][ T5416] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.169002][ T5416] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.172230][ T5416] bridge_slave_1: entered allmulticast mode
[  105.207156][ T5416] bridge_slave_1: entered promiscuous mode
[  105.330101][ T5416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.352431][ T5416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.439805][ T5416] team0: Port device team_slave_0 added
[  105.444438][ T5416] team0: Port device team_slave_1 added
[  105.526208][ T5416] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.529877][ T5416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.571476][ T5416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.588993][ T5416] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.592637][ T5416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.625630][ T5416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.697720][ T5416] hsr_slave_0: entered promiscuous mode
[  105.706847][ T5416] hsr_slave_1: entered promiscuous mode
[  106.065038][ T5416] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  106.102942][ T5416] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  106.113010][ T5416] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  106.121511][ T5416] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.242389][ T5416] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.279873][ T5416] 8021q: adding VLAN 0 to HW filter on device team0
[  106.307652][ T1036] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.311005][ T1036] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.324630][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.328133][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.579164][ T5416] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.641742][ T5416] veth0_vlan: entered promiscuous mode
[  106.661338][ T5416] veth1_vlan: entered promiscuous mode
[  106.690114][ T5416] veth0_macvtap: entered promiscuous mode
[  106.699635][ T5416] veth1_macvtap: entered promiscuous mode
[  106.717820][ T5416] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.729425][ T5416] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.743247][ T3069] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.754244][ T3069] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.768841][ T3069] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.773779][ T3069] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/08/13 19:22:49 executed programs: 0
[  107.174793][ T4705] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  107.191632][ T4705] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  107.198665][ T4705] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  107.202459][ T4705] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  107.207046][ T4705] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  107.257917][ T5374] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  107.264122][ T5374] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  107.269244][ T5374] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  107.273820][ T5374] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  107.280032][ T5374] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  107.360350][ T4705] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  107.379094][ T5472] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  107.383643][ T5472] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  107.387686][ T5472] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  107.393593][ T5472] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  107.396965][ T5472] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  107.400787][ T5472] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  107.406060][ T5472] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  107.410859][ T5472] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  107.414914][ T5472] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  107.420453][ T5475] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  107.425032][ T5472] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  107.429808][ T5472] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  107.436989][ T5472] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  107.465899][ T5374] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  107.733045][ T5472] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  107.745642][ T5472] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  107.756148][ T5472] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  107.760583][ T5472] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  107.763925][ T5472] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  108.119720][ T3069] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.721548][ T3069] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.948157][ T3069] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.367961][ T5472] Bluetooth: hci0: command tx timeout
[  109.436445][ T5472] Bluetooth: hci1: command tx timeout
[  109.512517][ T5472] Bluetooth: hci3: command tx timeout
[  109.523362][ T5472] Bluetooth: hci2: command tx timeout
[  109.581563][ T5472] Bluetooth: hci4: command tx timeout
[  109.673333][ T3069] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.817523][ T5472] Bluetooth: hci5: command tx timeout
[  110.057551][ T5462] chnl_net:caif_netlink_parms(): no params data found
[  110.573923][ T5462] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.585583][ T5462] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.589768][ T5462] bridge_slave_0: entered allmulticast mode
[  110.593628][ T5462] bridge_slave_0: entered promiscuous mode
[  110.608246][ T5462] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.611546][ T5462] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.614652][ T5462] bridge_slave_1: entered allmulticast mode
[  110.635009][ T5462] bridge_slave_1: entered promiscuous mode
[  110.887068][ T5469] chnl_net:caif_netlink_parms(): no params data found
[  111.020993][ T5462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  111.090720][ T3069] bridge_slave_1: left allmulticast mode
[  111.093537][ T3069] bridge_slave_1: left promiscuous mode
[  111.107218][ T3069] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.119674][ T3069] bridge_slave_0: left allmulticast mode
[  111.122281][ T3069] bridge_slave_0: left promiscuous mode
[  111.125046][ T3069] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.415622][ T5472] Bluetooth: hci0: command tx timeout
[  111.496483][ T5472] Bluetooth: hci1: command tx timeout
[  111.540481][ T3069] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  111.548673][ T3069] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  111.557013][ T3069] bond0 (unregistering): Released all slaves
[  111.570683][ T5462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  111.577458][ T5472] Bluetooth: hci2: command tx timeout
[  111.580024][ T5472] Bluetooth: hci3: command tx timeout
[  111.640549][ T5466] chnl_net:caif_netlink_parms(): no params data found
[  111.656870][ T4705] Bluetooth: hci4: command tx timeout
[  111.682036][ T5470] chnl_net:caif_netlink_parms(): no params data found
[  111.743267][ T3069] hsr_slave_0: left promiscuous mode
[  111.747675][ T3069] hsr_slave_1: left promiscuous mode
[  111.751072][ T3069] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.754423][ T3069] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.761414][ T3069] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  111.764744][ T3069] batman_adv: batadv0: Removing interface: batadv_slave_1
[  111.781484][ T3069] veth1_macvtap: left promiscuous mode
[  111.784218][ T3069] veth0_macvtap: left promiscuous mode
[  111.787521][ T3069] veth1_vlan: left promiscuous mode
[  111.790110][ T3069] veth0_vlan: left promiscuous mode
[  111.898754][ T4705] Bluetooth: hci5: command tx timeout
[  112.160842][ T3069] team0 (unregistering): Port device team_slave_1 removed
[  112.184018][ T3069] team0 (unregistering): Port device team_slave_0 removed
[  112.553937][ T5483] chnl_net:caif_netlink_parms(): no params data found
[  112.571222][ T5467] chnl_net:caif_netlink_parms(): no params data found
[  112.582327][ T5462] team0: Port device team_slave_0 added
[  112.592336][ T5462] team0: Port device team_slave_1 added
[  112.840013][ T5462] batman_adv: batadv0: Adding interface: batadv_slave_0
[  112.844264][ T5462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.861872][ T5462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  112.974090][ T5462] batman_adv: batadv0: Adding interface: batadv_slave_1
[  112.986617][ T5462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.037359][ T5462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.072565][ T5469] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.085037][ T5469] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.099002][ T5469] bridge_slave_0: entered allmulticast mode
[  113.106676][ T5469] bridge_slave_0: entered promiscuous mode
[  113.125766][ T5470] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.128755][ T5470] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.131693][ T5470] bridge_slave_0: entered allmulticast mode
[  113.149577][ T5470] bridge_slave_0: entered promiscuous mode
[  113.164469][ T5470] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.177261][ T5470] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.180835][ T5470] bridge_slave_1: entered allmulticast mode
[  113.208156][ T5470] bridge_slave_1: entered promiscuous mode
[  113.252390][ T5469] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.263241][ T5469] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.277287][ T5469] bridge_slave_1: entered allmulticast mode
[  113.289068][ T5469] bridge_slave_1: entered promiscuous mode
[  113.448042][ T5483] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.451234][ T5483] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.454685][ T5483] bridge_slave_0: entered allmulticast mode
[  113.463255][ T5483] bridge_slave_0: entered promiscuous mode
[  113.498129][ T4705] Bluetooth: hci0: command tx timeout
[  113.501286][ T5466] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.504673][ T5466] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.511232][ T5466] bridge_slave_0: entered allmulticast mode
[  113.519231][ T5466] bridge_slave_0: entered promiscuous mode
[  113.524909][ T5470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  113.534286][ T5469] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  113.543921][ T5469] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  113.570736][ T5483] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.574134][ T5483] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.577726][ T4705] Bluetooth: hci1: command tx timeout
[  113.583803][ T5483] bridge_slave_1: entered allmulticast mode
[  113.588898][ T5483] bridge_slave_1: entered promiscuous mode
[  113.598524][ T5466] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.602033][ T5466] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.612527][ T5466] bridge_slave_1: entered allmulticast mode
[  113.617409][ T5466] bridge_slave_1: entered promiscuous mode
[  113.634872][ T5470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  113.651178][ T5467] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.654632][ T5467] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.658993][ T4705] Bluetooth: hci3: command tx timeout
[  113.662293][ T4705] Bluetooth: hci2: command tx timeout
[  113.670115][ T5467] bridge_slave_0: entered allmulticast mode
[  113.674762][ T5467] bridge_slave_0: entered promiscuous mode
[  113.680876][ T5467] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.684885][ T5467] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.692868][ T5467] bridge_slave_1: entered allmulticast mode
[  113.697423][ T5467] bridge_slave_1: entered promiscuous mode
[  113.735779][ T5472] Bluetooth: hci4: command tx timeout
[  113.776707][ T5469] team0: Port device team_slave_0 added
[  113.782296][ T5469] team0: Port device team_slave_1 added
[  113.793676][ T5462] hsr_slave_0: entered promiscuous mode
[  113.798253][ T5462] hsr_slave_1: entered promiscuous mode
[  113.840520][ T5466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  113.852043][ T5483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  113.980040][ T5472] Bluetooth: hci5: command tx timeout
[  114.379336][ T5483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.414650][ T5466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.482515][ T5470] team0: Port device team_slave_0 added
[  114.502002][ T5470] team0: Port device team_slave_1 added
[  114.531146][ T5467] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.544479][ T5467] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.746005][ T5469] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.749180][ T5469] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.764402][ T5469] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  114.789896][ T5466] team0: Port device team_slave_0 added
[  114.833666][ T5469] batman_adv: batadv0: Adding interface: batadv_slave_1
[  114.841559][ T5469] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.853621][ T5469] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  114.872214][ T5483] team0: Port device team_slave_0 added
[  114.880314][ T5466] team0: Port device team_slave_1 added
[  114.924781][ T5467] team0: Port device team_slave_0 added
[  114.929318][ T5470] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.932799][ T5470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.949929][ T5470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  114.971999][ T5483] team0: Port device team_slave_1 added
