syzkaller login: [   91.885697][  T797] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:54759' (ED25519) to the list of known hosts.
2025/12/03 07:52:55 parsed 1 programs
[  316.366452][ T5370] cgroup: Unknown subsys name 'net'
[  316.433158][ T5370] cgroup: Unknown subsys name 'cpuset'
[  316.440938][ T5370] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  318.511736][ T5370] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  322.290597][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  322.294121][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  323.237051][ T5388] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  323.790790][ T4681] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  323.799689][ T4681] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  323.802709][ T4681] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  323.806252][ T4681] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  323.813041][ T4681] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  324.386021][ T3361] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.397477][ T3361] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.440112][ T3361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.443531][ T3361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  326.084080][ T5431] chnl_net:caif_netlink_parms(): no params data found
[  326.169925][ T5431] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.173279][ T5431] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.176079][ T5431] bridge_slave_0: entered allmulticast mode
[  326.180525][ T5431] bridge_slave_0: entered promiscuous mode
[  326.185509][ T5431] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.188006][ T5431] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.191595][ T5431] bridge_slave_1: entered allmulticast mode
[  326.195706][ T5431] bridge_slave_1: entered promiscuous mode
[  326.218863][ T5431] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  326.224994][ T5431] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  326.282133][ T5431] team0: Port device team_slave_0 added
[  326.286152][ T5431] team0: Port device team_slave_1 added
[  326.326772][ T5431] batman_adv: batadv0: Adding interface: batadv_slave_0
[  326.339828][ T5431] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  326.359482][ T5431] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  326.379872][ T5431] batman_adv: batadv0: Adding interface: batadv_slave_1
[  326.382545][ T5431] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  326.400808][ T5431] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  326.470570][ T5431] hsr_slave_0: entered promiscuous mode
[  326.473290][ T5431] hsr_slave_1: entered promiscuous mode
[  326.741858][ T5431] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  326.764445][ T5431] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  326.782922][ T5431] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  326.792679][ T5431] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  326.924487][ T5431] 8021q: adding VLAN 0 to HW filter on device bond0
[  326.947406][ T5431] 8021q: adding VLAN 0 to HW filter on device team0
[  326.967702][  T189] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.971185][  T189] bridge0: port 1(bridge_slave_0) entered forwarding state
[  326.992455][  T189] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.995335][  T189] bridge0: port 2(bridge_slave_1) entered forwarding state
[  327.233099][ T5431] 8021q: adding VLAN 0 to HW filter on device batadv0
[  327.271362][ T5431] veth0_vlan: entered promiscuous mode
[  327.282713][ T5431] veth1_vlan: entered promiscuous mode
[  327.309062][ T5431] veth0_macvtap: entered promiscuous mode
[  327.317369][ T5431] veth1_macvtap: entered promiscuous mode
[  327.335556][ T5431] batman_adv: batadv0: Interface activated: batadv_slave_0
[  327.344815][ T5431] batman_adv: batadv0: Interface activated: batadv_slave_1
[  327.356113][ T3361] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  327.365769][ T3361] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  327.379157][ T3361] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  327.393787][ T3361] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  327.531498][ T3361] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.587017][ T3361] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.630348][ T3361] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.703411][ T3361] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.109772][ T3361] bridge_slave_1: left allmulticast mode
[  330.112139][ T3361] bridge_slave_1: left promiscuous mode
[  330.114735][ T3361] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.188290][ T3361] bridge_slave_0: left allmulticast mode
[  330.203246][ T3361] bridge_slave_0: left promiscuous mode
