./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1656705518 <...> Warning: Permanently added '10.128.10.51' (ED25519) to the list of known hosts. execve("./syz-executor1656705518", ["./syz-executor1656705518"], 0x7ffd6695d8c0 /* 10 vars */) = 0 brk(NULL) = 0x5555819eb000 brk(0x5555819ebe00) = 0x5555819ebe00 arch_prctl(ARCH_SET_FS, 0x5555819eb480) = 0 set_tid_address(0x5555819eb750) = 5822 set_robust_list(0x5555819eb760, 24) = 0 rseq(0x5555819ebda0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1656705518", 4096) = 28 getrandom("\x8c\xd0\x32\x77\xc8\xe2\x34\xb9", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555819ebe00 brk(0x555581a0ce00) = 0x555581a0ce00 brk(0x555581a0d000) = 0x555581a0d000 mprotect(0x7f0ef3c66000, 16384, PROT_READ) = 0 mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000 mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000 mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000 socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3 socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4 sendto(4, [{nlmsg_len=36, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=864, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=5822}, "\x01\x02\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00\x06\x00\x01\x00\x1d\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x30\x00\x00\x00\xe8\x02\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x05\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00"...], 4096, 0, NULL, NULL) = 864 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5822}, {error=0, msg={nlmsg_len=36, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0 close(5) = 0 sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x06\x00\x0a\x00\xa0\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5822}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0 close(5) = 0 sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0c\x00\x01\x00\x02\x00\xaa\xaa\xaa\xaa\xaa\xaa"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5822}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 sendto(3, [{nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, [[{nla_len=11, nla_type=IFLA_IFNAME}, "lowpan0"...], [{nla_len=16, nla_type=IFLA_LINKINFO}, [{nla_len=10, nla_type=IFLA_INFO_KIND}, "lowpan"...]], [{nla_len=8, nla_type=IFLA_LINK}, 11]]], 68, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 68 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5822}, {error=0, msg={nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0 close(5) = 0 sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x06\x00\x0a\x00\xa1\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5822}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0 close(5) = 0 sendto(3, [{nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wpan1"), ifi_flags=IFF_UP, ifi_change=0x1}, [{nla_len=12, nla_type=IFLA_ADDRESS}, 02:01:aa:aa:aa:aa:aa]], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5822}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 close(3) = 0 close(4) = 0 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f0ef3bb4db0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f0ef3bbd970}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f0ef3bb4db0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f0ef3bbd970}, NULL, 8) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5825 attached , child_tidptr=0x5555819eb750) = 5825 [pid 5825] set_robust_list(0x5555819eb760, 24 [pid 5822] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... set_robust_list resumed>) = 0 [pid 5825] mkdir("./syzkaller.72qN6P", 0700./strace-static-x86_64: Process 5826 attached ) = 0 [pid 5822] <... clone resumed>, child_tidptr=0x5555819eb750) = 5826 [pid 5826] set_robust_list(0x5555819eb760, 24 [pid 5822] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] chmod("./syzkaller.72qN6P", 0777 [pid 5826] <... set_robust_list resumed>) = 0 [pid 5825] <... chmod resumed>) = 0 [pid 5825] chdir("./syzkaller.72qN6P") = 0 ./strace-static-x86_64: Process 5827 attached [pid 5826] mkdir("./syzkaller.zNsf3A", 0700 [pid 5822] <... clone resumed>, child_tidptr=0x5555819eb750) = 5827 [pid 5827] set_robust_list(0x5555819eb760, 24 [pid 5825] mkdir("./0", 0777 [pid 5827] <... set_robust_list resumed>) = 0 [pid 5822] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... mkdir resumed>) = 0 [pid 5827] mkdir("./syzkaller.84NElF", 0700) = 0 [pid 5825] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5828 attached [pid 5826] chmod("./syzkaller.zNsf3A", 0777 [pid 5822] <... clone resumed>, child_tidptr=0x5555819eb750) = 5828 [pid 5827] chmod("./syzkaller.84NElF", 0777 [pid 5826] <... chmod resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] set_robust_list(0x5555819eb760, 24 [pid 5826] chdir("./syzkaller.zNsf3A") = 0 [pid 5826] mkdir("./0", 0777 [pid 5825] <... openat resumed>) = 3 [pid 5822] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... set_robust_list resumed>) = 0 [pid 5827] <... chmod resumed>) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5829 attached [pid 5826] <... mkdir resumed>) = 0 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] mkdir("./syzkaller.dX1uE7", 0700 [pid 5829] set_robust_list(0x5555819eb760, 24 [pid 5827] chdir("./syzkaller.84NElF" [pid 5826] <... openat resumed>) = 3 [pid 5825] close(3 [pid 5822] <... clone resumed>, child_tidptr=0x5555819eb750) = 5829 [pid 5829] <... set_robust_list resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5827] <... chdir resumed>) = 0 [pid 5829] getrandom( [pid 5828] chmod("./syzkaller.dX1uE7", 0777 [pid 5827] mkdir("./0", 0777) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5825] <... close resumed>) = 0 [pid 5828] <... chmod resumed>) = 0 [pid 5829] <... getrandom resumed>"\x34\x69\xc6\x54\x04\x64\x84\xda", 8, GRND_NONBLOCK) = 8 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] mkdir("./syzkaller.ywafNa", 0700 [pid 5826] close(3 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] chdir("./syzkaller.dX1uE7" [pid 5827] <... openat resumed>) = 3 [pid 5826] <... close resumed>) = 0 ./strace-static-x86_64: Process 5830 attached [pid 5828] <... chdir resumed>) = 0 [pid 5830] set_robust_list(0x5555819eb760, 24 [pid 5828] mkdir("./0", 0777 [pid 5830] <... set_robust_list resumed>) = 0 [pid 5830] chdir("./0" [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 5830 [pid 5830] <... chdir resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5831 attached [pid 5830] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] chmod("./syzkaller.ywafNa", 0777 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5830] <... prctl resumed>) = 0 [pid 5830] setpgid(0, 0 [pid 5829] <... chmod resumed>) = 0 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5829] chdir("./syzkaller.ywafNa" [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5832 attached [pid 5831] set_robust_list(0x5555819eb760, 24 [pid 5830] <... setpgid resumed>) = 0 [pid 5829] <... chdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 5831 [pid 5832] set_robust_list(0x5555819eb760, 24 [pid 5831] <... set_robust_list resumed>) = 0 [pid 5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] mkdir("./0", 0777 [pid 5832] <... set_robust_list resumed>) = 0 [pid 5831] chdir("./0" [pid 5830] <... openat resumed>) = 3 [pid 5828] <... openat resumed>) = 3 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 5832 [pid 5832] chdir("./0" [pid 5831] <... chdir resumed>) = 0 [pid 5830] write(3, "1000", 4 [pid 5829] <... mkdir resumed>) = 0 [pid 5832] <... chdir resumed>) = 0 [pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5830] <... write resumed>) = 4 [pid 5832] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5831] <... prctl resumed>) = 0 [pid 5830] close(3 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5832] <... prctl resumed>) = 0 [pid 5831] setpgid(0, 0 [pid 5830] <... close resumed>) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5832] setpgid(0, 0 [pid 5831] <... setpgid resumed>) = 0 [pid 5830] symlink("/dev/binderfs", "./binderfs" [pid 5829] <... openat resumed>) = 3 [pid 5828] close(3 [pid 5832] <... setpgid resumed>) = 0 [pid 5831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5831] <... openat resumed>) = 3 [pid 5830] <... symlink resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5831] write(3, "1000", 4 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5831] <... write resumed>) = 4 [pid 5829] close(3 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] <... openat resumed>) = 3 [pid 5831] close(3 [pid 5829] <... close resumed>) = 0 [pid 5832] write(3, "1000", 4 [pid 5831] <... close resumed>) = 0 executing program [pid 5830] write(1, "executing program\n", 18 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5831] symlink("/dev/binderfs", "./binderfs" [pid 5830] <... write resumed>) = 18 [pid 5831] <... symlink resumed>) = 0 [pid 5830] fsopen(NULL, 0 executing program [pid 5831] write(1, "executing program\n", 18 [pid 5830] <... fsopen resumed>) = -1 EFAULT (Bad address) ./strace-static-x86_64: Process 5834 attached ./strace-static-x86_64: Process 5833 attached [pid 5832] <... write resumed>) = 4 [pid 5831] <... write resumed>) = 18 [pid 5830] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5832] close(3 [pid 5834] set_robust_list(0x5555819eb760, 24 [pid 5831] fsopen(NULL, 0 [pid 5830] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5834] <... set_robust_list resumed>) = 0 [pid 5831] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5830] memfd_create("syzkaller", 0 [pid 5834] chdir("./0" [pid 5831] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5834] <... chdir resumed>) = 0 [pid 5831] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5834] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5831] memfd_create("syzkaller", 0 [pid 5830] <... memfd_create resumed>) = 3 [pid 5834] <... prctl resumed>) = 0 [pid 5832] <... close resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 5833 [pid 5834] setpgid(0, 0 [pid 5833] set_robust_list(0x5555819eb760, 24 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 5834 [pid 5834] <... setpgid resumed>) = 0 [pid 5833] <... set_robust_list resumed>) = 0 [pid 5832] symlink("/dev/binderfs", "./binderfs" [pid 5830] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5833] chdir("./0" [pid 5832] <... symlink resumed>) = 0 [pid 5831] <... memfd_create resumed>) = 3 executing program [pid 5830] <... mmap resumed>) = 0x7f0eeb600000 [pid 5834] <... openat resumed>) = 3 [pid 5833] <... chdir resumed>) = 0 [pid 5832] write(1, "executing program\n", 18 [pid 5831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5832] <... write resumed>) = 18 [pid 5833] <... prctl resumed>) = 0 [pid 5832] fsopen(NULL, 0 [pid 5833] setpgid(0, 0 [pid 5832] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5834] write(3, "1000", 4 [pid 5832] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5831] <... mmap resumed>) = 0x7f0eeb600000 [pid 5834] <... write resumed>) = 4 [pid 5833] <... setpgid resumed>) = 0 [pid 5832] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5834] close(3 [pid 5833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5832] memfd_create("syzkaller", 0 [pid 5834] <... close resumed>) = 0 [pid 5832] <... memfd_create resumed>) = 3 [pid 5834] symlink("/dev/binderfs", "./binderfs" [pid 5833] <... openat resumed>) = 3 [pid 5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5834] <... symlink resumed>) = 0 [pid 5833] write(3, "1000", 4) = 4 [pid 5833] close(3) = 0 [pid 5833] symlink("/dev/binderfs", "./binderfs"executing program executing program [pid 5834] write(1, "executing program\n", 18 [pid 5833] <... symlink resumed>) = 0 [pid 5834] <... write resumed>) = 18 [pid 5833] write(1, "executing program\n", 18 [pid 5834] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5833] <... write resumed>) = 18 [pid 5833] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5833] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5833] memfd_create("syzkaller", 0 [pid 5834] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5833] <... memfd_create resumed>) = 3 [pid 5833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5834] memfd_create("syzkaller", 0) = 3 [pid 5834] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5830] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5831] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5832] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5833] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5834] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5831] <... write resumed>) = 16777216 [pid 5831] munmap(0x7f0eeb600000, 138412032 [pid 5830] <... write resumed>) = 16777216 [pid 5831] <... munmap resumed>) = 0 [pid 5830] munmap(0x7f0eeb600000, 138412032) = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5831] ioctl(4, LOOP_SET_FD, 3 [pid 5832] <... write resumed>) = 16777216 [pid 5833] <... write resumed>) = 16777216 [pid 5832] munmap(0x7f0eeb600000, 138412032 [pid 5831] <... ioctl resumed>) = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5833] munmap(0x7f0eeb600000, 138412032 [pid 5830] <... openat resumed>) = 4 [pid 5830] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5831] close(3) = 0 [pid 5831] close(4 [pid 5834] <... write resumed>) = 16777216 [pid 5833] <... munmap resumed>) = 0 [pid 5832] <... munmap resumed>) = 0 [pid 5830] close(3 [pid 5834] munmap(0x7f0eeb600000, 138412032 [pid 5833] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5831] <... close resumed>) = 0 [pid 5830] <... close resumed>) = 0 [pid 5834] <... munmap resumed>) = 0 [pid 5833] <... openat resumed>) = 4 [pid 5832] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5831] mkdir("./file0", 0777 [pid 5830] close(4 [pid 5832] <... openat resumed>) = 4 [ 75.958688][ T5831] loop1: detected capacity change from 0 to 32768 [ 75.987098][ T5830] loop0: detected capacity change from 0 to 32768 [pid 5832] ioctl(4, LOOP_SET_FD, 3 [pid 5830] <... close resumed>) = 0 [pid 5831] <... mkdir resumed>) = 0 [pid 5834] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5833] ioctl(4, LOOP_SET_FD, 3 [pid 5832] <... ioctl resumed>) = 0 [pid 5830] mkdir("./file0", 0777) = 0 [pid 5830] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5834] <... openat resumed>) = 4 [pid 5832] close(3 [pid 5831] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5834] ioctl(4, LOOP_SET_FD, 3 [pid 5832] <... close resumed>) = 0 [pid 5834] <... ioctl resumed>) = 0 [pid 5832] close(4) = 0 [pid 5832] mkdir("./file0", 0777) = 0 [pid 5833] <... ioctl resumed>) = 0 [pid 5832] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5834] close(3 [pid 5833] close(3) = 0 [pid 5834] <... close resumed>) = 0 [pid 5833] close(4 [pid 5834] close(4 [pid 5833] <... close resumed>) = 0 [pid 5834] <... close resumed>) = 0 [pid 5834] mkdir("./file0", 0777) = 0 [pid 5833] mkdir("./file0", 0777 [pid 5834] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5833] <... mkdir resumed>) = 0 [ 76.021687][ T5832] loop2: detected capacity change from 0 to 32768 [ 76.033824][ T5833] loop3: detected capacity change from 0 to 32768 [ 76.047577][ T5834] loop4: detected capacity change from 0 to 32768 [ 76.288759][ T5832] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 76.298255][ T5830] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 76.307301][ T5832] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 76.339186][ T5834] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 76.345735][ T5830] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 76.358020][ T5830] bcachefs (loop0): Version downgrade required: [ 76.363622][ T5834] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 76.364843][ T5830] bcachefs (loop0): Version upgrade required: [ 76.364843][ T5830] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 76.364843][ T5830] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 76.364843][ T5830] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 76.373598][ T5833] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 76.466219][ T5833] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 76.475522][ T5831] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 76.493123][ T5831] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 76.493172][ T5830] bcachefs (loop0): dropping and reconstructing all alloc info [ 76.532616][ T5830] bcachefs (loop0): accounting_read... done [ 76.542095][ T5830] bcachefs (loop0): alloc_read... done [ 76.549790][ T5830] bcachefs (loop0): stripes_read... done [ 76.555531][ T5830] bcachefs (loop0): snapshots_read... done [ 76.564163][ T5830] bcachefs (loop0): check_allocations... done [ 76.593689][ T5830] bcachefs (loop0): going read-write [pid 5833] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5830] <... mount resumed>) = 0 [pid 5830] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5830] chdir("./file0") = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5830] ioctl(4, LOOP_CLR_FD) = 0 [pid 5830] close(4) = 0 [ 76.632993][ T5830] bcachefs (loop0): done starting filesystem [pid 5830] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 5830] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 5830] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 5830] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 5830] open(".", O_RDONLY) = 5 [ 76.767606][ T5831] bcachefs: bch2_fs_get_tree() error: EINVAL [ 76.780946][ T5832] bcachefs: bch2_fs_get_tree() error: EINVAL [ 76.798127][ T5834] bcachefs: bch2_fs_get_tree() error: EINVAL [ 76.811087][ T5833] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5830] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5831] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5832] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5832] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5832] ioctl(3, LOOP_CLR_FD) = 0 [pid 5832] close(3 [pid 5831] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5834] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5831] ioctl(3, LOOP_CLR_FD) = 0 [pid 5834] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5831] close(3 [pid 5833] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5830] <... fallocate resumed>) = 0 [pid 5834] <... openat resumed>) = 3 [pid 5834] ioctl(3, LOOP_CLR_FD [pid 5833] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5830] exit_group(0) = ? [pid 5833] <... openat resumed>) = 3 [pid 5833] ioctl(3, LOOP_CLR_FD [pid 5830] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5830, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=46 /* 0.46 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./0/binderfs") = 0 [pid 5825] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5833] <... ioctl resumed>) = 0 [pid 5833] close(3 [pid 5834] <... ioctl resumed>) = 0 [ 76.825273][ T61] bucket incorrectly unset in freespace btree [ 76.825313][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 76.876111][ T5830] syz-executor165 (5830) used greatest stack depth: 17344 bytes left [ 76.953225][ T5825] bcachefs (loop0): shutting down [ 76.977028][ T5825] bcachefs (loop0): going read-only [ 76.989205][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 77.007279][ T61] bucket incorrectly unset in freespace btree [ 77.007304][ T61] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 77.067984][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [pid 5834] close(3 [pid 5832] <... close resumed>) = 0 [pid 5832] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5831] <... close resumed>) = 0 [pid 5831] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5834] <... close resumed>) = 0 [ 77.184790][ T61] bucket incorrectly unset in freespace btree [ 77.184826][ T61] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 5833] <... close resumed>) = 0 [pid 5834] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 77.247342][ T61] bucket incorrectly unset in freespace btree [ 77.247364][ T61] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 77.277828][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 77.289140][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [pid 5833] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5834] <... quotactl resumed>) = 0 [pid 5833] <... quotactl resumed>) = 0 [pid 5832] <... quotactl resumed>) = 0 [pid 5831] <... quotactl resumed>) = 0 [pid 5834] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5833] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5832] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5831] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5832] <... openat resumed>) = 3 [pid 5831] <... openat resumed>) = 3 [pid 5831] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5834] <... openat resumed>) = 3 [pid 5833] <... openat resumed>) = 3 [pid 5832] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5831] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5832] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5831] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5832] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5834] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5833] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5834] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5833] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5832] <... quotactl resumed>) = 0 [pid 5831] <... quotactl resumed>) = 0 [pid 5834] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5833] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5832] open(".", O_RDONLY [pid 5831] open(".", O_RDONLY [pid 5834] <... quotactl resumed>) = 0 [pid 5833] <... quotactl resumed>) = 0 [pid 5832] <... open resumed>) = 4 [pid 5831] <... open resumed>) = 4 [pid 5834] open(".", O_RDONLY [pid 5833] open(".", O_RDONLY [pid 5832] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5831] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5834] <... open resumed>) = 4 [pid 5833] <... open resumed>) = 4 [pid 5832] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5831] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5834] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5833] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5832] exit_group(0 [pid 5831] exit_group(0 [pid 5834] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5833] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5832] <... exit_group resumed>) = ? [pid 5831] <... exit_group resumed>) = ? [pid 5834] exit_group(0 [pid 5833] exit_group(0 [pid 5832] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5832, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=55 /* 0.55 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5831] +++ exited with 0 +++ [pid 5834] <... exit_group resumed>) = ? [pid 5833] <... exit_group resumed>) = ? [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5831, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=47 /* 0.47 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5827] <... restart_syscall resumed>) = 0 [pid 5834] +++ exited with 0 +++ [pid 5826] <... restart_syscall resumed>) = 0 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5834, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=44 /* 0.44 s */} --- [pid 5833] +++ exited with 0 +++ [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5833, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=42 /* 0.42 s */} --- [pid 5827] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 77.297912][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [ 77.321063][ T5825] bcachefs (loop0): shutdown complete [pid 5828] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(3, "", [pid 5829] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5829] newfstatat(3, "", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... openat resumed>) = 3 [pid 5826] getdents64(3, [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] newfstatat(3, "", [pid 5829] getdents64(3, [pid 5828] <... openat resumed>) = 3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] newfstatat(3, "", [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] getdents64(3, [pid 5826] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5826] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./0/binderfs") = 0 [pid 5826] unlink("./0/binderfs") = 0 [pid 5829] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(3, [pid 5827] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] newfstatat(AT_FDCWD, "./0/file0", [pid 5827] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./0/file0", [pid 5829] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5826] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] unlink("./0/binderfs" [pid 5829] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5828] unlink("./0/binderfs" [pid 5827] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(4, "", [pid 5826] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 4 [pid 5829] getdents64(4, [pid 5826] newfstatat(4, "", [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, [pid 5826] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] newfstatat(AT_FDCWD, "./0/file0", [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] close(4) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] getdents64(4, [pid 5829] rmdir("./0/file0" [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./0/file0", [pid 5827] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] close(4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] rmdir("./0/file0" [pid 5828] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... openat resumed>) = 4 [pid 5828] <... openat resumed>) = 4 [pid 5827] newfstatat(4, "", [pid 5826] <... rmdir resumed>) = 0 [pid 5829] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(AT_FDCWD, "./0/file1", [pid 5826] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(4, "", [pid 5827] getdents64(4, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./0/file1" [pid 5826] newfstatat(AT_FDCWD, "./0/file1", [pid 5829] <... unlink resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./0/file1" [pid 5829] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] getdents64(4, [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5829] close(3 [pid 5827] close(4 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] <... close resumed>) = 0 [pid 5828] getdents64(4, [pid 5829] <... close resumed>) = 0 [pid 5827] rmdir("./0/file0" [pid 5826] getdents64(3, [pid 5829] rmdir("./0" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] close(4 [pid 5827] <... rmdir resumed>) = 0 [pid 5826] close(3) = 0 [pid 5829] mkdir("./1", 0777 [pid 5828] <... close resumed>) = 0 [pid 5827] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] rmdir("./0" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... rmdir resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] rmdir("./0/file0" [pid 