./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor830633678 <...> Warning: Permanently added '10.128.0.97' (ED25519) to the list of known hosts. execve("./syz-executor830633678", ["./syz-executor830633678"], 0x7ffc141565c0 /* 10 vars */) = 0 brk(NULL) = 0x5555947e7000 brk(0x5555947e7d00) = 0x5555947e7d00 arch_prctl(ARCH_SET_FS, 0x5555947e7380) = 0 set_tid_address(0x5555947e7650) = 5777 set_robust_list(0x5555947e7660, 24) = 0 rseq(0x5555947e7ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor830633678", 4096) = 27 getrandom("\x07\xb1\x35\x39\x62\x73\x51\x2f", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555947e7d00 brk(0x555594808d00) = 0x555594808d00 brk(0x555594809000) = 0x555594809000 mprotect(0x7feabfa4f000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555947e7650) = 5778 ./strace-static-x86_64: Process 5778 attached [pid 5777] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555947e7650) = 5779 ./strace-static-x86_64: Process 5779 attached [pid 5778] set_robust_list(0x5555947e7660, 24 [pid 5777] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5779] set_robust_list(0x5555947e7660, 24 [pid 5778] <... set_robust_list resumed>) = 0 [pid 5777] <... clone resumed>, child_tidptr=0x5555947e7650) = 5780 [pid 5777] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5780 attached [pid 5779] <... set_robust_list resumed>) = 0 [pid 5778] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5780] set_robust_list(0x5555947e7660, 24./strace-static-x86_64: Process 5781 attached ) = 0 [pid 5779] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5777] <... clone resumed>, child_tidptr=0x5555947e7650) = 5781 [pid 5781] set_robust_list(0x5555947e7660, 24 [pid 5780] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5777] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5781] <... set_robust_list resumed>) = 0 [pid 5781] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5778] <... openat resumed>) = 3 [pid 5780] <... openat resumed>) = 3 [pid 5779] <... openat resumed>) = 3 [pid 5778] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5782 attached [pid 5781] <... openat resumed>) = 3 [pid 5779] ioctl(3, LOOP_CLR_FD [pid 5777] <... clone resumed>, child_tidptr=0x5555947e7650) = 5782 [pid 5782] set_robust_list(0x5555947e7660, 24 [pid 5778] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5782] <... set_robust_list resumed>) = 0 [pid 5780] ioctl(3, LOOP_CLR_FD [pid 5782] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5780] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5782] <... openat resumed>) = 3 [pid 5780] close(3) = 0 [pid 5780] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5781] ioctl(3, LOOP_CLR_FD [pid 5779] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5782] ioctl(3, LOOP_CLR_FD [pid 5781] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5779] close(3 [pid 5778] close(3 [pid 5781] close(3 [pid 5779] <... close resumed>) = 0 [pid 5778] <... close resumed>) = 0 [pid 5781] <... close resumed>) = 0 [pid 5779] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5778] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5781] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5783 attached [pid 5782] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5783] set_robust_list(0x5555947e7660, 24./strace-static-x86_64: Process 5785 attached ) = 0 ./strace-static-x86_64: Process 5784 attached ./strace-static-x86_64: Process 5786 attached [pid 5784] set_robust_list(0x5555947e7660, 24 [pid 5783] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5779] <... clone resumed>, child_tidptr=0x5555947e7650) = 5786 [pid 5778] <... clone resumed>, child_tidptr=0x5555947e7650) = 5785 [pid 5785] set_robust_list(0x5555947e7660, 24 [pid 5783] <... prctl resumed>) = 0 [pid 5782] close(3 [pid 5780] <... clone resumed>, child_tidptr=0x5555947e7650) = 5783 [pid 5784] <... set_robust_list resumed>) = 0 [pid 5786] set_robust_list(0x5555947e7660, 24 [pid 5782] <... close resumed>) = 0 [pid 5784] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5782] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5786] <... set_robust_list resumed>) = 0 [pid 5785] <... set_robust_list resumed>) = 0 [pid 5784] <... prctl resumed>) = 0 [pid 5783] setpgid(0, 0 [pid 5781] <... clone resumed>, child_tidptr=0x5555947e7650) = 5784 [pid 5786] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5785] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5784] setpgid(0, 0 [pid 5783] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5787 attached [pid 5786] <... prctl resumed>) = 0 [pid 5784] <... setpgid resumed>) = 0 [pid 5786] setpgid(0, 0 [pid 5785] <... prctl resumed>) = 0 [pid 5783] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5782] <... clone resumed>, child_tidptr=0x5555947e7650) = 