[  114.994662][ T5467] team0: Port device team_slave_1 added
[  115.013529][ T5470] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.028753][ T5470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.043082][ T5470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.276433][ T5483] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.280546][ T5483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.315741][ T5483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.352804][ T5466] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.359059][ T5466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.385358][ T5466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.400448][ T5467] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.403762][ T5467] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.445467][ T5467] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.493262][ T5483] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.505380][ T5483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.534330][ T5483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.550067][ T5466] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.553202][ T5466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.570581][ T5466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.576001][ T5472] Bluetooth: hci0: command tx timeout
[  115.579837][ T5467] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.583042][ T5467] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.598606][ T5467] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.608687][ T5469] hsr_slave_0: entered promiscuous mode
[  115.612167][ T5469] hsr_slave_1: entered promiscuous mode
[  115.618637][ T5469] debugfs: 'hsr0' already exists in 'hsr'
[  115.621574][ T5469] Cannot create hsr debugfs directory
[  115.630077][ T5470] hsr_slave_0: entered promiscuous mode
[  115.633589][ T5470] hsr_slave_1: entered promiscuous mode
[  115.640581][ T5470] debugfs: 'hsr0' already exists in 'hsr'
[  115.643261][ T5470] Cannot create hsr debugfs directory
[  115.658064][ T5472] Bluetooth: hci1: command tx timeout
[  115.735792][ T5472] Bluetooth: hci2: command tx timeout
[  115.738310][ T5472] Bluetooth: hci3: command tx timeout
[  115.818934][ T4705] Bluetooth: hci4: command tx timeout
[  115.864269][ T5466] hsr_slave_0: entered promiscuous mode
[  115.867788][ T5466] hsr_slave_1: entered promiscuous mode
[  115.870973][ T5466] debugfs: 'hsr0' already exists in 'hsr'
[  115.873474][ T5466] Cannot create hsr debugfs directory
[  116.055580][ T4705] Bluetooth: hci5: command tx timeout
[  116.130105][ T5467] hsr_slave_0: entered promiscuous mode
[  116.133649][ T5467] hsr_slave_1: entered promiscuous mode
[  116.141630][ T5467] debugfs: 'hsr0' already exists in 'hsr'
[  116.144641][ T5467] Cannot create hsr debugfs directory
[  116.161804][ T5483] hsr_slave_0: entered promiscuous mode
[  116.166189][ T5483] hsr_slave_1: entered promiscuous mode
[  116.169297][ T5483] debugfs: 'hsr0' already exists in 'hsr'
[  116.171541][ T5483] Cannot create hsr debugfs directory
[  117.224433][ T5462] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  117.265038][ T5462] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  117.294473][ T5462] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  117.322603][ T5462] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  117.372287][ T5470] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  117.399347][ T5470] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  117.453731][ T5470] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  117.476362][ T5470] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  117.621288][ T5469] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  117.691950][ T5469] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  117.700311][ T5469] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  117.763771][ T5469] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  117.946231][ T5462] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.991696][ T5467] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  118.011469][ T5467] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  118.069037][ T5467] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  118.153620][ T5462] 8021q: adding VLAN 0 to HW filter on device team0
[  118.180694][ T5467] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  118.278787][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.282119][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.302174][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.305495][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.413175][ T5470] 8021q: adding VLAN 0 to HW filter on device bond0
[  118.431849][ T5483] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  118.522970][ T5483] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  118.573008][ T5470] 8021q: adding VLAN 0 to HW filter on device team0
[  118.649660][ T5483] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  118.661006][ T5483] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  118.689086][ T5462] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  118.780058][   T38] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.783944][   T38] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.807088][   T38] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.810275][   T38] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.894310][ T5469] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.020951][ T5469] 8021q: adding VLAN 0 to HW filter on device team0
[  119.139961][ T5466] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  119.183203][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.186950][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.266221][ T5466] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  119.340179][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.343493][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.377767][ T5466] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  119.384230][ T5466] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  119.553273][ T5462] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.631449][ T5467] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.820486][ T5483] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.881422][ T5467] 8021q: adding VLAN 0 to HW filter on device team0
[  119.939371][ T5483] 8021q: adding VLAN 0 to HW filter on device team0
[  120.056849][ T1036] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.060004][ T1036] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.105654][ T1036] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.108825][ T1036] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.152911][ T1036] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.156357][ T1036] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.191835][ T1036] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.195635][ T1036] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.321615][ T5462] veth0_vlan: entered promiscuous mode
[  120.359649][ T5470] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.459199][ T5462] veth1_vlan: entered promiscuous mode
[  120.559768][ T5466] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.633729][ T5467] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  120.672142][ T5462] veth0_macvtap: entered promiscuous mode
[  120.733963][ T5466] 8021q: adding VLAN 0 to HW filter on device team0
[  120.790324][ T5462] veth1_macvtap: entered promiscuous mode
[  120.812475][ T5469] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.928589][   T38] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.931515][   T38] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.940344][   T38] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.943222][   T38] bridge0: port 2(bridge_slave_1) entered forwarding state
[  121.144369][ T5470] veth0_vlan: entered promiscuous mode
[  121.212978][ T5462] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.262852][ T5470] veth1_vlan: entered promiscuous mode
[  121.311729][ T5462] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.481411][ T5466] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  121.597161][ T1041] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.700197][ T1044] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.704736][ T5470] veth0_macvtap: entered promiscuous mode
[  121.758518][ T1044] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.801126][ T5470] veth1_macvtap: entered promiscuous mode
[  121.821403][ T5483] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.832252][ T5467] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.900881][ T1044] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.914973][ T5470] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.112000][ T5470] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.479280][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.535553][ T5467] veth0_vlan: entered promiscuous mode
[  122.563348][ T5469] veth0_vlan: entered promiscuous mode
[  122.577382][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.613082][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.665658][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.680604][ T5467] veth1_vlan: entered promiscuous mode
[  122.701327][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.710785][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.716448][ T5469] veth1_vlan: entered promiscuous mode
[  122.823219][ T5466] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.880221][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.892513][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.907325][ T5469] veth0_macvtap: entered promiscuous mode
[  122.961348][ T5467] veth0_macvtap: entered promiscuous mode
[  122.969785][ T5469] veth1_macvtap: entered promiscuous mode
[  123.007298][ T5483] veth0_vlan: entered promiscuous mode
[  123.014651][ T5483] veth1_vlan: entered promiscuous mode
2025/08/13 19:23:05 executed programs: 12
[  123.078452][ T5467] veth1_macvtap: entered promiscuous mode
[  123.092830][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.158751][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.241984][ T5469] batman_adv: batadv0: Interface activated: batadv_slave_0
[  123.260482][ T1040] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.273642][ T1040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.296339][ T5467] batman_adv: batadv0: Interface activated: batadv_slave_0
[  123.331798][ T5466] veth0_vlan: entered promiscuous mode
[  123.360695][ T5467] batman_adv: batadv0: Interface activated: batadv_slave_1
[  123.373487][ T5483] veth0_macvtap: entered promiscuous mode
[  123.399764][ T5469] batman_adv: batadv0: Interface activated: batadv_slave_1
[  123.467499][ T5483] veth1_macvtap: entered promiscuous mode
[  123.513957][ T1044] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.531935][ T1044] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.592604][ T1044] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.616661][ T1044] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.635616][ T5466] veth1_vlan: entered promiscuous mode
[  123.708745][ T1044] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.883710][ T1044] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.901377][ T1044] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.940374][ T5483] batman_adv: batadv0: Interface activated: batadv_slave_0
[  123.968378][ T1044] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.017436][ T5703] loop0: detected capacity change from 0 to 32768
[  124.074818][ T5466] veth0_macvtap: entered promiscuous mode
[  124.091954][ T5703] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.17 (5703)
[  124.173518][ T5483] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.257798][ T5703] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  124.303755][ T5703] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  124.379016][ T5466] veth1_macvtap: entered promiscuous mode
[  124.386759][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.391411][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.496721][ T3069] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.605086][ T5466] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.638538][ T5703] BTRFS info (device loop0): rebuilding free space tree
[  124.663613][ T3069] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.685587][ T3069] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.689116][ T3069] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.760452][ T5466] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.810053][ T5703] BTRFS info (device loop0): disabling free space tree
[  124.819807][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.863487][ T5703] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  124.868534][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.881614][ T1040] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.895735][ T5703] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  124.998925][ T1040] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.096892][ T1040] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.117086][ T1044] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.145750][ T1044] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.198360][ T5703] BTRFS info (device loop0): balance: start -d -m
[  125.201789][ T1040] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.218331][ T5727] FAULT_INJECTION: forcing a failure.
