./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2395689240

<...>
Warning: Permanently added '10.128.1.155' (ED25519) to the list of known hosts.
execve("./syz-executor2395689240", ["./syz-executor2395689240"], 0x7ffca6888910 /* 10 vars */) = 0
brk(NULL)                               = 0x5555930ee000
brk(0x5555930eed00)                     = 0x5555930eed00
arch_prctl(ARCH_SET_FS, 0x5555930ee380) = 0
set_tid_address(0x5555930ee650)         = 5836
set_robust_list(0x5555930ee660, 24)     = 0
rseq(0x5555930eeca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2395689240", 4096) = 28
getrandom("\xe4\xcc\x83\x29\xd3\x9f\x76\x2c", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555930eed00
brk(0x55559310fd00)                     = 0x55559310fd00
brk(0x555593110000)                     = 0x555593110000
mprotect(0x7fac9fde4000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./syzkaller.PCxmn6", 0700)       = 0
chmod("./syzkaller.PCxmn6", 0777)       = 0
chdir("./syzkaller.PCxmn6")             = 0
mkdir("./0", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555930ee650) = 5838
./strace-static-x86_64: Process 5838 attached
[pid  5838] set_robust_list(0x5555930ee660, 24) = 0
[pid  5838] chdir("./0")                = 0
[pid  5838] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5838] setpgid(0, 0)               = 0
[pid  5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5838] write(3, "1000", 4)         = 4
[pid  5838] close(3)                    = 0
[pid  5838] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5838] write(1, "executing program\n", 18) = 18
[pid  5838] memfd_create("syzkaller", 0) = 3
[pid  5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5838] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5838] munmap(0x7fac97800000, 138412032) = 0
[pid  5838] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5838] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5838] close(3)                    = 0
[pid  5838] close(4)                    = 0
[pid  5838] mkdir("./file1", 0777)      = 0
[   80.540771][ T5838] loop0: detected capacity change from 0 to 32768
[   80.636902][ T5838] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[   80.658369][ T5838] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   80.666856][ T5838] bcachefs (loop0): Version upgrade required:
[   80.666856][ T5838] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   80.666856][ T5838] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[   80.666856][ T5838]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   80.740754][ T5838] bcachefs (loop0): dropping and reconstructing all alloc info
[   80.760408][ T5838] bcachefs (loop0): check_topology... done
[   80.766318][ T5838] bcachefs (loop0): accounting_read... done
[   80.773235][ T5838] bcachefs (loop0): alloc_read... done
[   80.778902][ T5838] bcachefs (loop0): stripes_read... done
[   80.784617][ T5838] bcachefs (loop0): snapshots_read... done
[pid  5838] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5838] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5838] chdir("./file1")            = 0
[   80.790919][ T5838] bcachefs (loop0): check_allocations... done
[   80.818344][ T5838] bcachefs (loop0): going read-write
[   80.828516][ T5838] bcachefs (loop0): done starting filesystem
[pid  5838] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5838] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5838] close(4)                    = 0
[pid  5838] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5838] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5838] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5838] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5838] exit_group(0)               = ?
[pid  5838] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5838, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=34 /* 0.34 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs")                  = 0
[   80.919711][ T5838] syz-executor239 (5838) used greatest stack depth: 16288 bytes left
[   80.956925][ T5836] bcachefs (loop0): shutting down
[   80.962121][ T5836] bcachefs (loop0): going read-only
[   80.968447][ T5836] bcachefs (loop0): finished waiting for writes to stop
[   80.978147][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[   81.007416][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 18
[   81.019650][ T5836] bcachefs (loop0): unshutdown complete, journal seq 19
[   81.028005][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[   81.052054][ T5836] bcachefs (loop0): shutdown complete
umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./0/file1")                      = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./0")                            = 0
mkdir("./1", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5850 attached
, child_tidptr=0x5555930ee650) = 5850
[pid  5850] set_robust_list(0x5555930ee660, 24) = 0
[pid  5850] chdir("./1")                = 0
[pid  5850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5850] setpgid(0, 0)               = 0
[pid  5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5850] write(3, "1000", 4)         = 4
[pid  5850] close(3)                    = 0
[pid  5850] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5850] write(1, "executing program\n", 18) = 18
[pid  5850] memfd_create("syzkaller", 0) = 3
[pid  5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5850] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5850] munmap(0x7fac97800000, 138412032) = 0
[pid  5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5850] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5850] close(3)                    = 0
[pid  5850] close(4)                    = 0
[pid  5850] mkdir("./file1", 0777)      = 0
[   82.666679][ T5850] loop0: detected capacity change from 0 to 32768
[   82.753034][ T5850] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[   82.774403][ T5850] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   82.782929][ T5850] bcachefs (loop0): Version upgrade required:
[   82.782929][ T5850] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   82.782929][ T5850] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[   82.782929][ T5850]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   82.855435][ T5850] bcachefs (loop0): dropping and reconstructing all alloc info
[   82.873632][ T5850] bcachefs (loop0): check_topology... done
[   82.879623][ T5850] bcachefs (loop0): accounting_read... done
[   82.886087][ T5850] bcachefs (loop0): alloc_read... done
[   82.891834][ T5850] bcachefs (loop0): stripes_read... done
[   82.897766][ T5850] bcachefs (loop0): snapshots_read... done
[pid  5850] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5850] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5850] chdir("./file1")            = 0
[pid  5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5850] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5850] close(4)                    = 0
[pid  5850] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5850] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5850] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[   82.903700][ T5850] bcachefs (loop0): check_allocations... done
[   82.929432][ T5850] bcachefs (loop0): going read-write
[   82.939679][ T5850] bcachefs (loop0): done starting filesystem
[pid  5850] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5850] exit_group(0)               = ?
[pid  5850] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=34 /* 0.34 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[   83.008744][ T5850] syz-executor239 (5850) used greatest stack depth: 16056 bytes left
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs")                  = 0
[   83.104631][ T5836] bcachefs (loop0): shutting down
[   83.109926][ T5836] bcachefs (loop0): going read-only
[   83.115173][ T5836] bcachefs (loop0): finished waiting for writes to stop
[   83.123407][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[   83.147544][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 16
[   83.160604][ T5836] bcachefs (loop0): unshutdown complete, journal seq 17
[   83.168616][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[   83.188743][ T5836] bcachefs (loop0): shutdown complete
umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./1/file1")                      = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./1")                            = 0
mkdir("./2", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5862 attached
 <unfinished ...>
[pid  5862] set_robust_list(0x5555930ee660, 24) = 0
[pid  5836] <... clone resumed>, child_tidptr=0x5555930ee650) = 5862
[pid  5862] chdir("./2")                = 0
[pid  5862] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5862] setpgid(0, 0)               = 0
[pid  5862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5862] write(3, "1000", 4)         = 4
[pid  5862] close(3)                    = 0
[pid  5862] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5862] write(1, "executing program\n", 18) = 18
[pid  5862] memfd_create("syzkaller", 0) = 3
[pid  5862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5862] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5862] munmap(0x7fac97800000, 138412032) = 0
[pid  5862] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5862] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5862] close(3)                    = 0
[pid  5862] close(4)                    = 0
[pid  5862] mkdir("./file1", 0777)      = 0
[   84.700202][ T5862] loop0: detected capacity change from 0 to 32768
[   84.763973][ T5862] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[   84.786103][ T5862] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   84.794353][ T5862] bcachefs (loop0): Version upgrade required:
[   84.794353][ T5862] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   84.794353][ T5862] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[   84.794353][ T5862]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   84.867118][ T5862] bcachefs (loop0): dropping and reconstructing all alloc info
[   84.884156][ T5862] bcachefs (loop0): check_topology... done
[   84.890279][ T5862] bcachefs (loop0): accounting_read... done
[   84.896752][ T5862] bcachefs (loop0): alloc_read... done
[   84.902342][ T5862] bcachefs (loop0): stripes_read... done
[   84.908079][ T5862] bcachefs (loop0): snapshots_read... done
[pid  5862] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5862] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5862] chdir("./file1")            = 0
[pid  5862] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5862] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5862] close(4)                    = 0
[pid  5862] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5862] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5862] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[   84.914047][ T5862] bcachefs (loop0): check_allocations... done
[   84.938546][ T5862] bcachefs (loop0): going read-write
[   84.947740][ T5862] bcachefs (loop0): done starting filesystem
[pid  5862] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5862] exit_group(0)               = ?