5827] newfstatat(AT_FDCWD, "./0/file1", [pid 5826] mkdir("./1", 0777 [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./0/file1" [pid 5828] <... rmdir resumed>) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... mkdir resumed>) = 0 [pid 5827] getdents64(3, [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5829] <... openat resumed>) = 3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5828] newfstatat(AT_FDCWD, "./0/file1", [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] close(3 [pid 5826] <... openat resumed>) = 3 [pid 5827] <... close resumed>) = 0 [pid 5829] close(3 [pid 5828] unlink("./0/file1" [pid 5827] rmdir("./0" [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5875 attached [pid 5875] set_robust_list(0x5555819eb760, 24 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 5875 [pid 5828] getdents64(3, [pid 5827] mkdir("./1", 0777 [pid 5826] close(3 [pid 5875] <... set_robust_list resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5875] chdir("./1" [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5876 attached [pid 5828] close(3 [pid 5875] <... chdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 5876 [pid 5876] set_robust_list(0x5555819eb760, 24 [pid 5875] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] <... openat resumed>) = 3 [pid 5876] <... set_robust_list resumed>) = 0 [pid 5875] <... prctl resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5876] chdir("./1" [pid 5875] setpgid(0, 0 [pid 5828] rmdir("./0" [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5876] <... chdir resumed>) = 0 [pid 5875] <... setpgid resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] close(3 [pid 5876] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] mkdir("./1", 0777 [pid 5827] <... close resumed>) = 0 [pid 5875] <... openat resumed>) = 3 [pid 5828] <... mkdir resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5876] setpgid(0, 0) = 0 [pid 5876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "1000", 4) = 4 [pid 5876] close(3) = 0 ./strace-static-x86_64: Process 5877 attached [pid 5875] write(3, "1000", 4 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 5877 [pid 5876] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... openat resumed>) = 3 [pid 5877] set_robust_list(0x5555819eb760, 24 [pid 5876] <... symlink resumed>) = 0 [pid 5875] <... write resumed>) = 4 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5877] <... set_robust_list resumed>) = 0 [pid 5875] close(3 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5875] <... close resumed>) = 0 executing program [pid 5877] chdir("./1" [pid 5876] write(1, "executing program\n", 18 [pid 5875] symlink("/dev/binderfs", "./binderfs" [pid 5828] close(3 [pid 5876] <... write resumed>) = 18 [pid 5876] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5875] <... symlink resumed>) = 0 [pid 5876] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5875] write(1, "executing program\n", 18 [pid 5828] <... close resumed>) = 0 executing program [pid 5877] <... chdir resumed>) = 0 [pid 5875] <... write resumed>) = 18 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5876] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5876] memfd_create("syzkaller", 0 [pid 5875] fsopen(NULL, 0./strace-static-x86_64: Process 5878 attached ) = -1 EFAULT (Bad address) [pid 5877] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 5878 [pid 5878] set_robust_list(0x5555819eb760, 24 [pid 5875] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5877] <... prctl resumed>) = 0 [pid 5875] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5877] setpgid(0, 0 [pid 5876] <... memfd_create resumed>) = 3 [pid 5876] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5875] memfd_create("syzkaller", 0 [pid 5877] <... setpgid resumed>) = 0 [pid 5875] <... memfd_create resumed>) = 3 [pid 5878] <... set_robust_list resumed>) = 0 [pid 5877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5875] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5878] chdir("./1" [pid 5877] <... openat resumed>) = 3 [pid 5878] <... chdir resumed>) = 0 [pid 5877] write(3, "1000", 4 [pid 5878] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5877] <... write resumed>) = 4 executing program [pid 5878] <... prctl resumed>) = 0 [pid 5877] close(3 [pid 5878] setpgid(0, 0 [pid 5877] <... close resumed>) = 0 [pid 5878] <... setpgid resumed>) = 0 [pid 5877] symlink("/dev/binderfs", "./binderfs" [pid 5878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5877] <... symlink resumed>) = 0 [pid 5877] write(1, "executing program\n", 18) = 18 [pid 5877] fsopen(NULL, 0 [pid 5878] <... openat resumed>) = 3 [pid 5877] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5878] write(3, "1000", 4 [pid 5877] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5878] <... write resumed>) = 4 [pid 5877] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5878] close(3) = 0 [pid 5877] memfd_create("syzkaller", 0 [pid 5878] symlink("/dev/binderfs", "./binderfs" [pid 5877] <... memfd_create resumed>) = 3 [pid 5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5878] <... symlink resumed>) = 0 [pid 5878] write(1, "executing program\n", 18 [pid 5877] <... mmap resumed>) = 0x7f0eeb600000 executing program [pid 5878] <... write resumed>) = 18 [pid 5878] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5878] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5878] memfd_create("syzkaller", 0) = 3 [pid 5878] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5876] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5875] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5878] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5877] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5876] <... write resumed>) = 16777216 [pid 5876] munmap(0x7f0eeb600000, 138412032 [pid 5875] <... write resumed>) = 16777216 [pid 5875] munmap(0x7f0eeb600000, 138412032 [pid 5876] <... munmap resumed>) = 0 [pid 5876] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5875] <... munmap resumed>) = 0 [pid 5875] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5876] ioctl(4, LOOP_SET_FD, 3 [pid 5875] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5875] close(3) = 0 [pid 5875] close(4) = 0 [pid 5875] mkdir("./file0", 0777) = 0 [pid 5875] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5878] <... write resumed>) = 16777216 [pid 5876] <... ioctl resumed>) = 0 [pid 5878] munmap(0x7f0eeb600000, 138412032 [ 78.126809][ T5875] loop4: detected capacity change from 0 to 32768 [ 78.126809][ T5876] loop1: detected capacity change from 0 to 32768 [pid 5876] close(3) = 0 [pid 5876] close(4) = 0 [pid 5876] mkdir("./file0", 0777) = 0 [pid 5876] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5878] <... munmap resumed>) = 0 [pid 5878] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5878] ioctl(4, LOOP_SET_FD, 3 [pid 5877] <... write resumed>) = 16777216 [pid 5878] <... ioctl resumed>) = 0 [pid 5877] munmap(0x7f0eeb600000, 138412032 [pid 5878] close(3) = 0 [pid 5878] close(4) = 0 [pid 5878] mkdir("./file0", 0777 [pid 5877] <... munmap resumed>) = 0 [pid 5878] <... mkdir resumed>) = 0 [pid 5878] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5877] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 78.206988][ T5878] loop3: detected capacity change from 0 to 32768 [pid 5877] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5877] close(3) = 0 [pid 5877] close(4) = 0 [pid 5877] mkdir("./file0", 0777) = 0 [ 78.264450][ T5877] loop2: detected capacity change from 0 to 32768 [ 78.402687][ T5875] bcachefs (loop4): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 78.433220][ T5875] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 78.450782][ T5878] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 78.465085][ T5875] bcachefs (loop4): Version downgrade required: [ 78.471949][ T5878] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 78.479916][ T5877] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 78.497429][ T5875] bcachefs (loop4): Version upgrade required: [ 78.497429][ T5875] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 78.497429][ T5875] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 78.497429][ T5875] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 78.567835][ T5877] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 78.578083][ T5876] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 78.587350][ T5876] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 78.602375][ T5875] bcachefs (loop4): dropping and reconstructing all alloc info [ 78.711549][ T5875] bcachefs (loop4): accounting_read... done [ 78.749478][ T5875] bcachefs (loop4): alloc_read... done [ 78.778748][ T5875] bcachefs (loop4): stripes_read... done [ 78.805694][ T5875] bcachefs (loop4): snapshots_read... done [pid 5877] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5878] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5878] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5878] ioctl(3, LOOP_CLR_FD [pid 5877] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5878] <... ioctl resumed>) = 0 [pid 5877] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5876] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = 0 [pid 5878] close(3 [pid 5877] <... openat resumed>) = 3 [ 78.843865][ T5875] bcachefs (loop4): check_allocations... [ 78.854020][ T5878] bcachefs: bch2_fs_get_tree() error: EINVAL [ 78.854352][ T5877] bcachefs: bch2_fs_get_tree() error: EINVAL [ 78.882319][ T5876] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5877] ioctl(3, LOOP_CLR_FD) = 0 [pid 5877] close(3 [pid 5876] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5825] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5876] <... openat resumed>) = 3 [pid 5825] newfstatat(AT_FDCWD, "./0/file0", [pid 5876] ioctl(3, LOOP_CLR_FD [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5876] <... ioctl resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5876] close(3 [pid 5825] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5875] <... mount resumed>) = 0 [pid 5875] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5825] newfstatat(4, "", [pid 5875] <... openat resumed>) = 3 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5875] chdir("./file0") = 0 [pid 5875] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4 [pid 5875] <... openat resumed>) = 4 [pid 5875] ioctl(4, LOOP_CLR_FD [pid 5825] <... close resumed>) = 0 [ 78.928229][ T5875] done [ 78.932687][ T5875] bcachefs (loop4): going read-write [ 78.946922][ T5875] bcachefs (loop4): done starting filesystem [pid 5875] <... ioctl resumed>) = 0 [pid 5825] rmdir("./0/file0" [pid 5875] close(4 [pid 5825] <... rmdir resumed>) = 0 [pid 5875] <... close resumed>) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./0") = 0 [pid 5875] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5825] mkdir("./1", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5910 attached [pid 5875] <... quotactl resumed>) = 0 [pid 5910] set_robust_list(0x5555819eb760, 24) = 0 [pid 5910] chdir("./1" [pid 5875] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5910] <... chdir resumed>) = 0 [pid 5910] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 5910 [pid 5910] <... prctl resumed>) = 0 [pid 5910] setpgid(0, 0 [pid 5875] <... openat resumed>) = 4 [pid 5910] <... setpgid resumed>) = 0 [pid 5910] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5875] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5910] write(3, "1000", 4) = 4 [pid 5910] close(3 [pid 5875] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5875] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULLexecuting program [pid 5910] <... close resumed>) = 0 [pid 5910] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5910] write(1, "executing program\n", 18) = 18 [pid 5910] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5910] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5910] memfd_create("syzkaller", 0) = 3 [pid 5910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5875] <... quotactl resumed>) = 0 [pid 5875] open(".", O_RDONLY) = 5 [pid 5875] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 5875] exit_group(0) = ? [pid 5875] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5875, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=34 /* 0.34 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5878] <... close resumed>) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5829] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [ 79.107392][ T61] bucket incorrectly unset in freespace btree [ 79.107429][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5829] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./1/binderfs") = 0 [pid 5829] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5878] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 5878] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 5878] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 5878] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5876] <... close resumed>) = 0 [pid 5878] <... quotactl resumed>) = 0 [pid 5878] open(".", O_RDONLY [pid 5876] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5878] <... open resumed>) = 4 [pid 5876] <... quotactl resumed>) = 0 [pid 5876] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5878] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 5876] <... openat resumed>) = 3 [pid 5878] exit_group(0) = ? [pid 5876] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5878] +++ exited with 0 +++ [pid 5876] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5876] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5878, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=39 /* 0.39 s */} --- [pid 5828] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 79.233486][ T5829] bcachefs (loop4): shutting down [pid 5828] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./1/binderfs") = 0 [pid 5828] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [ 79.258136][ T61] bucket incorrectly unset in freespace btree [ 79.258171][ T61] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 79.258605][ T5829] bcachefs (loop4): going read-only [pid 5877] <... close resumed>) = 0 [pid 5828] getdents64(4, [pid 5877] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./1/file0") = 0 [pid 5828] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./1/file1") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./1") = 0 [pid 5828] mkdir("./2", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5912 attached [ 79.318381][ T5829] bcachefs (loop4): finished waiting for writes to stop [ 79.351759][ T5829] bcachefs (loop4): flushing journal and stopping allocators, journal seq 12 [pid 5912] set_robust_list(0x5555819eb760, 24) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 5912 [pid 5912] chdir("./2") = 0 [pid 5912] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5912] setpgid(0, 0) = 0 [pid 5912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5912] write(3, "1000", 4) = 4 [pid 5912] close(3) = 0 [pid 5912] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5912] write(1, "executing program\n", 18) = 18 [pid 5912] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5912] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5912] memfd_create("syzkaller", 0) = 3 [pid 5912] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 79.376669][ T77] bcachefs (loop4): loop4: Superblock write was silently dropped! (seq 0 expected 53) [ 79.400400][ T77] bucket incorrectly unset in freespace btree [ 79.400416][ T77] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 79.437936][ T77] bucket incorrectly unset in freespace btree [ 79.437959][ T77] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 79.473472][ T5829] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 12 [pid 5910] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5877] <... quotactl resumed>) = 0 [pid 5876] <... quotactl resumed>) = 0 [pid 5877] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5876] open(".", O_RDONLY [pid 5877] <... openat resumed>) = 3 [pid 5876] <... open resumed>) = 4 [pid 5877] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5876] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5877] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5876] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5877] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5876] exit_group(0) = ? [pid 5876] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5876, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=52 /* 0.52 s */} --- [pid 5826] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 79.499052][ T5829] bcachefs (loop4): unclean shutdown complete, journal seq 13 [ 79.517166][ T5829] bcachefs (loop4): done going read-only, filesystem not clean [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./1/binderfs") = 0 [pid 5912] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5877] <... quotactl resumed>) = 0 [pid 5826] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5877] open(".", O_RDONLY [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5877] <... open resumed>) = 4 [pid 5826] newfstatat(AT_FDCWD, "./1/file0", [pid 5877] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5877] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5877] exit_group(0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5877] <... exit_group resumed>) = ? [pid 5826] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5877] +++ exited with 0 +++ [pid 5826] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5877, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=52 /* 0.52 s */} --- [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5826] getdents64(4, [pid 5827] <... restart_syscall resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] close(4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... close resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] rmdir("./1/file0" [pid 5827] <... openat resumed>) = 3 [pid 5826] <... rmdir resumed>) = 0 [pid 5827] newfstatat(3, "", [pid 5826] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] <... write resumed>) = 16777216 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(3, [pid 5826] newfstatat(AT_FDCWD, "./1/file1", [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] unlink("./1/file1" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5910] munmap(0x7f0eeb600000, 138412032 [pid 5826] <... unlink resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5910] <... munmap resumed>) = 0 [ 79.591506][ T5829] bcachefs (loop4): shutdown complete [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5910] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] unlink("./1/binderfs" [pid 5826] getdents64(3, [pid 5910] <... openat resumed>) = 4 [pid 5827] <... unlink resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5910] ioctl(4, LOOP_SET_FD, 3 [pid 5827] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] close(3 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... close resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./1/file0", [pid 5826] rmdir("./1" [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5826] mkdir("./2", 0777 [pid 5827] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... mkdir resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 3 [pid 5827] <... openat resumed>) = 4 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5827] newfstatat(4, "", [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5910] <... ioctl resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5910] close(3) = 0 [pid 5826] close(3 [pid 5910] close(4 [pid 5826] <... close resumed>) = 0 [pid 5910] <... close resumed>) = 0 [pid 5827] getdents64(4, [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5910] mkdir("./file0", 0777) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, ./strace-static-x86_64: Process 5914 attached [pid 5910] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5914] set_robust_list(0x5555819eb760, 24) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 5914 [pid 5827] close(4 [pid 5914] chdir("./2" [pid 5827] <... close resumed>) = 0 [pid 5827] rmdir("./1/file0") = 0 [pid 5827] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./1/file1") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./1" [pid 5914] <... chdir resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5914] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5827] mkdir("./2", 0777 [pid 5914] setpgid(0, 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5914] <... setpgid resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5914] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] <... openat resumed>) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5914] <... openat resumed>) = 3 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5914] write(3, "1000", 4) = 4 [pid 5827] close(3 [pid 5914] close(3) = 0 [pid 5827] <... close resumed>) = 0 [pid 5914] symlink("/dev/binderfs", "./binderfs") = 0 [ 79.659831][ T5910] loop0: detected capacity change from 0 to 32768 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program ./strace-static-x86_64: Process 5920 attached , child_tidptr=0x5555819eb750) = 5920 [pid 5914] write(1, "executing program\n", 18) = 18 [pid 5914] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5914] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5920] set_robust_list(0x5555819eb760, 24 [pid 5914] memfd_create("syzkaller", 0 [pid 5920] <... set_robust_list resumed>) = 0 [pid 5920] chdir("./2") = 0 [pid 5920] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5920] setpgid(0, 0) = 0 [pid 5920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5920] write(3, "1000", 4) = 4 [pid 5914] <... memfd_create resumed>) = 3 [pid 5920] close(3 [pid 5914] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5920] <... close resumed>) = 0 [pid 5920] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5920] write(1, "executing program\n", 18) = 18 [pid 5920] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5920] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5920] memfd_create("syzkaller", 0) = 3 [pid 5920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5912] <... write resumed>) = 16777216 [pid 5912] munmap(0x7f0eeb600000, 138412032) = 0 [pid 5912] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5912] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5912] close(3) = 0 [pid 5912] close(4) = 0 [pid 5912] mkdir("./file0", 0777) = 0 [pid 5914] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 79.884840][ T5912] loop3: detected capacity change from 0 to 32768 [pid 5912] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5920] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5914] <... write resumed>) = 16777216 [pid 5914] munmap(0x7f0eeb600000, 138412032) = 0 [pid 5914] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5914] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5914] close(3) = 0 [pid 5914] close(4) = 0 [pid 5914] mkdir("./file0", 0777) = 0 [ 80.091535][ T5914] loop1: detected capacity change from 0 to 32768 [pid 5914] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5920] <... write resumed>) = 16777216 [pid 5920] munmap(0x7f0eeb600000, 138412032) = 0 [pid 5920] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5920] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5920] close(3) = 0 [pid 5920] close(4) = 0 [pid 5920] mkdir("./file0", 0777) = 0 [ 80.211675][ T5920] loop2: detected capacity change from 0 to 32768 [ 80.520118][ T5910] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 80.547273][ T5914] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 80.564439][ T5912] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 80.564474][ T5914] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 80.582281][ T5910] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 80.586130][ T5912] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 80.590454][ T5920] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 80.625396][ T5910] bcachefs (loop0): Version downgrade required: [ 80.632206][ T5920] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 80.646210][ T5910] bcachefs (loop0): Version upgrade required: [ 80.646210][ T5910] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 80.646210][ T5910] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 80.646210][ T5910] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [pid 5920] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5829] <... umount2 resumed>) = 0 [pid 5829] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", [pid 5914] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5914] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [ 80.861077][ T5914] bcachefs: bch2_fs_get_tree() error: EINVAL [ 80.882711][ T5910] bcachefs (loop0): dropping and reconstructing all alloc info [ 80.886675][ T5912] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5914] <... openat resumed>) = 3 [pid 5829] rmdir("./1/file0" [pid 5914] ioctl(3, LOOP_CLR_FD) = 0 [pid 5914] close(3 [pid 5912] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... rmdir resumed>) = 0 [pid 5912] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5829] getdents64(3, [pid 5912] <... openat resumed>) = 3 [pid 5912] ioctl(3, LOOP_CLR_FD [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5912] <... ioctl resumed>) = 0 [pid 5829] close(3) = 0 [pid 5912] close(3 [pid 5829] rmdir("./1") = 0 [ 80.912640][ T5910] bcachefs (loop0): accounting_read... done [pid 5829] mkdir("./2", 0777) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5946 attached [ 80.957817][ T5910] bcachefs (loop0): alloc_read... done [ 80.963641][ T5910] bcachefs (loop0): stripes_read... done [pid 5946] set_robust_list(0x5555819eb760, 24 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 5946 [pid 5946] <... set_robust_list resumed>) = 0 [pid 5946] chdir("./2" [pid 5920] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5946] <... chdir resumed>) = 0 [pid 5946] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5920] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5946] <... prctl resumed>) = 0 [pid 5946] setpgid(0, 0 [pid 5920] <... openat resumed>) = 3 [pid 5946] <... setpgid resumed>) = 0 [pid 5920] ioctl(3, LOOP_CLR_FD [pid 5946] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5920] <... ioctl resumed>) = 0 [pid 5920] close(3 [pid 5946] <... openat resumed>) = 3 [pid 5946] write(3, "1000", 4) = 4 [pid 5946] close(3) = 0 [pid 5946] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5946] write(1, "executing program\n", 18executing program ) = 18 [ 81.000851][ T5920] bcachefs: bch2_fs_get_tree() error: EINVAL [ 81.005455][ T5910] bcachefs (loop0): snapshots_read... done [pid 