[  125.218331][ T5727] name failslab, interval 1, probability 0, space 0, times 1
[  125.224046][ T5727] CPU: 0 UID: 0 PID: 5727 Comm: syz.0.17 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  125.224063][ T5727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.224069][ T5727] Call Trace:
[  125.224076][ T5727]  <TASK>
[  125.224082][ T5727]  dump_stack_lvl+0x189/0x250
[  125.224184][ T5727]  ? __pfx____ratelimit+0x10/0x10
[  125.224228][ T5727]  ? __pfx_dump_stack_lvl+0x10/0x10
[  125.224241][ T5727]  ? __pfx__printk+0x10/0x10
[  125.224262][ T5727]  ? __pfx___might_resched+0x10/0x10
[  125.224304][ T5727]  should_fail_ex+0x414/0x560
[  125.224319][ T5727]  should_failslab+0xa8/0x100
[  125.224334][ T5727]  __kmalloc_cache_noprof+0x70/0x3d0
[  125.224346][ T5727]  ? btrfs_ref_tree_mod+0x24e/0x1ab0
[  125.224360][ T5727]  btrfs_ref_tree_mod+0x24e/0x1ab0
[  125.224392][ T5727]  ? btrfs_alloc_tree_block+0xd9a/0x1290
[  125.224412][ T5727]  ? __pfx_hlock_conflict+0x10/0x10
[  125.224447][ T5727]  ? btrfs_clear_buffer_dirty+0x1ca/0x9b0
[  125.224492][ T5727]  btrfs_free_tree_block+0x2b9/0xcf0
[  125.224514][ T5727]  ? __pfx_btrfs_free_tree_block+0x10/0x10
[  125.224534][ T5727]  ? btrfs_tree_mod_log_insert_root+0xa7/0xb20
[  125.224548][ T5727]  ? __write_extent_buffer+0x277/0x6c0
[  125.224558][ T5727]  ? btrfs_force_cow_block+0x9ee/0x2460
[  125.224574][ T5727]  btrfs_force_cow_block+0xfeb/0x2460
[  125.224585][ T5727]  ? __lock_acquire+0xab9/0xd20
[  125.224616][ T5727]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  125.224632][ T5727]  ? down_write_nested+0x169/0x200
[  125.224644][ T5727]  ? __pfx_down_write_nested+0x10/0x10
[  125.224660][ T5727]  btrfs_cow_block+0x40a/0x9a0
[  125.224680][ T5727]  create_pending_snapshot+0xa3a/0x3280
[  125.224716][ T5727]  ? __pfx_create_pending_snapshot+0x10/0x10
[  125.224728][ T5727]  ? rcu_is_watching+0x15/0xb0
[  125.224740][ T5727]  ? trace_contention_end+0x39/0x120
[  125.224751][ T5727]  ? __mutex_lock+0x335/0x1360
[  125.224775][ T5727]  ? __lock_acquire+0xab9/0xd20
[  125.224788][ T5727]  ? btrfs_commit_transaction+0xedd/0x3950
[  125.224825][ T5727]  create_pending_snapshots+0x17c/0x1c0
[  125.224843][ T5727]  btrfs_commit_transaction+0xeea/0x3950
[  125.224860][ T5727]  ? btrfs_commit_transaction+0x161/0x3950
[  125.224887][ T5727]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  125.224903][ T5727]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  125.224916][ T5727]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  125.224930][ T5727]  ? do_raw_spin_unlock+0x4d/0x240
[  125.224946][ T5727]  ? record_root_in_trans+0x2d8/0x370
[  125.224967][ T5727]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  125.224984][ T5727]  ? start_transaction+0x439/0x1620
[  125.225001][ T5727]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  125.225017][ T5727]  ? btrfs_record_root_in_trans+0x124/0x180
[  125.225033][ T5727]  create_snapshot+0x6bc/0xba0
[  125.225056][ T5727]  btrfs_mksubvol+0x545/0x6d0
[  125.225077][ T5727]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  125.225112][ T5727]  ? __fget_files+0x3a0/0x420
[  125.225130][ T5727]  btrfs_mksnapshot+0xab/0xf0
[  125.225148][ T5727]  __btrfs_ioctl_snap_create+0x520/0x730
[  125.225168][ T5727]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  125.225186][ T5727]  ? rep_movs_alternative+0x4a/0x90
[  125.225198][ T5727]  ? _copy_from_user+0x94/0xb0
[  125.225210][ T5727]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  125.225224][ T5727]  ? __fget_files+0x3a0/0x420
[  125.225241][ T5727]  btrfs_ioctl+0xa62/0xd00
[  125.225254][ T5727]  ? __pfx_btrfs_ioctl+0x10/0x10
[  125.225266][ T5727]  __se_sys_ioctl+0xfc/0x170
[  125.225280][ T5727]  do_syscall_64+0xfa/0x3b0
[  125.225292][ T5727]  ? lockdep_hardirqs_on+0x9c/0x150
[  125.225304][ T5727]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.225315][ T5727]  ? clear_bhb_loop+0x60/0xb0
[  125.225329][ T5727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.225339][ T5727] RIP: 0033:0x7fd74c38ebe9
[  125.225351][ T5727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.225360][ T5727] RSP: 002b:00007fd74d1b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  125.225373][ T5727] RAX: ffffffffffffffda RBX: 00007fd74c5b6090 RCX: 00007fd74c38ebe9
[  125.225380][ T5727] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  125.225386][ T5727] RBP: 00007fd74d1b4090 R08: 0000000000000000 R09: 0000000000000000
[  125.225391][ T5727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  125.225397][ T5727] R13: 00007fd74c5b6128 R14: 00007fd74c5b6090 R15: 00007ffe4eb32388
[  125.225418][ T5727]  </TASK>
[  125.662724][ T1040] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.675075][ T1040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.695637][ T1044] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.699168][ T1044] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.970898][ T1044] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.980151][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.984005][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.995551][ T1044] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.309953][ T3069] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.350983][ T3069] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.441122][ T5703] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  126.993329][ T5703] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  127.152460][ T5703] BTRFS info (device loop0): balance: canceled
[  127.388175][ T5462] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
2025/08/13 19:23:11 executed programs: 21
[  130.212379][ T5743] loop0: detected capacity change from 0 to 32768
[  130.290164][ T5743] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.25 (5743)
[  130.388813][ T5743] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  130.435445][ T5743] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  130.868562][ T5743] BTRFS info (device loop0): rebuilding free space tree
[  131.034364][ T5743] BTRFS info (device loop0): disabling free space tree
[  131.071893][ T5743] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  131.109150][ T5743] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  131.468878][ T5743] BTRFS info (device loop0): balance: start -d -m
[  131.498192][ T5772] FAULT_INJECTION: forcing a failure.
[  131.498192][ T5772] name failslab, interval 1, probability 0, space 0, times 0
[  131.558067][ T5772] CPU: 0 UID: 0 PID: 5772 Comm: syz.0.25 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  131.558087][ T5772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.558092][ T5772] Call Trace:
[  131.558097][ T5772]  <TASK>
[  131.558102][ T5772]  dump_stack_lvl+0x189/0x250
[  131.558139][ T5772]  ? __pfx____ratelimit+0x10/0x10
[  131.558160][ T5772]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.558172][ T5772]  ? __pfx__printk+0x10/0x10
[  131.558188][ T5772]  ? __pfx___might_resched+0x10/0x10
[  131.558204][ T5772]  ? fs_reclaim_acquire+0x7d/0x100
[  131.558220][ T5772]  should_fail_ex+0x414/0x560
[  131.558234][ T5772]  should_failslab+0xa8/0x100
[  131.558248][ T5772]  kmem_cache_alloc_noprof+0x73/0x3c0
[  131.558259][ T5772]  ? alloc_extent_state+0x22/0x2f0
[  131.558276][ T5772]  alloc_extent_state+0x22/0x2f0
[  131.558291][ T5772]  set_extent_bit+0x270/0x21a0
[  131.558322][ T5772]  ? __pfx_set_extent_bit+0x10/0x10
[  131.558342][ T5772]  btrfs_set_extent_bit+0x38/0x50
[  131.558358][ T5772]  btrfs_alloc_tree_block+0x965/0x1290
[  131.558382][ T5772]  ? btrfs_force_cow_block+0x1020/0x2460
[  131.558393][ T5772]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  131.558414][ T5772]  ? read_extent_buffer+0x120/0x5e0
[  131.558431][ T5772]  btrfs_copy_root+0x4a2/0x1090
[  131.558450][ T5772]  ? __pfx_btrfs_copy_root+0x10/0x10
[  131.558459][ T5772]  ? btrfs_cow_block+0x40a/0x9a0
[  131.558480][ T5772]  create_pending_snapshot+0xa76/0x3280
[  131.558512][ T5772]  ? __pfx_create_pending_snapshot+0x10/0x10
[  131.558523][ T5772]  ? rcu_is_watching+0x15/0xb0
[  131.558533][ T5772]  ? trace_contention_end+0x39/0x120
[  131.558544][ T5772]  ? __mutex_lock+0x335/0x1360
[  131.558565][ T5772]  ? __lock_acquire+0xab9/0xd20
[  131.558577][ T5772]  ? btrfs_commit_transaction+0xedd/0x3950
[  131.558600][ T5772]  create_pending_snapshots+0x17c/0x1c0
[  131.558617][ T5772]  btrfs_commit_transaction+0xeea/0x3950
[  131.558632][ T5772]  ? btrfs_commit_transaction+0x161/0x3950
[  131.558665][ T5772]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  131.558680][ T5772]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  131.558692][ T5772]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  131.558700][ T5772]  ? do_raw_spin_unlock+0x4d/0x240
[  131.558710][ T5772]  ? record_root_in_trans+0x2d8/0x370
[  131.558723][ T5772]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  131.558737][ T5772]  ? start_transaction+0x439/0x1620
[  131.558752][ T5772]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  131.558769][ T5772]  ? btrfs_record_root_in_trans+0x124/0x180
[  131.558784][ T5772]  create_snapshot+0x6bc/0xba0
[  131.558806][ T5772]  btrfs_mksubvol+0x545/0x6d0
[  131.558827][ T5772]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  131.558844][ T5772]  ? __fget_files+0x3a0/0x420
[  131.558859][ T5772]  btrfs_mksnapshot+0xab/0xf0
[  131.558876][ T5772]  __btrfs_ioctl_snap_create+0x520/0x730
[  131.558893][ T5772]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  131.558908][ T5772]  ? rep_movs_alternative+0x4a/0x90
[  131.558920][ T5772]  ? _copy_from_user+0x94/0xb0
[  131.558932][ T5772]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  131.558946][ T5772]  ? __fget_files+0x3a0/0x420
[  131.558960][ T5772]  btrfs_ioctl+0xa62/0xd00
[  131.558972][ T5772]  ? __pfx_btrfs_ioctl+0x10/0x10
[  131.558982][ T5772]  __se_sys_ioctl+0xfc/0x170
[  131.558996][ T5772]  do_syscall_64+0xfa/0x3b0
[  131.559008][ T5772]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.559019][ T5772]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.559030][ T5772]  ? clear_bhb_loop+0x60/0xb0
[  131.559043][ T5772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.559052][ T5772] RIP: 0033:0x7fd74c38ebe9
[  131.559063][ T5772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.559071][ T5772] RSP: 002b:00007fd74d1b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.559082][ T5772] RAX: ffffffffffffffda RBX: 00007fd74c5b6090 RCX: 00007fd74c38ebe9
[  131.559089][ T5772] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  131.559095][ T5772] RBP: 00007fd74d1b4090 R08: 0000000000000000 R09: 0000000000000000
[  131.559101][ T5772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  131.559107][ T5772] R13: 00007fd74c5b6128 R14: 00007fd74c5b6090 R15: 00007ffe4eb32388
[  131.559125][ T5772]  </TASK>
[  133.386085][ T5743] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  133.886439][ T5743] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  134.117707][ T5743] BTRFS info (device loop0): balance: canceled
2025/08/13 19:23:16 executed programs: 36
[  134.322712][ T5462] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  136.682299][ T5792] loop0: detected capacity change from 0 to 32768
[  136.778295][ T5792] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.41 (5792)
[  136.854571][ T5792] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  136.894631][ T5792] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  137.245633][ T5792] BTRFS info (device loop0): rebuilding free space tree
[  137.346029][ T5792] BTRFS info (device loop0): disabling free space tree
[  137.376286][ T5792] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  137.380573][ T5792] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  137.679798][ T5792] BTRFS info (device loop0): balance: start -d -m
[  137.693843][ T5819] FAULT_INJECTION: forcing a failure.
