./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1918163375 <...> Warning: Permanently added '10.128.0.180' (ED25519) to the list of known hosts. execve("./syz-executor1918163375", ["./syz-executor1918163375"], 0x7ffea2aa0700 /* 10 vars */) = 0 brk(NULL) = 0x555579bfa000 brk(0x555579bfad00) = 0x555579bfad00 arch_prctl(ARCH_SET_FS, 0x555579bfa380) = 0 set_tid_address(0x555579bfa650) = 5837 set_robust_list(0x555579bfa660, 24) = 0 rseq(0x555579bfaca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1918163375", 4096) = 28 getrandom("\x94\x0f\xb7\xe4\x57\x94\xca\x94", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555579bfad00 brk(0x555579c1bd00) = 0x555579c1bd00 brk(0x555579c1c000) = 0x555579c1c000 mprotect(0x7faeae1c7000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579bfa650) = 5838 ./strace-static-x86_64: Process 5838 attached [pid 5838] set_robust_list(0x555579bfa660, 24) = 0 [pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5838] setpgid(0, 0) = 0 [pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5838] write(3, "1000", 4) = 4 [pid 5838] close(3) = 0 executing program [pid 5838] write(1, "executing program\n", 18) = 18 [pid 5838] memfd_create("syzkaller", 0) = 3 [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faea5c00000 [pid 5838] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5838] munmap(0x7faea5c00000, 138412032) = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5838] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5838] close(3) = 0 [pid 5838] close(4) = 0 [pid 5838] mkdir("./file0", 0777) = 0 [ 68.410362][ T5838] loop0: detected capacity change from 0 to 32768 [ 68.484917][ T5838] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 68.500571][ T5838] bcachefs (loop0): recovering from clean shutdown, journal seq 18446744073709551614 [ 68.510532][ T5838] bcachefs (loop0): Version upgrade required: [ 68.510532][ T5838] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 68.510532][ T5838] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 68.510532][ T5838] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 68.595555][ T5838] bcachefs (loop0): accounting_read... done [ 68.602772][ T5838] bcachefs (loop0): alloc_read... done [ 68.608787][ T5838] bcachefs (loop0): stripes_read... done [ 68.614503][ T5838] bcachefs (loop0): snapshots_read... done [ 68.620688][ T5838] bcachefs (loop0): check_allocations... done [ 68.643262][ T5838] bcachefs (loop0): going read-write [ 68.651681][ T5838] bcachefs (loop0): journal_replay... [ 69.719192][ T5151] ------------[ cut here ]------------ [ 69.730231][ T5151] kernel BUG at fs/bcachefs/journal_reclaim.h:30! [ 69.736680][ T5151] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 69.743638][ T5151] CPU: 0 UID: 0 PID: 5151 Comm: kworker/u9:1 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 69.754129][ T5151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 69.764187][ T5151] Workqueue: bcachefs_journal journal_write_work [ 69.770581][ T5151] RIP: 0010:__bch2_journal_pin_put+0x121/0x130 [ 69.776778][ T5151] Code: 04 56 fd 31 ff 89 de e8 5d 04 56 fd 89 d8 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc e8 48 01 56 fd 90 0f 0b e8 40 01 56 fd 90 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 [ 69.796399][ T5151] RSP: 0018:ffffc9001067fa10 EFLAGS: 00010293 [ 69.802500][ T5151] RAX: ffffffff843fdb90 RBX: 0000000000000000 RCX: ffff888035a83c00 [ 69.810469][ T5151] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000 [ 69.818436][ T5151] RBP: ffffc9001067fb78 R08: ffffffff843fdaf1 R09: ffffffff843d4df8 [ 69.826399][ T5151] R10: 0000000000000004 R11: ffff888035a83c00 R12: dffffc0000000000 [ 69.834363][ T5151] R13: ffff8880793ca500 R14: ffffffffffffffff R15: ffff8880793ca500 [ 69.842346][ T5151] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 69.851289][ T5151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.857885][ T5151] CR2: 0000561ae765a978 CR3: 00000000358b0000 CR4: 00000000003526f0 [ 69.865848][ T5151] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 69.873813][ T5151] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 69.881778][ T5151] Call Trace: [ 69.885048][ T5151] [ 69.887971][ T5151] ? __die_body+0x5f/0xb0 [ 69.892307][ T5151] ? die+0x9e/0xc0 [ 69.896016][ T5151] ? do_trap+0x15a/0x3a0 [ 69.900249][ T5151] ? __bch2_journal_pin_put+0x121/0x130 [ 69.905781][ T5151] ? do_error_trap+0x1dc/0x2c0 [ 69.910536][ T5151] ? __bch2_journal_pin_put+0x121/0x130 [ 69.916072][ T5151] ? __pfx_do_error_trap+0x10/0x10 [ 69.921180][ T5151] ? handle_invalid_op+0x34/0x40 [ 69.926110][ T5151] ? __bch2_journal_pin_put+0x121/0x130 [ 69.931650][ T5151] ? exc_invalid_op+0x38/0x50 [ 69.936330][ T5151] ? asm_exc_invalid_op+0x1a/0x20 [ 69.941381][ T5151] ? __journal_entry_close+0x728/0xe30 [ 69.946828][ T5151] ? __bch2_journal_pin_put+0x81/0x130 [ 69.952278][ T5151] ? __bch2_journal_pin_put+0x120/0x130 [ 69.957810][ T5151] ? __bch2_journal_pin_put+0x121/0x130 [ 69.963354][ T5151] __journal_entry_close+0x80a/0xe30 [ 69.968633][ T5151] ? __pfx___journal_entry_close+0x10/0x10 [ 69.974433][ T5151] ? do_raw_spin_lock+0x14f/0x370 [ 69.979494][ T5151] ? __pfx_lock_acquire+0x10/0x10 [ 69.984527][ T5151] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 69.989894][ T5151] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 69.996213][ T5151] journal_write_work+0x129/0x140 [ 70.001230][ T5151] ? process_scheduled_works+0x976/0x1850 [ 70.006967][ T5151] process_scheduled_works+0xa63/0x1850 [ 70.012516][ T5151] ? __pfx_process_scheduled_works+0x10/0x10 [ 70.018522][ T5151] ? assign_work+0x364/0x3d0 [ 70.023129][ T5151] worker_thread+0x870/0xd30 [ 70.027710][ T5151] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 70.033621][ T5151] ? __kthread_parkme+0x169/0x1d0 [ 70.038641][ T5151] ? __pfx_worker_thread+0x10/0x10 [ 70.043746][ T5151] kthread+0x2f0/0x390 [ 70.047810][ T5151] ? __pfx_worker_thread+0x10/0x10 [ 70.052913][ T5151] ? __pfx_kthread+0x10/0x10 [ 70.057544][ T5151] ret_from_fork+0x4b/0x80 [ 70.061974][ T5151] ? __pfx_kthread+0x10/0x10 [ 70.066575][ T5151] ret_from_fork_asm+0x1a/0x30 [ 70.071351][ T5151] [ 70.074361][ T5151] Modules linked in: [ 70.078515][ T5151] ---[ end trace 0000000000000000 ]--- [ 70.083997][ T5151] RIP: 0010:__bch2_journal_pin_put+0x121/0x130 [ 70.090199][ T5151] Code: 04 56 fd 31 ff 89 de e8 5d 04 56 fd 89 d8 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc e8 48 01 56 fd 90 0f 0b e8 40 01 56 fd 90 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 [ 70.109853][ T5151] RSP: 0018:ffffc9001067fa10 EFLAGS: 00010293 [ 70.115945][ T5151] RAX: ffffffff843fdb90 RBX: 0000000000000000 RCX: ffff888035a83c00 [ 70.123928][ T5151] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000 [ 70.131928][ T5151] RBP: ffffc9001067fb78 R08: ffffffff843fdaf1 R09: ffffffff843d4df8 [ 70.139919][ T5151] R10: 0000000000000004 R11: ffff888035a83c00 R12: dffffc0000000000 [ 70.147882][ T5151] R13: ffff8880793ca500 R14: ffffffffffffffff R15: ffff8880793ca500 [ 70.155904][ T5151] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 70.164927][ T5151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.171551][ T5151] CR2: 0000561ae765a978 CR3: 00000000358b0000 CR4: 00000000003526f0 [ 70.179709][ T5151] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.187672][ T5151] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 70.195725][ T5151] Kernel panic - not syncing: Fatal exception [ 70.202037][ T5151] Kernel Offset: disabled [ 70.206352][ T5151] Rebooting in 86400 seconds..