[  330.210349][ T3361] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.631479][ T3361] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  330.637373][ T3361] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  330.642425][ T3361] bond0 (unregistering): Released all slaves
[  330.750010][ T3361] hsr_slave_0: left promiscuous mode
[  330.754342][ T3361] hsr_slave_1: left promiscuous mode
[  330.762275][ T3361] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.765544][ T3361] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.790374][ T3361] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.793528][ T3361] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.816578][ T3361] veth1_macvtap: left promiscuous mode
[  330.819118][ T3361] veth0_macvtap: left promiscuous mode
[  330.830321][ T3361] veth1_vlan: left promiscuous mode
[  330.840396][ T3361] veth0_vlan: left promiscuous mode
[  331.318458][ T3361] team0 (unregistering): Port device team_slave_1 removed
[  331.347089][ T3361] team0 (unregistering): Port device team_slave_0 removed
2025/12/03 07:53:14 executed programs: 0
[  332.770828][   T46] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  332.775546][   T46] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  332.779111][   T46] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  332.783727][   T46] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  332.787348][   T46] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  333.117592][ T5501] chnl_net:caif_netlink_parms(): no params data found
[  333.255088][ T5501] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.258326][ T5501] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.268171][ T5501] bridge_slave_0: entered allmulticast mode
[  333.273172][ T5501] bridge_slave_0: entered promiscuous mode
[  333.281419][ T5501] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.284646][ T5501] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.287887][ T5501] bridge_slave_1: entered allmulticast mode
[  333.294024][ T5501] bridge_slave_1: entered promiscuous mode
[  333.318979][ T5501] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  333.325204][ T5501] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  333.352181][ T5501] team0: Port device team_slave_0 added
[  333.356790][ T5501] team0: Port device team_slave_1 added
[  333.381288][ T5501] batman_adv: batadv0: Adding interface: batadv_slave_0
[  333.384028][ T5501] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  333.394888][ T5501] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  333.401514][ T5501] batman_adv: batadv0: Adding interface: batadv_slave_1
[  333.404307][ T5501] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  333.415391][ T5501] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  333.448956][ T5501] hsr_slave_0: entered promiscuous mode
[  333.452524][ T5501] hsr_slave_1: entered promiscuous mode
[  333.873870][ T5501] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  333.892254][ T5501] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  333.901684][ T5501] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  333.914919][ T5501] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  333.962859][ T5501] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.966043][ T5501] bridge0: port 2(bridge_slave_1) entered forwarding state
[  333.970253][ T5501] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.973434][ T5501] bridge0: port 1(bridge_slave_0) entered forwarding state
[  334.054290][ T5463] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.058020][ T5463] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.103078][ T5501] 8021q: adding VLAN 0 to HW filter on device bond0
[  334.130455][ T5501] 8021q: adding VLAN 0 to HW filter on device team0
[  334.144522][ T3361] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.147628][ T3361] bridge0: port 1(bridge_slave_0) entered forwarding state
[  334.206090][ T3361] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.209217][ T3361] bridge0: port 2(bridge_slave_1) entered forwarding state
[  334.506456][ T5501] 8021q: adding VLAN 0 to HW filter on device batadv0
[  334.575555][ T5501] veth0_vlan: entered promiscuous mode
[  334.595805][ T5501] veth1_vlan: entered promiscuous mode
[  334.652060][ T5501] veth0_macvtap: entered promiscuous mode
[  334.664680][ T5501] veth1_macvtap: entered promiscuous mode
[  334.700705][ T5501] batman_adv: batadv0: Interface activated: batadv_slave_0
[  334.713049][ T5501] batman_adv: batadv0: Interface activated: batadv_slave_1
[  334.740599][ T5463] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  334.744340][ T5463] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  334.747942][ T5463] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  334.789983][ T5463] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.843082][   T46] Bluetooth: hci0: command tx timeout