[pid  5862] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5862, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=34 /* 0.34 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs")                  = 0
[   85.105395][ T5836] bcachefs (loop0): shutting down
[   85.110568][ T5836] bcachefs (loop0): going read-only
[   85.115820][ T5836] bcachefs (loop0): finished waiting for writes to stop
[   85.124613][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[   85.147570][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 17
[   85.158774][ T5836] bcachefs (loop0): unshutdown complete, journal seq 18
[   85.166802][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[   85.186737][ T5836] bcachefs (loop0): shutdown complete
umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./2/file1")                      = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./2")                            = 0
mkdir("./3", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5873 attached
 <unfinished ...>
[pid  5873] set_robust_list(0x5555930ee660, 24) = 0
[pid  5836] <... clone resumed>, child_tidptr=0x5555930ee650) = 5873
[pid  5873] chdir("./3")                = 0
[pid  5873] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5873] setpgid(0, 0)               = 0
[pid  5873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5873] write(3, "1000", 4)         = 4
[pid  5873] close(3)                    = 0
[pid  5873] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5873] write(1, "executing program\n", 18executing program
) = 18
[pid  5873] memfd_create("syzkaller", 0) = 3
[pid  5873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5873] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5873] munmap(0x7fac97800000, 138412032) = 0
[pid  5873] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5873] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5873] close(3)                    = 0
[pid  5873] close(4)                    = 0
[pid  5873] mkdir("./file1", 0777)      = 0
[   86.785237][ T5873] loop0: detected capacity change from 0 to 32768
[   86.909620][ T5873] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[   86.931178][ T5873] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   86.939832][ T5873] bcachefs (loop0): Version upgrade required:
[   86.939832][ T5873] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   86.939832][ T5873] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[   86.939832][ T5873]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   87.012914][ T5873] bcachefs (loop0): dropping and reconstructing all alloc info
[   87.032666][ T5873] bcachefs (loop0): check_topology... done
[   87.038855][ T5873] bcachefs (loop0): accounting_read... done
[   87.046093][ T5873] bcachefs (loop0): alloc_read... done
[   87.052264][ T5873] bcachefs (loop0): stripes_read... done
[   87.058552][ T5873] bcachefs (loop0): snapshots_read... done
[pid  5873] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5873] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5873] chdir("./file1")            = 0
[pid  5873] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5873] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5873] close(4)                    = 0
[pid  5873] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[   87.065123][ T5873] bcachefs (loop0): check_allocations... done
[   87.107851][ T5873] bcachefs (loop0): going read-write
[   87.119948][ T5873] bcachefs (loop0): done starting filesystem
[pid  5873] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5873] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5873] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5873] exit_group(0)               = ?
[pid  5873] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5873, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=44 /* 0.44 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs")                  = 0
[   87.352043][ T5836] bcachefs (loop0): shutting down
[   87.357396][ T5836] bcachefs (loop0): going read-only
[   87.362632][ T5836] bcachefs (loop0): finished waiting for writes to stop
[   87.371066][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[   87.395565][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 16
[   87.407383][ T5836] bcachefs (loop0): unshutdown complete, journal seq 17
[   87.415151][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[   87.434570][ T5836] bcachefs (loop0): shutdown complete
umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./3/file1")                      = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./3")                            = 0
mkdir("./4", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5884 attached
, child_tidptr=0x5555930ee650) = 5884
[pid  5884] set_robust_list(0x5555930ee660, 24) = 0
[pid  5884] chdir("./4")                = 0
[pid  5884] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5884] setpgid(0, 0)               = 0
[pid  5884] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5884] write(3, "1000", 4)         = 4
[pid  5884] close(3)                    = 0
[pid  5884] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5884] write(1, "executing program\n", 18) = 18
[pid  5884] memfd_create("syzkaller", 0) = 3
[pid  5884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5884] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5884] munmap(0x7fac97800000, 138412032) = 0
[pid  5884] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5884] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5884] close(3)                    = 0
[pid  5884] close(4)                    = 0
[pid  5884] mkdir("./file1", 0777)      = 0
[   88.840972][ T5884] loop0: detected capacity change from 0 to 32768
[   88.913147][ T5884] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[   88.934682][ T5884] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   88.943043][ T5884] bcachefs (loop0): Version upgrade required:
[   88.943043][ T5884] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   88.943043][ T5884] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[   88.943043][ T5884]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   89.015444][ T5884] bcachefs (loop0): dropping and reconstructing all alloc info
[   89.032291][ T5884] bcachefs (loop0): check_topology... done
[   89.038260][ T5884] bcachefs (loop0): accounting_read... done
[   89.044442][ T5884] bcachefs (loop0): alloc_read... done
[   89.050063][ T5884] bcachefs (loop0): stripes_read... done
[   89.055779][ T5884] bcachefs (loop0): snapshots_read... done
[pid  5884] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5884] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5884] chdir("./file1")            = 0
[pid  5884] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5884] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5884] close(4)                    = 0
[   89.061834][ T5884] bcachefs (loop0): check_allocations... done
[   89.085569][ T5884] bcachefs (loop0): going read-write
[   89.094797][ T5884] bcachefs (loop0): done starting filesystem
[pid  5884] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5884] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5884] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5884] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5884] exit_group(0)               = ?
[pid  5884] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5884, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=28 /* 0.28 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs")                  = 0
[   89.205430][ T5836] bcachefs (loop0): shutting down
[   89.210689][ T5836] bcachefs (loop0): going read-only
[   89.215897][ T5836] bcachefs (loop0): finished waiting for writes to stop
[   89.224239][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[   89.247971][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 17
[   89.259641][ T5836] bcachefs (loop0): unshutdown complete, journal seq 18
[   89.267786][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[   89.287886][ T5836] bcachefs (loop0): shutdown complete
umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./4/file1")                      = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./4")                            = 0
mkdir("./5", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5896 attached
 <unfinished ...>
[pid  5896] set_robust_list(0x5555930ee660, 24) = 0
[pid  5836] <... clone resumed>, child_tidptr=0x5555930ee650) = 5896
[pid  5896] chdir("./5")                = 0
[pid  5896] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5896] setpgid(0, 0)               = 0
[pid  5896] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5896] write(3, "1000", 4)         = 4
[pid  5896] close(3)                    = 0
[pid  5896] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5896] write(1, "executing program\n", 18executing program
) = 18
[pid  5896] memfd_create("syzkaller", 0) = 3
[pid  5896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5896] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5896] munmap(0x7fac97800000, 138412032) = 0
[pid  5896] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5896] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5896] close(3)                    = 0
[pid  5896] close(4)                    = 0
[pid  5896] mkdir("./file1", 0777)      = 0
[   90.834960][ T5896] loop0: detected capacity change from 0 to 32768
[   90.937905][ T5896] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[   90.959105][ T5896] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   90.967335][ T5896] bcachefs (loop0): Version upgrade required:
[   90.967335][ T5896] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   90.967335][ T5896] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[   90.967335][ T5896]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   91.039698][ T5896] bcachefs (loop0): dropping and reconstructing all alloc info
[   91.056453][ T5896] bcachefs (loop0): check_topology... done
[   91.062779][ T5896] bcachefs (loop0): accounting_read... done
[   91.069756][ T5896] bcachefs (loop0): alloc_read... done
[   91.075377][ T5896] bcachefs (loop0): stripes_read... done
[   91.081419][ T5896] bcachefs (loop0): snapshots_read... done
[pid  5896] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5896] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5896] chdir("./file1")            = 0
[pid  5896] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[   91.087446][ T5896] bcachefs (loop0): check_allocations... done
[   91.110953][ T5896] bcachefs (loop0): going read-write
[   91.120625][ T5896] bcachefs (loop0): done starting filesystem
[pid  5896] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5896] close(4)                    = 0
[pid  5896] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5896] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5896] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5896] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5896] exit_group(0)               = ?