[  137.693843][ T5819] name failslab, interval 1, probability 0, space 0, times 0
[  137.765421][ T5819] CPU: 0 UID: 0 PID: 5819 Comm: syz.0.41 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  137.765441][ T5819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.765447][ T5819] Call Trace:
[  137.765452][ T5819]  <TASK>
[  137.765457][ T5819]  dump_stack_lvl+0x189/0x250
[  137.765476][ T5819]  ? __pfx____ratelimit+0x10/0x10
[  137.765491][ T5819]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.765502][ T5819]  ? __pfx__printk+0x10/0x10
[  137.765518][ T5819]  ? __pfx___might_resched+0x10/0x10
[  137.765528][ T5819]  ? fs_reclaim_acquire+0x7d/0x100
[  137.765546][ T5819]  should_fail_ex+0x414/0x560
[  137.765561][ T5819]  should_failslab+0xa8/0x100
[  137.765576][ T5819]  kmem_cache_alloc_noprof+0x73/0x3c0
[  137.765587][ T5819]  ? alloc_extent_state+0x22/0x2f0
[  137.765615][ T5819]  alloc_extent_state+0x22/0x2f0
[  137.765630][ T5819]  set_extent_bit+0x270/0x21a0
[  137.765661][ T5819]  ? __pfx_set_extent_bit+0x10/0x10
[  137.765681][ T5819]  btrfs_set_extent_bit+0x38/0x50
[  137.765697][ T5819]  btrfs_alloc_tree_block+0x965/0x1290
[  137.765721][ T5819]  ? btrfs_force_cow_block+0x1020/0x2460
[  137.765732][ T5819]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  137.765753][ T5819]  ? read_extent_buffer+0x120/0x5e0
[  137.765770][ T5819]  btrfs_copy_root+0x4a2/0x1090
[  137.765791][ T5819]  ? __pfx_btrfs_copy_root+0x10/0x10
[  137.765800][ T5819]  ? btrfs_cow_block+0x40a/0x9a0
[  137.765821][ T5819]  create_pending_snapshot+0xa76/0x3280
[  137.765850][ T5819]  ? __pfx_create_pending_snapshot+0x10/0x10
[  137.765862][ T5819]  ? rcu_is_watching+0x15/0xb0
[  137.765873][ T5819]  ? trace_contention_end+0x39/0x120
[  137.765886][ T5819]  ? __mutex_lock+0x335/0x1360
[  137.765908][ T5819]  ? __lock_acquire+0xab9/0xd20
[  137.765920][ T5819]  ? btrfs_commit_transaction+0xedd/0x3950
[  137.765947][ T5819]  create_pending_snapshots+0x17c/0x1c0
[  137.765962][ T5819]  btrfs_commit_transaction+0xeea/0x3950
[  137.765977][ T5819]  ? btrfs_commit_transaction+0x161/0x3950
[  137.766001][ T5819]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  137.766016][ T5819]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  137.766028][ T5819]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  137.766041][ T5819]  ? do_raw_spin_unlock+0x4d/0x240
[  137.766055][ T5819]  ? record_root_in_trans+0x2d8/0x370
[  137.766075][ T5819]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  137.766090][ T5819]  ? start_transaction+0x439/0x1620
[  137.766105][ T5819]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  137.766122][ T5819]  ? btrfs_record_root_in_trans+0x124/0x180
[  137.766137][ T5819]  create_snapshot+0x6bc/0xba0
[  137.766161][ T5819]  btrfs_mksubvol+0x545/0x6d0
[  137.766181][ T5819]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  137.766197][ T5819]  ? __fget_files+0x3a0/0x420
[  137.766212][ T5819]  btrfs_mksnapshot+0xab/0xf0
[  137.766228][ T5819]  __btrfs_ioctl_snap_create+0x520/0x730
[  137.766248][ T5819]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  137.766264][ T5819]  ? rep_movs_alternative+0x4a/0x90
[  137.766276][ T5819]  ? _copy_from_user+0x94/0xb0
[  137.766287][ T5819]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  137.766299][ T5819]  ? __fget_files+0x3a0/0x420
[  137.766315][ T5819]  btrfs_ioctl+0xa62/0xd00
[  137.766327][ T5819]  ? __pfx_btrfs_ioctl+0x10/0x10
[  137.766339][ T5819]  __se_sys_ioctl+0xfc/0x170
[  137.766351][ T5819]  do_syscall_64+0xfa/0x3b0
[  137.766363][ T5819]  ? lockdep_hardirqs_on+0x9c/0x150
[  137.766371][ T5819]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.766377][ T5819]  ? clear_bhb_loop+0x60/0xb0
[  137.766386][ T5819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.766392][ T5819] RIP: 0033:0x7fd74c38ebe9
[  137.766400][ T5819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.766407][ T5819] RSP: 002b:00007fd74d1b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  137.766419][ T5819] RAX: ffffffffffffffda RBX: 00007fd74c5b6090 RCX: 00007fd74c38ebe9
[  137.766426][ T5819] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  137.766432][ T5819] RBP: 00007fd74d1b4090 R08: 0000000000000000 R09: 0000000000000000
[  137.766437][ T5819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  137.766466][ T5819] R13: 00007fd74c5b6128 R14: 00007fd74c5b6090 R15: 00007ffe4eb32388
[  137.766486][ T5819]  </TASK>
[  138.108284][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  138.111365][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  138.325828][ T5792] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  139.035581][ T5792] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  139.237445][ T5792] BTRFS info (device loop0): balance: canceled
2025/08/13 19:23:22 executed programs: 46
[  139.583314][ T5462] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  141.763913][ T5831] loop0: detected capacity change from 0 to 32768
[  141.970578][ T5831] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.51 (5831)
[  142.044150][ T5831] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  142.102944][ T5831] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  142.497489][ T5831] BTRFS info (device loop0): rebuilding free space tree
[  142.613627][ T5831] BTRFS info (device loop0): disabling free space tree
[  142.655526][ T5831] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  142.709240][ T5831] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  142.895934][ T5831] BTRFS info (device loop0): balance: start -d -m
[  142.908651][ T5859] FAULT_INJECTION: forcing a failure.
[  142.908651][ T5859] name failslab, interval 1, probability 0, space 0, times 0
[  142.970418][ T5859] CPU: 0 UID: 0 PID: 5859 Comm: syz.0.51 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  142.970437][ T5859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  142.970444][ T5859] Call Trace:
[  142.970449][ T5859]  <TASK>
[  142.970455][ T5859]  dump_stack_lvl+0x189/0x250
[  142.970555][ T5859]  ? __pfx____ratelimit+0x10/0x10
[  142.970601][ T5859]  ? __pfx_dump_stack_lvl+0x10/0x10
[  142.970624][ T5859]  ? __pfx__printk+0x10/0x10
[  142.970641][ T5859]  ? __pfx___might_resched+0x10/0x10
[  142.970682][ T5859]  ? fs_reclaim_acquire+0x7d/0x100
[  142.970699][ T5859]  should_fail_ex+0x414/0x560
[  142.970715][ T5859]  should_failslab+0xa8/0x100
[  142.970730][ T5859]  kmem_cache_alloc_noprof+0x73/0x3c0
[  142.970742][ T5859]  ? alloc_extent_state+0x22/0x2f0
[  142.970760][ T5859]  alloc_extent_state+0x22/0x2f0
[  142.970777][ T5859]  set_extent_bit+0x270/0x21a0
[  142.970808][ T5859]  ? __pfx_set_extent_bit+0x10/0x10
[  142.970829][ T5859]  btrfs_set_extent_bit+0x38/0x50
[  142.970844][ T5859]  btrfs_alloc_tree_block+0x965/0x1290
[  142.970866][ T5859]  ? btrfs_force_cow_block+0x1020/0x2460
[  142.970877][ T5859]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  142.970896][ T5859]  ? read_extent_buffer+0x120/0x5e0
[  142.970914][ T5859]  btrfs_copy_root+0x4a2/0x1090
[  142.970934][ T5859]  ? __pfx_btrfs_copy_root+0x10/0x10
[  142.970943][ T5859]  ? btrfs_cow_block+0x40a/0x9a0
[  142.970963][ T5859]  create_pending_snapshot+0xa76/0x3280
[  142.970997][ T5859]  ? __pfx_create_pending_snapshot+0x10/0x10
[  142.971009][ T5859]  ? rcu_is_watching+0x15/0xb0
[  142.971021][ T5859]  ? trace_contention_end+0x39/0x120
[  142.971032][ T5859]  ? __mutex_lock+0x335/0x1360
[  142.971056][ T5859]  ? __lock_acquire+0xab9/0xd20
[  142.971067][ T5859]  ? btrfs_commit_transaction+0xedd/0x3950
[  142.971093][ T5859]  create_pending_snapshots+0x17c/0x1c0
[  142.971111][ T5859]  btrfs_commit_transaction+0xeea/0x3950
[  142.971128][ T5859]  ? btrfs_commit_transaction+0x161/0x3950
[  142.971153][ T5859]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  142.971168][ T5859]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  142.971181][ T5859]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  142.971253][ T5859]  ? do_raw_spin_unlock+0x4d/0x240
[  142.971269][ T5859]  ? record_root_in_trans+0x2d8/0x370
[  142.971288][ T5859]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  142.971304][ T5859]  ? start_transaction+0x439/0x1620
[  142.971319][ T5859]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  142.971334][ T5859]  ? btrfs_record_root_in_trans+0x124/0x180
[  142.971349][ T5859]  create_snapshot+0x6bc/0xba0
[  142.971372][ T5859]  btrfs_mksubvol+0x545/0x6d0
[  142.971393][ T5859]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  142.971409][ T5859]  ? __fget_files+0x3a0/0x420
[  142.971425][ T5859]  btrfs_mksnapshot+0xab/0xf0
[  142.971466][ T5859]  __btrfs_ioctl_snap_create+0x520/0x730
[  142.971486][ T5859]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  142.971501][ T5859]  ? rep_movs_alternative+0x4a/0x90
[  142.971512][ T5859]  ? _copy_from_user+0x94/0xb0
[  142.971525][ T5859]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  142.971538][ T5859]  ? __fget_files+0x3a0/0x420
[  142.971551][ T5859]  btrfs_ioctl+0xa62/0xd00
[  142.971563][ T5859]  ? __pfx_btrfs_ioctl+0x10/0x10
[  142.971575][ T5859]  __se_sys_ioctl+0xfc/0x170
[  142.971589][ T5859]  do_syscall_64+0xfa/0x3b0
[  142.971603][ T5859]  ? lockdep_hardirqs_on+0x9c/0x150
[  142.971625][ T5859]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.971635][ T5859]  ? clear_bhb_loop+0x60/0xb0
[  142.971649][ T5859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.971659][ T5859] RIP: 0033:0x7fd74c38ebe9
[  142.971671][ T5859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.971679][ T5859] RSP: 002b:00007fd74d1b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  142.971696][ T5859] RAX: ffffffffffffffda RBX: 00007fd74c5b6090 RCX: 00007fd74c38ebe9
[  142.971703][ T5859] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  142.971709][ T5859] RBP: 00007fd74d1b4090 R08: 0000000000000000 R09: 0000000000000000
[  142.971715][ T5859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  142.971721][ T5859] R13: 00007fd74c5b6128 R14: 00007fd74c5b6090 R15: 00007ffe4eb32388
[  142.971740][ T5859]  </TASK>
[  143.515842][ T5831] BTRFS info (device loop0): balance: canceled
[  143.848818][ T5462] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
2025/08/13 19:23:27 executed programs: 59
[  145.831368][ T5868] loop0: detected capacity change from 0 to 32768
[  145.915765][ T5868] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.61 (5868)
[  146.024014][ T5868] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  146.048692][ T5868] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  146.339957][ T5868] BTRFS info (device loop0): rebuilding free space tree
[  146.419974][ T5868] BTRFS info (device loop0): disabling free space tree
[  146.423292][ T5868] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  146.483018][ T5868] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  146.725448][ T5868] BTRFS info (device loop0): balance: start -d -m
[  146.761876][ T5899] FAULT_INJECTION: forcing a failure.