[  334.870023][ T3502] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.873414][ T3502] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.923947][ T5463] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.927177][ T5463] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  335.454295][ T5551] loop0: detected capacity change from 0 to 32768
[  335.495729][ T5551] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.17 (5551)
[  335.542519][ T5551] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  335.564211][ T5551] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  335.838599][ T5551] BTRFS info (device loop0): setting nodatasum
[  335.860185][ T5551] BTRFS info (device loop0): allowing degraded mounts
[  335.863076][ T5551] BTRFS info (device loop0): disabling tree log
[  335.865721][ T5551] BTRFS info (device loop0): turning on async discard
[  335.868535][ T5551] BTRFS info (device loop0): enabling free space tree
[  335.964856][ T5551] BTRFS info (device loop0): balance: start -d -m
[  335.972299][ T5551] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  336.056019][ T5551] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  336.108519][ T5551] BTRFS info (device loop0): found 7 extents, stage: move data extents
[  336.136926][ T5551] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[  336.161203][ T5551] BTRFS info (device loop0): 1 enospc errors during balance
[  336.164681][ T5551] BTRFS info (device loop0): balance: ended with status: -28
[  336.185183][ T5501] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  336.524686][ T5581] loop0: detected capacity change from 0 to 32768
[  336.538912][ T5581] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.18 (5581)
[  336.566417][ T5581] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  336.580303][ T5581] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  336.707882][ T5581] BTRFS info (device loop0): setting nodatasum
[  336.710361][ T5581] BTRFS info (device loop0): allowing degraded mounts
[  336.712936][ T5581] BTRFS info (device loop0): disabling tree log
[  336.715567][ T5581] BTRFS info (device loop0): turning on async discard
[  336.718339][ T5581] BTRFS info (device loop0): enabling free space tree
[  336.729188][ T5581] BTRFS info (device loop0): balance: start -d -m
[  336.734004][ T5581] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  336.758450][ T5581] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  336.833173][ T5581] BTRFS info (device loop0): 1 enospc errors during balance
[  336.836040][ T5581] BTRFS info (device loop0): balance: ended with status: -28
[  336.850066][ T5501] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  336.922684][   T46] Bluetooth: hci0: command tx timeout
[  337.130815][ T5600] loop0: detected capacity change from 0 to 32768
[  337.144948][ T5600] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.19 (5600)
[  337.167188][ T5600] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  337.179560][ T5600] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  337.323379][ T5600] BTRFS info (device loop0): setting nodatasum
[  337.326388][ T5600] BTRFS info (device loop0): allowing degraded mounts
[  337.331099][ T5600] BTRFS info (device loop0): disabling tree log
[  337.333752][ T5600] BTRFS info (device loop0): turning on async discard
[  337.336388][ T5600] BTRFS info (device loop0): enabling free space tree
[  337.355277][ T5600] BTRFS info (device loop0): balance: start -d -m
[  337.365120][ T5600] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  337.391075][ T5600] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  337.478480][ T5600] BTRFS info (device loop0): found 9 extents, stage: move data extents
[  337.510202][ T5600] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[  337.527800][ T5600] BTRFS info (device loop0): balance: ended with status: 0
[  337.543970][ T5501] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  337.913583][ T5619] loop0: detected capacity change from 0 to 32768
[  337.939196][ T5619] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.20 (5619)
[  337.970944][ T5619] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  337.980686][ T5619] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  338.135746][ T5619] BTRFS info (device loop0): setting nodatasum
[  338.138383][ T5619] BTRFS info (device loop0): allowing degraded mounts
[  338.141606][ T5619] BTRFS info (device loop0): disabling tree log
[  338.144612][ T5619] BTRFS info (device loop0): turning on async discard
[  338.147666][ T5619] BTRFS info (device loop0): enabling free space tree
[  338.163506][ T5619] BTRFS info (device loop0): balance: start -d -m
[  338.168301][ T5619] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[  338.202794][ T5619] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[  338.251000][ T5619] BTRFS warning (device loop0): Skipping commit of aborted transaction.