[pid  5896] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5896, si_uid=0, si_status=0, si_utime=0, si_stime=37 /* 0.37 s */} ---
umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./5/binderfs")                  = 0
[   91.348330][ T5836] bcachefs (loop0): shutting down
[   91.353404][ T5836] bcachefs (loop0): going read-only
[   91.358992][ T5836] bcachefs (loop0): finished waiting for writes to stop
[   91.366993][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[   91.392579][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 17
[   91.404824][ T5836] bcachefs (loop0): unshutdown complete, journal seq 18
[   91.413039][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[   91.433590][ T5836] bcachefs (loop0): shutdown complete
[   91.533482][ T1193] cfg80211: failed to load regulatory.db
umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./5/file1")                      = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./5")                            = 0
mkdir("./6", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5907 attached
, child_tidptr=0x5555930ee650) = 5907
[pid  5907] set_robust_list(0x5555930ee660, 24) = 0
[pid  5907] chdir("./6")                = 0
[pid  5907] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5907] setpgid(0, 0)               = 0
[pid  5907] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5907] write(3, "1000", 4)         = 4
[pid  5907] close(3)                    = 0
[pid  5907] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid  5907] write(1, "executing program\n", 18) = 18
[pid  5907] memfd_create("syzkaller", 0) = 3
[pid  5907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5907] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5907] munmap(0x7fac97800000, 138412032) = 0
[pid  5907] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5907] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5907] close(3)                    = 0
[pid  5907] close(4)                    = 0
[pid  5907] mkdir("./file1", 0777)      = 0
[   92.954931][ T5907] loop0: detected capacity change from 0 to 32768
[   93.015552][ T5907] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[   93.036972][ T5907] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   93.045101][ T5907] bcachefs (loop0): Version upgrade required:
[   93.045101][ T5907] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   93.045101][ T5907] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[   93.045101][ T5907]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   93.118363][ T5907] bcachefs (loop0): dropping and reconstructing all alloc info
[   93.135906][ T5907] bcachefs (loop0): check_topology... done
[   93.142128][ T5907] bcachefs (loop0): accounting_read... done
[   93.148311][ T5907] bcachefs (loop0): alloc_read... done
[   93.153905][ T5907] bcachefs (loop0): stripes_read... done
[   93.160045][ T5907] bcachefs (loop0): snapshots_read... done
[pid  5907] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5907] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5907] chdir("./file1")            = 0
[pid  5907] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5907] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5907] close(4)                    = 0
[pid  5907] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5907] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5907] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5907] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5907] exit_group(0)               = ?
[pid  5907] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5907, si_uid=0, si_status=0, si_utime=0, si_stime=33 /* 0.33 s */} ---
[   93.165964][ T5907] bcachefs (loop0): check_allocations... done
[   93.189377][ T5907] bcachefs (loop0): going read-write
[   93.198679][ T5907] bcachefs (loop0): done starting filesystem
umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./6/binderfs")                  = 0
[   93.249245][ T5836] bcachefs (loop0): shutting down
[   93.254344][ T5836] bcachefs (loop0): going read-only
[   93.260189][ T5836] bcachefs (loop0): finished waiting for writes to stop
[   93.268307][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[   93.292233][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 16
[   93.304398][ T5836] bcachefs (loop0): unshutdown complete, journal seq 17
[   93.312423][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[   93.331459][ T5836] bcachefs (loop0): shutdown complete
umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./6/file1")                      = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./6")                            = 0
mkdir("./7", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5919 attached
 <unfinished ...>
[pid  5919] set_robust_list(0x5555930ee660, 24 <unfinished ...>
[pid  5836] <... clone resumed>, child_tidptr=0x5555930ee650) = 5919
[pid  5919] <... set_robust_list resumed>) = 0
[pid  5919] chdir("./7")                = 0
[pid  5919] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5919] setpgid(0, 0)               = 0
[pid  5919] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5919] write(3, "1000", 4)         = 4
[pid  5919] close(3)                    = 0
[pid  5919] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5919] write(1, "executing program\n", 18) = 18
[pid  5919] memfd_create("syzkaller", 0) = 3
[pid  5919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5919] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5919] munmap(0x7fac97800000, 138412032) = 0
[pid  5919] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5919] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5919] close(3)                    = 0
[pid  5919] close(4)                    = 0
[pid  5919] mkdir("./file1", 0777)      = 0
[   94.876720][ T5919] loop0: detected capacity change from 0 to 32768
[   94.972398][ T5919] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[   94.993659][ T5919] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   95.001920][ T5919] bcachefs (loop0): Version upgrade required:
[   95.001920][ T5919] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   95.001920][ T5919] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[   95.001920][ T5919]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   95.078127][ T5919] bcachefs (loop0): dropping and reconstructing all alloc info
[   95.096363][ T5919] bcachefs (loop0): check_topology... done
[   95.102870][ T5919] bcachefs (loop0): accounting_read... done
[   95.109468][ T5919] bcachefs (loop0): alloc_read... done
[   95.114972][ T5919] bcachefs (loop0): stripes_read... done
[pid  5919] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5919] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5919] chdir("./file1")            = 0
[pid  5919] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5919] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5919] close(4)                    = 0
[pid  5919] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5919] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[   95.120988][ T5919] bcachefs (loop0): snapshots_read... done
[   95.127080][ T5919] bcachefs (loop0): check_allocations... done
[   95.150629][ T5919] bcachefs (loop0): going read-write
[   95.160002][ T5919] bcachefs (loop0): done starting filesystem
[pid  5919] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5919] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5919] exit_group(0)               = ?
