syzkaller login: [ 91.778908][ T789] cfg80211: failed to load regulatory.db Warning: Permanently added '[localhost]:34116' (ED25519) to the list of known hosts. executing program [ 93.361713][ T5102] loop0: detected capacity change from 0 to 32768 [ 93.388054][ T5102] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got e3ad2ae1 should be 29d2fb78 [ 93.484714][ T5102] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,norecovery,recovery_pass_last=journal_replay,nojournal_transaction_names,nocow [ 93.516757][ T5102] bcachefs (loop0): recovering from clean shutdown, journal seq 7 [ 93.520004][ T5102] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 93.520004][ T5102] running recovery passes: check_allocations [ 93.547186][ T5102] bcachefs (loop0): flagging btree extents lost data [ 93.551994][ T5102] error reading btree root extents l=0: btree_node_read_error, fixing [ 93.555308][ T5102] bcachefs (loop0): will run btree node scan [ 93.571224][ T5102] bcachefs (loop0): flagging btree xattrs lost data [ 93.581196][ T5102] error reading btree root xattrs l=0: btree_node_read_error, fixing [ 93.588280][ T5102] invalid bkey u64s 11 type alloc_v4 0:14:0 len 0 ver 0: [ 93.588304][ T5102] gen 0 oldest_gen 0 data_type journal [ 93.588312][ T5102] journal_seq 1 [ 93.588318][ T5102] need_discard 1 [ 93.588324][ T5102] need_inc_gen 1 [ 93.588330][ T5102] dirty_sectors 256 [ 93.588335][ T5102] stripe_sectors 0 [ 93.588341][ T5102] cached_sectors 0 [ 93.588348][ T5102] stripe 67108864 [ 93.588354][ T5102] stripe_redundancy 0 [ 93.588359][ T5102] io_time[READ] 1 [ 93.588365][ T5102] io_time[WRITE] 1 [ 93.588371][ T5102] fragmentation 0 [ 93.588377][ T5102] bp_start 8 [ 93.588382][ T5102] [ 93.588388][ T5102] invalid data type (got 2 should be 7): delete?, fixing [ 93.657104][ T5102] bcachefs (loop0): flagging btree freespace lost data [ 93.664828][ T5102] error reading btree root freespace l=0: btree_node_read_error, fixing [ 93.676399][ T5102] bcachefs (loop0): scan_for_btree_nodes... [ 93.680334][ T5111] ------------[ cut here ]------------ [ 93.685061][ T5111] kernel BUG at fs/bcachefs/btree_cache.h:126! [ 93.696848][ T5111] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 93.699682][ T5111] CPU: 0 UID: 0 PID: 5111 Comm: read_btree_node Not tainted 6.11.0-syzkaller-03917-ga940d9a43e62 #0 [ 93.703732][ T5111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.707782][ T5111] RIP: 0010:bch2_btree_pos_to_text+0x1ee/0x1f0 [ 93.710310][ T5111] Code: 00 00 fc ff df e9 70 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c 7a ff ff ff 48 89 df e8 2d 90 ec fd e9 6d ff ff ff e8 b3 4b 85 fd 90 <0f> 0b 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa [ 93.717838][ T5111] RSP: 0018:ffffc90002e2f448 EFLAGS: 00010293 [ 93.719986][ T5111] RAX: ffffffff840ede8d RBX: 00000000000000de RCX: ffff888000ebc880 [ 93.722923][ T5111] RDX: 0000000000000000 RSI: 00000000000000de RDI: 0000000000000000 [ 93.725833][ T5111] RBP: 0000000000000000 R08: ffffffff840edd7a R09: 0000000000000000 [ 93.728709][ T5111] R10: ffffc90002e2f5e0 R11: fffff520005c5ec1 R12: ffff88800094f800 [ 93.731756][ T5111] R13: ffff888040a00000 R14: ffff888040a00000 R15: ffffc90002e2f5e0 [ 93.735366][ T5111] FS: 0000000000000000(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000 [ 93.739502][ T5111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.742414][ T5111] CR2: 00007f117dfe8670 CR3: 0000000011de8000 CR4: 0000000000350ef0 [ 93.745745][ T5111] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 93.748813][ T5111] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 93.751832][ T5111] Call Trace: [ 93.753066][ T5111] [ 93.754197][ T5111] ? __die_body+0x88/0xe0 [ 93.755847][ T5111] ? die+0xcf/0x110 [ 93.757340][ T5111] ? do_trap+0x15a/0x3a0 [ 93.758883][ T5111] ? bch2_btree_pos_to_text+0x1ee/0x1f0 [ 93.761023][ T5111] ? do_error_trap+0x1dc/0x2c0 [ 93.762927][ T5111] ? bch2_btree_pos_to_text+0x1ee/0x1f0 [ 93.765020][ T5111] ? mark_lock+0x9a/0x360 [ 93.766684][ T5111] ? __pfx_do_error_trap+0x10/0x10 [ 93.768633][ T5111] ? report_bug+0x3e8/0x500 [ 93.770385][ T5111] ? handle_invalid_op+0x34/0x40 [ 93.772210][ T5111] ? bch2_btree_pos_to_text+0x1ee/0x1f0 [ 93.774438][ T5111] ? exc_invalid_op+0x38/0x50 [ 93.776487][ T5111] ? asm_exc_invalid_op+0x1a/0x20 [ 93.778501][ T5111] ? bch2_btree_pos_to_text+0xda/0x1f0 [ 93.780612][ T5111] ? bch2_btree_pos_to_text+0x1ed/0x1f0 [ 93.782787][ T5111] ? bch2_btree_pos_to_text+0x1ee/0x1f0 [ 93.784921][ T5111] ? bch2_btree_pos_to_text+0x1ed/0x1f0 [ 93.787032][ T5111] btree_node_read_work+0x486/0x1260 [ 93.789076][ T5111] ? __pfx_btree_node_read_work+0x10/0x10 [ 93.791289][ T5111] ? __bch2_time_stats_update+0x290/0x370 [ 93.793430][ T5111] ? __pfx_bch2_latency_acct+0x10/0x10 [ 93.795559][ T5111] ? bio_associate_blkg+0x6c/0x230 [ 93.797600][ T5111] bch2_btree_node_read+0x2433/0x2a10 [ 93.799681][ T5111] ? mark_lock+0x9a/0x360 [ 93.801450][ T5111] ? __pfx_bch2_btree_node_read+0x10/0x10 [ 93.803694][ T5111] ? __mutex_unlock_slowpath+0x21d/0x750 [ 93.805743][ T5111] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 93.807968][ T5111] ? __bch2_btree_node_hash_insert+0x1cd/0x1190 [ 93.810762][ T5111] ? __pfx___bch2_btree_node_hash_insert+0x10/0x10 [ 93.813472][ T5111] ? bch2_btree_node_mem_alloc+0xa3e/0x13b0 [ 93.815739][ T5111] ? six_unlock_ip+0x2ce/0x3e0 [ 93.817485][ T5111] ? bch2_btree_node_fill+0xc24/0x1320 [ 93.819584][ T5111] bch2_btree_node_fill+0xcd1/0x1320 [ 93.821444][ T5111] ? __pfx_lock_acquire+0x10/0x10 [ 93.823354][ T5111] ? __pfx_bch2_btree_node_fill+0x10/0x10 [ 93.825336][ T5111] ? __asan_memset+0x23/0x50 [ 93.827066][ T5111] ? btree_cache_find+0xa4/0x720 [ 93.828666][ T5111] bch2_btree_node_get_noiter+0x9b3/0xf50 [ 93.830612][ T5111] read_btree_nodes_worker+0x122c/0x20b0 [ 93.832461][ T5111] ? read_btree_nodes_worker+0xc2e/0x20b0 [ 93.834479][ T5111] ? __pfx_read_btree_nodes_worker+0x10/0x10 [ 93.836776][ T5111] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 93.838967][ T5111] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 93.841410][ T5111] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 93.843777][ T5111] ? __kthread_parkme+0x169/0x1d0 [ 93.845868][ T5111] ? __pfx_read_btree_nodes_worker+0x10/0x10 [ 93.848093][ T5111] kthread+0x2f0/0x390 [ 93.849352][ T5111] ? __pfx_read_btree_nodes_worker+0x10/0x10 [ 93.851314][ T5111] ? __pfx_kthread+0x10/0x10 [ 93.852920][ T5111] ret_from_fork+0x4b/0x80 [ 93.854599][ T5111] ? __pfx_kthread+0x10/0x10 [ 93.856363][ T5111] ret_from_fork_asm+0x1a/0x30 [ 93.858244][ T5111] [ 93.859378][ T5111] Modules linked in: [ 93.860971][ T5111] ---[ end trace 0000000000000000 ]--- [ 94.036294][ T5111] RIP: 0010:bch2_btree_pos_to_text+0x1ee/0x1f0 [ 94.038780][ T5111] Code: 00 00 fc ff df e9 70 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c 7a ff ff ff 48 89 df e8 2d 90 ec fd e9 6d ff ff ff e8 b3 4b 85 fd 90 <0f> 0b 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa [ 94.045882][ T5111] RSP: 0018:ffffc90002e2f448 EFLAGS: 00010293 [ 94.056342][ T5111] RAX: ffffffff840ede8d RBX: 00000000000000de RCX: ffff888000ebc880 [ 94.066413][ T5111] RDX: 0000000000000000 RSI: 00000000000000de RDI: 0000000000000000 [ 94.069479][ T5111] RBP: 0000000000000000 R08: ffffffff840edd7a R09: 0000000000000000 [ 94.072715][ T5111] R10: ffffc90002e2f5e0 R11: fffff520005c5ec1 R12: ffff88800094f800 [ 94.075803][ T5111] R13: ffff888040a00000 R14: ffff888040a00000 R15: ffffc90002e2f5e0 [ 94.088516][ T5111] FS: 0000000000000000(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000 [ 94.092006][ T5111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.104802][ T5111] CR2: 00007f117dfe8670 CR3: 0000000011a20000 CR4: 0000000000350ef0 [ 94.107955][ T5111] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 94.110848][ T5111] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 94.113906][ T5111] Kernel panic - not syncing: Fatal exception [ 94.116469][ T5111] Kernel Offset: disabled [ 94.118184][ T5111] Rebooting in 86400 seconds.. VM DIAGNOSIS: 22:47:49 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000000 RCX=ffff88801f3e0000 RDX=0000000000000000 RSI=00000000ffffffff RDI=00000000ffffffff RBP=ffffffff9a4cc4fc RSP=ffffc90001077428 R8 =ffffffff81ddfb50 R9 =1ffffffff2846d08 R10=dffffc0000000000 R11=fffffbfff2846d09 R12=ffffffff9a4cc4e0 R13=dffffc0000000000 R14=0000000000000000 R15=ffffffff81ddfa49 RIP=ffffffff8bbd8dba RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88801fe00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe748f50390 CR3=0000000011a20000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000080001 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=00000000ffffffdf Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff66101390 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 38352e3339202020 5b3e333c00312020 2020202020716573 5f6c616e72756f00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3235243333202020 5134333600312020 2020202020716573 5566616472756500 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 205d323031355420 5b5d373537363135 2e33392020205b3e 363c006e2c63616c ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 205d323031355420 5b26343537363135 2e33392020205b3e 3626006326632c64 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 786f7c65696f7865 64263e7066376465 6379796f787a6765 69266f7f64637e64 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 26796f676b645564 65637e696b79646b 787e55666b64787f 6560656426736b66 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000