5946] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5946] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5946] memfd_create("syzkaller", 0) = 3 [pid 5946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 81.031529][ T5910] bcachefs (loop0): check_allocations... done [pid 5912] <... close resumed>) = 0 [pid 5912] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5910] <... mount resumed>) = 0 [pid 5910] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5910] chdir("./file0") = 0 [pid 5910] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5910] ioctl(4, LOOP_CLR_FD) = 0 [pid 5912] <... quotactl resumed>) = 0 [pid 5910] close(4 [pid 5912] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5910] <... close resumed>) = 0 [pid 5912] <... openat resumed>) = 3 [pid 5910] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5912] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 5912] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 5912] open(".", O_RDONLY) = 4 [pid 5912] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 5912] exit_group(0) = ? [ 81.177675][ T5910] bcachefs (loop0): going read-write [ 81.200186][ T5910] bcachefs (loop0): done starting filesystem [pid 5914] <... close resumed>) = 0 [pid 5912] +++ exited with 0 +++ [pid 5910] <... quotactl resumed>) = 0 [pid 5914] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5910] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5912, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=47 /* 0.47 s */} --- [pid 5914] <... quotactl resumed>) = 0 [pid 5914] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5910] <... openat resumed>) = 4 [pid 5910] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 5910] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5914] <... openat resumed>) = 3 [pid 5910] <... quotactl resumed>) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5910] open(".", O_RDONLY [pid 5914] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5910] <... open resumed>) = 5 [pid 5828] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5914] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5910] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5920] <... close resumed>) = 0 [pid 5914] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5910] <... fallocate resumed>) = 0 [pid 5910] exit_group(0) = ? [pid 5920] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5910] +++ exited with 0 +++ [pid 5828] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5910, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=38 /* 0.38 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(3, "", [pid 5825] <... openat resumed>) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, [pid 5920] <... quotactl resumed>) = 0 [pid 5914] <... quotactl resumed>) = 0 [pid 5828] getdents64(3, [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5920] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5914] open(".", O_RDONLY [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5914] <... open resumed>) = 4 [pid 5920] <... openat resumed>) = 3 [pid 5914] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./1/binderfs") = 0 [pid 5828] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5825] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./2/binderfs") = 0 [pid 5828] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5920] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5914] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./2/file0", [pid 5914] exit_group(0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5914] <... exit_group resumed>) = ? [pid 5914] +++ exited with 0 +++ [pid 5828] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5914, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=42 /* 0.42 s */} --- [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", [pid 5920] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5920] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./2/file0" [pid 5826] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 81.315855][ T3007] bucket incorrectly unset in freespace btree [ 81.315888][ T3007] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 81.354580][ T3007] bucket incorrectly unset in freespace btree [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5828] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5946] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] unlink("./2/binderfs") = 0 [pid 5828] newfstatat(AT_FDCWD, "./2/file1", [pid 5826] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] unlink("./2/file1") = 0 [pid 5826] newfstatat(AT_FDCWD, "./2/file0", [pid 5828] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3 [pid 5826] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./2" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", [pid 5828] mkdir("./3", 0777) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5826] close(4 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./2/file0"./strace-static-x86_64: Process 5950 attached [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 5950 [pid 5826] <... rmdir resumed>) = 0 [pid 5950] set_robust_list(0x5555819eb760, 24 [pid 5826] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5950] <... set_robust_list resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5950] chdir("./3") = 0 [pid 5950] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] newfstatat(AT_FDCWD, "./2/file1", [pid 5950] <... prctl resumed>) = 0 [pid 5950] setpgid(0, 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5950] <... setpgid resumed>) = 0 [pid 5826] unlink("./2/file1" [pid 5950] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] <... unlink resumed>) = 0 [ 81.354602][ T3007] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 81.362638][ T5825] bcachefs (loop0): shutting down [ 81.362665][ T5825] bcachefs (loop0): going read-only [ 81.362767][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 81.364015][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 executing program [pid 5950] <... openat resumed>) = 3 [pid 5826] getdents64(3, [pid 5950] write(3, "1000", 4) = 4 [pid 5950] close(3) = 0 [pid 5950] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5950] write(1, "executing program\n", 18) = 18 [pid 5950] fsopen(NULL, 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5950] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5950] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5950] memfd_create("syzkaller", 0) = 3 [pid 5826] close(3) = 0 [pid 5950] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5826] rmdir("./2") = 0 [pid 5826] mkdir("./3", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5951 attached , child_tidptr=0x5555819eb750) = 5951 [pid 5951] set_robust_list(0x5555819eb760, 24) = 0 [pid 5951] chdir("./3") = 0 [pid 5951] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5951] setpgid(0, 0) = 0 [pid 5951] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5951] write(3, "1000", 4) = 4 [pid 5951] close(3) = 0 [pid 5951] symlink("/dev/binderfs", "./binderfs") = 0 [ 81.434333][ T61] bucket incorrectly unset in freespace btree [ 81.434355][ T61] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 5951] write(1, "executing program\n", 18executing program ) = 18 [pid 5951] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5951] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5951] memfd_create("syzkaller", 0) = 3 [pid 5951] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 81.479791][ T61] bucket incorrectly unset in freespace btree [ 81.479812][ T61] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 81.525643][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [pid 5920] <... quotactl resumed>) = 0 [pid 5920] open(".", O_RDONLY) = 4 [pid 5920] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 5920] exit_group(0) = ? [pid 5920] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5920, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=51 /* 0.51 s */} --- [ 81.576733][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 81.586717][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./2/binderfs") = 0 [pid 5827] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./2/file0") = 0 [pid 5827] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./2/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./2/file1") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./2") = 0 [pid 5827] mkdir("./3", 0777) = 0 [pid 5951] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5950] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5827] <... openat resumed>) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 5952 ./strace-static-x86_64: Process 5952 attached [ 81.663727][ T5825] bcachefs (loop0): shutdown complete [pid 5952] set_robust_list(0x5555819eb760, 24) = 0 [pid 5952] chdir("./3") = 0 [pid 5952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5952] setpgid(0, 0) = 0 [pid 5952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5952] write(3, "1000", 4) = 4 [pid 5952] close(3) = 0 [pid 5952] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5952] write(1, "executing program\n", 18) = 18 [pid 5952] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5952] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5952] memfd_create("syzkaller", 0) = 3 [pid 5946] <... write resumed>) = 16777216 [pid 5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5946] munmap(0x7f0eeb600000, 138412032) = 0 [pid 5946] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5946] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5946] close(3) = 0 [pid 5946] close(4) = 0 [pid 5946] mkdir("./file0", 0777) = 0 [ 81.799057][ T5946] loop4: detected capacity change from 0 to 32768 [pid 5946] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5951] <... write resumed>) = 16777216 [pid 5951] munmap(0x7f0eeb600000, 138412032) = 0 [pid 5951] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5952] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5951] <... openat resumed>) = 4 [pid 5951] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5951] close(3) = 0 [pid 5951] close(4) = 0 [pid 5951] mkdir("./file0", 0777) = 0 [pid 5951] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5950] <... write resumed>) = 16777216 [pid 5950] munmap(0x7f0eeb600000, 138412032) = 0 [pid 5950] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 82.006699][ T5951] loop1: detected capacity change from 0 to 32768 [pid 5950] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5950] close(3) = 0 [pid 5950] close(4) = 0 [pid 5950] mkdir("./file0", 0777) = 0 [ 82.086388][ T5950] loop3: detected capacity change from 0 to 32768 [pid 5950] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5952] <... write resumed>) = 16777216 [pid 5952] munmap(0x7f0eeb600000, 138412032) = 0 [pid 5952] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5952] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5952] close(3) = 0 [pid 5952] close(4) = 0 [pid 5952] mkdir("./file0", 0777) = 0 [ 82.198770][ T5952] loop2: detected capacity change from 0 to 32768 [ 82.423300][ T5946] bcachefs (loop4): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 82.428336][ T5950] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 82.449888][ T5946] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 82.468330][ T5946] bcachefs (loop4): Version downgrade required: [ 82.474847][ T5946] bcachefs (loop4): Version upgrade required: [ 82.474847][ T5946] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 82.474847][ T5946] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 82.474847][ T5946] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 82.497491][ T5951] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 82.575730][ T5951] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 82.584409][ T5950] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 82.594005][ T5952] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 82.611500][ T5952] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 82.619702][ T5946] bcachefs (loop4): dropping and reconstructing all alloc info [ 82.675397][ T5946] bcachefs (loop4): accounting_read... done [ 82.746024][ T5946] bcachefs (loop4): alloc_read... done [ 82.752975][ T5946] bcachefs (loop4): stripes_read... done [ 82.776045][ T5946] bcachefs (loop4): snapshots_read... done [ 82.800209][ T5946] bcachefs (loop4): check_allocations... [ 82.805349][ T5951] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5952] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5951] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5951] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5951] ioctl(3, LOOP_CLR_FD) = 0 [pid 5951] close(3 [pid 5946] <... mount resumed>) = 0 [pid 5946] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5946] chdir("./file0") = 0 [pid 5946] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5946] ioctl(4, LOOP_CLR_FD) = 0 [pid 5946] close(4) = 0 [ 82.838714][ T5946] done [ 82.848051][ T5946] bcachefs (loop4): going read-write [ 82.865257][ T5946] bcachefs (loop4): done starting filesystem [pid 5946] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 5946] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 5946] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 5946] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 5946] open(".", O_RDONLY) = 5 [ 82.901878][ T5950] bcachefs: bch2_fs_get_tree() error: EINVAL [ 82.931082][ T61] bucket incorrectly unset in freespace btree [pid 5946] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 5825] <... umount2 resumed>) = 0 [pid 5946] exit_group(0) = ? [pid 5950] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5950] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5946] +++ exited with 0 +++ [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5950] <... openat resumed>) = 3 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5946, si_uid=0, si_status=0, si_utime=13 /* 0.13 s */, si_stime=27 /* 0.27 s */} --- [pid 5825] getdents64(4, [pid 5950] ioctl(3, LOOP_CLR_FD [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5950] <... ioctl resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4 [pid 5950] close(3 [pid 5825] <... close resumed>) = 0 [pid 5829] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5952] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] rmdir("./1/file0" [pid 5952] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5829] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5952] <... openat resumed>) = 3 [pid 5829] <... openat resumed>) = 3 [pid 5825] <... rmdir resumed>) = 0 [pid 5829] newfstatat(3, "", [pid 5825] getdents64(3, [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5829] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./1" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5825] <... rmdir resumed>) = 0 [pid 5825] mkdir("./2", 0777 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./2/binderfs" [pid 5952] ioctl(3, LOOP_CLR_FD [pid 5825] <... mkdir resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] <... unlink resumed>) = 0 [pid 5952] <... ioctl resumed>) = 0 [pid 5829] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... openat resumed>) = 3 [pid 5952] close(3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5984 attached [ 82.931119][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 82.966880][ T5946] syz-executor165 (5946) used greatest stack depth: 17216 bytes left , child_tidptr=0x5555819eb750) = 5984 [pid 5984] set_robust_list(0x5555819eb760, 24) = 0 [pid 5984] chdir("./2") = 0 [pid 5984] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5984] setpgid(0, 0) = 0 [pid 5984] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program ) = 3 [pid 5984] write(3, "1000", 4) = 4 [pid 5984] close(3) = 0 [pid 5984] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5984] write(1, "executing program\n", 18) = 18 [pid 5984] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5984] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5984] memfd_create("syzkaller", 0) = 3 [pid 5984] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 82.979639][ T5952] bcachefs: bch2_fs_get_tree() error: EINVAL [ 83.020171][ T5829] bcachefs (loop4): shutting down [ 83.020192][ T5829] bcachefs (loop4): going read-only [ 83.020213][ T5829] bcachefs (loop4): finished waiting for writes to stop [ 83.047643][ T5829] bcachefs (loop4): flushing journal and stopping allocators, journal seq 11 [ 83.166328][ T61] bucket incorrectly unset in freespace btree [ 83.166349][ T61] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [pid 5950] <... close resumed>) = 0 [ 83.271479][ T77] bucket incorrectly unset in freespace btree [ 83.271501][ T77] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [pid 5950] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5951] <... close resumed>) = 0 [pid 5951] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5984] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5952] <... close resumed>) = 0 [ 83.311882][ T77] bucket incorrectly unset in freespace btree [ 83.311903][ T77] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [ 83.347726][ T5829] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 12 [pid 5952] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 5950] <... quotactl resumed>) = 0 [pid 5952] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5950] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5951] <... quotactl resumed>) = 0 [pid 5951] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 5951] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5952] <... openat resumed>) = 3 [pid 5951] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5951] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5950] <... openat resumed>) = 3 [pid 5952] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5950] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5952] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5951] <... quotactl resumed>) = 0 [pid 5952] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5950] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5950] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5952] <... quotactl resumed>) = 0 [pid 5951] open(".", O_RDONLY [pid 5950] <... quotactl resumed>) = 0 [pid 5952] open(".", O_RDONLY [pid 5950] open(".", O_RDONLY [pid 5952] <... open resumed>) = 4 [pid 5950] <... open resumed>) = 4 [pid 5952] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5950] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5952] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5950] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5952] exit_group(0 [pid 5950] exit_group(0 [pid 5952] <... exit_group resumed>) = ? [pid 5950] <... exit_group resumed>) = ? [pid 5951] <... open resumed>) = 4 [pid 5952] +++ exited with 0 +++ [pid 5951] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5950] +++ exited with 0 +++ [pid 5951] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5951] exit_group(0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5950, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=47 /* 0.47 s */} --- [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5952, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=42 /* 0.42 s */} --- [pid 5951] <... exit_group resumed>) = ? [pid 5951] +++ exited with 0 +++ [ 83.365760][ T5829] bcachefs (loop4): unclean shutdown complete, journal seq 13 [ 83.375444][ T5829] bcachefs (loop4): done going read-only, filesystem not clean [ 83.398191][ T5829] bcachefs (loop4): shutdown complete [pid 5828] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5951, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=49 /* 0.49 s */} --- [pid 5828] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 3 [pid 5827] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] newfstatat(3, "", [pid 5827] <... openat resumed>) = 3 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, [pid 5827] newfstatat(3, "", [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5826] <... openat resumed>) = 3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./3/binderfs" [pid 5826] newfstatat(3, "", [pid 5827] <... unlink resumed>) = 0 [pid 5828] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5826] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] unlink("./3/binderfs") = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] newfstatat(AT_FDCWD, "./3/file0", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./3/file0", [pid 5827] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5828] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... openat resumed>) = 4 [pid 5826] unlink("./3/binderfs" [pid 5828] <... openat resumed>) = 4 [pid 5826] <... unlink resumed>) = 0 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] newfstatat(4, "", [pid 5828] getdents64(4, [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, [pid 5828] getdents64(4, [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] getdents64(4, [pid 5826] newfstatat(AT_FDCWD, "./3/file0", [pid 5828] close(4) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] rmdir("./3/file0" [pid 5827] close(4 [pid 5826] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... close resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] rmdir("./3/file0" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] <... rmdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(AT_FDCWD, "./3/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5828] unlink("./3/file1") = 0 [pid 5827] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(4, "", [pid 5828] getdents64(3, [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3 [pid 5827] newfstatat(AT_FDCWD, "./3/file1", [pid 5826] getdents64(4, [pid 5828] <... close resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] rmdir("./3" [pid 5827] unlink("./3/file1" [pid 5826] getdents64(4, [pid 5828] <... rmdir resumed>) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5827] getdents64(3, [pid 5826] rmdir("./3/file0" [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./3") = 0 [pid 5828] mkdir("./4", 0777 [pid 5826] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... mkdir resumed>) = 0 [pid 5827] mkdir("./4", 0777 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... mkdir resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./3/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5826] unlink("./3/file1" [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... unlink resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] <... openat resumed>) = 3 [pid 5828] close(3 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5826] getdents64(3, [pid 5828] <... close resumed>) = 0 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] close(3 [pid 5826] close(3 [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5985 attached [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./3") = 0 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 5985 [pid 5985] set_robust_list(0x5555819eb760, 24 [pid 5826] mkdir("./4", 0777 [pid 5985] <... set_robust_list resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5985] chdir("./4") = 0 [pid 5985] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5985] <... prctl resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5985] setpgid(0, 0 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5985] <... setpgid resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5985] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] close(3 [pid 5985] <... openat resumed>) = 3 [pid 5826] <... close resumed>) = 0 [pid 5985] write(3, "1000", 4 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5985] <... write resumed>) = 4 [pid 5985] close(3) = 0 [pid 5985] symlink("/dev/binderfs", "./binderfs") = 0 executing program ./strace-static-x86_64: Process 5987 attached ./strace-static-x86_64: Process 5986 attached [pid 5985] write(1, "executing program\n", 18) = 18 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 5986 [pid 5985] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5987] set_robust_list(0x5555819eb760, 24 [pid 5985] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5987] <... set_robust_list resumed>) = 0 [pid 5985] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5987] chdir("./4" [pid 5985] memfd_create("syzkaller", 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 5987 [pid 5987] <... chdir resumed>) = 0 [pid 5987] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5986] set_robust_list(0x5555819eb760, 24 [pid 5985] <... memfd_create resumed>) = 3 [pid 5987] <... prctl resumed>) = 0 [pid 5987] setpgid(0, 0 [pid 5985] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5987] <... setpgid resumed>) = 0 [pid 5985] <... mmap resumed>) = 0x7f0eeb600000 [pid 5987] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program ) = 3 [pid 5986] <... set_robust_list resumed>) = 0 [pid 5987] write(3, "1000", 4) = 4 [pid 5987] close(3) = 0 [pid 5987] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5987] write(1, "executing program\n", 18) = 18 [pid 5987] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5987] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5987] memfd_create("syzkaller", 0) = 3 [pid 5987] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5986] chdir("./4") = 0 [pid 5987] <... mmap resumed>) = 0x7f0eeb600000 [pid 5986] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5986] setpgid(0, 0) = 0 [pid 5986] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5984] <... write resumed>) = 16777216 [pid 5986] write(3, "1000", 4executing program ) = 4 [pid 5986] close(3) = 0 [pid 5986] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5986] write(1, "executing program\n", 18) = 18 [pid 5986] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5986] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5986] memfd_create("syzkaller", 0) = 3 [pid 5984] munmap(0x7f0eeb600000, 138412032 [pid 5986] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5984] <... munmap resumed>) = 0 [pid 5984] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5984] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5984] close(3) = 0 [pid 5984] close(4) = 0 [pid 5984] mkdir("./file0", 0777) = 0 [ 83.624914][ T5984] loop0: detected capacity change from 0 to 32768 [pid 5984] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5985] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5986] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5987] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5986] <... write resumed>) = 16777216 [pid 5986] munmap(0x7f0eeb600000, 138412032) = 0 [pid 5986] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5986] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5985] <... write resumed>) = 16777216 [pid 5985] munmap(0x7f0eeb600000, 138412032 [pid 5986] close(3 [pid 5985] <... munmap