[  146.761876][ T5899] name failslab, interval 1, probability 0, space 0, times 0
[  146.818854][ T5899] CPU: 0 UID: 0 PID: 5899 Comm: syz.0.61 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  146.818875][ T5899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.818884][ T5899] Call Trace:
[  146.818889][ T5899]  <TASK>
[  146.818893][ T5899]  dump_stack_lvl+0x189/0x250
[  146.818930][ T5899]  ? __pfx____ratelimit+0x10/0x10
[  146.818952][ T5899]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.818964][ T5899]  ? __pfx__printk+0x10/0x10
[  146.818981][ T5899]  ? __pfx___might_resched+0x10/0x10
[  146.818997][ T5899]  ? fs_reclaim_acquire+0x7d/0x100
[  146.819016][ T5899]  should_fail_ex+0x414/0x560
[  146.819035][ T5899]  should_failslab+0xa8/0x100
[  146.819052][ T5899]  kmem_cache_alloc_noprof+0x73/0x3c0
[  146.819065][ T5899]  ? alloc_extent_state+0x22/0x2f0
[  146.819081][ T5899]  alloc_extent_state+0x22/0x2f0
[  146.819097][ T5899]  set_extent_bit+0x270/0x21a0
[  146.819127][ T5899]  ? __pfx_set_extent_bit+0x10/0x10
[  146.819148][ T5899]  btrfs_set_extent_bit+0x38/0x50
[  146.819194][ T5899]  btrfs_alloc_tree_block+0x965/0x1290
[  146.819218][ T5899]  ? btrfs_force_cow_block+0x1020/0x2460
[  146.819231][ T5899]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  146.819253][ T5899]  ? read_extent_buffer+0x120/0x5e0
[  146.819273][ T5899]  btrfs_copy_root+0x4a2/0x1090
[  146.819295][ T5899]  ? __pfx_btrfs_copy_root+0x10/0x10
[  146.819306][ T5899]  ? btrfs_cow_block+0x40a/0x9a0
[  146.819329][ T5899]  create_pending_snapshot+0xa76/0x3280
[  146.819365][ T5899]  ? __pfx_create_pending_snapshot+0x10/0x10
[  146.819378][ T5899]  ? rcu_is_watching+0x15/0xb0
[  146.819391][ T5899]  ? trace_contention_end+0x39/0x120
[  146.819404][ T5899]  ? __mutex_lock+0x335/0x1360
[  146.819428][ T5899]  ? __lock_acquire+0xab9/0xd20
[  146.819443][ T5899]  ? btrfs_commit_transaction+0xedd/0x3950
[  146.819470][ T5899]  create_pending_snapshots+0x17c/0x1c0
[  146.819489][ T5899]  btrfs_commit_transaction+0xeea/0x3950
[  146.819506][ T5899]  ? btrfs_commit_transaction+0x161/0x3950
[  146.819532][ T5899]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  146.819549][ T5899]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  146.819563][ T5899]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  146.819578][ T5899]  ? do_raw_spin_unlock+0x4d/0x240
[  146.819595][ T5899]  ? record_root_in_trans+0x2d8/0x370
[  146.819614][ T5899]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  146.819640][ T5899]  ? start_transaction+0x439/0x1620
[  146.819658][ T5899]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  146.819676][ T5899]  ? btrfs_record_root_in_trans+0x124/0x180
[  146.819692][ T5899]  create_snapshot+0x6bc/0xba0
[  146.819717][ T5899]  btrfs_mksubvol+0x545/0x6d0
[  146.819740][ T5899]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  146.819757][ T5899]  ? __fget_files+0x3a0/0x420
[  146.819775][ T5899]  btrfs_mksnapshot+0xab/0xf0
[  146.819794][ T5899]  __btrfs_ioctl_snap_create+0x520/0x730
[  146.819815][ T5899]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  146.819849][ T5899]  ? rep_movs_alternative+0x4a/0x90
[  146.819862][ T5899]  ? _copy_from_user+0x94/0xb0
[  146.819875][ T5899]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  146.819890][ T5899]  ? __fget_files+0x3a0/0x420
[  146.819907][ T5899]  btrfs_ioctl+0xa62/0xd00
[  146.819920][ T5899]  ? __pfx_btrfs_ioctl+0x10/0x10
[  146.819932][ T5899]  __se_sys_ioctl+0xfc/0x170
[  146.819947][ T5899]  do_syscall_64+0xfa/0x3b0
[  146.819961][ T5899]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.819973][ T5899]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.819985][ T5899]  ? clear_bhb_loop+0x60/0xb0
[  146.820000][ T5899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.820011][ T5899] RIP: 0033:0x7fd74c38ebe9
[  146.820023][ T5899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.820031][ T5899] RSP: 002b:00007fd74d1b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  146.820044][ T5899] RAX: ffffffffffffffda RBX: 00007fd74c5b6090 RCX: 00007fd74c38ebe9
[  146.820051][ T5899] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  146.820059][ T5899] RBP: 00007fd74d1b4090 R08: 0000000000000000 R09: 0000000000000000
[  146.820064][ T5899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  146.820071][ T5899] R13: 00007fd74c5b6128 R14: 00007fd74c5b6090 R15: 00007ffe4eb32388
[  146.820092][ T5899]  </TASK>
[  147.162510][ T5868] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  147.972106][ T5868] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  148.186317][ T5868] BTRFS info (device loop0): balance: canceled
[  148.381056][ T5462] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  150.724891][ T5916] loop0: detected capacity change from 0 to 32768
2025/08/13 19:23:33 executed programs: 73
[  150.809863][ T5916] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.72 (5916)
[  150.926300][ T5916] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  150.952081][ T5916] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  151.269450][ T5916] BTRFS info (device loop0): rebuilding free space tree
[  151.380404][ T5916] BTRFS info (device loop0): disabling free space tree
[  151.383495][ T5916] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  151.443461][ T5916] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  151.633659][ T5916] BTRFS info (device loop0): balance: start -d -m
[  151.676566][ T5943] FAULT_INJECTION: forcing a failure.
[  151.676566][ T5943] name failslab, interval 1, probability 0, space 0, times 0
[  151.682191][ T5943] CPU: 0 UID: 0 PID: 5943 Comm: syz.0.72 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  151.682210][ T5943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.682217][ T5943] Call Trace:
[  151.682225][ T5943]  <TASK>
[  151.682231][ T5943]  dump_stack_lvl+0x189/0x250
[  151.682270][ T5943]  ? __pfx____ratelimit+0x10/0x10
[  151.682291][ T5943]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.682303][ T5943]  ? __pfx__printk+0x10/0x10
[  151.682320][ T5943]  ? __pfx___might_resched+0x10/0x10
[  151.682336][ T5943]  ? fs_reclaim_acquire+0x7d/0x100
[  151.682353][ T5943]  should_fail_ex+0x414/0x560
[  151.682370][ T5943]  should_failslab+0xa8/0x100
[  151.682386][ T5943]  kmem_cache_alloc_noprof+0x73/0x3c0
[  151.682398][ T5943]  ? alloc_extent_state+0x22/0x2f0
[  151.682414][ T5943]  alloc_extent_state+0x22/0x2f0
[  151.682430][ T5943]  set_extent_bit+0x270/0x21a0
[  151.682457][ T5943]  ? __pfx_set_extent_bit+0x10/0x10
[  151.682478][ T5943]  btrfs_set_extent_bit+0x38/0x50
[  151.682495][ T5943]  btrfs_alloc_tree_block+0x965/0x1290
[  151.682517][ T5943]  ? btrfs_force_cow_block+0x1020/0x2460
[  151.682528][ T5943]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  151.682550][ T5943]  ? read_extent_buffer+0x120/0x5e0
[  151.682567][ T5943]  btrfs_copy_root+0x4a2/0x1090
[  151.682588][ T5943]  ? __pfx_btrfs_copy_root+0x10/0x10
[  151.682596][ T5943]  ? btrfs_cow_block+0x40a/0x9a0
[  151.682615][ T5943]  create_pending_snapshot+0xa76/0x3280
[  151.682647][ T5943]  ? __pfx_create_pending_snapshot+0x10/0x10
[  151.682659][ T5943]  ? rcu_is_watching+0x15/0xb0
[  151.682671][ T5943]  ? trace_contention_end+0x39/0x120
[  151.682682][ T5943]  ? __mutex_lock+0x335/0x1360
[  151.682703][ T5943]  ? __lock_acquire+0xab9/0xd20
[  151.682715][ T5943]  ? btrfs_commit_transaction+0xedd/0x3950
[  151.682739][ T5943]  create_pending_snapshots+0x17c/0x1c0
[  151.682758][ T5943]  btrfs_commit_transaction+0xeea/0x3950
[  151.682774][ T5943]  ? btrfs_commit_transaction+0x161/0x3950
[  151.682800][ T5943]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  151.682816][ T5943]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  151.682835][ T5943]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  151.682847][ T5943]  ? do_raw_spin_unlock+0x4d/0x240
[  151.682864][ T5943]  ? record_root_in_trans+0x2d8/0x370
[  151.682883][ T5943]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  151.682899][ T5943]  ? start_transaction+0x439/0x1620
[  151.682913][ T5943]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  151.682930][ T5943]  ? btrfs_record_root_in_trans+0x124/0x180
[  151.682945][ T5943]  create_snapshot+0x6bc/0xba0
[  151.682970][ T5943]  btrfs_mksubvol+0x545/0x6d0
[  151.682990][ T5943]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  151.683006][ T5943]  ? __fget_files+0x3a0/0x420
[  151.683023][ T5943]  btrfs_mksnapshot+0xab/0xf0
[  151.683042][ T5943]  __btrfs_ioctl_snap_create+0x520/0x730
[  151.683061][ T5943]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  151.683078][ T5943]  ? rep_movs_alternative+0x4a/0x90
[  151.683091][ T5943]  ? _copy_from_user+0x94/0xb0
[  151.683102][ T5943]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  151.683144][ T5943]  ? __fget_files+0x3a0/0x420
[  151.683161][ T5943]  btrfs_ioctl+0xa62/0xd00
[  151.683174][ T5943]  ? __pfx_btrfs_ioctl+0x10/0x10
[  151.683184][ T5943]  __se_sys_ioctl+0xfc/0x170
[  151.683197][ T5943]  do_syscall_64+0xfa/0x3b0
[  151.683211][ T5943]  ? lockdep_hardirqs_on+0x9c/0x150
[  151.683222][ T5943]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.683233][ T5943]  ? clear_bhb_loop+0x60/0xb0
[  151.683245][ T5943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.683255][ T5943] RIP: 0033:0x7fd74c38ebe9
[  151.683269][ T5943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.683277][ T5943] RSP: 002b:00007fd74d1b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  151.683290][ T5943] RAX: ffffffffffffffda RBX: 00007fd74c5b6090 RCX: 00007fd74c38ebe9
[  151.683297][ T5943] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  151.683303][ T5943] RBP: 00007fd74d1b4090 R08: 0000000000000000 R09: 0000000000000000
[  151.683309][ T5943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  151.683314][ T5943] R13: 00007fd74c5b6128 R14: 00007fd74c5b6090 R15: 00007ffe4eb32388
[  151.683332][ T5943]  </TASK>
[  153.569848][ T5916] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  153.892938][ T5916] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  154.156485][ T5916] BTRFS info (device loop0): balance: canceled
[  154.349441][ T5462] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
2025/08/13 19:23:38 executed programs: 87
[  156.792860][ T5958] loop0: detected capacity change from 0 to 32768
[  156.900839][ T5958] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.88 (5958)
[  156.989534][ T5958] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  157.059426][ T5958] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  157.416003][ T5958] BTRFS info (device loop0): rebuilding free space tree
[  157.503525][ T5958] BTRFS info (device loop0): disabling free space tree
[  157.556325][ T5958] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  157.560481][ T5958] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  157.792042][ T5958] BTRFS info (device loop0): balance: start -d -m
[  157.859053][ T5989] FAULT_INJECTION: forcing a failure.