[pid  5919] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5919, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=34 /* 0.34 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./7/binderfs")                  = 0
[   95.244537][ T5836] bcachefs (loop0): shutting down
[   95.249737][ T5836] bcachefs (loop0): going read-only
[   95.254935][ T5836] bcachefs (loop0): finished waiting for writes to stop
[   95.263430][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[   95.285759][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 16
[   95.297351][ T5836] bcachefs (loop0): unshutdown complete, journal seq 17
[   95.305182][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[   95.325878][ T5836] bcachefs (loop0): shutdown complete
umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./7/file1")                      = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./7")                            = 0
mkdir("./8", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5930 attached
 <unfinished ...>
[pid  5930] set_robust_list(0x5555930ee660, 24 <unfinished ...>
[pid  5836] <... clone resumed>, child_tidptr=0x5555930ee650) = 5930
[pid  5930] <... set_robust_list resumed>) = 0
[pid  5930] chdir("./8")                = 0
[pid  5930] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5930] setpgid(0, 0)               = 0
[pid  5930] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5930] write(3, "1000", 4)         = 4
[pid  5930] close(3)                    = 0
[pid  5930] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5930] write(1, "executing program\n", 18) = 18
[pid  5930] memfd_create("syzkaller", 0) = 3
[pid  5930] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5930] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5930] munmap(0x7fac97800000, 138412032) = 0
[pid  5930] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5930] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5930] close(3)                    = 0
[pid  5930] close(4)                    = 0
[pid  5930] mkdir("./file1", 0777)      = 0
[   96.888878][ T5930] loop0: detected capacity change from 0 to 32768
[   96.971779][ T5930] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[   96.993132][ T5930] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   97.001444][ T5930] bcachefs (loop0): Version upgrade required:
[   97.001444][ T5930] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   97.001444][ T5930] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[   97.001444][ T5930]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   97.074099][ T5930] bcachefs (loop0): dropping and reconstructing all alloc info
[   97.090681][ T5930] bcachefs (loop0): check_topology... done
[   97.096908][ T5930] bcachefs (loop0): accounting_read... done
[   97.103737][ T5930] bcachefs (loop0): alloc_read... done
[   97.109433][ T5930] bcachefs (loop0): stripes_read... done
[   97.115141][ T5930] bcachefs (loop0): snapshots_read... done
[pid  5930] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5930] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5930] chdir("./file1")            = 0
[pid  5930] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5930] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5930] close(4)                    = 0
[pid  5930] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[   97.121195][ T5930] bcachefs (loop0): check_allocations... done
[   97.144935][ T5930] bcachefs (loop0): going read-write
[   97.154162][ T5930] bcachefs (loop0): done starting filesystem
[pid  5930] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5930] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5930] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5930] exit_group(0)               = ?
[pid  5930] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5930, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=32 /* 0.32 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./8/binderfs")                  = 0
[   97.238346][ T5836] bcachefs (loop0): shutting down
[   97.243448][ T5836] bcachefs (loop0): going read-only
[   97.249401][ T5836] bcachefs (loop0): finished waiting for writes to stop
[   97.257947][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[   97.280862][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 17
[   97.292189][ T5836] bcachefs (loop0): unshutdown complete, journal seq 18
[   97.300230][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[   97.319754][ T5836] bcachefs (loop0): shutdown complete
umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./8/file1")                      = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./8")                            = 0
mkdir("./9", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5941 attached
 <unfinished ...>
[pid  5941] set_robust_list(0x5555930ee660, 24) = 0
[pid  5836] <... clone resumed>, child_tidptr=0x5555930ee650) = 5941
[pid  5941] chdir("./9")                = 0
[pid  5941] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5941] setpgid(0, 0)               = 0
[pid  5941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5941] write(3, "1000", 4)         = 4
[pid  5941] close(3)                    = 0
[pid  5941] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5941] write(1, "executing program\n", 18) = 18
[pid  5941] memfd_create("syzkaller", 0) = 3
[pid  5941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5941] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5941] munmap(0x7fac97800000, 138412032) = 0
[pid  5941] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5941] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5941] close(3)                    = 0
[pid  5941] close(4)                    = 0
[pid  5941] mkdir("./file1", 0777)      = 0
[   98.841249][ T5941] loop0: detected capacity change from 0 to 32768
[   98.915783][ T5941] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[   98.938413][ T5941] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   98.946747][ T5941] bcachefs (loop0): Version upgrade required:
[   98.946747][ T5941] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   98.946747][ T5941] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[   98.946747][ T5941]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   99.019285][ T5941] bcachefs (loop0): dropping and reconstructing all alloc info
[   99.036147][ T5941] bcachefs (loop0): check_topology... done
[   99.042219][ T5941] bcachefs (loop0): accounting_read... done
[   99.048566][ T5941] bcachefs (loop0): alloc_read... done
[   99.054117][ T5941] bcachefs (loop0): stripes_read... done
[   99.059915][ T5941] bcachefs (loop0): snapshots_read... done
[pid  5941] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5941] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5941] chdir("./file1")            = 0
[pid  5941] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[   99.065988][ T5941] bcachefs (loop0): check_allocations... done
[   99.089819][ T5941] bcachefs (loop0): going read-write
[   99.099564][ T5941] bcachefs (loop0): done starting filesystem
[pid  5941] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5941] close(4)                    = 0
[pid  5941] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5941] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5941] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5941] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5941] exit_group(0)               = ?
[pid  5941] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5941, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=31 /* 0.31 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./9/binderfs")                  = 0
[   99.290235][ T5836] bcachefs (loop0): shutting down
[   99.295295][ T5836] bcachefs (loop0): going read-only
[   99.300925][ T5836] bcachefs (loop0): finished waiting for writes to stop
[   99.308475][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[   99.329984][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 16
[   99.341237][ T5836] bcachefs (loop0): unshutdown complete, journal seq 17
[   99.349216][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[   99.368455][ T5836] bcachefs (loop0): shutdown complete
umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./9/file1")                      = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./9")                            = 0
mkdir("./10", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5952 attached
, child_tidptr=0x5555930ee650) = 5952
[pid  5952] set_robust_list(0x5555930ee660, 24) = 0
[pid  5952] chdir("./10")               = 0
[pid  5952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5952] setpgid(0, 0)               = 0
[pid  5952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5952] write(3, "1000", 4)         = 4
[pid  5952] close(3)                    = 0
[pid  5952] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5952] write(1, "executing program\n", 18) = 18
[pid  5952] memfd_create("syzkaller", 0) = 3
[pid  5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5952] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5952] munmap(0x7fac97800000, 138412032) = 0
[pid  5952] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5952] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5952] close(3)                    = 0
[pid  5952] close(4)                    = 0
[pid  5952] mkdir("./file1", 0777)      = 0
[  100.881615][ T5952] loop0: detected capacity change from 0 to 32768
[  100.963589][ T5952] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  100.985045][ T5952] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  100.994921][ T5952] bcachefs (loop0): Version upgrade required:
[  100.994921][ T5952] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  100.994921][ T5952] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  100.994921][ T5952]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  101.068056][ T5952] bcachefs (loop0): dropping and reconstructing all alloc info
[  101.085036][ T5952] bcachefs (loop0): check_topology... done
[  101.091253][ T5952] bcachefs (loop0): accounting_read... done
[  101.098174][ T5952] bcachefs (loop0): alloc_read... done
[  101.103877][ T5952] bcachefs (loop0): stripes_read... done
[pid  5952] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5952] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5952] chdir("./file1")            = 0
[pid  5952] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5952] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5952] close(4)                    = 0
[pid  5952] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5952] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5952] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[  101.109718][ T5952] bcachefs (loop0): snapshots_read... done
[  101.115994][ T5952] bcachefs (loop0): check_allocations... done
[  101.141154][ T5952] bcachefs (loop0): going read-write
[  101.150657][ T5952] bcachefs (loop0): done starting filesystem
[pid  5952] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5952] exit_group(0)               = ?