5787 [pid 5787] set_robust_list(0x5555947e7660, 24 [pid 5786] <... setpgid resumed>) = 0 [pid 5785] setpgid(0, 0 [pid 5784] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5787] <... set_robust_list resumed>) = 0 [pid 5786] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5785] <... setpgid resumed>) = 0 [pid 5783] <... openat resumed>) = 3 [pid 5787] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5786] <... openat resumed>) = 3 [pid 5785] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5784] <... openat resumed>) = 3 [pid 5783] write(3, "1000", 4 [pid 5787] <... prctl resumed>) = 0 [pid 5786] write(3, "1000", 4 [pid 5785] <... openat resumed>) = 3 [pid 5783] <... write resumed>) = 4 [pid 5787] setpgid(0, 0 [pid 5786] <... write resumed>) = 4 [pid 5784] write(3, "1000", 4 [pid 5783] close(3 [pid 5787] <... setpgid resumed>) = 0 [pid 5786] close(3 [pid 5785] write(3, "1000", 4 [pid 5784] <... write resumed>) = 4 [pid 5783] <... close resumed>) = 0 [pid 5787] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5786] <... close resumed>) = 0 [pid 5785] <... write resumed>) = 4 [pid 5784] close(3 [pid 5783] write(1, "executing program\n", 18executing program executing program executing program executing program [pid 5787] <... openat resumed>) = 3 [pid 5786] write(1, "executing program\n", 18 [pid 5785] close(3 [pid 5784] <... close resumed>) = 0 [pid 5783] <... write resumed>) = 18 [pid 5785] <... close resumed>) = 0 [pid 5785] write(1, "executing program\n", 18 [pid 5783] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=8589934731}, [pid 5785] <... write resumed>) = 18 [pid 5784] write(1, "executing program\n", 18 [pid 5783] <... prlimit64 resumed>NULL) = 0 [pid 5787] write(3, "1000", 4 [pid 5786] <... write resumed>) = 18 [pid 5785] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=8589934731}, [pid 5784] <... write resumed>) = 18 [pid 5783] sched_setscheduler(0, SCHED_FIFO, [7] [pid 5787] <... write resumed>) = 4 [pid 5786] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=8589934731}, [pid 5785] <... prlimit64 resumed>NULL) = 0 [pid 5784] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=8589934731}, [pid 5787] close(3 [pid 5786] <... prlimit64 resumed>NULL) = 0 executing program [pid 5785] sched_setscheduler(0, SCHED_FIFO, [7] [pid 5784] <... prlimit64 resumed>NULL) = 0 [pid 5783] <... sched_setscheduler resumed>) = 0 [pid 5787] <... close resumed>) = 0 [pid 5786] sched_setscheduler(0, SCHED_FIFO, [7] [pid 5784] sched_setscheduler(0, SCHED_FIFO, [7] [pid 5787] write(1, "executing program\n", 18 [pid 5786] <... sched_setscheduler resumed>) = 0 [pid 5785] <... sched_setscheduler resumed>) = 0 [pid 5784] <... sched_setscheduler resumed>) = 0 [pid 5783] memfd_create("syzkaller", 0 [pid 5787] <... write resumed>) = 18 [pid 5786] memfd_create("syzkaller", 0 [pid 5785] memfd_create("syzkaller", 0 [pid 5784] memfd_create("syzkaller", 0 [pid 5786] <... memfd_create resumed>) = 3 [pid 5785] <... memfd_create resumed>) = 3 [pid 5784] <... memfd_create resumed>) = 3 [pid 5783] <... memfd_create resumed>) = 3 [pid 5787] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=8589934731}, [pid 5786] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5785] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5784] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5783] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5786] <... mmap resumed>) = 0x7feab7400000 [pid 5785] <... mmap resumed>) = 0x7feab7400000 [pid 5784] <... mmap resumed>) = 0x7feab7400000 [pid 5783] <... mmap resumed>) = 0x7feab7400000 [pid 5787] <... prlimit64 resumed>NULL) = 0 [pid 5786] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5785] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5784] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5783] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5787] sched_setscheduler(0, SCHED_FIFO, [7] [pid 5786] <... write resumed>) = 16777216 [pid 5785] <... write resumed>) = 16777216 [pid 5784] <... write resumed>) = 16777216 [pid 5786] munmap(0x7feab7400000, 138412032 [pid 5785] munmap(0x7feab7400000, 138412032 [pid 5784] munmap(0x7feab7400000, 138412032 [pid 5787] <... sched_setscheduler resumed>) = 0 [pid 5786] <... munmap resumed>) = 0 [pid 5785] <... munmap resumed>) = 0 [pid 5783] <... write resumed>) = 16777216 [pid 5787] memfd_create("syzkaller", 0 [pid 5786] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5785] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5783] munmap(0x7feab7400000, 138412032 [pid 5787] <... memfd_create resumed>) = 3 [pid 5786] <... openat resumed>) = 4 [pid 5785] <... openat resumed>) = 4 [pid 5784] <... munmap resumed>) = 0 [pid 5783] <... munmap resumed>) = 0 [pid 