[  338.254622][ T5619] ------------[ cut here ]------------
[  338.257034][ T5619] BTRFS: Transaction aborted (error -28)
[  338.259312][ T5619] WARNING: fs/btrfs/transaction.c:2020 at 0x0, CPU#0: syz.0.20/5619
[  338.263468][ T5619] Modules linked in:
[  338.265174][ T5619] CPU: 0 UID: 0 PID: 5619 Comm: syz.0.20 Not tainted syzkaller #0 PREEMPT(full) 
[  338.269278][ T5619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  338.274130][ T5619] RIP: 0010:btrfs_commit_transaction+0x2f5b/0x3950
[  338.277055][ T5619] Code: 07 e8 69 ce f1 fd eb 7d e8 82 be d7 fd 84 c0 74 25 e8 59 ce f1 fd eb 6d e8 52 ce f1 fd 48 8d 3d 7b c4 b9 0b 8b 5c 24 18 89 de <67> 48 0f b9 3a 89 d9 e9 1a 01 00 00 e8 04 28 79 07 89 c3 31 ff 89
[  338.285216][ T5619] RSP: 0018:ffffc9000cc3f4e0 EFLAGS: 00010293
[  338.287805][ T5619] RAX: ffffffff83cf3fde RBX: 00000000ffffffe4 RCX: ffff888000cc8000
[  338.291298][ T5619] RDX: 0000000000000000 RSI: 00000000ffffffe4 RDI: ffffffff8f890460
[  338.295019][ T5619] RBP: ffffc9000cc3f808 R08: ffff888000cc8000 R09: 0000000000000003
[  338.298430][ T5619] R10: 00000000fffffffb R11: 0000000000000000 R12: ffff888000cc92b8
[  338.302130][ T5619] R13: ffff8880534cc000 R14: ffff8880534cc000 R15: 0000000000000000
[  338.305504][ T5619] FS:  00007f16288c06c0(0000) GS:ffff88808d6b7000(0000) knlGS:0000000000000000
[  338.309334][ T5619] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  338.312258][ T5619] CR2: 0000001b34624220 CR3: 000000001f2c1000 CR4: 0000000000352ef0
[  338.315534][ T5619] Call Trace:
[  338.317039][ T5619]  <TASK>
[  338.318346][ T5619]  ? btrfs_commit_transaction+0x161/0x3950
[  338.320960][ T5619]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  338.323577][ T5619]  ? join_transaction+0x41b/0xd60
[  338.325765][ T5619]  ? do_raw_spin_unlock+0x4d/0x240
[  338.328143][ T5619]  ? join_transaction+0x41b/0xd60
[  338.330335][ T5619]  ? btrfs_record_root_in_trans+0x91/0x180
[  338.332632][ T5619]  ? start_transaction+0x439/0x1600
[  338.334749][ T5619]  prepare_to_relocate+0x39f/0x490
[  338.336787][ T5619]  relocate_block_group+0x132/0xd70
[  338.338863][ T5619]  ? btrfs_relocate_block_group+0x6b3/0xc60
[  338.341293][ T5619]  ? btrfs_wait_ordered_roots+0x63a/0x6b0
[  338.343607][ T5619]  ? __pfx___mutex_lock+0x10/0x10
[  338.345790][ T5619]  ? __pfx_relocate_block_group+0x10/0x10
[  338.348283][ T5619]  ? btrfs_relocate_block_group+0x473/0xc60
[  338.350801][ T5619]  ? kmem_cache_free+0x192/0x670
[  338.352882][ T5619]  btrfs_relocate_block_group+0x6bc/0xc60
[  338.355418][ T5619]  btrfs_relocate_chunk+0x12f/0x5c0
[  338.357672][ T5619]  __btrfs_balance+0x1860/0x23f0
[  338.360050][ T5619]  ? __pfx___btrfs_balance+0x10/0x10
[  338.362325][ T5619]  ? __wait_for_common+0x670/0x710
[  338.364301][ T5619]  ? do_raw_spin_unlock+0x4d/0x240
[  338.366291][ T5619]  btrfs_balance+0xac2/0x11b0
[  338.368233][ T5619]  btrfs_ioctl_balance+0x3d3/0x610