[pid  5952] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5952, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=30 /* 0.30 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./10/binderfs")                 = 0
[  101.272274][ T5836] bcachefs (loop0): shutting down
[  101.277621][ T5836] bcachefs (loop0): going read-only
[  101.282908][ T5836] bcachefs (loop0): finished waiting for writes to stop
[  101.292900][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  101.320612][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 16
[  101.332402][ T5836] bcachefs (loop0): unshutdown complete, journal seq 17
[  101.340484][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[  101.360512][ T5836] bcachefs (loop0): shutdown complete
umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./10/file1")                     = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./10")                           = 0
mkdir("./11", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5963 attached
, child_tidptr=0x5555930ee650) = 5963
[pid  5963] set_robust_list(0x5555930ee660, 24) = 0
[pid  5963] chdir("./11")               = 0
[pid  5963] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5963] setpgid(0, 0)               = 0
[pid  5963] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5963] write(3, "1000", 4)         = 4
[pid  5963] close(3)                    = 0
[pid  5963] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5963] write(1, "executing program\n", 18) = 18
[pid  5963] memfd_create("syzkaller", 0) = 3
[pid  5963] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5963] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5963] munmap(0x7fac97800000, 138412032) = 0
[pid  5963] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5963] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5963] close(3)                    = 0
[pid  5963] close(4)                    = 0
[pid  5963] mkdir("./file1", 0777)      = 0
[  102.862516][ T5963] loop0: detected capacity change from 0 to 32768
[  102.935981][ T5963] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  102.957621][ T5963] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  102.965781][ T5963] bcachefs (loop0): Version upgrade required:
[  102.965781][ T5963] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  102.965781][ T5963] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  102.965781][ T5963]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  103.038501][ T5963] bcachefs (loop0): dropping and reconstructing all alloc info
[  103.055343][ T5963] bcachefs (loop0): check_topology... done
[  103.061427][ T5963] bcachefs (loop0): accounting_read... done
[  103.067927][ T5963] bcachefs (loop0): alloc_read... done
[  103.073469][ T5963] bcachefs (loop0): stripes_read... done
[  103.079241][ T5963] bcachefs (loop0): snapshots_read... done
[pid  5963] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5963] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5963] chdir("./file1")            = 0
[pid  5963] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5963] ioctl(4, LOOP_CLR_FD)       = 0
[  103.085245][ T5963] bcachefs (loop0): check_allocations... done
[  103.110203][ T5963] bcachefs (loop0): going read-write
[  103.119483][ T5963] bcachefs (loop0): done starting filesystem
[pid  5963] close(4)                    = 0
[pid  5963] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5963] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5963] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5963] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5963] exit_group(0)               = ?
[pid  5963] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5963, si_uid=0, si_status=0, si_utime=0, si_stime=33 /* 0.33 s */} ---
umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./11/binderfs")                 = 0
[  103.392164][ T5836] bcachefs (loop0): shutting down
[  103.397499][ T5836] bcachefs (loop0): going read-only
[  103.402711][ T5836] bcachefs (loop0): finished waiting for writes to stop
[  103.410675][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  103.433948][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 15
[  103.445620][ T5836] bcachefs (loop0): unshutdown complete, journal seq 16
[  103.453729][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[  103.473785][ T5836] bcachefs (loop0): shutdown complete
umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./11/file1")                     = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./11")                           = 0
mkdir("./12", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5974 attached
, child_tidptr=0x5555930ee650) = 5974
[pid  5974] set_robust_list(0x5555930ee660, 24) = 0
[pid  5974] chdir("./12")               = 0
[pid  5974] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5974] setpgid(0, 0)               = 0
[pid  5974] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5974] write(3, "1000", 4)         = 4
[pid  5974] close(3)                    = 0
[pid  5974] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5974] write(1, "executing program\n", 18executing program
) = 18
[pid  5974] memfd_create("syzkaller", 0) = 3
[pid  5974] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5974] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5974] munmap(0x7fac97800000, 138412032) = 0
[pid  5974] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5974] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5974] close(3)                    = 0
[pid  5974] close(4)                    = 0
[pid  5974] mkdir("./file1", 0777)      = 0
[  104.925582][ T5974] loop0: detected capacity change from 0 to 32768
[  105.010157][ T5974] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  105.031320][ T5974] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  105.040161][ T5974] bcachefs (loop0): Version upgrade required:
[  105.040161][ T5974] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  105.040161][ T5974] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  105.040161][ T5974]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  105.114344][ T5974] bcachefs (loop0): dropping and reconstructing all alloc info
[  105.130850][ T5974] bcachefs (loop0): check_topology... done
[  105.136887][ T5974] bcachefs (loop0): accounting_read... done
[  105.144023][ T5974] bcachefs (loop0): alloc_read... done
[  105.149736][ T5974] bcachefs (loop0): stripes_read... done
[pid  5974] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5974] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5974] chdir("./file1")            = 0
[pid  5974] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[  105.155441][ T5974] bcachefs (loop0): snapshots_read... done
[  105.161461][ T5974] bcachefs (loop0): check_allocations... done
[  105.184812][ T5974] bcachefs (loop0): going read-write
[  105.194181][ T5974] bcachefs (loop0): done starting filesystem
[pid  5974] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5974] close(4)                    = 0
[pid  5974] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5974] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5974] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5974] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5974] exit_group(0)               = ?
[pid  5974] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5974, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=32 /* 0.32 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
[  105.323753][ T5974] syz-executor239 (5974) used greatest stack depth: 15920 bytes left
umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./12/binderfs")                 = 0
[  105.414811][ T5836] bcachefs (loop0): shutting down
[  105.420163][ T5836] bcachefs (loop0): going read-only
[  105.425383][ T5836] bcachefs (loop0): finished waiting for writes to stop
[  105.433147][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  105.457214][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 16
[  105.468461][ T5836] bcachefs (loop0): unshutdown complete, journal seq 17
[  105.476289][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[  105.495370][ T5836] bcachefs (loop0): shutdown complete
umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./12/file1")                     = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./12")                           = 0
mkdir("./13", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5985 attached
 <unfinished ...>
[pid  5985] set_robust_list(0x5555930ee660, 24 <unfinished ...>
[pid  5836] <... clone resumed>, child_tidptr=0x5555930ee650) = 5985
[pid  5985] <... set_robust_list resumed>) = 0
[pid  5985] chdir("./13")               = 0
[pid  5985] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5985] setpgid(0, 0)               = 0
[pid  5985] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5985] write(3, "1000", 4)         = 4
[pid  5985] close(3)                    = 0
[pid  5985] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5985] write(1, "executing program\n", 18) = 18
[pid  5985] memfd_create("syzkaller", 0) = 3
[pid  5985] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5985] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5985] munmap(0x7fac97800000, 138412032) = 0
[pid  5985] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5985] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5985] close(3)                    = 0
[pid  5985] close(4)                    = 0
[pid  5985] mkdir("./file1", 0777)      = 0
[  107.032644][ T5985] loop0: detected capacity change from 0 to 32768
[  107.120015][ T5985] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  107.141402][ T5985] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  107.149593][ T5985] bcachefs (loop0): Version upgrade required:
[  107.149593][ T5985] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  107.149593][ T5985] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  107.149593][ T5985]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  107.222011][ T5985] bcachefs (loop0): dropping and reconstructing all alloc info
[  107.238350][ T5985] bcachefs (loop0): check_topology... done
[  107.244245][ T5985] bcachefs (loop0): accounting_read... done
[  107.250631][ T5985] bcachefs (loop0): alloc_read... done
[  107.256173][ T5985] bcachefs (loop0): stripes_read... done
[  107.261993][ T5985] bcachefs (loop0): snapshots_read... done
[pid  5985] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5985] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5985] chdir("./file1")            = 0
[pid  5985] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5985] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5985] close(4)                    = 0
[pid  5985] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5985] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[  107.268059][ T5985] bcachefs (loop0): check_allocations... done
[  107.291156][ T5985] bcachefs (loop0): going read-write
[  107.300375][ T5985] bcachefs (loop0): done starting filesystem
[pid  5985] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5985] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5985] exit_group(0)               = ?
