./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor389914719 <...> forked to background, child pid 3207 no interfaces have a carrier [ 26.692336][ T3208] 8021q: adding VLAN 0 to HW filter on device bond0 [ 26.702224][ T3208] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.127' (ECDSA) to the list of known hosts. execve("./syz-executor389914719", ["./syz-executor389914719"], 0x7fffddb7ac00 /* 10 vars */) = 0 brk(NULL) = 0x555556941000 brk(0x555556941c40) = 0x555556941c40 arch_prctl(ARCH_SET_FS, 0x555556941300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor389914719", 4096) = 27 brk(0x555556962c40) = 0x555556962c40 brk(0x555556963000) = 0x555556963000 mprotect(0x7fcaf2dc1000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcaea903000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 munmap(0x7fcaea903000, 16777216) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file0", 0777) = 0 syzkaller login: [ 45.749580][ T3636] loop0: detected capacity change from 0 to 32768 [ 45.760502][ T3636] BTRFS: device fsid a830dcec-d20e-42dc-8160-bf13f3286f97 devid 1 transid 8 /dev/loop0 scanned by syz-executor389 (3636) [ 45.777469][ T3636] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 45.786933][ T3636] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 45.798453][ T3636] BTRFS info (device loop0): trying to use backup root at mount time [ 45.806516][ T3636] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 45.817151][ T3636] BTRFS info (device loop0): trying to use backup root at mount time [ 45.825250][ T3636] BTRFS info (device loop0): using free space tree [ 45.832163][ T3636] workqueue: max_active 14258 requested for btrfs-worker is out of range, clamping between 1 and 512 [ 45.843880][ T3636] workqueue: max_active 14258 requested for btrfs-worker-high is out of range, clamping between 1 and 512 [ 45.855666][ T3636] workqueue: max_active 14258 requested for btrfs-delalloc is out of range, clamping between 1 and 512 [ 45.868206][ T3636] workqueue: max_active 14258 requested for btrfs-endio is out of range, clamping between 1 and 512 [ 45.879473][ T3636] workqueue: max_active 14258 requested for btrfs-endio-meta is out of range, clamping between 1 and 512 [ 45.891050][ T3636] workqueue: max_active 14258 requested for btrfs-endio-raid56 is out of range, clamping between 1 and 512 [ 45.902844][ T3636] workqueue: max_active 14258 requested for btrfs-rmw is out of range, clamping between 1 and 512 [ 45.913865][ T3636] workqueue: max_active 14258 requested for btrfs-endio-write is out of range, clamping between 1 and 512 [ 45.925579][ T3636] workqueue: max_active 14258 requested for btrfs-compressed-write is out of range, clamping between 1 and 512 [ 45.940721][ T101] BTRFS warning (device loop0): checksum verify failed on logical 5332992 mirror 1 wanted 0x6f1c19d9e98527de found 0x3d333e2ad94dd107 level 0 [ 45.955383][ T3636] BTRFS warning (device loop0): couldn't read tree root [ 45.964862][ T9] BTRFS error (device loop0): bad tree block start, mirror 1 want 5292032 have 648518346346643456 [ 45.975637][ T3636] BTRFS warning (device loop0): failed to read root (objectid=9): -5 [ 45.984040][ T3636] BTRFS error (device loop0): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7 [ 45.995611][ T3636] BTRFS warning (device loop0): couldn't read tree root [ 46.003192][ T3636] assertion failed: !tmp, in fs/btrfs/disk-io.c:1098 [ 46.010221][ T3636] ------------[ cut here ]------------ [ 46.015653][ T3636] kernel BUG at fs/btrfs/ctree.h:3713! [ 46.021151][ T3636] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 46.027214][ T3636] CPU: 0 PID: 3636 Comm: syz-executor389 Not tainted 6.1.0-syzkaller #0 [ 46.035534][ T3636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 46.045566][ T3636] RIP: 0010:assertfail.constprop.0+0x27/0x29 [ 46.051536][ T3636] Code: b9 cd f7 41 54 41 89 f4 55 48 89 fd e8 25 b9 cd f7 44 89 e1 48 89 ee 48 c7 c2 e0 f5 93 8a 48 c7 c7 20 f6 93 8a e8 d1 73 f5 ff <0f> 0b e8 05 b9 cd f7 e8 10 86 1a f8 be 73 04 00 00 48 c7 c7 c0 f6 [ 46.071119][ T3636] RSP: 0018:ffffc90003e0f730 EFLAGS: 00010282 [ 46.077162][ T3636] RAX: 0000000000000032 RBX: 0000000000000000 RCX: 0000000000000000 [ 46.085115][ T3636] RDX: ffff888020818000 RSI: ffffffff8165785c RDI: fffff520007c1ed8 [ 46.093069][ T3636] RBP: ffffffff8a940500 R08: 0000000000000032 R09: 0000000000000000 [ 46.101020][ T3636] R10: 