5787] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5786] ioctl(4, LOOP_SET_FD, 3 [pid 5785] ioctl(4, LOOP_SET_FD, 3 [pid 5784] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5783] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5787] <... mmap resumed>) = 0x7feab7400000 [pid 5786] <... ioctl resumed>) = 0 [ 183.436740][ T5786] loop1: detected capacity change from 0 to 32768 [ 183.446478][ T5785] loop0: detected capacity change from 0 to 32768 [pid 5785] <... ioctl resumed>) = 0 [pid 5784] <... openat resumed>) = 4 [pid 5783] <... openat resumed>) = 4 [pid 5786] close(3 [pid 5785] close(3 [pid 5784] ioctl(4, LOOP_SET_FD, 3 [pid 5783] ioctl(4, LOOP_SET_FD, 3 [pid 5786] <... close resumed>) = 0 [pid 5785] <... close resumed>) = 0 [pid 5784] <... ioctl resumed>) = 0 [pid 5783] <... ioctl resumed>) = 0 [pid 5786] close(4 [pid 5785] close(4 [pid 5784] close(3 [pid 5783] close(3 [pid 5786] <... close resumed>) = 0 [pid 5785] <... close resumed>) = 0 [pid 5784] <... close resumed>) = 0 [pid 5783] <... close resumed>) = 0 [pid 5786] mkdir("./file1", 0777 [pid 5785] mkdir("./file1", 0777 [pid 5784] close(4 [pid 5783] close(4 [pid 5786] <... mkdir resumed>) = 0 [pid 5785] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5784] <... close resumed>) = 0 [pid 5783] <... close resumed>) = 0 [ 183.491952][ T5784] loop3: detected capacity change from 0 to 32768 [ 183.501534][ T5783] loop2: detected capacity change from 0 to 32768 [pid 5786] mount("/dev/loop1", "./file1", "bcachefs", MS_I_VERSION, "\x78\x9c\xec\xdd\x7f\x90\x1c\xd5\x7d\x20\xf0\xd7\x33\xb3\xda\xd1\xae\x56\x5a\x09\x08\x32\x98\xd5\x22\x50\x42\x20\xb6\x56\xfc\x2a\x6c\xa7\x62\x25\x97\xd8\x29\x20\x94\x5c\xa4\x1c\xc4\xc9\x86\x05\xad\x38\xd9\x92\x50\x49\x22\x80\x20\x41\xe4\xc0\x87\x0a\x70\xe1\x94\x53\x09\x4e\xfe\x20\x2e\x4c\x1d\xb6\xe2\xa2\x0a\xce\x46\xa6\x8c\xf9\x71\x12\x67\x63\x53\x9c\x7d\xd4\x15\xa6\xce\xdc\x61\xff\xe1\x2b\xcc\xa1"... [pid 5785] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "\x78\x9c\xec\xdd\x7f\x90\x1c\xd5\x7d\x20\xf0\xd7\x33\xb3\xda\xd1\xae\x56\x5a\x09\x08\x32\x98\xd5\x22\x50\x42\x20\xb6\x56\xfc\x2a\x6c\xa7\x62\x25\x97\xd8\x29\x20\x94\x5c\xa4\x1c\xc4\xc9\x86\x05\xad\x38\xd9\x92\x50\x49\x22\x80\x20\x41\xe4\xc0\x87\x0a\x70\xe1\x94\x53\x09\x4e\xfe\x20\x2e\x4c\x1d\xb6\xe2\xa2\x0a\xce\x46\xa6\x8c\xf9\x71\x12\x67\x63\x53\x9c\x7d\xd4\x15\xa6\xce\xdc\x61\xff\xe1\x2b\xcc\xa1"... [pid 5784] mkdir("./file1", 0777 [pid 5783] mkdir("./file1", 0777 [pid 5784] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5783] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5784] mount("/dev/loop3", "./file1", "bcachefs", MS_I_VERSION, "\x78\x9c\xec\xdd\x7f\x90\x1c\xd5\x7d\x20\xf0\xd7\x33\xb3\xda\xd1\xae\x56\x5a\x09\x08\x32\x98\xd5\x22\x50\x42\x20\xb6\x56\xfc\x2a\x6c\xa7\x62\x25\x97\xd8\x29\x20\x94\x5c\xa4\x1c\xc4\xc9\x86\x05\xad\x38\xd9\x92\x50\x49\x22\x80\x20\x41\xe4\xc0\x87\x0a\x70\xe1\x94\x53\x09\x4e\xfe\x20\x2e\x4c\x1d\xb6\xe2\xa2\x0a\xce\x46\xa6\x8c\xf9\x71\x12\x67\x63\x53\x9c\x7d\xd4\x15\xa6\xce\xdc\x61\xff\xe1\x2b\xcc\xa1"... [pid 5783] mount("/dev/loop2", "./file1", "bcachefs", MS_I_VERSION, "\x78\x9c\xec\xdd\x7f\x90\x1c\xd5\x7d\x20\xf0\xd7\x33\xb3\xda\xd1\xae\x56\x5a\x09\x08\x32\x98\xd5\x22\x50\x42\x20\xb6\x56\xfc\x2a\x6c\xa7\x62\x25\x97\xd8\x29\x20\x94\x5c\xa4\x1c\xc4\xc9\x86\x05\xad\x38\xd9\x92\x50\x49\x22\x80\x20\x41\xe4\xc0\x87\x0a\x70\xe1\x94\x53\x09\x4e\xfe\x20\x2e\x4c\x1d\xb6\xe2\xa2\x0a\xce\x46\xa6\x8c\xf9\x71\x12\x67\x63\x53\x9c\x7d\xd4\x15\xa6\xce\xdc\x61\xff\xe1\x2b\xcc\xa1"... [pid 5787] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5787] munmap(0x7feab7400000, 138412032) = 0 [pid 5787] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5787] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5787] close(3) = 0 [pid 5787] close(4) = 0 [pid 5787] mkdir("./file1", 0777) = -1 EEXIST (File exists) [ 184.168818][ T5787] loop4: detected capacity change from 0 to 32768 [ 184.216164][ T5785] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 1791,nojournal_transaction_names [ 184.218653][ T5783] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open [ 184.236404][ T5785] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 184.244351][ T5783] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 184.253277][ T5785] bcachefs (loop0): Version upgrade required: [ 184.253277][ T5785] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 184.253277][ T5785] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 184.253277][ T5785] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 184.265690][ T5786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open [ 184.340614][ T5786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 184.378663][ T5784] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open [ 184.388340][ T5784] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 