[  338.370435][ T5619]  ? btrfs_ioctl+0xb19/0xd00
[  338.372343][ T5619]  ? __pfx_btrfs_ioctl+0x10/0x10
[  338.374325][ T5619]  __se_sys_ioctl+0xfc/0x170
[  338.376225][ T5619]  do_syscall_64+0xfa/0xf80
[  338.378103][ T5619]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.380885][ T5619]  ? clear_bhb_loop+0x60/0xb0
[  338.382943][ T5619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.385440][ T5619] RIP: 0033:0x7f162798f7c9
[  338.387304][ T5619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.395277][ T5619] RSP: 002b:00007f16288c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  338.399077][ T5619] RAX: ffffffffffffffda RBX: 00007f1627be5fa0 RCX: 00007f162798f7c9
[  338.402690][ T5619] RDX: 0000200000000180 RSI: 00000000c4009420 RDI: 0000000000000004
[  338.406001][ T5619] RBP: 00007f1627a13f91 R08: 0000000000000000 R09: 0000000000000000
[  338.409316][ T5619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  338.412727][ T5619] R13: 00007f1627be6038 R14: 00007f1627be5fa0 R15: 00007ffc97d64168
[  338.416255][ T5619]  </TASK>
[  338.417688][ T5619] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  338.420825][ T5619] CPU: 0 UID: 0 PID: 5619 Comm: syz.0.20 Not tainted syzkaller #0 PREEMPT(full) 
[  338.424724][ T5619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  338.429072][ T5619] Call Trace:
[  338.430406][ T5619]  <TASK>
[  338.431586][ T5619]  dump_stack_lvl+0x99/0x250
[  338.433423][ T5619]  ? __asan_memcpy+0x40/0x70
[  338.435469][ T5619]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.437795][ T5619]  ? __pfx__printk+0x10/0x10
[  338.439895][ T5619]  vpanic+0x237/0x6d0
[  338.441665][ T5619]  ? __pfx_vpanic+0x10/0x10
[  338.443688][ T5619]  ? is_bpf_text_address+0x292/0x2b0
[  338.446099][ T5619]  ? is_bpf_text_address+0x26/0x2b0
[  338.448615][ T5619]  panic+0xb9/0xc0
[  338.450508][ T5619]  ? __pfx_panic+0x10/0x10
[  338.452561][ T5619]  __warn+0x317/0x4b0
[  338.454317][ T5619]  __report_bug+0x288/0x500
[  338.456268][ T5619]  ? __pfx___report_bug+0x10/0x10
[  338.458456][ T5619]  ? _btrfs_printk+0x562/0x5b0
[  338.460539][ T5619]  report_bug_entry+0x16a/0x220
[  338.462565][ T5619]  ? btrfs_commit_transaction+0x2f5b/0x3950
[  338.465122][ T5619]  ? btrfs_commit_transaction+0x2f60/0x3950
[  338.467751][ T5619]  handle_bug+0xca/0x200
[  338.469577][ T5619]  exc_invalid_op+0x1a/0x50
[  338.471542][ T5619]  asm_exc_invalid_op+0x1a/0x20
[  338.473624][ T5619] RIP: 0010:btrfs_commit_transaction+0x2f5b/0x3950
[  338.476398][ T5619] Code: 07 e8 69 ce f1 fd eb 7d e8 82 be d7 fd 84 c0 74 25 e8 59 ce f1 fd eb 6d e8 52 ce f1 fd 48 8d 3d 7b c4 b9 0b 8b 5c 24 18 89 de <67> 48 0f b9 3a 89 d9 e9 1a 01 00 00 e8 04 28 79 07 89 c3 31 ff 89
[  338.484644][ T5619] RSP: 0018:ffffc9000cc3f4e0 EFLAGS: 00010293
[  338.487342][ T5619] RAX: ffffffff83cf3fde RBX: 00000000ffffffe4 RCX: ffff888000cc8000