[pid  5985] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5985, si_uid=0, si_status=0, si_utime=0, si_stime=36 /* 0.36 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./13/binderfs")                 = 0
[  107.456253][ T5836] bcachefs (loop0): shutting down
[  107.461521][ T5836] bcachefs (loop0): going read-only
[  107.467282][ T5836] bcachefs (loop0): finished waiting for writes to stop
[  107.474947][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  107.499162][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 15
[  107.510808][ T5836] bcachefs (loop0): unshutdown complete, journal seq 16
[  107.518856][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[  107.539772][ T5836] bcachefs (loop0): shutdown complete
umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./13/file1")                     = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./13")                           = 0
mkdir("./14", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5996 attached
, child_tidptr=0x5555930ee650) = 5996
[pid  5996] set_robust_list(0x5555930ee660, 24) = 0
[pid  5996] chdir("./14")               = 0
[pid  5996] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5996] setpgid(0, 0)               = 0
[pid  5996] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5996] write(3, "1000", 4)         = 4
[pid  5996] close(3)                    = 0
[pid  5996] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5996] write(1, "executing program\n", 18) = 18
[pid  5996] memfd_create("syzkaller", 0) = 3
[pid  5996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  5996] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5996] munmap(0x7fac97800000, 138412032) = 0
[pid  5996] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5996] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5996] close(3)                    = 0
[pid  5996] close(4)                    = 0
[pid  5996] mkdir("./file1", 0777)      = 0
[  109.043208][ T5996] loop0: detected capacity change from 0 to 32768
[  109.116165][ T5996] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  109.137813][ T5996] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  109.146016][ T5996] bcachefs (loop0): Version upgrade required:
[  109.146016][ T5996] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  109.146016][ T5996] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  109.146016][ T5996]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  109.218724][ T5996] bcachefs (loop0): dropping and reconstructing all alloc info
[  109.234684][ T5996] bcachefs (loop0): check_topology... done
[  109.240877][ T5996] bcachefs (loop0): accounting_read... done
[  109.247217][ T5996] bcachefs (loop0): alloc_read... done
[  109.252784][ T5996] bcachefs (loop0): stripes_read... done
[  109.258570][ T5996] bcachefs (loop0): snapshots_read... done
[pid  5996] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  5996] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5996] chdir("./file1")            = 0
[pid  5996] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5996] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5996] close(4)                    = 0
[  109.264571][ T5996] bcachefs (loop0): check_allocations... done
[  109.287339][ T5996] bcachefs (loop0): going read-write
[  109.295823][ T5996] bcachefs (loop0): done starting filesystem
[pid  5996] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  5996] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  5996] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  5996] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  5996] exit_group(0)               = ?
[pid  5996] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5996, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=33 /* 0.33 s */} ---
umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./14/binderfs")                 = 0
[  109.489947][ T5836] bcachefs (loop0): shutting down
[  109.495017][ T5836] bcachefs (loop0): going read-only
[  109.500678][ T5836] bcachefs (loop0): finished waiting for writes to stop
[  109.508227][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  109.531747][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 17
[  109.543116][ T5836] bcachefs (loop0): unshutdown complete, journal seq 18
[  109.551060][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[  109.570448][ T5836] bcachefs (loop0): shutdown complete
umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./14/file1")                     = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./14")                           = 0
mkdir("./15", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6007 attached
, child_tidptr=0x5555930ee650) = 6007
[pid  6007] set_robust_list(0x5555930ee660, 24) = 0
[pid  6007] chdir("./15")               = 0
[pid  6007] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  6007] setpgid(0, 0)               = 0
[pid  6007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  6007] write(3, "1000", 4)         = 4
[pid  6007] close(3)                    = 0
[pid  6007] symlink("/dev/binderfs", "./binderfs") = 0
[pid  6007] write(1, "executing program\n", 18executing program
) = 18
[pid  6007] memfd_create("syzkaller", 0) = 3
[pid  6007] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  6007] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  6007] munmap(0x7fac97800000, 138412032) = 0
[pid  6007] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  6007] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  6007] close(3)                    = 0
[pid  6007] close(4)                    = 0
[pid  6007] mkdir("./file1", 0777)      = 0
[  111.012723][ T6007] loop0: detected capacity change from 0 to 32768
[  111.084631][ T6007] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  111.107068][ T6007] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  111.115163][ T6007] bcachefs (loop0): Version upgrade required:
[  111.115163][ T6007] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  111.115163][ T6007] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  111.115163][ T6007]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  111.188282][ T6007] bcachefs (loop0): dropping and reconstructing all alloc info
[  111.204539][ T6007] bcachefs (loop0): check_topology... done
[  111.210661][ T6007] bcachefs (loop0): accounting_read... done
[  111.217081][ T6007] bcachefs (loop0): alloc_read... done
[  111.222618][ T6007] bcachefs (loop0): stripes_read... done
[  111.228371][ T6007] bcachefs (loop0): snapshots_read... done
[pid  6007] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  6007] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  6007] chdir("./file1")            = 0
[pid  6007] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  6007] ioctl(4, LOOP_CLR_FD)       = 0
[pid  6007] close(4)                    = 0
[pid  6007] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  6007] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  6007] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  6007] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  6007] exit_group(0)               = ?
[pid  6007] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6007, si_uid=0, si_status=0, si_utime=0, si_stime=32 /* 0.32 s */} ---
[  111.234385][ T6007] bcachefs (loop0): check_allocations... done
[  111.257505][ T6007] bcachefs (loop0): going read-write
[  111.266474][ T6007] bcachefs (loop0): done starting filesystem
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./15/binderfs")                 = 0
[  111.322231][ T5836] bcachefs (loop0): shutting down
[  111.327389][ T5836] bcachefs (loop0): going read-only
[  111.332632][ T5836] bcachefs (loop0): finished waiting for writes to stop
[  111.340932][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  111.364499][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 17
[  111.376140][ T5836] bcachefs (loop0): unshutdown complete, journal seq 18
[  111.384386][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[  111.404030][ T5836] bcachefs (loop0): shutdown complete
umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./15/file1")                     = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./15")                           = 0
mkdir("./16", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6018 attached
 <unfinished ...>
[pid  6018] set_robust_list(0x5555930ee660, 24 <unfinished ...>
[pid  5836] <... clone resumed>, child_tidptr=0x5555930ee650) = 6018
[pid  6018] <... set_robust_list resumed>) = 0
[pid  6018] chdir("./16")               = 0
[pid  6018] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  6018] setpgid(0, 0)               = 0
[pid  6018] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  6018] write(3, "1000", 4)         = 4
[pid  6018] close(3)                    = 0
[pid  6018] symlink("/dev/binderfs", "./binderfs") = 0
[pid  6018] write(1, "executing program\n", 18executing program
) = 18
[pid  6018] memfd_create("syzkaller", 0) = 3
[pid  6018] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  6018] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  6018] munmap(0x7fac97800000, 138412032) = 0
[pid  6018] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  6018] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  6018] close(3)                    = 0
[pid  6018] close(4)                    = 0
[pid  6018] mkdir("./file1", 0777)      = 0
[  112.917383][ T6018] loop0: detected capacity change from 0 to 32768
[  113.005844][ T6018] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  113.027981][ T6018] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  113.036243][ T6018] bcachefs (loop0): Version upgrade required:
[  113.036243][ T6018] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  113.036243][ T6018] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  113.036243][ T6018]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  113.112613][ T6018] bcachefs (loop0): dropping and reconstructing all alloc info
[  113.130620][ T6018] bcachefs (loop0): check_topology... done
[  113.136622][ T6018] bcachefs (loop0): accounting_read... done
[  113.143020][ T6018] bcachefs (loop0): alloc_read... done
[  113.148926][ T6018] bcachefs (loop0): stripes_read... done
[pid  6018] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  6018] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  6018] chdir("./file1")            = 0
[pid  6018] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  6018] ioctl(4, LOOP_CLR_FD)       = 0
[pid  6018] close(4)                    = 0
[pid  6018] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  6018] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  6018] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[  113.154642][ T6018] bcachefs (loop0): snapshots_read... done
[  113.160725][ T6018] bcachefs (loop0): check_allocations... done
[  113.183274][ T6018] bcachefs (loop0): going read-write
[  113.192601][ T6018] bcachefs (loop0): done starting filesystem
[pid  6018] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  6018] exit_group(0)               = ?