resumed>) = 0 [pid 5986] <... close resumed>) = 0 [pid 5986] close(4) = 0 [pid 5986] mkdir("./file0", 0777) = 0 [ 84.043654][ T5986] loop1: detected capacity change from 0 to 32768 [pid 5985] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5985] ioctl(4, LOOP_SET_FD, 3 [pid 5986] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5985] <... ioctl resumed>) = 0 [pid 5985] close(3) = 0 [pid 5985] close(4) = 0 [pid 5985] mkdir("./file0", 0777) = 0 [ 84.085124][ T5985] loop2: detected capacity change from 0 to 32768 [pid 5985] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5987] <... write resumed>) = 16777216 [pid 5987] munmap(0x7f0eeb600000, 138412032) = 0 [pid 5987] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5987] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5987] close(3) = 0 [pid 5987] close(4) = 0 [pid 5987] mkdir("./file0", 0777) = 0 [ 84.157093][ T5987] loop3: detected capacity change from 0 to 32768 [ 84.265454][ T5984] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 84.292339][ T5984] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 84.300380][ T5984] bcachefs (loop0): Version downgrade required: [ 84.307121][ T5984] bcachefs (loop0): Version upgrade required: [ 84.307121][ T5984] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 84.307121][ T5984] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 84.307121][ T5984] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 84.391274][ T5986] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 84.402494][ T5986] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 84.413823][ T5985] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 84.415831][ T5984] bcachefs (loop0): dropping and reconstructing all alloc info [ 84.437063][ T5985] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 84.438360][ T5987] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 84.455761][ T5987] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 84.525134][ T5984] bcachefs (loop0): accounting_read... done [ 84.542197][ T5984] bcachefs (loop0): alloc_read... done [ 84.555979][ T5984] bcachefs (loop0): stripes_read... done [ 84.561912][ T5984] bcachefs (loop0): snapshots_read... done [ 84.583845][ T5984] bcachefs (loop0): check_allocations... done [ 84.634476][ T5984] bcachefs (loop0): going read-write [pid 5987] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5984] <... mount resumed>) = 0 [pid 5984] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5984] chdir("./file0") = 0 [pid 5984] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5986] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5984] ioctl(4, LOOP_CLR_FD) = 0 [ 84.665771][ T5984] bcachefs (loop0): done starting filesystem [ 84.698219][ T5986] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5984] close(4 [pid 5986] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5984] <... close resumed>) = 0 [pid 5986] <... openat resumed>) = 3 [pid 5984] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5986] ioctl(3, LOOP_CLR_FD) = 0 [ 84.729243][ T5987] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5986] close(3 [pid 5987] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5985] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5987] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5987] ioctl(3, LOOP_CLR_FD) = 0 [pid 5987] close(3 [pid 5985] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5984] <... quotactl resumed>) = 0 [pid 5984] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 5985] <... openat resumed>) = 3 [pid 5985] ioctl(3, LOOP_CLR_FD) = 0 [ 84.771958][ T5985] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5984] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5985] close(3 [pid 5984] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5984] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5829] <... umount2 resumed>) = 0 [pid 5984] <... quotactl resumed>) = 0 [pid 5984] open(".", O_RDONLY) = 5 [pid 5984] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5984] <... fallocate resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5984] exit_group(0 [pid 5829] <... openat resumed>) = 4 [pid 5984] <... exit_group resumed>) = ? [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5984] +++ exited with 0 +++ [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./2/file0") = 0 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5984, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=40 /* 0.40 s */} --- [pid 5825] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(3, [pid 5825] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./2") = 0 [pid 5829] mkdir("./3", 0777 [pid 5825] <... openat resumed>) = 3 [pid 5829] <... mkdir resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] newfstatat(3, "", [pid 5829] <... openat resumed>) = 3 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [ 84.889737][ T5984] syz-executor165 (5984) used greatest stack depth: 16448 bytes left [ 84.900277][ T61] bucket incorrectly unset in freespace btree [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6019 attached [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 6019] set_robust_list(0x5555819eb760, 24) = 0 [pid 6019] chdir("./3" [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6019 [pid 5825] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6019] <... chdir resumed>) = 0 [pid 5825] newfstatat(AT_FDCWD, "./2/binderfs", [pid 6019] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6019] <... prctl resumed>) = 0 [pid 6019] setpgid(0, 0 [pid 5825] unlink("./2/binderfs" [pid 6019] <... setpgid resumed>) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 6019] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6019] <... openat resumed>) = 3 [ 84.900311][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 6019] write(3, "1000", 4) = 4 [pid 6019] close(3) = 0 [pid 6019] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6019] write(1, "executing program\n", 18executing program ) = 18 [pid 6019] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6019] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6019] memfd_create("syzkaller", 0) = 3 [pid 6019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 84.993346][ T5825] bcachefs (loop0): shutting down [ 85.008059][ T5825] bcachefs (loop0): going read-only [ 85.014739][ T61] bucket incorrectly unset in freespace btree [pid 5986] <... close resumed>) = 0 [pid 5986] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5987] <... close resumed>) = 0 [ 85.014769][ T61] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 85.048872][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 85.075981][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [pid 5987] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5985] <... close resumed>) = 0 [ 85.136869][ T61] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 53) [ 85.151270][ T61] bucket incorrectly unset in freespace btree [ 85.151292][ T61] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 85.166888][ T61] bucket incorrectly unset in freespace btree [ 85.166908][ T61] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 5985] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6019] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5987] <... quotactl resumed>) = 0 [pid 5986] <... quotactl resumed>) = 0 [pid 5985] <... quotactl resumed>) = 0 [pid 5987] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5986] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [ 85.187651][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 85.199587][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 85.209889][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 5985] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5987] <... openat resumed>) = 3 [pid 5986] <... openat resumed>) = 3 [pid 5985] <... openat resumed>) = 3 [pid 5985] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5986] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5985] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5986] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5987] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5986] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5985] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5987] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5987] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 5986] <... quotactl resumed>) = 0 [pid 5985] <... quotactl resumed>) = 0 [pid 5987] open(".", O_RDONLY [pid 5986] open(".", O_RDONLY [pid 5985] open(".", O_RDONLY [pid 5987] <... open resumed>) = 4 [pid 5986] <... open resumed>) = 4 [pid 5985] <... open resumed>) = 4 [pid 5987] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5986] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5985] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5987] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5986] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5985] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5987] exit_group(0 [pid 5986] exit_group(0 [pid 5985] exit_group(0 [pid 5987] <... exit_group resumed>) = ? [pid 5986] <... exit_group resumed>) = ? [pid 5985] <... exit_group resumed>) = ? [pid 5987] +++ exited with 0 +++ [pid 5986] +++ exited with 0 +++ [pid 5985] +++ exited with 0 +++ [ 85.241536][ T5825] bcachefs (loop0): shutdown complete [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5987, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=41 /* 0.41 s */} --- [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5985, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=46 /* 0.46 s */} --- [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5986, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=44 /* 0.44 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] <... restart_syscall resumed>) = 0 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... openat resumed>) = 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5826] newfstatat(3, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] unlink("./4/binderfs" [pid 5826] getdents64(3, [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5828] newfstatat(AT_FDCWD, "./4/file0", [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./4/binderfs" [pid 5828] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... unlink resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] newfstatat(3, "", [pid 5828] <... openat resumed>) = 4 [pid 5826] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(4, "", [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(3, [pid 5828] getdents64(4, [pid 5826] newfstatat(AT_FDCWD, "./4/file0", [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(4, [pid 5827] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] close(4 [pid 5827] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5826] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... close resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] rmdir("./4/file0" [pid 5827] unlink("./4/binderfs" [pid 5826] <... openat resumed>) = 4 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5828] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(4, "", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./4/file1", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] getdents64(4, [pid 5828] unlink("./4/file1" [pid 5827] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(4, [pid 5828] getdents64(3, [pid 5827] newfstatat(AT_FDCWD, "./4/file0", [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] close(4 [pid 5828] close(3) = 0 [pid 5827] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... close resumed>) = 0 [pid 5828] rmdir("./4" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] rmdir("./4/file0" [pid 5828] <... rmdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... rmdir resumed>) = 0 [pid 5828] mkdir("./5", 0777 [pid 5827] <... openat resumed>) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] getdents64(4, [pid 5826] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 3 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] getdents64(4, [pid 5826] newfstatat(AT_FDCWD, "./4/file1", [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] close(4 [pid 5826] unlink("./4/file1" [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] <... close resumed>) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5827] rmdir("./4/file0") = 0 [pid 5827] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(3, [pid 5827] newfstatat(AT_FDCWD, "./4/file1", [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] close(3 [pid 5827] unlink("./4/file1" [pid 5826] <... close resumed>) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5826] rmdir("./4" [pid 5827] getdents64(3, [pid 5826] <... rmdir resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./4") = 0 [pid 5826] mkdir("./5", 0777) = 0 [pid 5827] mkdir("./5", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 ./strace-static-x86_64: Process 6020 attached [pid 6019] <... write resumed>) = 16777216 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6020 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6020] set_robust_list(0x5555819eb760, 24 [pid 6019] munmap(0x7f0eeb600000, 138412032 [pid 5827] <... openat resumed>) = 3 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6021 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 6020] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 6021 attached [pid 6020] chdir("./5" [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6021] set_robust_list(0x5555819eb760, 24 [pid 6020] <... chdir resumed>) = 0 [pid 5827] close(3 [pid 6020] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] <... close resumed>) = 0 [pid 6021] <... set_robust_list resumed>) = 0 [pid 6020] <... prctl resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6022 attached [pid 6020] setpgid(0, 0 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6022 [pid 6021] chdir("./5" [pid 6020] <... setpgid resumed>) = 0 [pid 6019] <... munmap resumed>) = 0 [pid 6021] <... chdir resumed>) = 0 [pid 6020] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6019] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6022] set_robust_list(0x5555819eb760, 24 [pid 6021] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6019] ioctl(4, LOOP_SET_FD, 3 [pid 6021] <... prctl resumed>) = 0 [pid 6020] <... openat resumed>) = 3 [pid 6022] <... set_robust_list resumed>) = 0 [pid 6022] chdir("./5") = 0 [pid 6021] setpgid(0, 0 [pid 6020] write(3, "1000", 4 [pid 6019] <... ioctl resumed>) = 0 [pid 6021] <... setpgid resumed>) = 0 [pid 6020] <... write resumed>) = 4 [pid 6019] close(3 [pid 6022] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6021] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6020] close(3 [pid 6019] <... close resumed>) = 0 [pid 6022] <... prctl resumed>) = 0 [pid 6022] setpgid(0, 0 [pid 6020] <... close resumed>) = 0 [pid 6019] close(4 [pid 6020] symlink("/dev/binderfs", "./binderfs" [pid 6019] <... close resumed>) = 0 [pid 6022] <... setpgid resumed>) = 0 [pid 6019] mkdir("./file0", 0777 [pid 6022] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6020] <... symlink resumed>) = 0 executing program [pid 6022] <... openat resumed>) = 3 [pid 6020] write(1, "executing program\n", 18 [pid 6019] <... mkdir resumed>) = 0 [pid 6022] write(3, "1000", 4) = 4 [pid 6022] close(3 [pid 6020] <... write resumed>) = 18 [pid 6019] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6022] <... close resumed>) = 0 [pid 6021] <... openat resumed>) = 3 [pid 6020] fsopen(NULL, 0 [pid 6022] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6021] write(3, "1000", 4 [pid 6020] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6022] write(1, "executing program\n", 18 [pid 6021] <... write resumed>) = 4 [pid 6020] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6022] <... write resumed>) = 18 [pid 6022] fsopen(NULL, 0 [pid 6021] close(3 [pid 6020] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6022] <... fsopen resumed>) = -1 EFAULT (Bad address) executing program [pid 6021] <... close resumed>) = 0 [pid 6022] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6021] symlink("/dev/binderfs", "./binderfs" [pid 6020] memfd_create("syzkaller", 0 [pid 6021] <... symlink resumed>) = 0 [pid 6020] <... memfd_create resumed>) = 3 [pid 6022] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6021] write(1, "executing program\n", 18 [pid 6020] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6021] <... write resumed>) = 18 [pid 6020] <... mmap resumed>) = 0x7f0eeb600000 [pid 6022] memfd_create("syzkaller", 0 [pid 6021] fsopen(NULL, 0 [pid 6022] <... memfd_create resumed>) = 3 [pid 6021] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6021] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6022] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6021] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6022] <... mmap resumed>) = 0x7f0eeb600000 [pid 6021] memfd_create("syzkaller", 0) = 3 [pid 6021] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 85.406648][ T6019] loop4: detected capacity change from 0 to 32768 [pid 6022] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6020] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6022] <... write resumed>) = 16777216 [pid 6022] munmap(0x7f0eeb600000, 138412032 [pid 6021] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6022] <... munmap resumed>) = 0 [pid 6022] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6022] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6022] close(3) = 0 [pid 6022] close(4) = 0 [pid 6022] mkdir("./file0", 0777) = 0 [ 85.772554][ T6022] loop2: detected capacity change from 0 to 32768 [pid 6022] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6020] <... write resumed>) = 16777216 [pid 6020] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6020] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6020] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6020] close(3) = 0 [pid 6020] close(4) = 0 [pid 6020] mkdir("./file0", 0777) = 0 [ 85.900515][ T6020] loop3: detected capacity change from 0 to 32768 [pid 6020] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6021] <... write resumed>) = 16777216 [pid 6021] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6021] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6021] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6021] close(3) = 0 [pid 6021] close(4) = 0 [pid 6021] mkdir("./file0", 0777) = 0 [ 86.012905][ T6021] loop1: detected capacity change from 0 to 32768 [ 86.031075][ T6019] bcachefs (loop4): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 86.067521][ T6022] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 86.079330][ T6019] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 86.094527][ T6019] bcachefs (loop4): Version downgrade required: [ 86.101083][ T6022] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 86.103054][ T6020] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 86.110112][ T6019] bcachefs (loop4): Version upgrade required: [ 86.110112][ T6019] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 86.110112][ T6019] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 86.110112][ T6019] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 86.136013][ T6020] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 86.218918][ T6019] bcachefs (loop4): dropping and reconstructing all alloc info [ 86.279152][ T6019] bcachefs (loop4): accounting_read... done [ 86.285375][ T6019] bcachefs (loop4): alloc_read... done [ 86.296180][ T6019] bcachefs (loop4): stripes_read... done [ 86.306257][ T6019] bcachefs (loop4): snapshots_read... done [pid 6021] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [ 86.312516][ T6019] bcachefs (loop4): check_allocations... [ 86.345305][ T6021] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 5825] close(4) = 0 [pid 5825] rmdir("./2/file0") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./2") = 0 [ 86.401720][ T6021] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 86.439714][ T6019] done [ 86.443894][ T6019] bcachefs (loop4): going read-write [pid 5825] mkdir("./3", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6020] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6019] <... mount resumed>) = 0 [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 6054 ./strace-static-x86_64: Process 6054 attached [pid 6020] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6020] ioctl(3, LOOP_CLR_FD) = 0 [pid 6020] close(3 [pid 6054] set_robust_list(0x5555819eb760, 24) = 0 [pid 6054] chdir("./3") = 0 [pid 6054] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6054] setpgid(0, 0) = 0 [pid 6054] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program ) = 3 [pid 6054] write(3, "1000", 4) = 4 [pid 6054] close(3) = 0 [pid 6054] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6019] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6054] write(1, "executing program\n", 18) = 18 [pid 6019] chdir("./file0" [pid 6054] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6019] <... chdir resumed>) = 0 [pid 6054] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6019] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6054] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6019] <... openat resumed>) = 4 [pid 6054] memfd_create("syzkaller", 0 [pid 6019] ioctl(4, LOOP_CLR_FD) = 0 [pid 6054] <... memfd_create resumed>) = 3 [pid 6054] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 86.454775][ T6020] bcachefs: bch2_fs_get_tree() error: EINVAL [ 86.466764][ T6019] bcachefs (loop4): done starting filesystem [pid 6019] close(4) = 0 [pid 6019] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6019] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6022] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6019] <... openat resumed>) = 4 [pid 6022] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6019] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6022] <... openat resumed>) = 3 [pid 6019] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6022] ioctl(3, LOOP_CLR_FD) = 0 [pid 6019] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6022] close(3 [pid 6019] <... quotactl resumed>) = 0 [ 86.605516][ T6022] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6019] open(".", O_RDONLY) = 5 [pid 6019] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 6019] exit_group(0) = ? [pid 6019] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6019, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=34 /* 0.34 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 6021] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... restart_syscall resumed>) = 0 [pid 5829] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6021] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5829] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6021] <... openat resumed>) = 3 [pid 5829] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./3/binderfs") = 0 [pid 5829] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6021] ioctl(3, LOOP_CLR_FD) = 0 [ 86.719047][ T52] bucket incorrectly unset in freespace btree [ 86.719080][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 6021] close(3 [pid 6020] <... close resumed>) = 0 [ 86.728988][ T6021] bcachefs: bch2_fs_get_tree() error: EINVAL [ 86.797840][ T5829] bcachefs (loop4): shutting down [pid 6020] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 86.797861][ T5829] bcachefs (loop4): going read-only [ 86.797883][ T5829] bcachefs (loop4): finished waiting for writes to stop [ 86.830047][ T5829] bcachefs (loop4): flushing journal and stopping allocators, journal seq 11 [pid 6054] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6021] <... close resumed>) = 0 [pid 6022] <... close resumed>) = 0 [pid 6022] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 86.964022][ T52] bucket incorrectly unset in freespace btree [ 86.964044][ T52] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [ 87.002112][ T52] bucket incorrectly unset in freespace btree [ 87.002134][ T52] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [ 87.041498][ T52] bucket incorrectly unset in freespace btree [ 87.041533][ T52] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [ 87.070139][ T5829] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 12 [ 87.098607][ T5829] bcachefs (loop4): unclean shutdown complete, journal seq 13 [pid 6021] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6054] <... write resumed>) = 16777216 [pid 6054] munmap(0x7f0eeb600000, 138412032) = 0 [ 87.116902][ T5829] bcachefs (loop4): done going read-only, filesystem not clean [pid 6054] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6022] <... quotactl resumed>) = 0 [pid 6021] <... quotactl resumed>) = 0 [pid 6020] <... quotactl resumed>) = 0 [pid 6054] <... openat resumed>) = 4 [pid 6021] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6020] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6022] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6021] <... openat resumed>) = 3 [pid 6020] <... openat resumed>) = 3 [pid 6020] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6054] ioctl(4, LOOP_SET_FD, 3 [pid 6022] <... openat resumed>) = 3 [pid 6021] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6020] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6022] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6021] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6020] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6021] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6022] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6022] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6054] <... ioctl resumed>) = 0 [pid 6022] <... quotactl resumed>) = 0 [pid 6021] <... quotactl resumed>) = 0 [pid 6020] <... quotactl resumed>) = 0 [pid 6022] open(".", O_RDONLY [pid 6054] close(3 [pid 6022] <... open resumed>) = 4 [pid 6021] open(".", O_RDONLY [pid 6020] open(".", O_RDONLY [pid 6054] <... close resumed>) = 0 [pid 6022] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6021] <... open resumed>) = 4 [pid 6020] <... open resumed>) = 4 [pid 6054] close(4 [pid 6022] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6021] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6054] <... close resumed>) = 0 [pid 6020] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6021] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6020] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6021] exit_group(0 [pid 6020] exit_group(0 [pid 6054] mkdir("./file0", 0777) = 0 [pid 6022] exit_group(0 [pid 6021] <... exit_group resumed>) = ? [pid 6022] <... exit_group resumed>) = ? [pid 6020] <... exit_group resumed>) = ? [pid 6022] +++ exited with 0 +++ [pid 