[  338.490820][ T5619] RDX: 0000000000000000 RSI: 00000000ffffffe4 RDI: ffffffff8f890460
[  338.494076][ T5619] RBP: ffffc9000cc3f808 R08: ffff888000cc8000 R09: 0000000000000003
[  338.497502][ T5619] R10: 00000000fffffffb R11: 0000000000000000 R12: ffff888000cc92b8
[  338.500971][ T5619] R13: ffff8880534cc000 R14: ffff8880534cc000 R15: 0000000000000000
[  338.504320][ T5619]  ? btrfs_commit_transaction+0x2f4e/0x3950
[  338.506922][ T5619]  ? btrfs_commit_transaction+0x161/0x3950
[  338.509978][ T5619]  ? __pfx_btrfs_commit_transaction+0x10/0x10
[  338.512714][ T5619]  ? join_transaction+0x41b/0xd60
[  338.514829][ T5619]  ? do_raw_spin_unlock+0x4d/0x240
[  338.517077][ T5619]  ? join_transaction+0x41b/0xd60
[  338.519263][ T5619]  ? btrfs_record_root_in_trans+0x91/0x180
[  338.521765][ T5619]  ? start_transaction+0x439/0x1600
[  338.523979][ T5619]  prepare_to_relocate+0x39f/0x490
[  338.526140][ T5619]  relocate_block_group+0x132/0xd70
[  338.528234][ T5619]  ? btrfs_relocate_block_group+0x6b3/0xc60
[  338.530811][ T5619]  ? btrfs_wait_ordered_roots+0x63a/0x6b0
[  338.533228][ T5619]  ? __pfx___mutex_lock+0x10/0x10
[  338.535504][ T5619]  ? __pfx_relocate_block_group+0x10/0x10
[  338.538171][ T5619]  ? btrfs_relocate_block_group+0x473/0xc60
[  338.540714][ T5619]  ? kmem_cache_free+0x192/0x670
[  338.542801][ T5619]  btrfs_relocate_block_group+0x6bc/0xc60
[  338.545312][ T5619]  btrfs_relocate_chunk+0x12f/0x5c0
[  338.547601][ T5619]  __btrfs_balance+0x1860/0x23f0
[  338.549797][ T5619]  ? __pfx___btrfs_balance+0x10/0x10
[  338.552245][ T5619]  ? __wait_for_common+0x670/0x710
[  338.554541][ T5619]  ? do_raw_spin_unlock+0x4d/0x240
[  338.556814][ T5619]  btrfs_balance+0xac2/0x11b0
[  338.558947][ T5619]  btrfs_ioctl_balance+0x3d3/0x610
[  338.561259][ T5619]  ? btrfs_ioctl+0xb19/0xd00
[  338.563373][ T5619]  ? __pfx_btrfs_ioctl+0x10/0x10
[  338.565412][ T5619]  __se_sys_ioctl+0xfc/0x170
[  338.567421][ T5619]  do_syscall_64+0xfa/0xf80
[  338.569083][ T5619]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.571432][ T5619]  ? clear_bhb_loop+0x60/0xb0
[  338.573168][ T5619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.575456][ T5619] RIP: 0033:0x7f162798f7c9
[  338.577276][ T5619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.584784][ T5619] RSP: 002b:00007f16288c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  338.588279][ T5619] RAX: ffffffffffffffda RBX: 00007f1627be5fa0 RCX: 00007f162798f7c9
[  338.591551][ T5619] RDX: 0000200000000180 RSI: 00000000c4009420 RDI: 0000000000000004
[  338.594896][ T5619] RBP: 00007f1627a13f91 R08: 0000000000000000 R09: 0000000000000000
[  338.598366][ T5619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  338.601702][ T5619] R13: 00007f1627be6038 R14: 00007f1627be5fa0 R15: 00007ffc97d64168
[  338.604973][ T5619]  </TASK>
[  338.606653][ T5619] Kernel Offset: disabled
[  338.608666][ T5619] Rebooting in 86400 seconds..