./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1213008660 <...> Warning: Permanently added '10.128.0.92' (ECDSA) to the list of known hosts. execve("./syz-executor1213008660", ["./syz-executor1213008660"], 0x7ffdad885ee0 /* 10 vars */) = 0 brk(NULL) = 0x555555e33000 brk(0x555555e33c40) = 0x555555e33c40 arch_prctl(ARCH_SET_FS, 0x555555e33300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1213008660", 4096) = 28 brk(0x555555e54c40) = 0x555555e54c40 brk(0x555555e55000) = 0x555555e55000 mprotect(0x7fe154c82000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe14c7c4000 [ 55.247672][ T4991] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4991 'syz-executor121' write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 munmap(0x7fe14c7c4000, 16777216) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file0", 0777) = 0 [ 55.389793][ T4991] loop0: detected capacity change from 0 to 32768 [ 55.430849][ T4991] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor121 (4991) [ 55.449210][ T4991] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 55.458142][ T4991] BTRFS info (device loop0): setting nodatacow, compression disabled [ 55.466303][ T4991] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 55.477539][ T4991] BTRFS info (device loop0): trying to use backup root at mount time [ 55.485784][ T4991] BTRFS info (device loop0): enabling ssd optimizations [ 55.492813][ T4991] BTRFS info (device loop0): using spread ssd allocation scheme [ 55.500538][ T4991] BTRFS info (device loop0): doing ref verification [ 55.507142][ T4991] BTRFS info (device loop0): force zlib compression, level 3 [ 55.514733][ T4991] BTRFS info (device loop0): turning on flush-on-commit [ 55.521723][ T4991] BTRFS info (device loop0): using free space tree [ 55.538801][ T56] BTRFS warning (device loop0): checksum verify failed on logical 5292032 mirror 1 wanted 0xe145e4ee found 0x08ac1e56 level 0 [ 55.552170][ T4991] BTRFS warning (device loop0): failed to read root (objectid=9): -5 [ 55.560681][ T56] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x2b37798c level 0 [ 55.574179][ T4991] BTRFS warning (device loop0): couldn't read tree root [ 55.581578][ T2844] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 55.592082][ T4991] BTRFS warning (device loop0): couldn't read tree root [ 55.599691][ T4991] assertion failed: !tmp, in fs/btrfs/disk-io.c:1002 [ 55.606539][ T4991] ------------[ cut here ]------------ [ 55.612048][ T4991] kernel BUG at fs/btrfs/messages.c:259! [ 55.617713][ T4991] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 55.623763][ T4991] CPU: 1 PID: 4991 Comm: syz-executor121 Not tainted 6.4.0-rc2-syzkaller-00015-g1b66c114d161 #0 [ 55.634177][ T4991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023 [ 55.644214][ T4991] RIP: 0010:btrfs_assertfail+0x18/0x20 [ 55.649673][ T4991] Code: df e8 8c ef 35 f7 e9 50 fb ff ff e8 b2 90 01 00 66 90 66 0f 1f 00 89 d1 48 89 f2 48 89 fe 48 c7 c7 40 33 2c 8b e8 c8 60 ff ff <0f> 0b 66 0f 1f 44 00 00 66 0f 1f 00 53 48 89 fb e8 03 1e de f6 48 [ 55.669269][ T4991] RSP: 0018:ffffc90003a4f428 EFLAGS: 00010246 [ 55.675319][ T4991] RAX: 0000000000000032 RBX: 0000000000000000 RCX: 0d2d179c15b75400 [ 55.683290][ T4991] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 55.691262][ T4991] RBP: ffff8880284200a0 R08: ffffffff816efdbc R09: ffffed1017325163 [ 55.699224][ T4991] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 55.707182][ T4991] R13: ffff88807917c1f7 R14: ffff88807c296000 R15: ffff88807c296000 [ 55.715147][ T4991] FS: 0000555555e33300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 55.724067][ T4991] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 55.730645][ T4991] CR2: 00007ffe0aaf7000 CR3: 000000007b138000 CR4: 00000000003506e0 [ 55.738610][ T4991] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 55.747283][ T4991] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 55.755425][ T4991] Call Trace: [ 55.758699][ T4991] [ 55.761621][ T4991] btrfs_global_root_insert+0x1ac/0x1b0 [ 55.767166][ T4991] load_global_roots_objectid+0x469/0x8c0 [ 55.772914][ T4991] ? btree_migrate_folio+0x200/0x200 [ 55.778279][ T4991] ? rcu_is_watching+0x15/0xb0 [ 55.783035][ T4991] ? init_tree_roots+0xa0a/0x1f80 [ 55.788053][ T4991] init_tree_roots+0xa2e/0x1f80 [ 55.792901][ T4991] ? open_ctree+0x2fa0/0x2fa0 [ 55.797566][ T4991] ? free_fs_devices+0x260/0x270 [ 55.802496][ T4991] ? __asan_memcpy+0x40/0x70 [ 55.807086][ T4991] ? read_extent_buffer+0x1f0/0x2a0 [ 55.812274][ T4991] open_ctree+0x1b26/0x2fa0 [ 55.816767][ T4991] ? rcu_is_watching+0x15/0xb0 [ 55.821528][ T4991] ? btrfs_ctree_exit+0x20/0x20 [ 55.826365][ T4991] ? vscnprintf+0x80/0x80 [ 55.830687][ T4991] btrfs_fill_super+0x1c7/0x2f0 [ 55.835542][ T4991] btrfs_mount_root+0x80f/0x950 [ 55.840387][ T4991] ? btrfs_control_open+0x40/0x40 [ 55.845402][ T4991] ? vfs_parse_fs_string+0x190/0x230 [ 55.850678][ T4991] ? rcu_is_watching+0x15/0xb0 [ 55.855473][ T4991] ? kfree+0x31/0x1a0 [ 55.859469][ T4991] ? vfs_parse_fs_string+0x190/0x230 [ 55.864766][ T4991] ? vfs_parse_fs_param+0x410/0x410 [ 55.869977][ T4991] legacy_get_tree+0xef/0x190 [ 55.874665][ T4991] ? btrfs_control_open+0x40/0x40 [ 55.879684][ T4991] vfs_get_tree+0x8c/0x270 [ 55.884094][ T4991] vfs_kern_mount+0xbc/0x150 [ 55.888681][ T4991] btrfs_mount+0x39f/0xb50 [ 55.893090][ T4991] ? btrfs_clear_sb_rdonly+0x70/0x70 [ 55.898382][ T4991] ? legacy_parse_param+0x3e8/0x8a0 [ 55.903576][ T4991] ? vfs_parse_fs_string+0x190/0x230 [ 55.908869][ T4991] ? rcu_is_watching+0x15/0xb0 [ 55.913638][ T4991] ? kfree+0x31/0x1a0 [ 55.917618][ T4991] ? vfs_parse_fs_string+0x190/0x230 [ 55.922896][ T4991] ? vfs_parse_fs_param+0x410/0x410 [ 55.928089][ T4991] ? cap_capable+0x1b4/0x240 [ 55.932670][ T4991] legacy_get_tree+0xef/0x190 [ 55.937336][ T4991] ? btrfs_clear_sb_rdonly+0x70/0x70 [ 55.942615][ T4991] vfs_get_tree+0x8c/0x270 [ 55.947024][ T4991] do_new_mount+0x28f/0xae0 [ 55.951523][ T4991] ? path_mount+0x5f2/0xf80 [ 55.956029][ T4991] ? do_move_mount_old+0x170/0x170 [ 55.961139][ T4991] ? user_path_at_empty+0x12f/0x180 [ 55.966328][ T4991] __se_sys_mount+0x2d9/0x3c0 [ 55.971020][ T4991] ? __x64_sys_mount+0xc0/0xc0 [ 55.975776][ T4991] ? syscall_enter_from_user_mode+0x32/0x230 [ 55.981767][ T4991] ? __x64_sys_mount+0x20/0xc0 [ 55.986522][ T4991] do_syscall_64+0x41/0xc0 [ 55.990934][ T4991] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 55.996839][ T4991] RIP: 0033:0x7fe154c11c9a [ 56.001291][ T4991] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 56.020912][ T4991] RSP: 002b:00007ffe0aaf64a8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 56.029358][ T4991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fe154c11c9a [ 56.037342][ T4991] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 00007ffe0aaf64c0 [ 56.045312][ T4991] RBP: 00007ffe0aaf64c0 R08: 00007ffe0aaf6500 R09: 00007ffe0aaf6530 [ 56.053277][ T4991] R10: 0000000000800014 R11: 0000000000000282 R12: 0000000000000004 [ 56.061239][ T4991] R13: 0000555555e332c0 R14: 0000000000800014 R15: 00007ffe0aaf6500 [ 56.069221][ T4991] [ 56.072226][ T4991] Modules linked in: [ 56.076448][ T4991] ---[ end trace 0000000000000000 ]--- [ 56.081960][ T4991] RIP: 0010:btrfs_assertfail+0x18/0x20 [ 56.087460][ T4991] Code: df e8 8c ef 35 f7 e9 50 fb ff ff e8 b2 90 01 00 66 90 66 0f 1f 00 89 d1 48 89 f2 48 89 fe 48 c7 c7 40 33 2c 8b e8 c8 60 ff ff <0f> 0b 66 0f 1f 44 00 00 66 0f 1f 00 53 48 89 fb e8 03 1e de f6 48 [ 56.107104][ T4991] RSP: 0018:ffffc90003a4f428 EFLAGS: 00010246 [ 56.113246][ T4991] RAX: 0000000000000032 RBX: 0000000000000000 RCX: 0d2d179c15b75400 [ 56.121233][ T4991] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 56.129214][ T4991] RBP: ffff8880284200a0 R08: ffffffff816efdbc R09: ffffed1017325163 [ 56.137186][ T4991] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 56.145175][ T4991] R13: ffff88807917c1f7 R14: ffff88807c296000 R15: ffff88807c296000 [ 56.153164][ T4991] FS: 0000555555e33300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 56.162111][ T4991] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 56.168706][ T4991] CR2: 00007ffe0aaf7000 CR3: 000000007b138000 CR4: 00000000003506e0 [ 56.176662][ T4991] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 56.184650][ T4991] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 56.192644][ T4991] Kernel panic - not syncing: Fatal exception [ 56.198983][ T4991] Kernel Offset: disabled [ 56.203312][ T4991] Rebooting in 86400 seconds..