6020] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6022, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=45 /* 0.45 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6020, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=50 /* 0.50 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 6054] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6021] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6021, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=52 /* 0.52 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] <... restart_syscall resumed>) = 0 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5828] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... openat resumed>) = 3 [pid 5827] <... openat resumed>) = 3 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] newfstatat(3, "", [pid 5827] newfstatat(3, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(3, [pid 5827] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [ 87.160239][ T5829] bcachefs (loop4): shutdown complete [ 87.180390][ T6054] loop0: detected capacity change from 0 to 32768 [pid 5827] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5826] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./5/binderfs" [pid 5826] <... openat resumed>) = 3 [pid 5827] <... unlink resumed>) = 0 [pid 5826] newfstatat(3, "", [pid 5828] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] unlink("./5/binderfs" [pid 5826] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./5/file0", [pid 5826] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5828] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./5/file0", [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] unlink("./5/binderfs" [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... unlink resumed>) = 0 [pid 5827] <... openat resumed>) = 4 [pid 5826] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(4, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(AT_FDCWD, "./5/file0", [pid 5828] <... openat resumed>) = 4 [pid 5827] getdents64(4, [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(4, "", [pid 5826] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... openat resumed>) = 4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 5826] newfstatat(4, "", [pid 5828] getdents64(4, [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] getdents64(4, [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] close(4 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] <... close resumed>) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] getdents64(4, [pid 5827] rmdir("./5/file0" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5826] close(4 [pid 5828] close(4 [pid 5826] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] rmdir("./5/file0" [pid 5828] rmdir("./5/file0") = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5826] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./5/file1", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./5/file1", [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./5/file1", [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./5/file1" [pid 5827] unlink("./5/file1") = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5826] getdents64(3, [pid 5828] unlink("./5/file1" [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5827] getdents64(3, [pid 5826] close(3 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5828] getdents64(3, [pid 5827] rmdir("./5" [pid 5826] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5826] rmdir("./5" [pid 5828] close(3) = 0 [pid 5827] mkdir("./6", 0777 [pid 5828] rmdir("./5" [pid 5827] <... mkdir resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5828] mkdir("./6", 0777 [pid 5827] <... openat resumed>) = 3 [pid 5826] <... rmdir resumed>) = 0 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3 [pid 5828] <... mkdir resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5826] mkdir("./6", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] close(3./strace-static-x86_64: Process 6060 attached ) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6060 ./strace-static-x86_64: Process 6061 attached [pid 5828] <... openat resumed>) = 3 [pid 6061] set_robust_list(0x5555819eb760, 24 [pid 6060] set_robust_list(0x5555819eb760, 24 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6061 [pid 6061] <... set_robust_list resumed>) = 0 [pid 6060] <... set_robust_list resumed>) = 0 [pid 6061] chdir("./6" [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6061] <... chdir resumed>) = 0 [pid 6060] chdir("./6" [pid 6061] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6060] <... chdir resumed>) = 0 [pid 6061] <... prctl resumed>) = 0 [pid 6060] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6061] setpgid(0, 0 [pid 6060] <... prctl resumed>) = 0 [pid 5828] close(3 [pid 6061] <... setpgid resumed>) = 0 [pid 6060] setpgid(0, 0 [pid 5828] <... close resumed>) = 0 [pid 6060] <... setpgid resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6060] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 6062 attached [pid 6061] <... openat resumed>) = 3 [pid 6062] set_robust_list(0x5555819eb760, 24 [pid 6061] write(3, "1000", 4 [pid 6062] <... set_robust_list resumed>) = 0 [pid 6060] <... openat resumed>) = 3 [pid 6061] <... write resumed>) = 4 [pid 6062] chdir("./6" [pid 6061] close(3 [pid 6060] write(3, "1000", 4 [pid 6062] <... chdir resumed>) = 0 [pid 6061] <... close resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6062 [pid 6060] <... write resumed>) = 4 [pid 6062] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6061] symlink("/dev/binderfs", "./binderfs" [pid 6060] close(3 [pid 6062] <... prctl resumed>) = 0 [pid 6062] setpgid(0, 0 [pid 6060] <... close resumed>) = 0 [pid 6062] <... setpgid resumed>) = 0 [pid 6061] <... symlink resumed>) = 0 [pid 6062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 executing program [pid 6062] write(3, "1000", 4 [pid 6061] write(1, "executing program\n", 18 [pid 6060] symlink("/dev/binderfs", "./binderfs" [pid 6062] <... write resumed>) = 4 [pid 6061] <... write resumed>) = 18 [pid 6060] <... symlink resumed>) = 0 [pid 6061] fsopen(NULL, 0 [pid 6062] close(3 [pid 6060] write(1, "executing program\n", 18executing program ) = 18 [pid 6060] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6060] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6062] <... close resumed>) = 0 [pid 6061] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6062] symlink("/dev/binderfs", "./binderfs" [pid 6061] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6060] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6062] <... symlink resumed>) = 0 [pid 6061] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6060] memfd_create("syzkaller", 0 [pid 6061] memfd_create("syzkaller", 0 [pid 6060] <... memfd_create resumed>) = 3 [pid 6061] <... memfd_create resumed>) = 3 [pid 6062] write(1, "executing program\n", 18executing program [pid 6061] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6062] <... write resumed>) = 18 [pid 6061] <... mmap resumed>) = 0x7f0eeb600000 [pid 6060] <... mmap resumed>) = 0x7f0eeb600000 [pid 6062] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6062] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6062] memfd_create("syzkaller", 0) = 3 [pid 6062] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6061] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6060] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6062] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6061] <... write resumed>) = 16777216 [pid 6061] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6061] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6061] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6061] close(3) = 0 [pid 6061] close(4) = 0 [pid 6061] mkdir("./file0", 0777) = 0 [ 87.815414][ T6061] loop1: detected capacity change from 0 to 32768 [pid 6061] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6060] <... write resumed>) = 16777216 [pid 6060] munmap(0x7f0eeb600000, 138412032 [pid 6062] <... write resumed>) = 16777216 [pid 6062] munmap(0x7f0eeb600000, 138412032 [pid 6060] <... munmap resumed>) = 0 [pid 6060] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6062] <... munmap resumed>) = 0 [pid 6060] <... openat resumed>) = 4 [pid 6062] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6062] ioctl(4, LOOP_SET_FD, 3 [pid 6060] ioctl(4, LOOP_SET_FD, 3 [pid 6062] <... ioctl resumed>) = 0 [pid 6062] close(3 [pid 6060] <... ioctl resumed>) = 0 [pid 6062] <... close resumed>) = 0 [pid 6062] close(4 [pid 6060] close(3) = 0 [pid 6060] close(4 [pid 6062] <... close resumed>) = 0 [pid 6060] <... close resumed>) = 0 [pid 6060] mkdir("./file0", 0777) = 0 [pid 6062] mkdir("./file0", 0777 [pid 6060] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6062] <... mkdir resumed>) = 0 [ 88.019053][ T6062] loop3: detected capacity change from 0 to 32768 [ 88.025829][ T6060] loop2: detected capacity change from 0 to 32768 [ 88.150315][ T6054] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 88.158351][ T6061] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 88.183618][ T6054] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 88.186327][ T6061] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 88.196024][ T6054] bcachefs (loop0): Version downgrade required: [ 88.209664][ T6054] bcachefs (loop0): Version upgrade required: [ 88.209664][ T6054] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 88.209664][ T6054] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 88.209664][ T6054] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 88.299369][ T6054] bcachefs (loop0): dropping and reconstructing all alloc info [ 88.331313][ T6060] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 88.346725][ T6054] bcachefs (loop0): accounting_read... done [ 88.361569][ T6060] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 88.370446][ T6054] bcachefs (loop0): alloc_read... done [ 88.386302][ T6054] bcachefs (loop0): stripes_read... done [ 88.389694][ T6062] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 88.401950][ T6054] bcachefs (loop0): snapshots_read... done [ 88.416436][ T6062] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 88.444009][ T6054] bcachefs (loop0): check_allocations... done [pid 6062] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5829] <... umount2 resumed>) = 0 [pid 5829] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, [pid 6061] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6062] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6062] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5829] getdents64(4, [pid 6062] <... openat resumed>) = 3 [pid 6061] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [ 88.577266][ T6061] bcachefs: bch2_fs_get_tree() error: EINVAL [ 88.599206][ T6054] bcachefs (loop0): going read-write [ 88.613849][ T6062] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6062] ioctl(3, LOOP_CLR_FD [pid 6061] <... openat resumed>) = 3 [pid 5829] close(4 [pid 6062] <... ioctl resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 6062] close(3 [pid 5829] rmdir("./3/file0") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./3") = 0 [pid 5829] mkdir("./4", 0777 [pid 6061] ioctl(3, LOOP_CLR_FD [pid 5829] <... mkdir resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6061] <... ioctl resumed>) = 0 [pid 6061] close(3./strace-static-x86_64: Process 6089 attached [pid 6054] <... mount resumed>) = 0 [pid 6089] set_robust_list(0x5555819eb760, 24 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6089 [pid 6089] <... set_robust_list resumed>) = 0 [pid 6089] chdir("./4") = 0 [pid 6089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6089] setpgid(0, 0) = 0 [pid 6089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6089] write(3, "1000", 4) = 4 [pid 6089] close(3) = 0 [pid 6089] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6089] write(1, "executing program\n", 18) = 18 [pid 6089] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6089] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6089] memfd_create("syzkaller", 0) = 3 [pid 6089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6054] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 88.628477][ T6054] bcachefs (loop0): done starting filesystem [pid 6054] chdir("./file0") = 0 [pid 6054] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6054] ioctl(4, LOOP_CLR_FD) = 0 [pid 6054] close(4) = 0 [pid 6054] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6054] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6054] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6054] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6054] open(".", O_RDONLY [pid 6060] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6054] <... open resumed>) = 5 [pid 6054] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6060] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 88.726595][ T6060] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6060] ioctl(3, LOOP_CLR_FD [pid 6054] <... fallocate resumed>) = 0 [pid 6060] <... ioctl resumed>) = 0 [pid 6054] exit_group(0 [pid 6060] close(3 [pid 6054] <... exit_group resumed>) = ? [pid 6054] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6054, si_uid=0, si_status=0, si_utime=0, si_stime=45 /* 0.45 s */} --- [pid 5825] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 88.779027][ T3007] bucket incorrectly unset in freespace btree [ 88.779061][ T3007] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./3/binderfs") = 0 [pid 5825] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6062] <... close resumed>) = 0 [ 88.945706][ T3007] bucket incorrectly unset in freespace btree [ 88.945728][ T3007] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 6062] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6061] <... close resumed>) = 0 [ 88.961167][ T5825] bcachefs (loop0): shutting down [ 88.961188][ T5825] bcachefs (loop0): going read-only [ 88.961228][ T5825] bcachefs (loop0): finished waiting for writes to stop [pid 6061] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6089] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6060] <... close resumed>) = 0 [ 88.974770][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [ 89.087837][ T3007] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 53) [ 89.102719][ T3007] bucket incorrectly unset in freespace btree [ 89.102739][ T3007] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 89.124805][ T3007] bucket incorrectly unset in freespace btree [ 89.124825][ T3007] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 89.151226][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 89.167592][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 89.178129][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 6060] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6061] <... quotactl resumed>) = 0 [pid 6060] <... quotactl resumed>) = 0 [pid 6061] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6060] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6062] <... quotactl resumed>) = 0 [pid 6062] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6061] <... openat resumed>) = 3 [pid 6062] <... openat resumed>) = 3 [pid 6061] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6060] <... openat resumed>) = 3 [pid 6061] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6060] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6061] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6060] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6062] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6060] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6062] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6062] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6089] <... write resumed>) = 16777216 [pid 6062] <... quotactl resumed>) = 0 [pid 6062] open(".", O_RDONLY) = 4 [pid 6062] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6062] exit_group(0) = ? [pid 6089] munmap(0x7f0eeb600000, 138412032 [pid 6062] +++ exited with 0 +++ [pid 6061] <... quotactl resumed>) = 0 [pid 6060] <... quotactl resumed>) = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6062, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=40 /* 0.40 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, [pid 6061] open(".", O_RDONLY [pid 6060] open(".", O_RDONLY [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 6061] <... open resumed>) = 4 [pid 6061] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6060] <... open resumed>) = 4 [pid 6061] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6060] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6061] exit_group(0 [pid 6060] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6060] exit_group(0 [pid 6061] <... exit_group resumed>) = ? [ 89.258815][ T5825] bcachefs (loop0): shutdown complete [pid 5828] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6061] +++ exited with 0 +++ [pid 6060] <... exit_group resumed>) = ? [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6061, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=46 /* 0.46 s */} --- [pid 5826] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6060] +++ exited with 0 +++ [pid 5826] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6060, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=53 /* 0.53 s */} --- [pid 5826] <... openat resumed>) = 3 [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5826] newfstatat(3, "", [pid 6089] <... munmap resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5826] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] unlink("./6/binderfs" [pid 5826] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./6/file0", [pid 5826] unlink("./6/binderfs" [pid 6089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 6089] <... openat resumed>) = 4 [pid 5828] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6089] ioctl(4, LOOP_SET_FD, 3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(AT_FDCWD, "./6/file0", [pid 5828] <... openat resumed>) = 4 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(4, "", [pid 5826] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 4 [pid 5827] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(4, "", [pid 5828] getdents64(4, [pid 5827] <... openat resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] newfstatat(3, "", [pid 5826] getdents64(4, [pid 5828] getdents64(4, [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] getdents64(3, [pid 5826] getdents64(4, [pid 5828] close(4 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] close(4 [pid 5828] rmdir("./6/file0" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... close resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5826] rmdir("./6/file0" [pid 5828] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] unlink("./6/binderfs" [pid 5826] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6089] <... ioctl resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./6/file1", [pid 5827] <... unlink resumed>) = 0 [pid 6089] close(3) = 0 [pid 6089] close(4 [pid 5827] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6089] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] unlink("./6/file1" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./6/file1", [pid 5828] <... unlink resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(3, [pid 5827] <... openat resumed>) = 4 [pid 5826] unlink("./6/file1" [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] newfstatat(4, "", [pid 5826] <... unlink resumed>) = 0 [pid 5828] close(3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, [pid 5828] <... close resumed>) = 0 [pid 5827] getdents64(4, [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] rmdir("./6" [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] close(3 [pid 6089] mkdir("./file0", 0777 [pid 5827] getdents64(4, [pid 5826] <... close resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] rmdir("./6" [pid 5827] close(4 [pid 5826] <... rmdir resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5826] mkdir("./7", 0777 [pid 5827] rmdir("./6/file0" [pid 5826] <... mkdir resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5827] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] newfstatat(AT_FDCWD, "./6/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5827] unlink("./6/file1" [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5827] <... unlink resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] getdents64(3, [pid 5826] close(3 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... close resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] close(3 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6090 attached [pid 6089] <... mkdir resumed>) = 0 [pid 5828] mkdir("./7", 0777 [pid 5827] <... close resumed>) = 0 [pid 6090] set_robust_list(0x5555819eb760, 24 [pid 6089] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5828] <... mkdir resumed>) = 0 [pid 5827] rmdir("./6") = 0 [ 89.339900][ T6089] loop4: detected capacity change from 0 to 32768 [pid 5827] mkdir("./7", 0777) = 0 [pid 6090] <... set_robust_list resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6090 [pid 5828] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 6090] chdir("./7" [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 6090] <... chdir resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 6090] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6090] <... prctl resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 6095 attached [pid 6090] setpgid(0, 0 [pid 5827] <... openat resumed>) = 3 [pid 6090] <... setpgid resumed>) = 0 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 6095] set_robust_list(0x5555819eb760, 24 [pid 6090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6095 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] close(3 [pid 6095] <... set_robust_list resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 6095] chdir("./7" [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6097 attached [pid 6095] <... chdir resumed>) = 0 [pid 6090] <... openat resumed>) = 3 [pid 6095] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6097] set_robust_list(0x5555819eb760, 24 [pid 6095] <... prctl resumed>) = 0 [pid 6095] setpgid(0, 0 [pid 6097] <... set_robust_list resumed>) = 0 [pid 6095] <... setpgid resumed>) = 0 [pid 6090] write(3, "1000", 4 [pid 6097] chdir("./7" [pid 6095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6090] <... write resumed>) = 4 [pid 6097] <... chdir resumed>) = 0 [pid 6095] <... openat resumed>) = 3 [pid 6090] close(3 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6097 [pid 6090] <... close resumed>) = 0 [pid 6090] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6095] write(3, "1000", 4 [pid 6090] write(1, "executing program\n", 18 [pid 6097] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6095] <... write resumed>) = 4 [pid 6090] <... write resumed>) = 18 [pid 6097] <... prctl resumed>) = 0 [pid 6095] close(3) = 0 [pid 6090] fsopen(NULL, 0 [pid 6097] setpgid(0, 0 [pid 6095] symlink("/dev/binderfs", "./binderfs" [pid 6090] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6090] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6097] <... setpgid resumed>) = 0 [pid 6095] <... symlink resumed>) = 0 [pid 6090] memfd_create("syzkaller", 0 [pid 6095] write(1, "executing program\n", 18executing program [pid 6097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6095] <... write resumed>) = 18 [pid 6090] <... memfd_create resumed>) = 3 [pid 6095] fsopen(NULL, 0 [pid 6090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6095] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6090] <... mmap resumed>) = 0x7f0eeb600000 [pid 6097] <... openat resumed>) = 3 [pid 6095] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6097] write(3, "1000", 4 [pid 6095] memfd_create("syzkaller", 0 [pid 6097] <... write resumed>) = 4 [pid 6097] close(3 [pid 6095] <... memfd_create resumed>) = 3 [pid 6097] <... close resumed>) = 0 [pid 6095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6097] symlink("/dev/binderfs", "./binderfs" [pid 6095] <... mmap resumed>) = 0x7f0eeb600000 [pid 6097] <... symlink resumed>) = 0 [pid 6097] write(1, "executing program\n", 18executing program ) = 18 [pid 6097] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6097] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6097] memfd_create("syzkaller", 0) = 3 [pid 6097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6095] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6090] <... write resumed>) = 16777216 [pid 6090] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6090] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6090] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6090] close(3) = 0 [pid 6090] close(4) = 0 [pid 6090] mkdir("./file0", 0777) = 0 [ 89.810107][ T6090] loop1: detected capacity change from 0 to 32768 [pid 6090] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6095] <... write resumed>) = 16777216 [pid 6095] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6095] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6095] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6095] close(3) = 0 [pid 6095] close(4) = 0 [pid 6095] mkdir("./file0", 0777) = 0 [pid 6097] <... write resumed>) = 16777216 [pid 6095] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 89.975083][ T6095] loop3: detected capacity change from 0 to 32768 [ 90.036680][ T6089] bcachefs (loop4): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 90.064360][ T6089] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [pid 6097] munmap(0x7f0eeb600000, 138412032) = 0 [ 90.083953][ T6090] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 90.098917][ T6089] bcachefs (loop4): Version downgrade required: [ 90.105494][ T6089] bcachefs (loop4): Version upgrade required: [ 90.105494][ T6089] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 90.105494][ T6089] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [pid 6097] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 90.105494][ T6089] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 90.117161][ T6097] loop2: detected capacity change from 0 to 32768 [ 90.183126][ T6090] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 6097] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6097] close(3) = 0 [pid 6097] close(4) = 0 [pid 6097] mkdir("./file0", 0777) = 0 [ 90.212602][ T6089] bcachefs (loop4): dropping and reconstructing all alloc info [ 90.253777][ T6089] bcachefs (loop4): accounting_read... done [ 90.298345][ T6089] bcachefs (loop4): alloc_read... done [ 90.303976][ T6089] bcachefs (loop4): stripes_read... done [pid 6097] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6090] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6090] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6090] ioctl(3, LOOP_CLR_FD) = 