[  157.859053][ T5989] name failslab, interval 1, probability 0, space 0, times 0
[  157.864695][ T5989] CPU: 0 UID: 0 PID: 5989 Comm: syz.0.88 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  157.864713][ T5989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.864719][ T5989] Call Trace:
[  157.864727][ T5989]  <TASK>
[  157.864732][ T5989]  dump_stack_lvl+0x189/0x250
[  157.864750][ T5989]  ? __pfx____ratelimit+0x10/0x10
[  157.864765][ T5989]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.864777][ T5989]  ? __pfx__printk+0x10/0x10
[  157.864793][ T5989]  ? __pfx___might_resched+0x10/0x10
[  157.864804][ T5989]  ? fs_reclaim_acquire+0x7d/0x100
[  157.864822][ T5989]  should_fail_ex+0x414/0x560
[  157.864840][ T5989]  should_failslab+0xa8/0x100
[  157.864855][ T5989]  kmem_cache_alloc_noprof+0x73/0x3c0
[  157.864866][ T5989]  ? add_delayed_ref+0x11a/0x1d80
[  157.864885][ T5989]  add_delayed_ref+0x11a/0x1d80
[  157.864899][ T5989]  ? do_raw_spin_unlock+0x4d/0x240
[  157.864933][ T5989]  btrfs_free_tree_block+0x2c6/0xcf0
[  157.864955][ T5989]  ? __pfx_btrfs_free_tree_block+0x10/0x10
[  157.864993][ T5989]  ? btrfs_tree_mod_log_insert_root+0xa7/0xb20
[  157.865007][ T5989]  ? __write_extent_buffer+0x277/0x6c0
[  157.865018][ T5989]  ? btrfs_force_cow_block+0x9ee/0x2460
[  157.865033][ T5989]  btrfs_force_cow_block+0xfeb/0x2460
[  157.865045][ T5989]  ? __lock_acquire+0xab9/0xd20
[  157.865074][ T5989]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  157.865089][ T5989]  ? down_write_nested+0x169/0x200
[  157.865100][ T5989]  ? __pfx_down_write_nested+0x10/0x10
[  157.865116][ T5989]  btrfs_cow_block+0x40a/0x9a0
[  157.865137][ T5989]  create_pending_snapshot+0xa3a/0x3280
[  157.865170][ T5989]  ? __pfx_create_pending_snapshot+0x10/0x10
[  157.865181][ T5989]  ? rcu_is_watching+0x15/0xb0
[  157.865191][ T5989]  ? trace_contention_end+0x39/0x120
[  157.865202][ T5989]  ? __mutex_lock+0x335/0x1360
[  157.865223][ T5989]  ? __lock_acquire+0xab9/0xd20
[  157.865234][ T5989]  ? btrfs_commit_transaction+0xedd/0x3950
[  157.865261][ T5989]  create_pending_snapshots+0x17c/0x1c0
[  157.865279][ T5989]  btrfs_commit_transaction+0xeea/0x3950
[  157.865295][ T5989]  ? btrfs_commit_transaction+0x161/0x3950
[  157.865317][ T5989]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  157.865331][ T5989]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  157.865344][ T5989]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  157.865356][ T5989]  ? do_raw_spin_unlock+0x4d/0x240
[  157.865372][ T5989]  ? record_root_in_trans+0x2d8/0x370
[  157.865391][ T5989]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  157.865408][ T5989]  ? start_transaction+0x439/0x1620
[  157.865422][ T5989]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  157.865439][ T5989]  ? btrfs_record_root_in_trans+0x124/0x180
[  157.865454][ T5989]  create_snapshot+0x6bc/0xba0
[  157.865485][ T5989]  btrfs_mksubvol+0x545/0x6d0
[  157.865506][ T5989]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  157.865523][ T5989]  ? __fget_files+0x3a0/0x420
[  157.865540][ T5989]  btrfs_mksnapshot+0xab/0xf0
[  157.865558][ T5989]  __btrfs_ioctl_snap_create+0x520/0x730
[  157.865578][ T5989]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  157.865593][ T5989]  ? rep_movs_alternative+0x4a/0x90
[  157.865606][ T5989]  ? _copy_from_user+0x94/0xb0
[  157.865618][ T5989]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  157.865633][ T5989]  ? __fget_files+0x3a0/0x420
[  157.865648][ T5989]  btrfs_ioctl+0xa62/0xd00
[  157.865661][ T5989]  ? __pfx_btrfs_ioctl+0x10/0x10
[  157.865673][ T5989]  __se_sys_ioctl+0xfc/0x170
[  157.865685][ T5989]  do_syscall_64+0xfa/0x3b0
[  157.865699][ T5989]  ? lockdep_hardirqs_on+0x9c/0x150
[  157.865710][ T5989]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.865721][ T5989]  ? clear_bhb_loop+0x60/0xb0
[  157.865733][ T5989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.865743][ T5989] RIP: 0033:0x7fd74c38ebe9
[  157.865755][ T5989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.865763][ T5989] RSP: 002b:00007fd74d1b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  157.865775][ T5989] RAX: ffffffffffffffda RBX: 00007fd74c5b6090 RCX: 00007fd74c38ebe9
[  157.865783][ T5989] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  157.865789][ T5989] RBP: 00007fd74d1b4090 R08: 0000000000000000 R09: 0000000000000000
[  157.865796][ T5989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  157.865802][ T5989] R13: 00007fd74c5b6128 R14: 00007fd74c5b6090 R15: 00007ffe4eb32388
[  157.865822][ T5989]  </TASK>
[  159.446363][ T5989] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  159.518485][ T5958] BTRFS info (device loop0 state A): balance: ended with status: -12
[  159.549257][ T5958] BTRFS: error (device loop0 state A) in reset_balance_state:3812: errno=-12 Out of memory
[  159.598824][ T5958] BTRFS info (device loop0 state EA): forced readonly
[  159.625548][ T5989] BTRFS: error (device loop0 state EA) in btrfs_force_cow_block:571: errno=-12 Out of memory
[  159.695380][ T5989] BTRFS: error (device loop0 state EA) in create_pending_snapshot:1795: errno=-12 Out of memory
[  159.703090][ T5989] BTRFS warning (device loop0 state EA): Skipping commit of aborted transaction.
[  159.752686][ T5989] BTRFS: error (device loop0 state EA) in cleanup_transaction:2023: errno=-12 Out of memory
[  159.857956][ T5462] BTRFS info (device loop0 state EA): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
2025/08/13 19:23:44 executed programs: 100
[  162.125059][ T6008] loop0: detected capacity change from 0 to 32768
[  162.148749][ T6008] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.101 (6008)
[  162.230859][ T6008] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  162.262843][ T6008] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  162.552181][ T6008] BTRFS info (device loop0): rebuilding free space tree
[  162.676180][ T6008] BTRFS info (device loop0): disabling free space tree
[  162.695918][ T6008] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  162.728040][ T6008] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  162.905839][ T6008] BTRFS info (device loop0): balance: start -d -m
[  162.952977][ T6035] FAULT_INJECTION: forcing a failure.