184.438197][ T5785] invalid bkey in btree_node btree=dirents level=0: u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: -> 7606273 type unknown [ 184.438302][ T5785] dirent has stray data after name's NUL: delete?, fixing [ 184.482975][ T5785] bcachefs (loop0): error validating btree node on loop0 at btree alloc level 0/0 [ 184.483065][ T5785] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 184.483162][ T5785] node offset 8/24 bset u64s 375: unsupported bset version 62.24 [ 184.514872][ T5785] bcachefs (loop0): flagging btree alloc lost data [ 184.521626][ T5785] bcachefs (loop0): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 184.537206][ T5785] error reading btree root btree=alloc level=0: btree_node_read_error, fixing [pid 5787] mount("/dev/loop4", "./file1", "bcachefs", MS_I_VERSION, "\x78\x9c\xec\xdd\x7f\x90\x1c\xd5\x7d\x20\xf0\xd7\x33\xb3\xda\xd1\xae\x56\x5a\x09\x08\x32\x98\xd5\x22\x50\x42\x20\xb6\x56\xfc\x2a\x6c\xa7\x62\x25\x97\xd8\x29\x20\x94\x5c\xa4\x1c\xc4\xc9\x86\x05\xad\x38\xd9\x92\x50\x49\x22\x80\x20\x41\xe4\xc0\x87\x0a\x70\xe1\x94\x53\x09\x4e\xfe\x20\x2e\x4c\x1d\xb6\xe2\xa2\x0a\xce\x46\xa6\x8c\xf9\x71\x12\x67\x63\x53\x9c\x7d\xd4\x15\xa6\xce\xdc\x61\xff\xe1\x2b\xcc\xa1"... [pid 5783] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5783] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5783] ioctl(3, LOOP_CLR_FD) = 0 [ 184.725285][ T5783] bcachefs: bch2_fs_get_tree() error: EINVAL [ 184.772395][ T5787] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open [ 184.782088][ T5787] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 184.799221][ T5786] bcachefs: bch2_fs_get_tree() error: EINVAL [ 184.989562][ T5785] bcachefs (loop0): error validating btree node on loop0 at btree freespace level 0/0 [ 184.989657][ T5785] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key 0:3703155162349568:0 durability: 1 ptr: 0:29:0 gen 0 [ 184.989754][ T5785] node offset 0/32: incorrect min_key: got POS_MIN should be 0:3703155162349568:0 [ 185.025474][ T5785] bcachefs (loop0): flagging btree freespace lost data [pid 5786] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5783] close(3 [ 185.037378][ T5785] error reading btree root btree=freespace level=0: btree_node_read_error, fixing [pid 5786] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5786] ioctl(3, LOOP_CLR_FD) = 0 [ 185.217332][ T5784] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5786] close(3) = 0 [pid 5784] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5783] <... close resumed>) = 0 [pid 5786] exit_group(0 [pid 5784] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5783] exit_group(0 [pid 5786] <... exit_group resumed>) = ? [pid 5784] <... openat resumed>) = 3 [pid 5783] <... exit_group resumed>) = ? [pid 5786] +++ exited with 0 +++ [pid 5784] ioctl(3, LOOP_CLR_FD [pid 5783] +++ exited with 0 +++ [pid 5784] <... ioctl resumed>) = 0 [ 185.508033][ T5785] bcachefs (loop0): check_topology... done [ 185.521189][ T5787] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5784] close(3 [pid 5787] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5780] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5783, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=133 /* 1.33 s */} --- [pid 5779] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5786, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=128 /* 1.28 s */} --- [pid 5787] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5779] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5787] <... openat resumed>) = 3 [pid 5779] <... openat resumed>) = 3 [pid 5787] ioctl(3, LOOP_CLR_FD [pid 5779] ioctl(3, LOOP_CLR_FD [pid 5787] <... ioctl resumed>) = 0 [pid 5779] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5787] close(3 [pid 5779] close(3 [pid 5784] <... close resumed>) = 0 [pid 5784] exit_group(0) = ? [pid 5784] +++ exited with 0 +++ [pid 5779] <... close resumed>) = 0 [pid 5779] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5827 attached [pid 5827] set_robust_list(0x5555947e7660, 24) = 0 [pid 5827] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5827] setpgid(0, 0 [pid 5779] <... clone resumed>, child_tidptr=0x5555947e7650) = 5827 [ 185.925201][ T5785] bcachefs (loop0): accounting_read... done [ 186.001913][ T5785] bcachefs (loop0): alloc_read... done [ 186.008035][ T5785] bcachefs (loop0): stripes_read... done [ 186.014151][ T5785] bcachefs (loop0): snapshots_read... done [ 186.020583][ T5785] bcachefs (loop0): check_allocations... [ 186.026812][ T5785] bucket 0:34 data type user ptr gen 0 missing in alloc btree [ 186.026906][ T5785] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing [ 186.065400][ T5785] bucket 0:27 data type btree ptr gen 0 missing in alloc btree [ 186.065488][ T5785] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0, fixing [ 186.100144][ T5785] bucket 0:38 data type btree ptr gen 0 missing in alloc btree [ 186.100231][ T5785] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 186.135451][ T5785] bucket 0:41 data type btree ptr gen 0 missing in alloc btree [pid 5827] <... setpgid resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5787] <... close resumed>) = 0 [pid 5787] exit_group(0) = ? [pid 5787] +++ exited with 0 +++ [pid 5781] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5784, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=128 /* 1.28 s */} --- [pid 5782] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5787, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=128 /* 1.28 s */} --- [pid 5782] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5781] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5782] <... openat resumed>) = 3 [pid 5781] <... openat resumed>) = 3 [pid 5782] ioctl(3, LOOP_CLR_FD [pid 5781] ioctl(3, LOOP_CLR_FD [pid 5782] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5781] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5782] close(3 [pid 5781] close(3) = 0 [pid 5782] <... close resumed>) = 0 [pid 5781] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5782] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5828 attached [pid 5827] write(3, "1000", 4) = 4 [ 186.135540][ T5785] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 281474976710656: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 186.163177][ T5785] bucket 0:31 data type btree ptr gen 0 missing in alloc btree [ 186.163264][ T5785] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing [ 186.206108][ T5785] bucket 0:35 data type btree ptr gen 0 missing in alloc btree [ 186.206195][ T5785] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing executing program [pid 5828] set_robust_list(0x5555947e7660, 24 [pid 5827] close(3 [pid 5781] <... clone resumed>, child_tidptr=0x5555947e7650) = 5828 [pid 5828] <... set_robust_list resumed>) = 0 [pid 5827] <... close resumed>) = 0 ./strace-static-x86_64: Process 5829 attached [pid 5828] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] write(1, "executing program\n", 18) = 18 [pid 5827] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=8589934731}, [pid 5828] <... prctl resumed>) = 0 [pid 5827] <... prlimit64 resumed>NULL) = 0 [pid 5829] set_robust_list(0x5555947e7660, 24 [pid 5828] setpgid(0, 0 [pid 5827] sched_setscheduler(0, SCHED_FIFO, [7] [pid 5829] <... set_robust_list resumed>) = 0 [pid 5828] <... setpgid resumed>) = 0 [pid 5827] <... sched_setscheduler resumed>) = 0 [pid 5827] memfd_create("syzkaller", 0) = 3 [pid 5827] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5829] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] <... mmap resumed>) = 0x7feab7400000 [ 186.342166][ T5785] bucket 0:32 data type btree ptr gen 0 missing in alloc btree [ 186.342258][ T5785] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 186.368603][ T5785] bucket 0:28 data type btree ptr gen 0 missing in alloc btree [ 186.368689][ T5785] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0, fixing [ 186.396724][ T5785] bucket 0:37 data type btree ptr gen 0 missing in alloc btree [ 186.396805][ T5785] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing [ 186.424318][ T5785] bucket 0:42 data type btree ptr gen 0 missing in alloc btree [ 186.424404][ T5785] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing [pid 5829] <... prctl resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 186.490359][ T5785] done [ 186.523597][ T5785] bcachefs (loop0): going read-write [ 186.533935][ T5785] bcachefs (loop0): journal_replay... [ 186.618880][ T5785] ===================================================== [ 186.631676][ T5785] BUG: KMSAN: uninit-value in bch2_bucket_alloc_early+0xe51/0x2810 [ 186.639961][ T5785] bch2_bucket_alloc_early+0xe51/0x2810 [ 186.645779][ T5785] bch2_bucket_alloc_trans+0x9ce/0x3180 [ 186.651499][ T5785] bch2_bucket_alloc_set_trans+0x92c/0x1620 [ 186.657675][ T5785] __open_bucket_add_buckets+0x1de7/0x3060 [ 186.663826][ T5785] open_bucket_add_buckets+0x328/0x530 [ 186.669497][ T5785] bch2_alloc_sectors_start_trans+0x1730/0x32b0 [ 186.676036][ T5785] bch2_btree_reserve_get+0x9d6/0x2290 [ 186.681672][ T5785] bch2_btree_update_start+0x1af9/0x2d60 [ 186.687628][ T5785] bch2_btree_split_leaf+0x120/0xc90 [ 186.693125][ T5785] bch2_trans_commit_error+0x1c0/0x1d60 [ 186.699049][ T5785] __bch2_trans_commit+0x1d60/0xd310 [ 186.704601][ T5785] wb_flush_one_slowpath+0x1e8/0x220 [ 186.710071][ T5785] bch2_btree_write_buffer_flush_locked+0x455f/0x7180 [ 186.717141][ T5785] btree_write_buffer_flush_seq+0x3034/0x3250 [ 186.723525][ T5785] bch2_btree_write_buffer_journal_flush+0x103/0x1f0 [ 186.730406][ T5785] journal_flush_pins+0xce6/0x1780 [ 186.735798][ T5785] journal_flush_done+0xe1/0x3f0 [ 186.741000][ T5785] bch2_journal_flush_pins+0x2a9/0x3b0 [ 186.746743][ T5785] bch2_journal_replay+0x4920/0x4d30 [ 186.752220][ T5785] bch2_run_recovery_passes+0x5a2/0x1160 [ 186.758164][ T5785] bch2_fs_recovery+0x489c/0x6230 [ 186.763433][ T5785] bch2_fs_start+0x7ca/0xc20 [ 186.768188][ T5785] bch2_fs_get_tree+0x143a/0x2330 [ 186.773516][ T5785] vfs_get_tree+0xb1/0x5a0 [ 186.778106][ T5785] do_new_mount+0x71f/0x15e0 [ 186.782879][ T5785] path_mount+0x742/0x1f10 [ 186.787638][ T5785] __se_sys_mount+0x71f/0x800 [ 186.792673][ T5785] __x64_sys_mount+0xe4/0x150 [ 186.797640][ T5785] x64_sys_call+0x39bf/0x3c30 [ 186.802484][ T5785] do_syscall_64+0xcd/0x1e0 [ 186.807289][ T5785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.813469][ T5785] [ 186.815881][ T5785] Uninit was created at: [ 186.820363][ T5785] ___kmalloc_large_node+0x22c/0x370 [ 186.825954][ T5785] __kmalloc_large_node_noprof+0x3f/0x1e0 [ 186.831868][ T5785] __kmalloc_node_noprof+0xc96/0x1250 [ 186.837536][ T5785] __kvmalloc_node_noprof+0xc0/0x2d0 [ 186.843024][ T5785] __bch2_btree_node_mem_alloc+0x2be/0xa80 [ 186.850576][ T5785] bch2_fs_btree_cache_init+0x4f0/0xb60 [ 186.856433][ T5785] bch2_fs_open+0x4b24/0x59c0 [ 186.861284][ T5785] bch2_fs_get_tree+0x986/0x2330 [pid 5827] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5782] <... clone resumed>, child_tidptr=0x5555947e7650) = 5829 [pid 5780] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5829] setpgid(0, 0 [pid 5828] <... openat resumed>) = 3 [pid 5827] <... write resumed>) = 16777216 [pid 5827] munmap(0x7feab7400000, 138412032) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5827] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5827] close(3) = 0 [pid 5827] close(4) = 0 [pid 5829] <... setpgid resumed>) = 0 [pid 5827] mkdir("./file1", 0777 [pid 5829] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] write(3, "1000", 4 [pid 5827] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5827] mount("/dev/loop1", "./file1", "bcachefs", MS_I_VERSION, "\x78\x9c\xec\xdd\x7f\x90\x1c\xd5\x7d\x20\xf0\xd7\x33\xb3\xda\xd1\xae\x56\x5a\x09\x08\x32\x98\xd5\x22\x50\x42\x20\xb6\x56\xfc\x2a\x6c\xa7\x62\x25\x97\xd8\x29\x20\x94\x5c\xa4\x1c\xc4\xc9\x86\x05\xad\x38\xd9\x92\x50\x49\x22\x80\x20\x41\xe4\xc0\x87\x0a\x70\xe1\x94\x53\x09\x4e\xfe\x20\x2e\x4c\x1d\xb6\xe2\xa2\x0a\xce\x46\xa6\x8c\xf9\x71\x12\x67\x63\x53\x9c\x7d\xd4\x15\xa6\xce\xdc\x61\xff\xe1\x2b\xcc\xa1"... [pid 5778] kill(-5785, SIGKILL [pid 5829] <... openat resumed>) = 3 [pid 5828] <... write resumed>) = 4 [pid 5778] <... kill resumed>) = 0 [pid 5778] kill(5785, SIGKILL [pid 5828] close(3 [pid 5778] <... kill resumed>) = 0 [ 186.866503][ T5785] vfs_get_tree+0xb1/0x5a0 [ 186.871121][ T5785] do_new_mount+0x71f/0x15e0 [ 186.876038][ T5785] path_mount+0x742/0x1f10 [ 186.876425][ T5827] loop1: detected capacity change from 0 to 32768 [ 186.880621][ T5785] __se_sys_mount+0x71f/0x800 [ 186.892073][ T5785] __x64_sys_mount+0xe4/0x150 [ 186.897059][ T5785] x64_sys_call+0x39bf/0x3c30 [ 186.901925][ T5785] do_syscall_64+0xcd/0x1e0 [ 186.906735][ T5785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.912841][ T5785] [pid 5828] <... close resumed>) = 0 [pid 5780] <... openat resumed>) = 3 [pid 5829] write(3, "1000", 4executing program executing program ) = 4 [pid 5829] close(3) = 0 [pid 5829] write(1, "executing program\n", 18) = 18 [pid 5828] write(1, "executing program\n", 18 [pid 5829] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=8589934731}, [pid 5828] <... write resumed>) = 18 [pid 5780] ioctl(3, LOOP_CLR_FD [pid 5829] <... prlimit64 resumed>NULL) = 0 [pid 5780] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] sched_setscheduler(0, SCHED_FIFO, [7] [pid 5828] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=8589934731}, [pid 5780] close(3 [pid 5829] <... sched_setscheduler resumed>) = 0 [pid 5828] <... prlimit64 resumed>NULL) = 0 [pid 5780] <... close resumed>) = 0 [pid 5829] memfd_create("syzkaller", 0) = 3 [ 186.915357][ T5785] CPU: 0 UID: 0 PID: 5785 Comm: syz-executor830 Not tainted 6.13.0-syzkaller-07078-gb46c89c08f41 #0 [ 186.926418][ T5785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 186.936783][ T5785] ===================================================== [ 186.943916][ T5785] Disabling lock debugging due to kernel taint [ 186.950219][ T5785] Kernel panic - not syncing: kmsan.panic set ... [ 186.950288][ T5785] CPU: 0 UID: 0 PID: 5785 Comm: syz-executor830 Tainted: G B 6.13.0-syzkaller-07078-gb46c89c08f41 #0 [ 186.950417][ T5785] Tainted: [B]=BAD_PAGE [ 186.950453][ T5785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 186.950512][ T5785] Call Trace: [ 186.950550][ T5785] [ 186.950582][ T5785] dump_stack_lvl+0x216/0x2d0 [ 186.950681][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.950832][ T5785] dump_stack+0x1e/0x24 [ 186.950919][ T5785] panic+0x4e2/0xcf0 [ 186.951062][ T5785] ? kmsan_get_metadata+0x51/0x1c0 [ 186.951216][ T5785] kmsan_report+0x2c7/0x2d0 [ 186.951348][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.951476][ T5785] ? __msan_warning+0x95/0x120 [ 186.951586][ T5785] ? bch2_bucket_alloc_early+0xe51/0x2810 [ 186.951709][ T5785] ? bch2_bucket_alloc_trans+0x9ce/0x3180 [ 186.951819][ T5785] ? bch2_bucket_alloc_set_trans+0x92c/0x1620 [ 186.951932][ T5785] ? __open_bucket_add_buckets+0x1de7/0x3060 [ 186.952054][ T5785] ? open_bucket_add_buckets+0x328/0x530 [ 186.952161][ T5785] ? bch2_alloc_sectors_start_trans+0x1730/0x32b0 [ 186.952286][ T5785] ? bch2_btree_reserve_get+0x9d6/0x2290 [ 186.952395][ T5785] ? bch2_btree_update_start+0x1af9/0x2d60 [ 186.952546][ T5785] ? bch2_btree_split_leaf+0x120/0xc90 [ 186.952693][ T5785] ? bch2_trans_commit_error+0x1c0/0x1d60 [ 186.952825][ T5785] ? __bch2_trans_commit+0x1d60/0xd310 [ 186.952950][ T5785] ? wb_flush_one_slowpath+0x1e8/0x220 [ 186.953072][ T5785] ? bch2_btree_write_buffer_flush_locked+0x455f/0x7180 [ 186.953202][ T5785] ? btree_write_buffer_flush_seq+0x3034/0x3250 [ 186.953332][ T5785] ? bch2_btree_write_buffer_journal_flush+0x103/0x1f0 [ 186.953466][ T5785] ? journal_flush_pins+0xce6/0x1780 [ 186.953585][ T5785] ? journal_flush_done+0xe1/0x3f0 [ 186.953695][ T5785] ? bch2_journal_flush_pins+0x2a9/0x3b0 [ 186.953812][ T5785] ? bch2_journal_replay+0x4920/0x4d30 [ 186.953964][ T5785] ? bch2_run_recovery_passes+0x5a2/0x1160 [ 186.954101][ T5785] ? bch2_fs_recovery+0x489c/0x6230 [ 186.954230][ T5785] ? bch2_fs_start+0x7ca/0xc20 [ 186.954335][ T5785] ? bch2_fs_get_tree+0x143a/0x2330 [ 186.954449][ T5785] ? vfs_get_tree+0xb1/0x5a0 [ 186.954562][ T5785] ? do_new_mount+0x71f/0x15e0 [ 186.954690][ T5785] ? path_mount+0x742/0x1f10 [ 186.954807][ T5785] ? __se_sys_mount+0x71f/0x800 [ 186.954934][ T5785] ? __x64_sys_mount+0xe4/0x150 [ 186.955060][ T5785] ? x64_sys_call+0x39bf/0x3c30 [ 186.955169][ T5785] ? do_syscall_64+0xcd/0x1e0 [ 186.955303][ T5785] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.955445][ T5785] ? filter_irq_stacks+0x164/0x1a0 [ 186.955601][ T5785] ? stack_depot_save_flags+0x2c/0x750 [ 186.955738][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.955873][ T5785] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 186.956003][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.956137][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.956286][ T5785] __msan_warning+0x95/0x120 [ 186.956401][ T5785] bch2_bucket_alloc_early+0xe51/0x2810 [ 186.956528][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.956689][ T5785] ? bch2_bucket_alloc_early+0x192/0x2810 [ 186.956813][ T5785] ? bch2_bucket_alloc_early+0x192/0x2810 [ 186.956953][ T5785] ? bch2_bucket_alloc_early+0x192/0x2810 [ 186.957108][ T5785] bch2_bucket_alloc_trans+0x9ce/0x3180 [ 186.957229][ T5785] ? bch2_bucket_alloc_trans+0xbc1/0x3180 [ 186.957343][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.957506][ T5785] ? bch2_bucket_alloc_trans+0xbc1/0x3180 [ 186.957651][ T5785] bch2_bucket_alloc_set_trans+0x92c/0x1620 [ 186.957801][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.957930][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.958067][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.958195][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.958336][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.958483][ T5785] ? __module_address+0x4d/0x630 [ 186.958579][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.958715][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.958857][ T5785] ? filter_irq_stacks+0x60/0x1a0 [ 186.959030][ T5785] __open_bucket_add_buckets+0x1de7/0x3060 [ 186.959165][ T5785] ? stack_depot_save+0x12/0x20 [ 186.959299][ T5785] ? kmsan_internal_chain_origin+0xb0/0xd0 [ 186.959425][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.959561][ T5785] ? kmsan_internal_chain_origin+0x57/0xd0 [ 186.959683][ T5785] ? kmsan_internal_memmove_metadata+0x17b/0x230 [ 186.959811][ T5785] ? __msan_memcpy+0x108/0x1c0 [ 186.959924][ T5785] ? bch2_alloc_sectors_start_trans+0x2cc8/0x32b0 [ 186.960047][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.960183][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.960337][ T5785] ? bch2_btree_path_verify_locks+0x1859/0x1980 [ 186.960478][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.960609][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.960766][ T5785] open_bucket_add_buckets+0x328/0x530 [ 186.960884][ T5785] ? __bch2_trans_relock+0x6bb/0x730 [ 186.961000][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.961136][ T5785] bch2_alloc_sectors_start_trans+0x1730/0x32b0 [ 186.961281][ T5785] ? __bch2_trans_relock+0x6bb/0x730 [ 186.961395][ T5785] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 186.961536][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.961675][ T5785] bch2_btree_reserve_get+0x9d6/0x2290 [ 186.961808][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.961995][ T5785] bch2_btree_update_start+0x1af9/0x2d60 [ 186.962148][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.962323][ T5785] ? bch2_btree_split_leaf+0x120/0xc90 [ 186.962495][ T5785] bch2_btree_split_leaf+0x120/0xc90 [ 186.962664][ T5785] ? bch2_btree_path_verify_locks+0x1859/0x1980 [ 186.962806][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.962963][ T5785] bch2_trans_commit_error+0x1c0/0x1d60 [ 186.963118][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.963289][ T5785] ? bch2_trans_verify_locks+0x5bc/0x630 [ 186.963417][ T5785] ? wb_flush_one_slowpath+0x1e8/0x220 [ 186.963550][ T5785] ? wb_flush_one_slowpath+0x1e8/0x220 [ 186.963676][ T5785] __bch2_trans_commit+0x1d60/0xd310 [ 186.963811][ T5785] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 186.963944][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.964100][ T5785] ? six_unlock_ip+0x4a6/0x510 [ 186.964259][ T5785] wb_flush_one_slowpath+0x1e8/0x220 [ 186.964390][ T5785] bch2_btree_write_buffer_flush_locked+0x455f/0x7180 [ 186.964523][ T5785] ? __update_load_avg_cfs_rq+0x8b4/0x10e0 [ 186.964649][ T5785] ? __update_load_avg_se+0xbb0/0x11a0 [ 186.964794][ T5785] ? bch2_btree_write_buffer_flush_locked+0x2506/0x7180 [ 186.964938][ T5785] ? __bch2_next_write_buffer_flush_journal_buf+0x56c/0x930 [ 186.965141][ T5785] btree_write_buffer_flush_seq+0x3034/0x3250 [ 186.965276][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.965434][ T5785] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 186.965568][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.965697][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.965832][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.965966][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.966116][ T5785] ? __bch2_trans_get+0xe05/0x14f0 [ 186.966251][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.966407][ T5785] bch2_btree_write_buffer_journal_flush+0x103/0x1f0 [ 186.966549][ T5785] ? __pfx_bch2_btree_write_buffer_journal_flush+0x10/0x10 [ 186.966692][ T5785] journal_flush_pins+0xce6/0x1780 [ 186.966852][ T5785] journal_flush_done+0xe1/0x3f0 [ 186.966966][ T5785] ? closure_wait+0xd5/0x120 [ 186.967083][ T5785] bch2_journal_flush_pins+0x2a9/0x3b0 [ 186.967217][ T5785] ? __pfx_closure_sync_fn+0x10/0x10 [ 186.967338][ T5785] bch2_journal_replay+0x4920/0x4d30 [ 186.967472][ T5785] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 186.967621][ T5785] ? vprintk_emit+0xd00/0xea0 [ 186.967712][ T5785] ? stack_depot_save_flags+0x2c/0x750 [ 186.967845][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.967995][ T5785] ? vprintk+0x35/0x40 [ 186.968116][ T5785] ? __bch2_print+0x392/0x470 [ 186.968251][ T5785] ? __pfx_bch2_journal_replay+0x10/0x10 [ 186.968384][ T5785] bch2_run_recovery_passes+0x5a2/0x1160 [ 186.968556][ T5785] bch2_fs_recovery+0x489c/0x6230 [ 186.968680][ T5785] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 186.968820][ T5785] ? __closure_wake_up+0x16a/0x180 [ 186.968962][ T5785] bch2_fs_start+0x7ca/0xc20 [ 186.969079][ T5785] bch2_fs_get_tree+0x143a/0x2330 [ 186.969272][ T5785] vfs_get_tree+0xb1/0x5a0 [ 186.969394][ T5785] ? mount_capable+0x97/0x120 [ 186.969495][ T5785] do_new_mount+0x71f/0x15e0 [ 186.969626][ T5785] ? kmsan_get_metadata+0x13e/0x1c0 [ 186.969778][ T5785] path_mount+0x742/0x1f10 [ 186.969900][ T5785] ? user_path_at+0x374/0x3e0 [ 186.970009][ T5785] __se_sys_mount+0x71f/0x800 [ 186.970159][ T5785] __x64_sys_mount+0xe4/0x150 [ 186.970304][ T5785] x64_sys_call+0x39bf/0x3c30 [ 186.970417][ T5785] do_syscall_64+0xcd/0x1e0 [ 186.970544][ T5785] ? clear_bhb_loop+0x25/0x80 [ 186.970679][ T5785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.970819][ T5785] RIP: 0033:0x7feabf9d7f1a [ 186.970897][ T5785] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 186.970992][ T5785] RSP: 002b:00007ffc567ceac8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 186.971084][ T5785] RAX: ffffffffffffffda RBX: 00007ffc567ceae0 RCX: 00007feabf9d7f1a [ 186.971161][ T5785] RDX: 0000000020000100 RSI: 0000000020000000 RDI: 00007ffc567ceae0 [ 186.971235][ T5785] RBP: 0000000000000004 R08: 00007ffc567ceb20 R09: 000000000000596c [ 186.971298][ T5785] R10: 0000000000800000 R11: 0000000000000282 R12: 0000000000800000 [ 186.971361][ T5785] R13: 00007ffc567ceb20 R14: 0000000000000003 R15: 0000000001000000 [ 186.971439][ T5785] [ 186.971628][ T5785] Kernel Offset: disabled