./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4077270478 <...> Warning: Permanently added '10.128.1.101' (ED25519) to the list of known hosts. execve("./syz-executor4077270478", ["./syz-executor4077270478"], 0x7ffd20e290d0 /* 10 vars */) = 0 brk(NULL) = 0x55557abef000 brk(0x55557abefd00) = 0x55557abefd00 arch_prctl(ARCH_SET_FS, 0x55557abef380) = 0 set_tid_address(0x55557abef650) = 5781 set_robust_list(0x55557abef660, 24) = 0 rseq(0x55557abefca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4077270478", 4096) = 28 getrandom("\x8f\xc4\xc0\xbc\x9a\xac\xf9\x54", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55557abefd00 brk(0x55557ac10d00) = 0x55557ac10d00 brk(0x55557ac11000) = 0x55557ac11000 mprotect(0x7f2b81535000, 16384, PROT_READ) = 0 mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000 mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000 mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557abef650) = 5782 ./strace-static-x86_64: Process 5782 attached [pid 5782] set_robust_list(0x55557abef660, 24) = 0 [pid 5782] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5782] setpgid(0, 0) = 0 [pid 5782] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5782] write(3, "1000", 4) = 4 [pid 5782] close(3) = 0 [pid 5782] write(1, "executing program\n", 18executing program ) = 18 [pid 5782] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=139}, NULL) = 0 [pid 5782] sched_setscheduler(0, SCHED_RR, [4]) = 0 [pid 5782] memfd_create("syzkaller", 0) = 3 [pid 5782] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2b79000000 [pid 5782] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5782] munmap(0x7f2b79000000, 138412032) = 0 [pid 5782] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5782] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5782] close(3) = 0 [pid 5782] close(4) = 0 [pid 5782] mkdir("./file0", 0777) = 0 [ 209.381746][ T5782] loop0: detected capacity change from 0 to 32768 [ 209.529023][ T5782] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io [ 209.552020][ T5782] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 209.561740][ T5782] bcachefs (loop0): Version upgrade required: [ 209.561740][ T5782] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 209.561740][ T5782] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 209.561740][ T5782] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 209.637037][ T5782] bcachefs (loop0): dropping and reconstructing all alloc info [ 209.687721][ T5782] bcachefs (loop0): accounting_read... done [ 209.694777][ T5782] bcachefs (loop0): alloc_read... done [ 209.700864][ T5782] bcachefs (loop0): stripes_read... done [ 209.706934][ T5782] bcachefs (loop0): snapshots_read... done [pid 5782] mount("/dev/loop0", "./file0", "bcachefs", MS_POSIXACL|MS_I_VERSION, "\x6a\x6f\x75\x72\x6e\x61\x6c\x5f\x74\x72\x61\x6e\x73\x61\x63\x74\x69\x6f\x6e\x5f\x6e\x61\x6d\x65\x73\x2c\x62\x74\x72\x65\x65\x5f\x6e\x6f\x64\x65\x5f\x0d\xcb\xcc\x28\xb5\xef\x6f\x8b\x2c\x6a\x6f\x75\x72\x6e\x61\x6c\x5f\x66\x6c\x75\x73\x68\x5f\x64\x69\x73\x61\x62\x6c\x65\x64\x2c\x66\x73\x63\x6b\x2c\x6a\x6f\x75\x72\x6e\x61\x6c\x5f\x66\x6c\x75\x73\x68\x5f\x64\x69\x73\x61\x62\x6c\x65\x64\x2c\x72\x61\x74"...) = 0 [pid 5782] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5782] chdir("./file0") = 0 [pid 5782] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5782] ioctl(4, LOOP_CLR_FD) = 0 [pid 5782] close(4) = 0 [pid 5782] chdir("./file0") = 0 [pid 5782] openat(AT_FDCWD, "./file0", O_WRONLY|O_APPEND|O_SYNC|O_NOATIME|O_CLOEXEC) = 4 [ 209.713384][ T5782] bcachefs (loop0): check_allocations... done [ 209.806589][ T5782] bcachefs (loop0): going read-write [ 209.825085][ T5782] bcachefs (loop0): done starting filesystem [ 210.003825][ T5782] ===================================================== [ 210.011107][ T5782] BUG: KMSAN: uninit-value in bch2_extent_crc_append+0x7c2/0x830 [ 210.018972][ T5782] bch2_extent_crc_append+0x7c2/0x830 [ 210.024684][ T5782] init_append_extent+0x466/0x1050 [ 210.030068][ T5782] __bch2_write+0x54a9/0x8490 [ 210.035063][ T5782] bch2_write+0xc98/0x1af0 [ 210.039650][ T5782] bch2_writepages+0x24a/0x3c0 [ 210.044831][ T5782] do_writepages+0x427/0xc30 [ 210.049657][ T5782] file_write_and_wait_range+0x6f2/0x7b0 [ 210.055566][ T5782] bch2_fsync+0xb6/0x510 [ 210.059993][ T5782] vfs_fsync_range+0x1f9/0x260 [ 210.065048][ T5782] bch2_write_iter+0x4dce/0x50f0 [ 210.070425][ T5782] vfs_write+0xb34/0x1540 [ 210.074909][ T5782] ksys_write+0x240/0x4b0 [ 210.079423][ T5782] __x64_sys_write+0x93/0xe0 [ 210.084342][ T5782] x64_sys_call+0x3161/0x3c30 [ 210.089226][ T5782] do_syscall_64+0xcd/0x1e0 [ 210.094144][ T5782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.100431][ T5782] [ 210.102857][ T5782] Uninit was stored to memory at: [ 210.108052][ T5782] bch2_extent_crc_pack+0x686/0x6b0 [ 210.113495][ T5782] bch2_extent_crc_append+0x645/0x830 [ 210.119073][ T5782] init_append_extent+0x466/0x1050 [ 210.124491][ T5782] __bch2_write+0x54a9/0x8490 [ 210.129397][ T5782] bch2_write+0xc98/0x1af0 [ 210.134084][ T5782] bch2_writepages+0x24a/0x3c0 [ 210.139047][ T5782] do_writepages+0x427/0xc30 [ 210.143964][ T5782] file_write_and_wait_range+0x6f2/0x7b0 [ 210.149869][ T5782] bch2_fsync+0xb6/0x510 [ 210.154347][ T5782] vfs_fsync_range+0x1f9/0x260 [ 210.159337][ T5782] bch2_write_iter+0x4dce/0x50f0 [ 210.164606][ T5782] vfs_write+0xb34/0x1540 [ 210.169130][ T5782] ksys_write+0x240/0x4b0 [ 210.173736][ T5782] __x64_sys_write+0x93/0xe0 [ 210.178613][ T5782] x64_sys_call+0x3161/0x3c30 [ 210.184110][ T5782] do_syscall_64+0xcd/0x1e0 [ 210.188944][ T5782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.195114][ T5782] [ 210.197571][ T5782] Uninit was created at: [ 210.202315][ T5782] __alloc_frozen_pages_noprof+0x9a7/0xe00 [ 210.208399][ T5782] alloc_pages_mpol+0x4cd/0x890 [ 210.213653][ T5782] alloc_frozen_pages_noprof+0x1bf/0x1e0 [ 210.219592][ T5782] allocate_slab+0x23a/0x1110 [ 210.224580][ T5782] ___slab_alloc+0x1287/0x3540 [ 210.229568][ T5782] kmem_cache_alloc_noprof+0x84e/0xe10 [ 210.235290][ T5782] mempool_alloc_slab+0x36/0x50 [ 210.240482][ T5782] mempool_init_node+0x202/0x4d0 [ 210.245643][ T5782] mempool_init_noprof+0x57/0x70 [ 210.250913][ T5782] bioset_init+0x279/0xb30 [ 210.257735][ T5782] bch2_fs_fs_io_buffered_init+0x4a/0xc0 [ 210.264314][ T5782] bch2_fs_open+0x5654/0x5ba0 [ 210.269231][ T5782] bch2_fs_get_tree+0x98a/0x24e0 [ 210.274439][ T5782] vfs_get_tree+0xb1/0x5a0 [ 210.279109][ T5782] do_new_mount+0x71f/0x15e0 [ 210.284074][ T5782] path_mount+0x742/0x1f10 [ 210.288700][ T5782] __se_sys_mount+0x71f/0x800 [ 210.293677][ T5782] __x64_sys_mount+0xe4/0x150 [ 210.298573][ T5782] x64_sys_call+0x39bf/0x3c30 [ 210.303570][ T5782] do_syscall_64+0xcd/0x1e0 [ 210.308276][ T5782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.314442][ T5782] [ 210.316920][ T5782] CPU: 0 UID: 0 PID: 5782 Comm: syz-executor407 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0 [ 210.328529][ T5782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 210.338835][ T5782] ===================================================== [ 210.345987][ T5782] Disabling lock debugging due to kernel taint [ 210.352328][ T5782] Kernel panic - not syncing: kmsan.panic set ... [ 210.358941][ T5782] CPU: 0 UID: 0 PID: 5782 Comm: syz-executor407 Tainted: G B 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0 [ 210.371719][ T5782] Tainted: [B]=BAD_PAGE [ 210.375950][ T5782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 210.386175][ T5782] Call Trace: [ 210.389566][ T5782] [ 210.392580][ T5782] dump_stack_lvl+0x216/0x2d0 [ 210.397423][ T5782] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 210.403411][ T5782] dump_stack+0x1e/0x24 [ 210.407689][ T5782] panic+0x4e2/0xcf0 [ 210.411771][ T5782] ? kmsan_get_metadata+0x61/0x1c0 [ 210.417127][ T5782] kmsan_report+0x2c7/0x2d0 [ 210.421773][ T5782] ? kmsan_internal_chain_origin+0x57/0xd0 [ 210.427750][ T5782] ? bch2_writepages+0x24a/0x3c0 [ 210.432865][ T5782] ? vfs_fsync_range+0x1f9/0x260 [ 210.438137][ T5782] ? bch2_write_iter+0x4dce/0x50f0 [ 210.443393][ T5782] ? vfs_write+0xb34/0x1540 [ 210.448058][ T5782] ? ksys_write+0x240/0x4b0 [ 210.452733][ T5782] ? __x64_sys_write+0x93/0xe0 [ 210.457626][ T5782] ? __msan_warning+0x95/0x120 [ 210.462526][ T5782] ? bch2_extent_crc_append+0x7c2/0x830 [ 210.468208][ T5782] ? init_append_extent+0x466/0x1050 [ 210.473783][ T5782] ? __bch2_write+0x54a9/0x8490 [ 210.478791][ T5782] ? bch2_write+0xc98/0x1af0 [ 210.483621][ T5782] ? bch2_writepages+0x24a/0x3c0 [ 210.488720][ T5782] ? do_writepages+0x427/0xc30 [ 210.493651][ T5782] ? file_write_and_wait_range+0x6f2/0x7b0 [ 210.499725][ T5782] ? bch2_fsync+0xb6/0x510 [ 210.504265][ T5782] ? vfs_fsync_range+0x1f9/0x260 [ 210.509363][ T5782] ? bch2_write_iter+0x4dce/0x50f0 [ 210.514614][ T5782] ? vfs_write+0xb34/0x1540 [ 210.519354][ T5782] ? ksys_write+0x240/0x4b0 [ 210.523992][ T5782] ? __x64_sys_write+0x93/0xe0 [ 210.528919][ T5782] ? x64_sys_call+0x3161/0x3c30 [ 210.533979][ T5782] ? do_syscall_64+0xcd/0x1e0 [ 210.538796][ T5782] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.545030][ T5782] ? kmsan_get_metadata+0x13e/0x1c0 [ 210.550403][ T5782] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 210.556994][ T5782] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 210.563250][ T5782] ? __msan_memset+0xf5/0x1b0 [ 210.568178][ T5782] ? kmsan_get_metadata+0x13e/0x1c0 [ 210.573559][ T5782] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 210.579529][ T5782] ? bch2_extent_crc_pack+0x5fd/0x6b0 [ 210.585036][ T5782] ? kmsan_get_metadata+0x13e/0x1c0 [ 210.590443][ T5782] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 210.596439][ T5782] __msan_warning+0x95/0x120 [ 210.601175][ T5782] bch2_extent_crc_append+0x7c2/0x830 [ 210.606705][ T5782] init_append_extent+0x466/0x1050 [ 210.611992][ T5782] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 210.618403][ T5782] __bch2_write+0x54a9/0x8490 [ 210.623385][ T5782] bch2_write+0xc98/0x1af0 [ 210.627962][ T5782] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 210.633979][ T5782] bch2_writepages+0x24a/0x3c0 [ 210.638967][ T5782] ? __pfx_bch2_writepages+0x10/0x10 [ 210.644394][ T5782] do_writepages+0x427/0xc30 [ 210.649151][ T5782] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 210.655134][ T5782] ? _raw_spin_unlock+0x30/0x50 [ 210.660168][ T5782] file_write_and_wait_range+0x6f2/0x7b0 [ 210.666091][ T5782] bch2_fsync+0xb6/0x510 [ 210.670476][ T5782] ? __pfx_bch2_fsync+0x10/0x10 [ 210.675538][ T5782] vfs_fsync_range+0x1f9/0x260 [ 210.680487][ T5782] bch2_write_iter+0x4dce/0x50f0 [ 210.685669][ T5782] ? kmsan_get_metadata+0x13e/0x1c0 [ 210.691070][ T5782] vfs_write+0xb34/0x1540 [ 210.695547][ T5782] ? __pfx_bch2_write_iter+0x10/0x10 [ 210.700984][ T5782] ksys_write+0x240/0x4b0 [ 210.705456][ T5782] ? kmsan_get_metadata+0x13e/0x1c0 [ 210.710823][ T5782] __x64_sys_write+0x93/0xe0 [ 210.715590][ T5782] x64_sys_call+0x3161/0x3c30 [ 210.720494][ T5782] do_syscall_64+0xcd/0x1e0 [ 210.725183][ T5782] ? clear_bhb_loop+0x25/0x80 [ 210.730057][ T5782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.736160][ T5782] RIP: 0033:0x7f2b814bcb59 [ 210.740719][ T5782] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 210.760639][ T5782] RSP: 002b:00007ffcd2333518 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 210.769249][ T5782] RAX: ffffffffffffffda RBX: 0000400000000280 RCX: 00007f2b814bcb59 [ 210.777359][ T5782] RDX: 000000007ffff000 RSI: 0000400000004200 RDI: 0000000000000004 [ 210.786373][ T5782] RBP: 0030656c69662f2e R08: 000055557abf04c0 R09: 000055557abf04c0 [ 210.795911][ T5782] R10: 000055557abf04c0 R11: 0000000000000246 R12: 00007ffcd2333540 [ 210.804005][ T5782] R13: 00007ffcd2333768 R14: 431bde82d7b634db R15: 00007f2b8150503b [ 210.812123][ T5782] [ 210.815606][ T5782] Kernel Offset: disabled [ 210.820032][ T5782] Rebooting in 86400 seconds..