0 [ 90.321611][ T6090] bcachefs: bch2_fs_get_tree() error: EINVAL [ 90.322353][ T6095] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 90.375012][ T6089] bcachefs (loop4): snapshots_read... done [ 90.405444][ T6089] bcachefs (loop4): check_allocations... [ 90.429635][ T6095] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 90.493381][ T6089] done [ 90.518564][ T6097] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 90.538355][ T6089] bcachefs (loop4): going read-write [pid 6090] close(3) = 0 [pid 6090] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6089] <... mount resumed>) = 0 [pid 5825] newfstatat(AT_FDCWD, "./3/file0", [pid 6089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6089] chdir("./file0") = 0 [pid 6089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6089] ioctl(4, LOOP_CLR_FD) = 0 [pid 6089] close(4) = 0 [pid 6089] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, [pid 6090] <... quotactl resumed>) = 0 [pid 6089] <... quotactl resumed>) = 0 [pid 6089] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6090] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6090] <... openat resumed>) = 3 [pid 6089] <... openat resumed>) = 4 [pid 5825] getdents64(4, [pid 6089] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6090] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6089] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [ 90.566063][ T6097] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 90.586314][ T6089] bcachefs (loop4): done starting filesystem [pid 6089] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6090] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5825] close(4 [pid 6090] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./3/file0" [pid 6090] <... quotactl resumed>) = 0 [pid 6089] <... quotactl resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5825] getdents64(3, [pid 6090] open(".", O_RDONLY [pid 6089] open(".", O_RDONLY) = 5 [pid 6089] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6090] <... open resumed>) = 4 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6090] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5825] close(3 [pid 6090] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... close resumed>) = 0 [pid 6090] exit_group(0 [pid 5825] rmdir("./3" [pid 6090] <... exit_group resumed>) = ? [pid 6089] <... fallocate resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 6090] +++ exited with 0 +++ [pid 6089] exit_group(0 [pid 5825] mkdir("./4", 0777 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6090, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=45 /* 0.45 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] <... mkdir resumed>) = 0 [pid 6089] <... exit_group resumed>) = ? [pid 6089] +++ exited with 0 +++ [pid 5826] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6089, si_uid=0, si_status=0, si_utime=10 /* 0.10 s */, si_stime=29 /* 0.29 s */} --- [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5825] <... openat resumed>) = 3 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", [pid 5829] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(3, [pid 5829] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... openat resumed>) = 3 [pid 5826] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(3, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5829] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5826] unlink("./7/binderfs" [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5829] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... unlink resumed>) = 0 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] newfstatat(AT_FDCWD, "./7/file0", [pid 5825] close(3 [pid 5829] unlink("./4/binderfs" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... close resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5826] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6124 attached [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 6124 [pid 6124] set_robust_list(0x5555819eb760, 24 [pid 5826] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6124] <... set_robust_list resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", [pid 6124] chdir("./4" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, [pid 6124] <... chdir resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5826] getdents64(4, [pid 6124] setpgid(0, 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 6124] <... setpgid resumed>) = 0 [pid 5826] close(4 [pid 6124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] <... close resumed>) = 0 [pid 6124] <... openat resumed>) = 3 [pid 5826] rmdir("./7/file0" [pid 6124] write(3, "1000", 4) = 4 [pid 5826] <... rmdir resumed>) = 0 [pid 6124] close(3 [pid 5826] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6124] <... close resumed>) = 0 [ 90.733218][ T52] bucket incorrectly unset in freespace btree [ 90.733251][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 90.761846][ T5829] bcachefs (loop4): shutting down [ 90.776074][ T5829] bcachefs (loop4): going read-only [pid 6124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5826] newfstatat(AT_FDCWD, "./7/file1", executing program [pid 6124] write(1, "executing program\n", 18 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6124] <... write resumed>) = 18 [pid 6124] fsopen(NULL, 0 [pid 5826] unlink("./7/file1" [pid 6124] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6124] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5826] <... unlink resumed>) = 0 [ 90.795044][ T5829] bcachefs (loop4): finished waiting for writes to stop [ 90.808932][ T6095] bcachefs: bch2_fs_get_tree() error: EINVAL [ 90.810433][ T6097] bcachefs: bch2_fs_get_tree() error: EINVAL [ 90.826407][ T52] bucket incorrectly unset in freespace btree [ 90.826426][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 6095] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6124] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6097] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(3, [pid 6124] memfd_create("syzkaller", 0 [pid 6097] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6095] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6124] <... memfd_create resumed>) = 3 [pid 6097] <... openat resumed>) = 3 [pid 5826] close(3 [pid 6124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6097] ioctl(3, LOOP_CLR_FD [pid 5826] <... close resumed>) = 0 [pid 6124] <... mmap resumed>) = 0x7f0eeb600000 [pid 6097] <... ioctl resumed>) = 0 [pid 5826] rmdir("./7" [pid 6095] <... openat resumed>) = 3 [pid 6097] close(3 [pid 6095] ioctl(3, LOOP_CLR_FD [pid 5826] <... rmdir resumed>) = 0 [pid 6095] <... ioctl resumed>) = 0 [pid 5826] mkdir("./8", 0777 [pid 6095] close(3 [pid 5826] <... mkdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 6125 [ 90.838787][ T5829] bcachefs (loop4): flushing journal and stopping allocators, journal seq 12 [ 90.862660][ T52] bucket incorrectly unset in freespace btree [ 90.862681][ T52] u64s 5 type deleted 0:4:0 len 0 ver 0, , continuing ./strace-static-x86_64: Process 6125 attached [pid 6125] set_robust_list(0x5555819eb760, 24) = 0 [pid 6125] chdir("./8") = 0 [ 90.920847][ T52] bucket incorrectly unset in freespace btree [ 90.920870][ T52] u64s 5 type deleted 0:7:0 len 0 ver 0, , continuing [pid 6125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6125] setpgid(0, 0) = 0 [pid 6125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6125] write(3, "1000", 4) = 4 [pid 6125] close(3) = 0 [pid 6125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6125] write(1, "executing program\n", 18executing program ) = 18 [pid 6125] fsopen(NULL, 0) = -1 EFAULT (Bad address) [ 90.973475][ T5829] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 12 [pid 6125] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6125] memfd_create("syzkaller", 0) = 3 [pid 6125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6097] <... close resumed>) = 0 [ 91.013977][ T5829] bcachefs (loop4): unclean shutdown complete, journal seq 13 [ 91.037197][ T5829] bcachefs (loop4): done going read-only, filesystem not clean [pid 6097] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6097] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6097] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6097] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6097] open(".", O_RDONLY) = 4 [pid 6097] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6097] exit_group(0) = ? [pid 6097] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6097, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=43 /* 0.43 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./7/binderfs") = 0 [pid 5827] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./7/file0") = 0 [pid 5827] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./7/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./7/file1") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./7") = 0 [pid 5827] mkdir("./8", 0777) = 0 [ 91.100858][ T5829] bcachefs (loop4): shutdown complete [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5827] <... openat resumed>) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6126 attached , child_tidptr=0x5555819eb750) = 6126 [pid 6126] set_robust_list(0x5555819eb760, 24) = 0 [pid 6126] chdir("./8") = 0 [pid 6126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6126] setpgid(0, 0) = 0 [pid 6126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6126] write(3, "1000", 4) = 4 executing program [pid 6126] close(3) = 0 [pid 6126] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6126] write(1, "executing program\n", 18) = 18 [pid 6126] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6126] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6126] memfd_create("syzkaller", 0 [pid 6095] <... close resumed>) = 0 [pid 6095] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6126] <... memfd_create resumed>) = 3 [pid 6126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6095] <... quotactl resumed>) = 0 [pid 6095] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6095] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6095] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6095] open(".", O_RDONLY) = 4 [pid 6095] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6095] exit_group(0) = ? [pid 6095] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6095, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=48 /* 0.48 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./7/binderfs") = 0 [pid 5828] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./7/file0") = 0 [pid 5828] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./7/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./7/file1") = 0 [pid 5828] getdents64(3, [pid 6125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./7") = 0 [pid 5828] mkdir("./8", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6127 attached , child_tidptr=0x5555819eb750) = 6127 [pid 6127] set_robust_list(0x5555819eb760, 24) = 0 [pid 6127] chdir("./8") = 0 [pid 6127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6127] setpgid(0, 0) = 0 [pid 6127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6127] write(3, "1000", 4) = 4 [pid 6127] close(3) = 0 [pid 6127] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6127] write(1, "executing program\n", 18executing program ) = 18 [pid 6127] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6127] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6127] memfd_create("syzkaller", 0) = 3 [pid 6127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6124] <... write resumed>) = 16777216 [pid 6124] munmap(0x7f0eeb600000, 138412032 [pid 6126] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6124] <... munmap resumed>) = 0 [pid 6124] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6124] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6124] close(3) = 0 [pid 6124] close(4) = 0 [pid 6124] mkdir("./file0", 0777) = 0 [ 91.518961][ T6124] loop0: detected capacity change from 0 to 32768 [pid 6124] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6125] <... write resumed>) = 16777216 [pid 6127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6125] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6125] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6125] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6125] close(3) = 0 [pid 6125] close(4) = 0 [pid 6125] mkdir("./file0", 0777) = 0 [ 91.669218][ T6125] loop1: detected capacity change from 0 to 32768 [pid 6125] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6126] <... write resumed>) = 16777216 [pid 6127] <... write resumed>) = 16777216 [pid 6126] munmap(0x7f0eeb600000, 138412032 [pid 6127] munmap(0x7f0eeb600000, 138412032 [pid 6126] <... munmap resumed>) = 0 [pid 6127] <... munmap resumed>) = 0 [pid 6126] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6126] ioctl(4, LOOP_SET_FD, 3 [pid 6127] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6126] <... ioctl resumed>) = 0 [pid 6127] <... openat resumed>) = 4 [pid 6127] ioctl(4, LOOP_SET_FD, 3 [pid 6126] close(3) = 0 [pid 6126] close(4) = 0 [pid 6126] mkdir("./file0", 0777) = 0 [pid 6127] <... ioctl resumed>) = 0 [pid 6126] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6127] close(3) = 0 [pid 6127] close(4) = 0 [pid 6127] mkdir("./file0", 0777) = 0 [ 91.820163][ T6126] loop2: detected capacity change from 0 to 32768 [ 91.840368][ T6127] loop3: detected capacity change from 0 to 32768 [ 92.067943][ T974] cfg80211: failed to load regulatory.db [ 92.155312][ T6127] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 92.155658][ T6125] bcachefs (loop1): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 92.175757][ T6127] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 92.200890][ T6124] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 92.217809][ T6124] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 92.228262][ T6126] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 92.236145][ T6125] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 92.245260][ T6125] bcachefs (loop1): Version downgrade required: [ 92.251967][ T6125] bcachefs (loop1): Version upgrade required: [ 92.251967][ T6125] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 92.251967][ T6125] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 92.251967][ T6125] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 92.279392][ T6126] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 92.323432][ T6125] bcachefs (loop1): dropping and reconstructing all alloc info [ 92.346699][ T6125] bcachefs (loop1): accounting_read... done [ 92.382158][ T6125] bcachefs (loop1): alloc_read... done [ 92.407080][ T6125] bcachefs (loop1): stripes_read... done [ 92.415728][ T6125] bcachefs (loop1): snapshots_read... done [ 92.445972][ T6125] bcachefs (loop1): check_allocations... done [ 92.516990][ T6125] bcachefs (loop1): going read-write [pid 6127] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6125] <... mount resumed>) = 0 [pid 6125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6125] chdir("./file0") = 0 [pid 6125] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6125] ioctl(4, LOOP_CLR_FD) = 0 [pid 6125] close(4) = 0 [pid 6125] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6124] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6124] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 6124] ioctl(3, LOOP_CLR_FD) = 0 [pid 6124] close(3 [pid 6125] <... quotactl resumed>) = 0 [pid 6125] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6127] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6125] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [ 92.577538][ T6125] bcachefs (loop1): done starting filesystem [ 92.598129][ T6124] bcachefs: bch2_fs_get_tree() error: EINVAL [ 92.616259][ T6127] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6127] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6125] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6127] <... openat resumed>) = 3 [pid 6127] ioctl(3, LOOP_CLR_FD [pid 6125] <... quotactl resumed>) = 0 [pid 6127] <... ioctl resumed>) = 0 [pid 6127] close(3 [pid 6126] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6125] open(".", O_RDONLY) = 5 [pid 6126] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6125] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6126] <... openat resumed>) = 3 [pid 6126] ioctl(3, LOOP_CLR_FD) = 0 [ 92.658784][ T6126] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6126] close(3 [pid 6125] <... fallocate resumed>) = 0 [pid 5829] <... umount2 resumed>) = 0 [pid 6125] exit_group(0) = ? [pid 6125] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6125, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=38 /* 0.38 s */} --- [pid 5826] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 92.706742][ T3007] bucket incorrectly unset in freespace btree [ 92.706775][ T3007] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5829] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./4/file0", [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./8/binderfs") = 0 [pid 5826] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./4/file0") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./4") = 0 [pid 5829] mkdir("./5", 0777) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6159 attached [pid 6159] set_robust_list(0x5555819eb760, 24) = 0 [pid 6159] chdir("./5") = 0 [pid 6159] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 92.828602][ T5826] bcachefs (loop1): shutting down [ 92.833720][ T5826] bcachefs (loop1): going read-only [ 92.857147][ T3007] bucket incorrectly unset in freespace btree [ 92.857179][ T3007] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 6159] setpgid(0, 0) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6159 [pid 6159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6159] write(3, "1000", 4) = 4 [pid 6124] <... close resumed>) = 0 [pid 6124] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6159] close(3) = 0 [pid 6159] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6159] write(1, "executing program\n", 18executing program ) = 18 [pid 6159] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6159] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6159] memfd_create("syzkaller", 0) = 3 [ 92.871281][ T5826] bcachefs (loop1): finished waiting for writes to stop [ 92.898550][ T5826] bcachefs (loop1): flushing journal and stopping allocators, journal seq 11 [pid 6159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6126] <... close resumed>) = 0 [ 92.948065][ T3007] bcachefs (loop1): loop1: Superblock write was silently dropped! (seq 0 expected 53) [ 92.966936][ T3007] bucket incorrectly unset in freespace btree [ 92.966954][ T3007] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 6126] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6127] <... close resumed>) = 0 [pid 6127] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6126] <... quotactl resumed>) = 0 [ 93.008954][ T3007] bucket incorrectly unset in freespace btree [ 93.008975][ T3007] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 93.028814][ T5826] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12 [ 93.039699][ T5826] bcachefs (loop1): unclean shutdown complete, journal seq 13 [ 93.048456][ T5826] bcachefs (loop1): done going read-only, filesystem not clean [pid 6124] <... quotactl resumed>) = 0 [pid 6127] <... quotactl resumed>) = 0 [pid 6126] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6127] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6124] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6127] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6126] <... openat resumed>) = 3 [pid 6124] <... openat resumed>) = 3 [pid 6127] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6124] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6124] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6126] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6126] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6127] <... quotactl resumed>) = 0 [pid 6126] <... quotactl resumed>) = 0 [pid 6124] <... quotactl resumed>) = 0 [pid 6127] open(".", O_RDONLY [pid 6126] open(".", O_RDONLY [pid 6124] open(".", O_RDONLY [pid 6127] <... open resumed>) = 4 [pid 6126] <... open resumed>) = 4 [pid 6124] <... open resumed>) = 4 [pid 6159] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6127] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6126] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6124] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6127] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6126] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6124] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6127] exit_group(0 [pid 6124] exit_group(0 [pid 6127] <... exit_group resumed>) = ? [pid 6126] exit_group(0 [pid 6124] <... exit_group resumed>) = ? [pid 6127] +++ exited with 0 +++ [pid 6126] <... exit_group resumed>) = ? [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6127, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=43 /* 0.43 s */} --- [pid 6124] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6124, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=50 /* 0.50 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 6126] +++ exited with 0 +++ [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6126, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=50 /* 0.50 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5825] <... restart_syscall resumed>) = 0 [pid 5825] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... restart_syscall resumed>) = 0 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", [pid 5827] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(3, [pid 5827] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(3, "", [pid 5825] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] unlink("./4/binderfs" [pid 5828] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] getdents64(3, [pid 5825] <... unlink resumed>) = 0 [pid 5825] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] newfstatat(AT_FDCWD, "./4/file0", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 3 [pid 5827] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(3, "", [pid 5825] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... openat resumed>) = 4 [pid 5825] newfstatat(4, "", [pid 5828] getdents64(3, [pid 5827] unlink("./8/binderfs" [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] <... unlink resumed>) = 0 [pid 5825] getdents64(4, [pid 5828] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(4, [pid 5828] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5827] newfstatat(AT_FDCWD, "./8/file0", [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] close(4 [pid 5828] unlink("./8/binderfs" [pid 5827] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... close resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] rmdir("./4/file0" [pid 5828] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(4, "", [pid 5825] <... rmdir resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./8/file0", [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] getdents64(4, [pid 5825] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [ 93.077660][ T5826] bcachefs (loop1): shutdown complete [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(4, [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] newfstatat(AT_FDCWD, "./4/file1", [pid 5827] close(4) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5827] rmdir("./8/file0" [pid 5825] unlink("./4/file1" [pid 5828] newfstatat(4, "", [pid 5827] <... rmdir resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... unlink resumed>) = 0 [pid 5828] getdents64(4, [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(3, [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] newfstatat(AT_FDCWD, "./8/file1", [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] close(3 [pid 5828] getdents64(4, [pid 5827] unlink("./8/file1" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5828] close(4 [pid 5827] getdents64(3, [pid 5825] rmdir("./4" [pid 5828] <... close resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] rmdir("./8/file0" [pid 5827] close(3 [pid 5825] <... rmdir resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5825] mkdir("./5", 0777 [pid 5827] rmdir("./8") = 0 [pid 5825] <... mkdir resumed>) = 0 [pid 5827] mkdir("./9", 0777 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... mkdir resumed>) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5828] newfstatat(AT_FDCWD, "./8/file1", [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5825] close(3 [pid 5828] unlink("./8/file1" [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5825] <... close resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] close(3 [pid 5828] getdents64(3, [pid 5827] <... close resumed>) = 0 ./strace-static-x86_64: Process 6160 attached [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6160] set_robust_list(0x5555819eb760, 24./strace-static-x86_64: Process 6161 attached ) = 0 [pid 5828] close(3 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 6160 [pid 6160] chdir("./5" [pid 5828] <... close resumed>) = 0 [pid 6161] set_robust_list(0x5555819eb760, 24) = 0 [pid 6160] <... chdir resumed>) = 0 [pid 5828] rmdir("./8" [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6161 [pid 6161] chdir("./9" [pid 6160] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... rmdir resumed>) = 0 [pid 6161] <... chdir resumed>) = 0 [pid 6160] <... prctl resumed>) = 0 [pid 5828] mkdir("./9", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6160] setpgid(0, 0 [pid 6161] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6160] <... setpgid resumed>) = 0 [pid 5828] close(3 [pid 6161] setpgid(0, 0 [pid 5828] <... close resumed>) = 0 [pid 6160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6161] <... setpgid resumed>) = 0 [pid 6160] <... openat resumed>) = 3 [pid 6161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6160] write(3, "1000", 4 [pid 6161] <... openat resumed>) = 3 [pid 6160] <... write resumed>) = 4 [pid 6161] write(3, "1000", 4 [pid 6160] close(3 [pid 6161] <... write resumed>) = 4 [pid 6160] <... close resumed>) = 0 ./strace-static-x86_64: Process 6162 attached [pid 6161] close(3 [pid 6160] symlink("/dev/binderfs", "./binderfs" [pid 6161] <... close resumed>) = 0 [pid 6160] <... symlink resumed>) = 0 [pid 6161] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6162 executing program [pid 6161] <... symlink resumed>) = 0 [pid 6160] write(1, "executing program\n", 18executing program [pid 6161] write(1, "executing program\n", 18 [pid 6160] <... write resumed>) = 18 [pid 6161] <... write resumed>) = 