[  162.952977][ T6035] name failslab, interval 1, probability 0, space 0, times 0
[  163.025511][ T6035] CPU: 0 UID: 0 PID: 6035 Comm: syz.0.101 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  163.025532][ T6035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.025539][ T6035] Call Trace:
[  163.025544][ T6035]  <TASK>
[  163.025550][ T6035]  dump_stack_lvl+0x189/0x250
[  163.025569][ T6035]  ? __pfx____ratelimit+0x10/0x10
[  163.025585][ T6035]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.025598][ T6035]  ? __pfx__printk+0x10/0x10
[  163.025616][ T6035]  ? __pfx___might_resched+0x10/0x10
[  163.025627][ T6035]  ? fs_reclaim_acquire+0x7d/0x100
[  163.025646][ T6035]  should_fail_ex+0x414/0x560
[  163.025663][ T6035]  should_failslab+0xa8/0x100
[  163.025680][ T6035]  kmem_cache_alloc_noprof+0x73/0x3c0
[  163.025693][ T6035]  ? alloc_extent_state+0x22/0x2f0
[  163.025712][ T6035]  alloc_extent_state+0x22/0x2f0
[  163.025727][ T6035]  set_extent_bit+0x270/0x21a0
[  163.025760][ T6035]  ? __pfx_set_extent_bit+0x10/0x10
[  163.025784][ T6035]  btrfs_set_extent_bit+0x38/0x50
[  163.025802][ T6035]  btrfs_alloc_tree_block+0x965/0x1290
[  163.025828][ T6035]  ? btrfs_force_cow_block+0x1020/0x2460
[  163.025841][ T6035]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  163.025863][ T6035]  ? read_extent_buffer+0x120/0x5e0
[  163.025884][ T6035]  btrfs_copy_root+0x4a2/0x1090
[  163.025906][ T6035]  ? __pfx_btrfs_copy_root+0x10/0x10
[  163.025916][ T6035]  ? btrfs_cow_block+0x40a/0x9a0
[  163.025939][ T6035]  create_pending_snapshot+0xa76/0x3280
[  163.025976][ T6035]  ? __pfx_create_pending_snapshot+0x10/0x10
[  163.025988][ T6035]  ? rcu_is_watching+0x15/0xb0
[  163.026000][ T6035]  ? trace_contention_end+0x39/0x120
[  163.026012][ T6035]  ? __mutex_lock+0x335/0x1360
[  163.026033][ T6035]  ? __lock_acquire+0xab9/0xd20
[  163.026047][ T6035]  ? btrfs_commit_transaction+0xedd/0x3950
[  163.026074][ T6035]  create_pending_snapshots+0x17c/0x1c0
[  163.026093][ T6035]  btrfs_commit_transaction+0xeea/0x3950
[  163.026109][ T6035]  ? btrfs_commit_transaction+0x161/0x3950
[  163.026131][ T6035]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  163.026147][ T6035]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  163.026161][ T6035]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  163.026175][ T6035]  ? do_raw_spin_unlock+0x4d/0x240
[  163.026192][ T6035]  ? record_root_in_trans+0x2d8/0x370
[  163.026214][ T6035]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  163.026232][ T6035]  ? start_transaction+0x439/0x1620
[  163.026249][ T6035]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  163.026267][ T6035]  ? btrfs_record_root_in_trans+0x124/0x180
[  163.026282][ T6035]  create_snapshot+0x6bc/0xba0
[  163.026307][ T6035]  btrfs_mksubvol+0x545/0x6d0
[  163.026329][ T6035]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  163.026346][ T6035]  ? __fget_files+0x3a0/0x420
[  163.026364][ T6035]  btrfs_mksnapshot+0xab/0xf0
[  163.026382][ T6035]  __btrfs_ioctl_snap_create+0x520/0x730
[  163.026403][ T6035]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  163.026419][ T6035]  ? rep_movs_alternative+0x4a/0x90
[  163.026432][ T6035]  ? _copy_from_user+0x94/0xb0
[  163.026444][ T6035]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  163.026459][ T6035]  ? __fget_files+0x3a0/0x420
[  163.026482][ T6035]  btrfs_ioctl+0xa62/0xd00
[  163.026495][ T6035]  ? __pfx_btrfs_ioctl+0x10/0x10
[  163.026527][ T6035]  __se_sys_ioctl+0xfc/0x170
[  163.026538][ T6035]  do_syscall_64+0xfa/0x3b0
[  163.026548][ T6035]  ? lockdep_hardirqs_on+0x9c/0x150
[  163.026558][ T6035]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.026567][ T6035]  ? clear_bhb_loop+0x60/0xb0
[  163.026581][ T6035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.026592][ T6035] RIP: 0033:0x7fd74c38ebe9
[  163.026602][ T6035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.026611][ T6035] RSP: 002b:00007fd74d1b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.026624][ T6035] RAX: ffffffffffffffda RBX: 00007fd74c5b6090 RCX: 00007fd74c38ebe9
[  163.026631][ T6035] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  163.026638][ T6035] RBP: 00007fd74d1b4090 R08: 0000000000000000 R09: 0000000000000000
[  163.026645][ T6035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  163.026651][ T6035] R13: 00007fd74c5b6128 R14: 00007fd74c5b6090 R15: 00007ffe4eb32388
[  163.026673][ T6035]  </TASK>
[  163.755515][ T6008] BTRFS info (device loop0): balance: canceled
[  164.427161][ T5462] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  166.606488][ T6046] loop0: detected capacity change from 0 to 32768
[  166.646062][ T6046] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.112 (6046)
[  166.717874][ T6046] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  166.721993][ T6046] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  167.111967][ T6046] BTRFS info (device loop0): rebuilding free space tree
[  167.268615][ T6046] BTRFS info (device loop0): disabling free space tree
[  167.305304][ T6046] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  167.370455][ T6046] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  167.621087][ T6046] BTRFS info (device loop0): balance: start -d -m
[  167.667502][ T6073] FAULT_INJECTION: forcing a failure.
[  167.667502][ T6073] name failslab, interval 1, probability 0, space 0, times 0
[  167.744719][ T6073] CPU: 0 UID: 0 PID: 6073 Comm: syz.0.112 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  167.744737][ T6073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.744743][ T6073] Call Trace:
[  167.744748][ T6073]  <TASK>
[  167.744753][ T6073]  dump_stack_lvl+0x189/0x250
[  167.744849][ T6073]  ? __pfx____ratelimit+0x10/0x10
[  167.744890][ T6073]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.744903][ T6073]  ? __pfx__printk+0x10/0x10
[  167.744919][ T6073]  ? __pfx___might_resched+0x10/0x10
[  167.744953][ T6073]  ? fs_reclaim_acquire+0x7d/0x100
[  167.744969][ T6073]  should_fail_ex+0x414/0x560
[  167.744985][ T6073]  should_failslab+0xa8/0x100
[  167.745000][ T6073]  kmem_cache_alloc_noprof+0x73/0x3c0
[  167.745010][ T6073]  ? add_delayed_ref+0x11a/0x1d80
[  167.745027][ T6073]  add_delayed_ref+0x11a/0x1d80
[  167.745042][ T6073]  ? do_raw_spin_unlock+0x4d/0x240
[  167.745074][ T6073]  btrfs_alloc_tree_block+0xd42/0x1290
[  167.745116][ T6073]  ? crng_fast_key_erasure+0xb0/0x240
[  167.745125][ T6073]  ? __pfx_btrfs_alloc_tree_block+0x10/0x10
[  167.745138][ T6073]  ? read_extent_buffer+0x120/0x5e0
[  167.745155][ T6073]  btrfs_force_cow_block+0x578/0x2460
[  167.745168][ T6073]  ? __lock_acquire+0xab9/0xd20
[  167.745193][ T6073]  ? btrfs_qgroup_trace_subtree_after_cow+0x1cd/0x930
[  167.745218][ T6073]  ? __pfx_btrfs_force_cow_block+0x10/0x10
[  167.745231][ T6073]  ? down_write_nested+0x169/0x200
[  167.745243][ T6073]  ? __pfx_down_write_nested+0x10/0x10
[  167.745258][ T6073]  btrfs_cow_block+0x40a/0x9a0
[  167.745277][ T6073]  create_pending_snapshot+0xa3a/0x3280
[  167.745310][ T6073]  ? __pfx_create_pending_snapshot+0x10/0x10
[  167.745321][ T6073]  ? rcu_is_watching+0x15/0xb0
[  167.745331][ T6073]  ? trace_contention_end+0x39/0x120
[  167.745341][ T6073]  ? __mutex_lock+0x335/0x1360
[  167.745371][ T6073]  ? __lock_acquire+0xab9/0xd20
[  167.745383][ T6073]  ? btrfs_commit_transaction+0xedd/0x3950
[  167.745407][ T6073]  create_pending_snapshots+0x17c/0x1c0
[  167.745423][ T6073]  btrfs_commit_transaction+0xeea/0x3950
[  167.745436][ T6073]  ? btrfs_commit_transaction+0x161/0x3950
[  167.745460][ T6073]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  167.745474][ T6073]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  167.745486][ T6073]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  167.745498][ T6073]  ? do_raw_spin_unlock+0x4d/0x240
[  167.745512][ T6073]  ? record_root_in_trans+0x2d8/0x370
[  167.745531][ T6073]  ? btrfs_qgroup_convert_reserved_meta+0xe5/0xce0
[  167.745546][ T6073]  ? start_transaction+0x439/0x1620
[  167.745561][ T6073]  ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10
[  167.745579][ T6073]  ? btrfs_record_root_in_trans+0x124/0x180
[  167.745592][ T6073]  create_snapshot+0x6bc/0xba0
[  167.745615][ T6073]  btrfs_mksubvol+0x545/0x6d0
[  167.745636][ T6073]  ? __pfx_btrfs_mksubvol+0x10/0x10
[  167.745651][ T6073]  ? __fget_files+0x3a0/0x420
[  167.745667][ T6073]  btrfs_mksnapshot+0xab/0xf0
[  167.745684][ T6073]  __btrfs_ioctl_snap_create+0x520/0x730
[  167.745705][ T6073]  ? __pfx___btrfs_ioctl_snap_create+0x10/0x10
[  167.745723][ T6073]  ? rep_movs_alternative+0x4a/0x90
[  167.745734][ T6073]  ? _copy_from_user+0x94/0xb0
[  167.745746][ T6073]  btrfs_ioctl_snap_create_v2+0x1f8/0x3b0
[  167.745758][ T6073]  ? __fget_files+0x3a0/0x420
[  167.745773][ T6073]  btrfs_ioctl+0xa62/0xd00
[  167.745787][ T6073]  ? __pfx_btrfs_ioctl+0x10/0x10
[  167.745799][ T6073]  __se_sys_ioctl+0xfc/0x170
[  167.745814][ T6073]  do_syscall_64+0xfa/0x3b0
[  167.745828][ T6073]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.745842][ T6073]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.745853][ T6073]  ? clear_bhb_loop+0x60/0xb0
[  167.745867][ T6073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.745878][ T6073] RIP: 0033:0x7fd74c38ebe9
[  167.745889][ T6073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.745898][ T6073] RSP: 002b:00007fd74d1b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  167.745910][ T6073] RAX: ffffffffffffffda RBX: 00007fd74c5b6090 RCX: 00007fd74c38ebe9
[  167.745918][ T6073] RDX: 0000200000002480 RSI: 0000000050009417 RDI: 0000000000000004
[  167.745925][ T6073] RBP: 00007fd74d1b4090 R08: 0000000000000000 R09: 0000000000000000
[  167.745931][ T6073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  167.745937][ T6073] R13: 00007fd74c5b6128 R14: 00007fd74c5b6090 R15: 00007ffe4eb32388
[  167.745959][ T6073]  </TASK>
2025/08/13 19:23:50 executed programs: 115
[  169.174659][ T6073] BTRFS error (device loop0 state A): Transaction aborted (error -12)
[  169.225572][ T6046] BTRFS info (device loop0 state A): balance: ended with status: -12
[  169.257185][ T6046] BTRFS: error (device loop0 state A) in reset_balance_state:3812: errno=-12 Out of memory
[  169.307900][ T6073] BTRFS: error (device loop0 state A) in create_pending_snapshot:1795: errno=-12 Out of memory
[  169.375506][ T6073] BTRFS info (device loop0 state EA): forced readonly
[  169.388798][ T6073] BTRFS warning (device loop0 state EA): Skipping commit of aborted transaction.