0000000080000000 R11: 0000000000000000 R12: 000000000000044a [ 46.108972][ T3636] R13: ffff8880205b41f7 R14: dffffc0000000000 R15: ffff888026c88060 [ 46.116926][ T3636] FS: 0000555556941300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 46.125837][ T3636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.132422][ T3636] CR2: 00000000005d84c8 CR3: 000000007cbae000 CR4: 0000000000350ef0 [ 46.140384][ T3636] Call Trace: [ 46.143647][ T3636] [ 46.146561][ T3636] btrfs_global_root_insert.cold+0x23/0x23 [ 46.152356][ T3636] load_global_roots_objectid+0x42e/0x5fe [ 46.158069][ T3636] ? btrfs_get_fs_root_commit_root.cold+0x1b/0x1b [ 46.164472][ T3636] ? open_ctree+0x24f1/0x4581 [ 46.169136][ T3636] ? rcu_read_lock_sched_held+0x3e/0x70 [ 46.174693][ T3636] ? trace_kmem_cache_alloc+0x35/0x100 [ 46.180135][ T3636] ? kmem_cache_alloc+0x1ee/0x3d0 [ 46.185144][ T3636] open_ctree+0x2524/0x4581 [ 46.189635][ T3636] ? btrfs_get_root_ref.part.0.cold+0x36/0x36 [ 46.195693][ T3636] btrfs_mount_root.cold+0x15/0x162 [ 46.200883][ T3636] ? parse_rescue_options+0x370/0x370 [ 46.206243][ T3636] ? kfree+0x126/0x1a0 [ 46.210292][ T3636] ? vfs_parse_fs_string+0xfc/0x150 [ 46.215559][ T3636] ? vfs_parse_fs_param+0x3c0/0x3c0 [ 46.220741][ T3636] ? __kasan_kmalloc+0xa5/0xb0 [ 46.225494][ T3636] ? parse_rescue_options+0x370/0x370 [ 46.230850][ T3636] legacy_get_tree+0x109/0x220 [ 46.235597][ T3636] vfs_get_tree+0x8d/0x2f0 [ 46.240007][ T3636] vfs_kern_mount.part.0+0xd3/0x170 [ 46.245200][ T3636] vfs_kern_mount+0x40/0x60 [ 46.249695][ T3636] btrfs_mount+0x238/0xa70 [ 46.254097][ T3636] ? btrfs_show_options+0x1290/0x1290 [ 46.259726][ T3636] ? kfree+0x126/0x1a0 [ 46.263780][ T3636] ? apparmor_capable+0x1dc/0x460 [ 46.268805][ T3636] ? btrfs_show_options+0x1290/0x1290 [ 46.274163][ T3636] legacy_get_tree+0x109/0x220 [ 46.278909][ T3636] vfs_get_tree+0x8d/0x2f0 [ 46.283314][ T3636] path_mount+0x132a/0x1e20 [ 46.287812][ T3636] ? kmem_cache_free+0xee/0x5c0 [ 46.292647][ T3636] ? finish_automount+0x960/0x960 [ 46.297681][ T3636] ? putname+0x102/0x140 [ 46.301915][ T3636] __x64_sys_mount+0x283/0x300 [ 46.306685][ T3636] ? copy_mnt_ns+0xae0/0xae0 [ 46.311264][ T3636] ? lockdep_hardirqs_on+0x7d/0x100 [ 46.316445][ T3636] ? _raw_spin_unlock_irq+0x2e/0x50 [ 46.321631][ T3636] ? ptrace_notify+0xfe/0x140 [ 46.326299][ T3636] do_syscall_64+0x39/0xb0 [ 46.330704][ T3636] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 46.336582][ T3636] RIP: 0033:0x7fcaf2d50d5a [ 46.340978][ T3636] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 46.360657][ T3636] RSP: 002b:00007ffdedd235d8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 46.369053][ T3636] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fcaf2d50d5a [ 46.377008][ T3636] RDX: 00000000200051c0 RSI: 0000000020005200 RDI: 00007ffdedd235f0 [ 46.384961][ T3636] RBP: 00007ffdedd235f0 R08: 00007ffdedd23630 R09: 00000000000051b1 [ 46.392917][ T3636] R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000000004 [ 46.400869][ T3636] R13: 00005555569412c0 R14: 0000000000000000 R15: 00007ffdedd23630 [ 46.408826][ T3636] [ 46.411826][ T3636] Modules linked in: [ 46.415804][ T3636] ---[ end trace 0000000000000000 ]--- [ 46.421281][ T3636] RIP: 0010:assertfail.constprop.0+0x27/0x29 [ 46.427266][ T3636] Code: b9 cd f7 41 54 41 89 f4 55 48 89 fd e8 25 b9 cd f7 44 89 e1 48 89 ee 48 c7 c2 e0 f5 93 8a 48 c7 c7 20 f6 93 8a e8 d1 73 f5 ff <0f> 0b e8 05 b9 cd f7 e8 10 86 1a f8 be 73 04 00 00 48 c7 c7 c0 f6 [ 46.446901][ T3636] RSP: 0018:ffffc90003e0f730 EFLAGS: 00010282 [ 46.453065][ T3636] RAX: 0000000000000032 RBX: 0000000000000000 RCX: 0000000000000000 [ 46.461048][ T3636] RDX: ffff888020818000 RSI: ffffffff8165785c RDI: fffff520007c1ed8 [ 46.469031][ T3636] RBP: ffffffff8a940500 R08: 0000000000000032 R09: 0000000000000000 [ 46.476982][ T3636] R10: 0000000080000000 R11: 0000000000000000 R12: 000000000000044a [ 46.484962][ T3636] R13: ffff8880205b41f7 R14: dffffc0000000000 R15: ffff888026c88060 [ 46.492961][ T3636] FS: 0000555556941300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 46.501895][ T3636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.508509][ T3636] CR2: 00000000005d84c8 CR3: 000000007cbae000 CR4: 0000000000350ef0 [ 46.516479][ T3636] Kernel panic - not syncing: Fatal exception [ 46.523487][ T3636] Kernel Offset: disabled [ 46.527793][ T3636] Rebooting in 86400 seconds..