[pid  6018] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6018, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=32 /* 0.32 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./16/binderfs")                 = 0
[  113.367381][ T5836] bcachefs (loop0): shutting down
[  113.372475][ T5836] bcachefs (loop0): going read-only
[  113.378045][ T5836] bcachefs (loop0): finished waiting for writes to stop
[  113.385771][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  113.408483][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 16
[  113.419631][ T5836] bcachefs (loop0): unshutdown complete, journal seq 17
[  113.427742][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[  113.447203][ T5836] bcachefs (loop0): shutdown complete
umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./16/file1")                     = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./16")                           = 0
mkdir("./17", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6031 attached
, child_tidptr=0x5555930ee650) = 6031
[pid  6031] set_robust_list(0x5555930ee660, 24) = 0
[pid  6031] chdir("./17")               = 0
[pid  6031] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  6031] setpgid(0, 0)               = 0
[pid  6031] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  6031] write(3, "1000", 4)         = 4
[pid  6031] close(3)                    = 0
[pid  6031] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  6031] write(1, "executing program\n", 18) = 18
[pid  6031] memfd_create("syzkaller", 0) = 3
[pid  6031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  6031] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  6031] munmap(0x7fac97800000, 138412032) = 0
[pid  6031] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  6031] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  6031] close(3)                    = 0
[pid  6031] close(4)                    = 0
[pid  6031] mkdir("./file1", 0777)      = 0
[  114.900346][ T6031] loop0: detected capacity change from 0 to 32768
[  114.990128][ T6031] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  115.011351][ T6031] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  115.019629][ T6031] bcachefs (loop0): Version upgrade required:
[  115.019629][ T6031] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  115.019629][ T6031] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  115.019629][ T6031]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  115.092210][ T6031] bcachefs (loop0): dropping and reconstructing all alloc info
[  115.108944][ T6031] bcachefs (loop0): check_topology... done
[  115.114833][ T6031] bcachefs (loop0): accounting_read... done
[  115.121100][ T6031] bcachefs (loop0): alloc_read... done
[  115.126698][ T6031] bcachefs (loop0): stripes_read... done
[  115.132368][ T6031] bcachefs (loop0): snapshots_read... done
[pid  6031] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  6031] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  6031] chdir("./file1")            = 0
[pid  6031] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  6031] ioctl(4, LOOP_CLR_FD)       = 0
[pid  6031] close(4)                    = 0
[pid  6031] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  6031] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  6031] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  6031] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  6031] exit_group(0)               = ?
[  115.138333][ T6031] bcachefs (loop0): check_allocations... done
[  115.161123][ T6031] bcachefs (loop0): going read-write
[  115.170447][ T6031] bcachefs (loop0): done starting filesystem
[pid  6031] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6031, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=35 /* 0.35 s */} ---
umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./17/binderfs")                 = 0
[  115.329739][ T5836] bcachefs (loop0): shutting down
[  115.334835][ T5836] bcachefs (loop0): going read-only
[  115.340462][ T5836] bcachefs (loop0): finished waiting for writes to stop
[  115.348246][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  115.372525][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 16
[  115.384113][ T5836] bcachefs (loop0): unshutdown complete, journal seq 17
[  115.392153][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[  115.413268][ T5836] bcachefs (loop0): shutdown complete
umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555930f7730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555930f7730 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./17/file1")                     = 0
getdents64(3, 0x5555930ef6f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./17")                           = 0
mkdir("./18", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6045 attached
 <unfinished ...>
[pid  6045] set_robust_list(0x5555930ee660, 24 <unfinished ...>
[pid  5836] <... clone resumed>, child_tidptr=0x5555930ee650) = 6045
[pid  6045] <... set_robust_list resumed>) = 0
[pid  6045] chdir("./18")               = 0
[pid  6045] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  6045] setpgid(0, 0)               = 0
[pid  6045] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  6045] write(3, "1000", 4)         = 4
[pid  6045] close(3)                    = 0
[pid  6045] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  6045] write(1, "executing program\n", 18) = 18
[pid  6045] memfd_create("syzkaller", 0) = 3
[pid  6045] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac97800000
[pid  6045] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  6045] munmap(0x7fac97800000, 138412032) = 0
[pid  6045] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  6045] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  6045] close(3)                    = 0
[pid  6045] close(4)                    = 0
[pid  6045] mkdir("./file1", 0777)      = 0
[  116.924551][ T6045] loop0: detected capacity change from 0 to 32768
[  117.005814][ T6045] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  117.027047][ T6045] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  117.035217][ T6045] bcachefs (loop0): Version upgrade required:
[  117.035217][ T6045] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  117.035217][ T6045] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  117.035217][ T6045]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  117.108583][ T6045] bcachefs (loop0): dropping and reconstructing all alloc info
[  117.126030][ T6045] bcachefs (loop0): check_topology... done
[  117.132569][ T6045] bcachefs (loop0): accounting_read... done
[  117.139619][ T6045] bcachefs (loop0): alloc_read... done
[  117.145203][ T6045] bcachefs (loop0): stripes_read... done
[pid  6045] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reco"...) = 0
[pid  6045] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  6045] chdir("./file1")            = 0
[pid  6045] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  6045] ioctl(4, LOOP_CLR_FD)       = 0
[pid  6045] close(4)                    = 0
[  117.151004][ T6045] bcachefs (loop0): snapshots_read... done
[  117.157055][ T6045] bcachefs (loop0): check_allocations... done
[  117.182298][ T6045] bcachefs (loop0): going read-write
[  117.191935][ T6045] bcachefs (loop0): done starting filesystem
[pid  6045] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4
[pid  6045] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 0777) = 5
[pid  6045] ioctl(5, _IOC(_IOC_WRITE, 0x58, 0x29, 0x30), 0x200002c0) = 0
[pid  6045] write(4, "\x10\x00\x00\x00\xf5\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16384) = 4096
[pid  6045] exit_group(0)               = ?