[  169.438086][ T6073] BTRFS: error (device loop0 state EA) in cleanup_transaction:2023: errno=-12 Out of memory
[  169.537313][ T5462] BTRFS info (device loop0 state EA): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  169.688173][ T5462] ------------[ cut here ]------------
[  169.690689][ T5462] WARNING: CPU: 0 PID: 5462 at fs/btrfs/space-info.h:265 btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  169.695556][ T5462] Modules linked in:
[  169.697411][ T5462] CPU: 0 UID: 0 PID: 5462 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  169.703722][ T5462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  169.708562][ T5462] RIP: 0010:btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  169.711889][ T5462] Code: 00 00 74 08 4c 89 ff e8 34 cc 38 fe 4d 8b 27 4c 89 e7 48 8b 6c 24 18 48 89 ee e8 c1 e2 d3 fd 49 39 ec 73 1c e8 57 e0 d3 fd 90 <0f> 0b 90 31 db 43 80 7c 35 00 00 0f 85 2e ff ff ff e9 31 ff ff ff
[  169.720153][ T5462] RSP: 0018:ffffc9000297fa10 EFLAGS: 00010293
[  169.722810][ T5462] RAX: ffffffff83ebdb09 RBX: fffffffffff11000 RCX: ffff888000eba440
[  169.726569][ T5462] RDX: 0000000000000000 RSI: 00000000000ef000 RDI: 00000000000ee000
[  169.730130][ T5462] RBP: 00000000000ef000 R08: ffffffff8fa39e37 R09: 1ffffffff1f473c6
[  169.733728][ T5462] R10: dffffc0000000000 R11: fffffbfff1f473c7 R12: 00000000000ee000
[  169.737746][ T5462] R13: 1ffff11009d12e10 R14: dffffc0000000000 R15: ffff88804e897080
[  169.741403][ T5462] FS:  0000555574553500(0000) GS:ffff88808d211000(0000) knlGS:0000000000000000
[  169.745674][ T5462] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  169.749067][ T5462] CR2: 000000c009468000 CR3: 00000000002d4000 CR4: 0000000000352ef0
[  169.752809][ T5462] Call Trace:
[  169.754412][ T5462]  <TASK>
[  169.755951][ T5462]  btrfs_block_rsv_release+0x4b3/0x5e0
[  169.758475][ T5462]  btrfs_release_global_block_rsv+0x33/0x270
[  169.761235][ T5462]  btrfs_free_block_groups+0xc2c/0xf40
[  169.763826][ T5462]  close_ctree+0x7bc/0x1380
[  169.766122][ T5462]  ? do_raw_spin_unlock+0x4d/0x240
[  169.768592][ T5462]  ? btrfs_put_super+0x48/0x1b0
[  169.770998][ T5462]  ? __pfx__btrfs_printk+0x10/0x10
[  169.773389][ T5462]  ? __pfx_close_ctree+0x10/0x10
[  169.777322][ T5462]  ? btrfs_put_super+0x48/0x1b0
[  169.779577][ T5462]  ? btrfs_put_super+0x48/0x1b0
[  169.781949][ T5462]  ? __pfx_btrfs_put_super+0x10/0x10
[  169.784380][ T5462]  generic_shutdown_super+0x135/0x2c0
[  169.788215][ T5462]  kill_anon_super+0x3b/0x70
[  169.790269][ T5462]  btrfs_kill_super+0x41/0x50
[  169.792318][ T5462]  deactivate_locked_super+0xb9/0x130
[  169.794677][ T5462]  cleanup_mnt+0x425/0x4c0
[  169.796831][ T5462]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.799224][ T5462]  task_work_run+0x1d4/0x260
[  169.801273][ T5462]  ? __pfx_task_work_run+0x10/0x10
[  169.803540][ T5462]  ? __x64_sys_umount+0x122/0x160
[  169.806034][ T5462]  ? exit_to_user_mode_loop+0x40/0x110
[  169.808550][ T5462]  exit_to_user_mode_loop+0xec/0x110
[  169.810927][ T5462]  do_syscall_64+0x2bd/0x3b0
[  169.812984][ T5462]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.815307][ T5462]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.818109][ T5462]  ? clear_bhb_loop+0x60/0xb0
[  169.820887][ T5462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.824242][ T5462] RIP: 0033:0x7fd74c38ff17
[  169.826689][ T5462] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  169.835027][ T5462] RSP: 002b:00007ffe4eb31618 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  169.838913][ T5462] RAX: 0000000000000000 RBX: 00007fd74c411c05 RCX: 00007fd74c38ff17
[  169.842413][ T5462] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe4eb316d0
[  169.845934][ T5462] RBP: 00007ffe4eb316d0 R08: 0000000000000000 R09: 0000000000000000
[  169.849382][ T5462] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe4eb32760
[  169.853007][ T5462] R13: 00007fd74c411c05 R14: 0000000000028de6 R15: 00007ffe4eb327a0
[  169.856568][ T5462]  </TASK>
[  169.857985][ T5462] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  169.861089][ T5462] CPU: 0 UID: 0 PID: 5462 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  169.866435][ T5462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  169.871523][ T5462] Call Trace:
[  169.873801][ T5462]  <TASK>
[  169.875269][ T5462]  dump_stack_lvl+0x99/0x250
[  169.877330][ T5462]  ? __asan_memcpy+0x40/0x70
[  169.879523][ T5462]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.882079][ T5462]  ? __pfx__printk+0x10/0x10
[  169.884206][ T5462]  vpanic+0x281/0x750
[  169.886007][ T5462]  ? __pfx__printk+0x10/0x10
[  169.888094][ T5462]  ? __pfx_vpanic+0x10/0x10
[  169.890083][ T5462]  ? is_bpf_text_address+0x292/0x2b0
[  169.892428][ T5462]  panic+0xb9/0xc0
[  169.894120][ T5462]  ? __pfx_panic+0x10/0x10
[  169.896265][ T5462]  __warn+0x31b/0x4b0
[  169.898294][ T5462]  ? btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  169.901417][ T5462]  ? btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  169.904669][ T5462]  report_bug+0x2be/0x4f0
[  169.906596][ T5462]  ? btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  169.909620][ T5462]  ? btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  169.912455][ T5462]  ? btrfs_space_info_update_bytes_may_use+0x35c/0x640
[  169.915376][ T5462]  handle_bug+0x84/0x160
[  169.917148][ T5462]  exc_invalid_op+0x1a/0x50
[  169.919233][ T5462]  asm_exc_invalid_op+0x1a/0x20
[  169.921440][ T5462] RIP: 0010:btrfs_space_info_update_bytes_may_use+0x35a/0x640
[  169.924886][ T5462] Code: 00 00 74 08 4c 89 ff e8 34 cc 38 fe 4d 8b 27 4c 89 e7 48 8b 6c 24 18 48 89 ee e8 c1 e2 d3 fd 49 39 ec 73 1c e8 57 e0 d3 fd 90 <0f> 0b 90 31 db 43 80 7c 35 00 00 0f 85 2e ff ff ff e9 31 ff ff ff
[  169.933508][ T5462] RSP: 0018:ffffc9000297fa10 EFLAGS: 00010293
[  169.936257][ T5462] RAX: ffffffff83ebdb09 RBX: fffffffffff11000 RCX: ffff888000eba440
[  169.939655][ T5462] RDX: 0000000000000000 RSI: 00000000000ef000 RDI: 00000000000ee000
[  169.943169][ T5462] RBP: 00000000000ef000 R08: ffffffff8fa39e37 R09: 1ffffffff1f473c6
[  169.946703][ T5462] R10: dffffc0000000000 R11: fffffbfff1f473c7 R12: 00000000000ee000
[  169.950187][ T5462] R13: 1ffff11009d12e10 R14: dffffc0000000000 R15: ffff88804e897080
[  169.953753][ T5462]  ? btrfs_space_info_update_bytes_may_use+0x359/0x640
[  169.969086][ T5462]  btrfs_block_rsv_release+0x4b3/0x5e0
[  169.971514][ T5462]  btrfs_release_global_block_rsv+0x33/0x270
[  169.979969][ T5462]  btrfs_free_block_groups+0xc2c/0xf40
[  169.982597][ T5462]  close_ctree+0x7bc/0x1380
[  169.984808][ T5462]  ? do_raw_spin_unlock+0x4d/0x240
[  169.987213][ T5462]  ? btrfs_put_super+0x48/0x1b0
[  169.989675][ T5462]  ? __pfx__btrfs_printk+0x10/0x10
[  169.992273][ T5462]  ? __pfx_close_ctree+0x10/0x10
[  169.994833][ T5462]  ? btrfs_put_super+0x48/0x1b0
[  169.997227][ T5462]  ? btrfs_put_super+0x48/0x1b0
[  169.999773][ T5462]  ? __pfx_btrfs_put_super+0x10/0x10
[  170.002286][ T5462]  generic_shutdown_super+0x135/0x2c0
[  170.005539][ T5462]  kill_anon_super+0x3b/0x70
[  170.008188][ T5462]  btrfs_kill_super+0x41/0x50
[  170.010710][ T5462]  deactivate_locked_super+0xb9/0x130
[  170.013085][ T5462]  cleanup_mnt+0x425/0x4c0
[  170.015128][ T5462]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.017670][ T5462]  task_work_run+0x1d4/0x260
[  170.019889][ T5462]  ? __pfx_task_work_run+0x10/0x10
[  170.022184][ T5462]  ? __x64_sys_umount+0x122/0x160
[  170.024527][ T5462]  ? exit_to_user_mode_loop+0x40/0x110
[  170.027060][ T5462]  exit_to_user_mode_loop+0xec/0x110
[  170.029745][ T5462]  do_syscall_64+0x2bd/0x3b0
[  170.031810][ T5462]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.034192][ T5462]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.037017][ T5462]  ? clear_bhb_loop+0x60/0xb0
[  170.039201][ T5462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.041817][ T5462] RIP: 0033:0x7fd74c38ff17
[  170.043774][ T5462] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  170.052822][ T5462] RSP: 002b:00007ffe4eb31618 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  170.056764][ T5462] RAX: 0000000000000000 RBX: 00007fd74c411c05 RCX: 00007fd74c38ff17
[  170.060185][ T5462] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe4eb316d0
[  170.063900][ T5462] RBP: 00007ffe4eb316d0 R08: 0000000000000000 R09: 0000000000000000
[  170.067619][ T5462] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe4eb32760
[  170.071506][ T5462] R13: 00007fd74c411c05 R14: 0000000000028de6 R15: 00007ffe4eb327a0
[  170.075246][ T5462]  </TASK>
[  170.076981][ T5462] Kernel Offset: disabled
[  170.078877][ T5462] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:23:52  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000002e RBX=000000000000002e RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000297f1b0
R8 =ffff888033d60237 R9 =1ffff110067ac046 R10=dffffc0000000000 R11=ffffffff85508870
R12=dffffc0000000000 R13=ffffffff99b04913 R14=ffffffff99df97a0 R15=0000000000000000
RIP=ffffffff855088ec RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555574553500 ffffffff 00c00000
GS =0000 ffff88808d211000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000c009468000 CR3=00000000002d4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 45f62c8b15534094 aea0b20f9d0f6de4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 185f6154ccb1f5f4 5b59ee3178d3b1e9
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8f0ce786caf054ad acd276a5f61c792f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e90653abca1573b3 b21c0bc0e9fe3970
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000a40
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007000000000 5d7637aa0000e877
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000070 0000000000000070
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007000016506 5d6b0bf00003b7ef
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5d81663700020516 000000005d64273c
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 513e60d906d1a79e f19e7238d79d1fd9
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 070fcd33c023856f 5b20072efa3106b1
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000