[pid  6045] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6045, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=32 /* 0.32 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555930ef6f0 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./18/binderfs")                 = 0
[  117.299104][ T5836] bcachefs (loop0): shutting down
[  117.304187][ T5836] bcachefs (loop0): going read-only
[  117.310068][ T5836] bcachefs (loop0): finished waiting for writes to stop
[  117.317694][ T5836] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  117.338627][ T5836] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 13
[  117.350304][ T5836] bcachefs (loop0): unshutdown complete, journal seq 14
[  117.358457][ T5836] bcachefs (loop0): done going read-only, filesystem not clean
[  117.380274][ T5836] bcachefs (loop0): shutdown complete
[  118.121348][ T5836] ------------[ cut here ]------------
[  118.127903][ T5836] kernel BUG at fs/bcachefs/btree_cache.c:594!
[  118.134348][ T5836] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  118.141498][ T5836] CPU: 1 UID: 0 PID: 5836 Comm: syz-executor239 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  118.152609][ T5836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  118.162661][ T5836] RIP: 0010:bch2_fs_btree_cache_exit+0x1124/0x1130
[  118.169185][ T5836] Code: fd 90 0f 0b e8 7d 20 81 fd 90 0f 0b e8 75 20 81 fd 90 0f 0b e8 6d 20 81 fd 90 0f 0b e8 65 20 81 fd 90 0f 0b e8 5d 20 81 fd 90 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90
[  118.188809][ T5836] RSP: 0018:ffffc90003bbfb20 EFLAGS: 00010293
[  118.194895][ T5836] RAX: ffffffff8413ca13 RBX: 0000000000000002 RCX: ffff88803357bc00
[  118.202877][ T5836] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[  118.210856][ T5836] RBP: 1ffff110053ae116 R08: ffffffff8413c0b7 R09: 1ffff1100e6b03b6
[  118.218836][ T5836] R10: dffffc0000000000 R11: ffffed100e6b03b7 R12: ffff888073581c78
[  118.226814][ T5836] R13: ffff888073580000 R14: 0000000000000000 R15: dffffc0000000000
[  118.234822][ T5836] FS:  00005555930ee380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  118.243763][ T5836] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  118.250360][ T5836] CR2: 00005555930f76f8 CR3: 00000000752c4000 CR4: 0000000000350ef0
[  118.258346][ T5836] Call Trace:
[  118.261627][ T5836]  <TASK>
[  118.264561][ T5836]  ? __die_body+0x5f/0xb0
[  118.268903][ T5836]  ? die+0x9e/0xc0
[  118.272629][ T5836]  ? do_trap+0x15a/0x3a0
[  118.276888][ T5836]  ? bch2_fs_btree_cache_exit+0x1124/0x1130
[  118.282800][ T5836]  ? do_error_trap+0x1dc/0x2c0
[  118.287577][ T5836]  ? bch2_fs_btree_cache_exit+0x1124/0x1130
[  118.293495][ T5836]  ? __pfx_do_error_trap+0x10/0x10
[  118.298624][ T5836]  ? report_bug+0x3e8/0x500
[  118.303156][ T5836]  ? srso_alias_return_thunk+0x5/0xfbef5
[  118.308806][ T5836]  ? handle_invalid_op+0x34/0x40
[  118.313761][ T5836]  ? bch2_fs_btree_cache_exit+0x1124/0x1130
[  118.319677][ T5836]  ? exc_invalid_op+0x38/0x50
[  118.324372][ T5836]  ? asm_exc_invalid_op+0x1a/0x20
[  118.329408][ T5836]  ? bch2_fs_btree_cache_exit+0x7c7/0x1130
[  118.335236][ T5836]  ? bch2_fs_btree_cache_exit+0x1123/0x1130
[  118.341153][ T5836]  ? bch2_fs_btree_cache_exit+0x1124/0x1130
[  118.347079][ T5836]  bch2_fs_release+0x20e/0x7d0
[  118.351864][ T5836]  ? srso_alias_return_thunk+0x5/0xfbef5
[  118.357518][ T5836]  ? kobject_put+0x44d/0x480
[  118.362127][ T5836]  kobject_put+0x231/0x480
[  118.366561][ T5836]  deactivate_locked_super+0xc6/0x130
[  118.371961][ T5836]  cleanup_mnt+0x41f/0x4b0
[  118.376394][ T5836]  ? srso_alias_return_thunk+0x5/0xfbef5
[  118.382044][ T5836]  ? lockdep_hardirqs_on+0x99/0x150
[  118.387253][ T5836]  task_work_run+0x251/0x310
[  118.391856][ T5836]  ? __pfx_task_work_run+0x10/0x10
[  118.396976][ T5836]  ? path_umount+0x284/0xf70
[  118.401577][ T5836]  ptrace_notify+0x2d2/0x380
[  118.406180][ T5836]  ? __pfx_path_umount+0x10/0x10
[  118.411125][ T5836]  ? __pfx_ptrace_notify+0x10/0x10
[  118.416255][ T5836]  ? srso_alias_return_thunk+0x5/0xfbef5
[  118.421902][ T5836]  ? __x64_sys_umount+0x123/0x170
[  118.426936][ T5836]  ? __pfx___x64_sys_umount+0x10/0x10
[  118.432317][ T5836]  syscall_exit_work+0xc6/0x190
[  118.437178][ T5836]  syscall_exit_to_user_mode+0x279/0x370
[  118.442825][ T5836]  do_syscall_64+0x100/0x230
[  118.447429][ T5836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.453365][ T5836] RIP: 0033:0x7fac9fd6c4c7
[  118.457784][ T5836] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[  118.477393][ T5836] RSP: 002b:00007ffefc077908 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[  118.485812][ T5836] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fac9fd6c4c7
[  118.493787][ T5836] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffefc0779c0
[  118.501763][ T5836] RBP: 00007ffefc0779c0 R08: 0000000000000000 R09: 0000000000000000
[  118.509739][ T5836] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffefc078a30
[  118.517717][ T5836] R13: 00005555930ef6c0 R14: 431bde82d7b634db R15: 00007ffefc078a50
[  118.525704][ T5836]  </TASK>
[  118.528720][ T5836] Modules linked in:
[  118.532994][ T5836] ---[ end trace 0000000000000000 ]---
[  118.538663][ T5836] RIP: 0010:bch2_fs_btree_cache_exit+0x1124/0x1130
[  118.545217][ T5836] Code: fd 90 0f 0b e8 7d 20 81 fd 90 0f 0b e8 75 20 81 fd 90 0f 0b e8 6d 20 81 fd 90 0f 0b e8 65 20 81 fd 90 0f 0b e8 5d 20 81 fd 90 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90
[  118.564942][ T5836] RSP: 0018:ffffc90003bbfb20 EFLAGS: 00010293
[  118.571388][ T5836] RAX: ffffffff8413ca13 RBX: 0000000000000002 RCX: ffff88803357bc00
[  118.579482][ T5836] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[  118.587549][ T5836] RBP: 1ffff110053ae116 R08: ffffffff8413c0b7 R09: 1ffff1100e6b03b6
[  118.595530][ T5836] R10: dffffc0000000000 R11: ffffed100e6b03b7 R12: ffff888073581c78
[  118.603582][ T5836] R13: ffff888073580000 R14: 0000000000000000 R15: dffffc0000000000
[  118.611663][ T5836] FS:  00005555930ee380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  118.620732][ T5836] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  118.627400][ T5836] CR2: 00005555930f76f8 CR3: 00000000752c4000 CR4: 0000000000350ef0
[  118.635393][ T5836] Kernel panic - not syncing: Fatal exception
[  118.641804][ T5836] Kernel Offset: disabled
[  118.646161][ T5836] Rebooting in 86400 seconds..