18 [pid 6160] fsopen(NULL, 0 [pid 6161] fsopen(NULL, 0 [pid 6160] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6161] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6160] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6161] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6162] set_robust_list(0x5555819eb760, 24 [pid 6161] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6160] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6162] <... set_robust_list resumed>) = 0 [pid 6162] chdir("./9" [pid 6161] memfd_create("syzkaller", 0 [pid 6160] memfd_create("syzkaller", 0 [pid 6162] <... chdir resumed>) = 0 [pid 6162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6162] setpgid(0, 0) = 0 [pid 6162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6161] <... memfd_create resumed>) = 3 [pid 6160] <... memfd_create resumed>) = 3 [pid 6160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6162] write(3, "1000", 4 [pid 6161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6162] <... write resumed>) = 4 [pid 6160] <... mmap resumed>) = 0x7f0eeb600000 [pid 6161] <... mmap resumed>) = 0x7f0eeb600000 [pid 6162] close(3) = 0 [pid 6162] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6162] write(1, "executing program\n", 18) = 18 [pid 6162] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6162] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6162] memfd_create("syzkaller", 0) = 3 [pid 6162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6159] <... write resumed>) = 16777216 [pid 6159] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6159] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6159] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6159] close(3) = 0 [pid 6159] close(4) = 0 [pid 6159] mkdir("./file0", 0777) = 0 [pid 6159] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 93.393493][ T6159] loop4: detected capacity change from 0 to 32768 [pid 6160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6160] <... write resumed>) = 16777216 [pid 6160] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6160] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6160] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6160] close(3) = 0 [pid 6160] close(4) = 0 [pid 6160] mkdir("./file0", 0777) = 0 [ 93.670029][ T6160] loop0: detected capacity change from 0 to 32768 [pid 6160] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6161] <... write resumed>) = 16777216 [pid 6162] <... write resumed>) = 16777216 [pid 6161] munmap(0x7f0eeb600000, 138412032 [pid 6162] munmap(0x7f0eeb600000, 138412032 [pid 6161] <... munmap resumed>) = 0 [pid 6162] <... munmap resumed>) = 0 [pid 6162] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6161] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6162] <... openat resumed>) = 4 [pid 6161] <... openat resumed>) = 4 [pid 6162] ioctl(4, LOOP_SET_FD, 3 [pid 6161] ioctl(4, LOOP_SET_FD, 3 [pid 6162] <... ioctl resumed>) = 0 [pid 6162] close(3) = 0 [pid 6161] <... ioctl resumed>) = 0 [pid 6162] close(4 [pid 6161] close(3 [pid 6162] <... close resumed>) = 0 [pid 6161] <... close resumed>) = 0 [pid 6162] mkdir("./file0", 0777 [pid 6161] close(4 [pid 6162] <... mkdir resumed>) = 0 [pid 6161] <... close resumed>) = 0 [pid 6162] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6161] mkdir("./file0", 0777) = 0 [ 93.833827][ T6162] loop3: detected capacity change from 0 to 32768 [ 93.836565][ T6161] loop2: detected capacity change from 0 to 32768 [ 94.015322][ T6159] bcachefs (loop4): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 94.043601][ T6160] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 94.053144][ T6160] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 94.064223][ T6159] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 94.082864][ T6159] bcachefs (loop4): Version downgrade required: [ 94.106315][ T6159] bcachefs (loop4): Version upgrade required: [ 94.106315][ T6159] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 94.106315][ T6159] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 94.106315][ T6159] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 94.109338][ T6161] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 6161] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6160] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6160] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 94.257152][ T6159] bcachefs (loop4): dropping and reconstructing all alloc info [ 94.266962][ T6162] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 94.278655][ T6162] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 94.287157][ T6160] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6160] ioctl(3, LOOP_CLR_FD) = 0 [ 94.305167][ T6159] bcachefs (loop4): accounting_read... [ 94.309194][ T6161] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 94.323253][ T6159] done [ 94.330375][ T6159] bcachefs (loop4): alloc_read... done [ 94.337805][ T6159] bcachefs (loop4): stripes_read... done [ 94.361296][ T6159] bcachefs (loop4): snapshots_read... done [pid 6160] close(3 [pid 5826] <... umount2 resumed>) = 0 [pid 5826] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./8/file0") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./8") = 0 [pid 5826] mkdir("./9", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6192 attached [pid 6160] <... close resumed>) = 0 [pid 6192] set_robust_list(0x5555819eb760, 24 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6192 [pid 6192] <... set_robust_list resumed>) = 0 [ 94.376354][ T6159] bcachefs (loop4): check_allocations... done [pid 6192] chdir("./9") = 0 [pid 6192] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6160] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6192] <... prctl resumed>) = 0 [pid 6192] setpgid(0, 0) = 0 [ 94.565850][ T6159] bcachefs (loop4): going read-write [pid 6192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6192] write(3, "1000", 4) = 4 [pid 6192] close(3) = 0 [pid 6192] symlink("/dev/binderfs", "./binderfs" [pid 6162] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6192] <... symlink resumed>) = 0 [pid 6162] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6160] <... quotactl resumed>) = 0 [ 94.588623][ T6162] bcachefs: bch2_fs_get_tree() error: EINVAL [ 94.620998][ T6161] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6160] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512executing program [pid 6192] write(1, "executing program\n", 18 [pid 6160] <... openat resumed>) = 3 [pid 6162] <... openat resumed>) = 3 [pid 6192] <... write resumed>) = 18 [pid 6192] fsopen(NULL, 0 [pid 6162] ioctl(3, LOOP_CLR_FD [pid 6160] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6160] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6192] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6192] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6162] <... ioctl resumed>) = 0 [pid 6162] close(3 [pid 6192] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6192] memfd_create("syzkaller", 0) = 3 [pid 6161] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6160] <... quotactl resumed>) = 0 [pid 6159] <... mount resumed>) = 0 [pid 6192] <... mmap resumed>) = 0x7f0eeb600000 [pid 6160] open(".", O_RDONLY) = 4 [pid 6160] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6160] exit_group(0) = ? [pid 6161] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6160] +++ exited with 0 +++ [pid 6161] <... openat resumed>) = 3 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6160, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=44 /* 0.44 s */} --- [pid 6161] ioctl(3, LOOP_CLR_FD [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 6161] <... ioctl resumed>) = 0 [ 94.633897][ T6159] bcachefs (loop4): done starting filesystem [pid 6161] close(3 [pid 6159] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5825] <... restart_syscall resumed>) = 0 [pid 6159] <... openat resumed>) = 3 [pid 6159] chdir("./file0" [pid 5825] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6159] <... chdir resumed>) = 0 [pid 6159] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] <... openat resumed>) = 3 [pid 6159] <... openat resumed>) = 4 [pid 5825] newfstatat(3, "", [pid 6159] ioctl(4, LOOP_CLR_FD [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6159] <... ioctl resumed>) = 0 [pid 6159] close(4 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 6159] <... close resumed>) = 0 [pid 5825] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./5/binderfs") = 0 [pid 5825] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./5/file0", [pid 6159] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./5/file0" [pid 6159] <... quotactl resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 6159] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5825] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6159] <... openat resumed>) = 4 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6159] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5825] newfstatat(AT_FDCWD, "./5/file1", [pid 6159] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5825] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6159] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5825] unlink("./5/file1") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./5") = 0 [pid 5825] mkdir("./6", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 6195 ./strace-static-x86_64: Process 6195 attached [pid 6195] set_robust_list(0x5555819eb760, 24) = 0 [pid 6195] chdir("./6") = 0 [pid 6195] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6195] setpgid(0, 0) = 0 [pid 6195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6195] write(3, "1000", 4) = 4 [pid 6195] close(3) = 0 [pid 6195] symlink("/dev/binderfs", "./binderfs" [pid 6159] <... quotactl resumed>) = 0 [pid 6195] <... symlink resumed>) = 0 [pid 6159] open(".", O_RDONLY [pid 6195] write(1, "executing program\n", 18executing program ) = 18 [pid 6159] <... open resumed>) = 5 [pid 6195] fsopen(NULL, 0 [pid 6159] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6195] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6195] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6195] memfd_create("syzkaller", 0) = 3 [pid 6195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6159] <... fallocate resumed>) = 0 [pid 6159] exit_group(0) = ? [pid 6159] +++ exited with 0 +++ [pid 6161] <... close resumed>) = 0 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6159, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=41 /* 0.41 s */} --- [pid 6161] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5829] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5829] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6161] <... quotactl resumed>) = 0 [pid 6161] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6161] <... openat resumed>) = 3 [pid 5829] unlink("./5/binderfs" [pid 6161] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5829] <... unlink resumed>) = 0 [pid 6161] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5829] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 94.888695][ T61] bucket incorrectly unset in freespace btree [ 94.888730][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 94.907676][ T6159] syz-executor165 (6159) used greatest stack depth: 16272 bytes left [pid 6161] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6162] <... close resumed>) = 0 [pid 6162] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 94.976197][ T5829] bcachefs (loop4): shutting down [ 94.982063][ T61] bucket incorrectly unset in freespace btree [ 94.982084][ T61] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 94.993710][ T5829] bcachefs (loop4): going read-only [ 94.993737][ T5829] bcachefs (loop4): finished waiting for writes to stop [ 94.994273][ T5829] bcachefs (loop4): flushing journal and stopping allocators, journal seq 12 [ 95.042891][ T61] bcachefs (loop4): loop4: Superblock write was silently dropped! (seq 0 expected 53) [ 95.053409][ T61] bucket incorrectly unset in freespace btree [ 95.053427][ T61] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 95.069145][ T61] bucket incorrectly unset in freespace btree [pid 6192] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 95.069165][ T61] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 95.091025][ T5829] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 12 [ 95.102666][ T5829] bcachefs (loop4): unclean shutdown complete, journal seq 13 [ 95.117004][ T5829] bcachefs (loop4): done going read-only, filesystem not clean [pid 6195] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6162] <... quotactl resumed>) = 0 [pid 6161] <... quotactl resumed>) = 0 [pid 6162] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6161] open(".", O_RDONLY [pid 6162] <... openat resumed>) = 3 [pid 6161] <... open resumed>) = 4 [pid 6162] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6161] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6162] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6161] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6162] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6161] exit_group(0) = ? [pid 6161] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6161, si_uid=0, si_status=0, si_utime=0, si_stime=45 /* 0.45 s */} --- [pid 5827] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6162] <... quotactl resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 6162] open(".", O_RDONLY [pid 5827] newfstatat(3, "", [pid 6162] <... open resumed>) = 4 [pid 6162] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6162] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6162] exit_group(0 [pid 5827] getdents64(3, [pid 6162] <... exit_group resumed>) = ? [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 6162] +++ exited with 0 +++ [pid 5827] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6162, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=49 /* 0.49 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./9/binderfs") = 0 [pid 5827] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, [pid 5828] <... restart_syscall resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4 [pid 5828] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... close resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] rmdir("./9/file0" [pid 5828] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", [pid 5827] <... rmdir resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, [pid 5827] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./9/binderfs") = 0 [pid 5828] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./9/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] unlink("./9/file1" [pid 5828] close(4) = 0 [pid 5828] rmdir("./9/file0") = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [ 95.187459][ T5829] bcachefs (loop4): shutdown complete [pid 5828] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] close(3 [pid 6192] <... write resumed>) = 16777216 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./9/file1", [pid 5827] <... close resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] rmdir("./9" [pid 5828] unlink("./9/file1" [pid 6192] munmap(0x7f0eeb600000, 138412032 [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5827] mkdir("./10", 0777 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5828] rmdir("./9") = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5828] mkdir("./10", 0777 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] <... mkdir resumed>) = 0 [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6197 attached ./strace-static-x86_64: Process 6196 attached [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6196 [pid 6196] set_robust_list(0x5555819eb760, 24 [pid 6197] set_robust_list(0x5555819eb760, 24 [pid 6196] <... set_robust_list resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6197 [pid 6197] <... set_robust_list resumed>) = 0 [pid 6196] chdir("./10" [pid 6197] chdir("./10" [pid 6196] <... chdir resumed>) = 0 [pid 6192] <... munmap resumed>) = 0 [pid 6197] <... chdir resumed>) = 0 [pid 6196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6196] setpgid(0, 0) = 0 [pid 6197] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6197] <... prctl resumed>) = 0 [pid 6197] setpgid(0, 0) = 0 [pid 6196] <... openat resumed>) = 3 [pid 6192] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6196] write(3, "1000", 4 [pid 6192] <... openat resumed>) = 4 [pid 6196] <... write resumed>) = 4 [pid 6192] ioctl(4, LOOP_SET_FD, 3 [pid 6196] close(3) = 0 [pid 6196] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6197] <... openat resumed>) = 3 [pid 6196] write(1, "executing program\n", 18 [pid 6197] write(3, "1000", 4 [pid 6196] <... write resumed>) = 18 [pid 6197] <... write resumed>) = 4 [pid 6196] fsopen(NULL, 0 [pid 6197] close(3 [pid 6196] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6196] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6197] <... close resumed>) = 0 [pid 6196] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6192] <... ioctl resumed>) = 0 [pid 6197] symlink("/dev/binderfs", "./binderfs" [pid 6196] memfd_create("syzkaller", 0 [pid 6197] <... symlink resumed>) = 0 [pid 6196] <... memfd_create resumed>) = 3 [pid 6192] close(3 [pid 6196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6192] <... close resumed>) = 0 [pid 6196] <... mmap resumed>) = 0x7f0eeb600000 [pid 6192] close(4) = 0 [pid 6192] mkdir("./file0", 0777) = 0 executing program [pid 6197] write(1, "executing program\n", 18 [pid 6192] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6197] <... write resumed>) = 18 [pid 6197] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6197] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6197] memfd_create("syzkaller", 0) = 3 [ 95.295273][ T6192] loop1: detected capacity change from 0 to 32768 [pid 6197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6195] <... write resumed>) = 16777216 [pid 6195] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6195] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6195] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6195] close(3) = 0 [pid 6195] close(4) = 0 [pid 6195] mkdir("./file0", 0777) = 0 [pid 6195] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 95.439361][ T6195] loop0: detected capacity change from 0 to 32768 [pid 6196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6197] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 6196] <... write resumed>) = 16777216 [pid 6196] munmap(0x7f0eeb600000, 138412032 [pid 6197] munmap(0x7f0eeb600000, 138412032 [pid 6196] <... munmap resumed>) = 0 [pid 6196] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6196] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6197] <... munmap resumed>) = 0 [pid 6197] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6196] close(3 [pid 6197] <... openat resumed>) = 4 [pid 6196] <... close resumed>) = 0 [pid 6197] ioctl(4, LOOP_SET_FD, 3 [pid 6196] close(4) = 0 [pid 6197] <... ioctl resumed>) = 0 [pid 6196] mkdir("./file0", 0777 [pid 6197] close(3) = 0 [pid 6196] <... mkdir resumed>) = 0 [pid 6197] close(4 [pid 6196] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6197] <... close resumed>) = 0 [pid 6197] mkdir("./file0", 0777) = 0 [ 95.749284][ T6196] loop2: detected capacity change from 0 to 32768 [ 95.771106][ T6197] loop3: detected capacity change from 0 to 32768 [ 95.959069][ T6192] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 95.959495][ T6195] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 95.970054][ T6192] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 96.003247][ T6197] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 96.012412][ T6197] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 96.023379][ T6196] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 96.041277][ T6196] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 96.083512][ T6195] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 96.111356][ T6195] bcachefs (loop0): Version downgrade required: [ 96.126150][ T6195] bcachefs (loop0): Version upgrade required: [ 96.126150][ T6195] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 96.126150][ T6195] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 96.126150][ T6195] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [pid 6197] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"...) = -1 EINVAL (Invalid argument) [pid 6197] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [ 96.251183][ T6197] bcachefs: bch2_fs_get_tree() error: EINVAL [ 96.276725][ T6195] bcachefs (loop0): dropping and reconstructing all alloc info [pid 6197] ioctl(3, LOOP_CLR_FD) = 0 [pid 6197] close(3 [pid 6192] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6192] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6192] ioctl(3, LOOP_CLR_FD) = 0 [ 96.298132][ T6192] bcachefs: bch2_fs_get_tree() error: EINVAL [ 96.393478][ T6195] bcachefs (loop0): accounting_read... [ 96.396784][ T6196] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6192] close(3 [pid 6196] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6196] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6196] ioctl(3, LOOP_CLR_FD) = 0 [ 96.460904][ T6195] done [ 96.465536][ T6195] bcachefs (loop0): alloc_read... done [pid 6196] close(3 [pid 6197] <... close resumed>) = 0 [pid 6197] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6197] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6197] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6197] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6197] open(".", O_RDONLY) = 4 [pid 6197] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6197] exit_group(0) = ? [pid 6197] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6197, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=46 /* 0.46 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 96.516358][ T6195] bcachefs (loop0): stripes_read... done [ 96.522131][ T6195] bcachefs (loop0): snapshots_read... done [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5829] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] unlink("./10/binderfs" [pid 5829] newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5829] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(AT_FDCWD, "./10/file0", [pid 5829] <... openat resumed>) = 4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(4, "", [pid 5828] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(4, [pid 5828] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, [pid 5828] <... openat resumed>) = 4 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] newfstatat(4, "", [pid 5829] close(4) = 0 [pid 5829] rmdir("./5/file0" [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] getdents64(4, [pid 5829] getdents64(3, [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] getdents64(4, [pid 5829] close(3 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... close resumed>) = 0 [pid 6192] <... close resumed>) = 0 [pid 5829] rmdir("./5" [pid 5828] close(4) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] rmdir("./10/file0" [pid 5829] mkdir("./6", 0777 [pid 6196] <... close resumed>) = 0 [pid 6192] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5828] <... rmdir resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6196] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./10/file1", [pid 5829] <... openat resumed>) = 3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] unlink("./10/file1" [pid 5829] close(3 [pid 5828] <... unlink resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6228 attached [pid 6196] <... quotactl resumed>) = 0 [pid 6192] <... quotactl resumed>) = 0 [pid 6196] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6192] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [ 96.559870][ T6195] bcachefs (loop0): check_allocations... done [ 96.642426][ T6195] bcachefs (loop0): going read-write [pid 5828] getdents64(3, [pid 6228] set_robust_list(0x5555819eb760, 24 [pid 6196] <... openat resumed>) = 3 [pid 6192] <... openat resumed>) = 3 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6228 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6228] <... set_robust_list resumed>) = 0 [pid 6228] chdir("./6" [pid 6196] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5828] close(3 [pid 6228] <... chdir resumed>) = 0 [pid 6228] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6196] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6192] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5828] <... close resumed>) = 0 [pid 6196] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6192] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5828] rmdir("./10" [pid 6192] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6228] <... prctl resumed>) = 0 [pid 6228] setpgid(0, 0) = 0 [pid 6228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... rmdir resumed>) = 0 [pid 6228] <... openat resumed>) = 3 [pid 5828] mkdir("./11", 0777 [pid 6228] write(3, "1000", 4) = 4 [pid 6228] close(3 [pid 5828] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6228] <... close resumed>) = 0 [pid 6228] symlink("/dev/binderfs", "./binderfs" [pid 6196] <... quotactl resumed>) = 0 [pid 6195] <... mount resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 6196] open(".", O_RDONLY [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6196] <... open resumed>) = 4 [pid 6195] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5828] close(3 [pid 6196] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] <... close resumed>) = 0 [pid 6196] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6230 attached [pid 6228] <... symlink resumed>) = 0 [pid 6196] exit_group(0 [pid 6195] <... openat resumed>) = 3 executing program [pid 6192] <... quotactl resumed>) = 0 [pid 6228] write(1, "executing program\n", 18 [pid 6192] open(".", O_RDONLY [pid 6230] set_robust_list(0x5555819eb760, 24 [pid 6196] <... exit_group resumed>) = ? [pid 6230] <... set_robust_list resumed>) = 0 [pid 6228] <... write resumed>) = 18 [pid 6192] <... open resumed>) = 4 [pid 6228] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6228] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6228] memfd_create("syzkaller", 0) = 3 [pid 6196] +++ exited with 0 +++ [pid 6228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6196, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=44 /* 0.44 s */} --- [pid 6230] chdir("./11" [pid 6228] <... mmap resumed>) = 0x7f0eeb600000 [pid 6195] chdir("./file0" [pid 6192] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6230 [pid 6230] <... chdir resumed>) = 0 [pid 6195] <... chdir resumed>) = 0 [pid 6192] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6192] exit_group(0) = ? [pid 6192] +++ exited with 0 +++ [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6230] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6230] <... prctl resumed>) = 0 [pid 6195] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] <... openat resumed>) = 3 [pid 6230] setpgid(0, 0 [pid 6195] <... openat resumed>) = 4 [pid 5827] newfstatat(3, "", [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6192, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=40 /* 0.40 s */} --- [pid 6230] <... setpgid resumed>) = 0 [pid 6195] ioctl(4, LOOP_CLR_FD [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6195] <... ioctl resumed>) = 0 [pid 5827] getdents64(3, [pid 6230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6195] close(4) = 0 [pid 5826] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6230] <... openat resumed>) = 3 [pid 6195] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6230] write(3, "1000", 4 [ 96.681215][ T6195] bcachefs (loop0): done starting filesystem [pid 5826] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6230] <... write resumed>) = 4 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... openat resumed>) = 3 [pid 6230] close(3 [pid 5827] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(3, "", [pid 6230] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6230] symlink("/dev/binderfs", "./binderfs" [pid 5826] getdents64(3, [pid 6230] <... symlink resumed>) = 0 executing program [pid 6230] write(1, "executing program\n", 18 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 6230] <... write resumed>) = 18 [pid 5826] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6230] fsopen(NULL, 0 [pid 5827] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6230] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5826] newfstatat(AT_FDCWD, "./9/binderfs", [pid 6230] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./10/binderfs") = 0 [pid 5826] unlink("./9/binderfs" [pid 6230] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... unlink resumed>) = 0 [pid 6230] memfd_create("syzkaller", 0 [pid 5826] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6230] <... memfd_create resumed>) = 3 [pid 5826] newfstatat(AT_FDCWD, "./9/file0", [pid 6230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6230] <... mmap resumed>) = 0x7f0eeb600000 [pid 5826] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6195] <... quotactl resumed>) = 0 [pid 5827] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6195] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, [pid 5827] newfstatat(AT_FDCWD, "./10/file0", [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6195] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5827] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] rmdir("./9/file0" [pid 6195] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5827] <... openat resumed>) = 4 [pid 5826] <... rmdir resumed>) = 0 [pid 6195] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5826] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./9/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./9/file1") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./9" [pid 5827] newfstatat(4, "", [pid 5826] <... rmdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] mkdir("./10", 0777 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 6195] <... quotactl resumed>) = 0 [pid 5827] rmdir("./10/file0" [pid 6195] open(".", O_RDONLY [pid 5827] <... rmdir resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5827] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] ioctl(3, LOOP_CLR_FD [pid 6195] <... open resumed>) = 5 [pid 5827] newfstatat(AT_FDCWD, "./10/file1", [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6195] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5826] close(3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... close resumed>) = 0 [pid 5827] unlink("./10/file1" [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6231 attached [pid 5827] <... unlink resumed>) = 0 [pid 6231] set_robust_list(0x5555819eb760, 24 [pid 5827] getdents64(3, [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6231 [pid 6231] <... set_robust_list resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6231] chdir("./10" [pid 6195] <... fallocate resumed>) = 0 [pid 5827] close(3 [pid 6231] <... chdir resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 6231] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6195] exit_group(0 [pid 5827] rmdir("./10" [pid 6231] <... prctl resumed>) = 0 [pid 6195] <... exit_group resumed>) = ? [pid 5827] <... rmdir resumed>) = 0 [pid 5827] mkdir("./11", 0777 [pid 6231] setpgid(0, 0 [pid 5827] <... mkdir resumed>) = 0 [pid 6231] <... setpgid resumed>) = 0 [pid 6195] +++ exited with 0 +++ [pid 6231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6195, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=41 /* 0.41 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 6231] <... openat resumed>) = 3 [pid 6231] write(3, "1000", 4 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWRexecuting program [pid 6231] <... write resumed>) = 4 [pid 5827] <... openat resumed>) = 3 [pid 6231] close(3 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 6231] <... close resumed>) = 0 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6231] symlink("/dev/binderfs", "./binderfs" [pid 5827] close(3 [pid 6231] <... symlink resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 6231] write(1, "executing program\n", 18 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6231] <... write resumed>) = 18 [pid 5825] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 6232 attached [pid 6231] fsopen(NULL, 0 [pid 6232] set_robust_list(0x5555819eb760, 24 [pid 6231] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6232 [pid 6231] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5825] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6231] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6232] <... set_robust_list resumed>) = 0 [pid 6231] memfd_create("syzkaller", 0 [pid 5825] <... openat resumed>) = 3 [pid 6232] chdir("./11" [pid 6231] <... memfd_create resumed>) = 3 [pid 5825] newfstatat(3, "", [pid 6231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6232] <... chdir resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 96.830154][ T3007] bucket incorrectly unset in freespace btree [ 96.830188][ T3007] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 6232] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6231] <... mmap resumed>) = 0x7f0eeb600000 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./6/binderfs") = 0 [pid 5825] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6232] <... prctl resumed>) = 0 [pid 6232] setpgid(0, 0) = 0 [pid 6232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6232] write(3, "1000", 4) = 4 [pid 6232] close(3) = 0 [pid 6232] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6232] write(1, "executing program\n", 18executing program ) = 18 [pid 6232] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6232] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6232] memfd_create("syzkaller", 0) = 3 [pid 6232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 96.907028][ T3007] bucket incorrectly unset in freespace btree [ 96.907050][ T3007] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 96.940889][ T5825] bcachefs (loop0): shutting down [pid 6228] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 96.967606][ T5825] bcachefs (loop0): going read-only [ 96.972874][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 97.056628][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [ 97.097741][ T3007] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 53) [ 97.131372][ T3007] bucket incorrectly unset in freespace btree [ 97.131407][ T3007] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 97.178371][ T3007] bucket incorrectly unset in freespace btree [pid 6230] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 97.178394][ T3007] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 6231] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 97.236335][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 97.260180][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 97.277201][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 6232] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6230] <... write resumed>) = 16777216 [pid 6230] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6230] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6228] <... write resumed>) = 16777216 [pid 6230] <... openat resumed>) = 4 [pid 6228] munmap(0x7f0eeb600000, 138412032 [pid 6230] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6230] close(3 [pid 6228] <... munmap resumed>) = 0 [pid 6230] <... close resumed>) = 0 [pid 6230] close(4) = 0 [pid 6230] mkdir("./file0", 0777) = 0 [pid 6230] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6228] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 97.322447][ T5825] bcachefs (loop0): shutdown complete [ 97.357313][ T6230] loop3: detected capacity change from 0 to 32768 [pid 6228] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6228] close(3) = 0 [pid 6228] close(4) = 0 [pid 6228] mkdir("./file0", 0777) = 0 [ 97.402021][ T6228] loop4: detected capacity change from 0 to 32768 [pid 6228] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6231] <... write resumed>) = 16777216 [pid 6231] munmap(0x7f0eeb600000, 138412032 [pid 6232] <... write resumed>) = 16777216 [pid 6231] <... munmap resumed>) = 0 [pid 6231] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6231] ioctl(4, LOOP_SET_FD, 3 [pid 6232] munmap(0x7f0eeb600000, 138412032 [pid 6231] <... ioctl resumed>) = 0 [pid 6232] <... munmap resumed>) = 0 [pid 6232] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6231] close(3 [pid 6232] <... openat resumed>) = 4 [pid 6231] <... close resumed>) = 0 [pid 6232] ioctl(4, LOOP_SET_FD, 3 [pid 6231] close(4) = 0 [pid 6232] <... ioctl resumed>) = 0 [pid 6231] mkdir("./file0", 0777) = 0 [pid 6231] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6232] close(3) = 0 [pid 6232] close(4) = 0 [pid 6232] mkdir("./file0", 0777) = 0 [ 97.555866][ T6231] loop1: detected capacity change from 0 to 32768 [ 97.579961][ T6232] loop2: detected capacity change from 0 to 32768 [ 97.672889][ T6228] bcachefs (loop4): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 97.715574][ T6230] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 97.716396][ T6228] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 97.725113][ T6230] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 97.753796][ T6231] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 97.766811][ T6228] bcachefs (loop4): Version downgrade required: [ 97.769687][ T6231] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 97.781442][ T6232] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 97.796965][ T6228] bcachefs (loop4): Version upgrade required: [ 97.796965][ T6228] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 97.796965][ T6228] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 97.796965][ T6228] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 97.797939][ T6232] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 97.916549][ T6228] bcachefs (loop4): dropping and reconstructing all alloc info [pid 6232] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6230] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6230] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6230] ioctl(3, LOOP_CLR_FD) = 0 [ 97.954164][ T6228] bcachefs (loop4): accounting_read... done [ 97.975022][ T6228] bcachefs (loop4): alloc_read... done [ 98.001913][ T6228] bcachefs (loop4): stripes_read... done [ 98.010455][ T6230] bcachefs: bch2_fs_get_tree() error: EINVAL [ 98.040145][ T6228] bcachefs (loop4): snapshots_read... done [ 98.066071][ T6228] bcachefs (loop4): check_allocations... done [ 98.163122][ T6228] bcachefs (loop4): going read-write [ 98.163995][ T6231] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6230] close(3 [pid 6228] <... mount resumed>) = 0 [pid 6228] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6231] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6228] <... openat resumed>) = 3 [pid 6228] chdir("./file0") = 0 [pid 6228] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6231] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6228] <... openat resumed>) = 4 [pid 6231] <... openat resumed>) = 3 [pid 6228] ioctl(4, LOOP_CLR_FD [pid 6231] ioctl(3, LOOP_CLR_FD [pid 6228] <... ioctl resumed>) = 0 [pid 6231] <... ioctl resumed>) = 0 [pid 6228] close(4) = 0 [pid 6231] close(3 [pid 6228] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5825] <... umount2 resumed>) = 0 [ 98.198026][ T6228] bcachefs (loop4): done starting filesystem [pid 5825] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./6/file0", [pid 6228] <... quotactl resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6232] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6228] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5825] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6232] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6232] ioctl(3, LOOP_CLR_FD [pid 6228] <... openat resumed>) = 4 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6232] <... ioctl resumed>) = 0 [pid 6232] close(3 [pid 6228] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5825] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6228] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5825] <... openat resumed>) = 4 [pid 5825] newfstatat(4, "", [ 98.273964][ T6232] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6228] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, [pid 6228] open(".", O_RDONLY [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6228] <... open resumed>) = 5 [pid 5825] getdents64(4, [pid 6228] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./6/file0") = 0 [pid 5825] getdents64(3, [pid 6228] <... fallocate resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6228] exit_group(0 [pid 5825] close(3 [pid 6228] <... exit_group resumed>) = ? [pid 5825] <... close resumed>) = 0 [pid 6228] +++ exited with 0 +++ [pid 5825] rmdir("./6" [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6228, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=38 /* 0.38 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5825] mkdir("./7", 0777 [pid 5829] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] <... mkdir resumed>) = 0 [pid 5829] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] <... openat resumed>) = 3 [pid 5825] <... openat resumed>) = 3 [pid 5829] newfstatat(3, "", [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] getdents64(3, [pid 5825] close(3 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] <... close resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 6264 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./6/binderfs"./strace-static-x86_64: Process 6264 attached [pid 6230] <... close resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 6230] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5829] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6264] set_robust_list(0x5555819eb760, 24) = 0 [pid 6264] chdir("./7") = 0 [pid 6230] <... quotactl resumed>) = 0 [pid 6264] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6230] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6264] <... prctl resumed>) = 0 [pid 6264] setpgid(0, 0 [pid 6230] <... openat resumed>) = 3 [pid 6264] <... setpgid resumed>) = 0 [ 98.420556][ T3007] bucket incorrectly unset in freespace btree [ 98.420589][ T3007] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 6264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6230] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6264] <... openat resumed>) = 3 [pid 6230] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6264] write(3, "1000", 4 [pid 6230] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6264] <... write resumed>) = 4 [pid 6264] close(3) = 0 [pid 6264] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6264] write(1, "executing program\n", 18) = 18 [pid 6264] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6264] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6264] memfd_create("syzkaller", 0) = 3 [pid 6264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6231] <... close resumed>) = 0 [ 98.460539][ T5829] bcachefs (loop4): shutting down [ 98.475311][ T5829] bcachefs (loop4): going read-only [ 98.506703][ T5829] bcachefs (loop4): finished waiting for writes to stop [ 98.521307][ T5829] bcachefs (loop4): flushing journal and stopping allocators, journal seq 12 [ 98.532467][ T3007] bucket incorrectly unset in freespace btree [ 98.532486][ T3007] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 6231] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6232] <... close resumed>) = 0 [ 98.576486][ T3007] bucket incorrectly unset in freespace btree [ 98.576507][ T3007] u64s 5 type deleted 0:4:0 len 0 ver 0, , continuing [ 98.595480][ T3007] bucket incorrectly unset in freespace btree [ 98.595500][ T3007] u64s 5 type deleted 0:7:0 len 0 ver 0, , continuing [ 98.616861][ T5829] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 12 [pid 6232] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6231] <... quotactl resumed>) = 0 [pid 6230] <... quotactl resumed>) = 0 [pid 6231] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6230] open(".", O_RDONLY) = 4 [pid 6230] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6231] <... openat resumed>) = 3 [pid 6231] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6230] exit_group(0 [pid 6232] <... quotactl resumed>) = 0 [pid 6230] <... exit_group resumed>) = ? [pid 6231] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6232] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6231] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6230] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6230, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=41 /* 0.41 s */} --- [pid 5828] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6232] <... openat resumed>) = 3 [pid 6232] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6232] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5828] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6231] <... quotactl resumed>) = 0 [pid 6232] <... quotactl resumed>) = 0 [pid 6232] open(".", O_RDONLY) = 4 [pid 6232] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6232] exit_group(0 [pid 6231] open(".", O_RDONLY [pid 6232] <... exit_group resumed>) = ? [pid 6232] +++ exited with 0 +++ [pid 6231] <... open resumed>) = 4 [pid 5828] newfstatat(3, "", [pid 6231] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6231] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6232, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=41 /* 0.41 s */} --- [pid 5828] getdents64(3, [pid 6231] exit_group(0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 6231] <... exit_group resumed>) = ? [pid 5828] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6264] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6231] +++ exited with 0 +++ [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 98.627761][ T5829] bcachefs (loop4): unclean shutdown complete, journal seq 13 [ 98.636617][ T5829] bcachefs (loop4): done going read-only, filesystem not clean [ 98.667803][ T5829] bcachefs (loop4): shutdown complete [pid 5827] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] unlink("./11/binderfs" [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6231, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=44 /* 0.44 s */} --- [pid 5827] <... openat resumed>) = 3 [pid 5827] newfstatat(3, "", [pid 5826] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(3, [pid 5826] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... openat resumed>) = 3 [pid 5828] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(3, "", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5828] newfstatat(AT_FDCWD, "./11/file0", [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./11/binderfs" [pid 5828] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(3, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... unlink resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 4 [pid 5826] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(4, "", [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] newfstatat(AT_FDCWD, "./11/file0", [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(4, [pid 5826] unlink("./10/binderfs" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5828] getdents64(4, [pid 5827] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(AT_FDCWD, "./10/file0", [pid 5828] close(4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] <... openat resumed>) = 4 [pid 5826] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] rmdir("./11/file0" [pid 5827] newfstatat(4, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", [pid 5828] <... rmdir resumed>) = 0 [pid 5827] getdents64(4, [pid 5828] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(4, [pid 5828] newfstatat(AT_FDCWD, "./11/file1", [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] close(4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] unlink("./11/file1" [pid 5827] <... close resumed>) = 0 [pid 5826] getdents64(4, [pid 5827] rmdir("./11/file0" [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5827] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] close(4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./11/file1", [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./10/file0" [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5827] unlink("./11/file1" [pid 5826] <... rmdir resumed>) = 0 [pid 5826] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] <... unlink resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./10/file1", [pid 5827] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(3, [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] unlink("./10/file1" [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3 [pid 5826] <... unlink resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5826] getdents64(3, [pid 5828] close(3 [pid 5827] rmdir("./11" [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] close(3 [pid 5828] rmdir("./11" [pid 5827] <... rmdir resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5827] mkdir("./12", 0777 [pid 5826] rmdir("./10" [pid 5827] <... mkdir resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5826] mkdir("./11", 0777 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5826] <... mkdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3 [pid 5828] mkdir("./12", 0777 [pid 5827] <... openat resumed>) = 3 [pid 5826] <... close resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 6265 attached [pid 5828] <... openat resumed>) = 3 [pid 5827] close(3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] <... close resumed>) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6266 attached [pid 5828] close(3 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6265 [pid 5828] <... close resumed>) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6266 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6267 attached [pid 6266] set_robust_list(0x5555819eb760, 24 [pid 6265] set_robust_list(0x5555819eb760, 24 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6267 [pid 6266] <... set_robust_list resumed>) = 0 [pid 6265] <... set_robust_list resumed>) = 0 [pid 6266] chdir("./12" [pid 6265] chdir("./11" [pid 6266] <... chdir resumed>) = 0 [pid 6265] <... chdir resumed>) = 0 [pid 6266] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6265] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6267] set_robust_list(0x5555819eb760, 24 [pid 6266] <... prctl resumed>) = 0 [pid 6265] <... prctl resumed>) = 0 [pid 6267] <... set_robust_list resumed>) = 0 [pid 6266] setpgid(0, 0 [pid 6265] setpgid(0, 0 [pid 6266] <... setpgid resumed>) = 0 [pid 6265] <... setpgid resumed>) = 0 [pid 6267] chdir("./12") = 0 [pid 6266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6267] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6266] <... openat resumed>) = 3 [pid 6265] <... openat resumed>) = 3 [pid 6267] setpgid(0, 0 [pid 6266] write(3, "1000", 4 [pid 6265] write(3, "1000", 4 [pid 6267] <... setpgid resumed>) = 0 [pid 6265] <... write resumed>) = 4 [pid 6267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6266] <... write resumed>) = 4 [pid 6265] close(3 [pid 6266] close(3 [pid 6267] <... openat resumed>) = 3 [pid 6266] <... close resumed>) = 0 [pid 6265] <... close resumed>) = 0 [pid 6266] symlink("/dev/binderfs", "./binderfs" [pid 6265] symlink("/dev/binderfs", "./binderfs" [pid 6267] write(3, "1000", 4 [pid 6266] <... symlink resumed>) = 0 [pid 6265] <... symlink resumed>) = 0 executing program [pid 6267] <... write resumed>) = 4 [pid 6266] write(1, "executing program\n", 18 [pid 6265] write(1, "executing program\n", 18) = 18 [pid 6267] close(3executing program executing program [pid 6266] <... write resumed>) = 18 [pid 6267] <... close resumed>) = 0 [pid 6265] fsopen(NULL, 0 [pid 6267] symlink("/dev/binderfs", "./binderfs" [pid 6265] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6267] <... symlink resumed>) = 0 [pid 6265] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6267] write(1, "executing program\n", 18 [pid 6266] fsopen(NULL, 0 [pid 6267] <... write resumed>) = 18 [pid 6265] memfd_create("syzkaller", 0 [pid 6267] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6266] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6265] <... memfd_create resumed>) = 3 [pid 6267] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6267] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6266] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6265] <... mmap resumed>) = 0x7f0eeb600000 [pid 6267] memfd_create("syzkaller", 0 [pid 6266] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6266] memfd_create("syzkaller", 0) = 3 [pid 6266] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6267] <... memfd_create resumed>) = 3 [pid 6267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6264] <... write resumed>) = 16777216 [pid 6266] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6264] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6264] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6264] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6264] close(3) = 0 [pid 6264] close(4) = 0 [pid 6264] mkdir("./file0", 0777 [pid 6265] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6264] <... mkdir resumed>) = 0 [ 99.015328][ T6264] loop0: detected capacity change from 0 to 32768 [pid 6264] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6267] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6266] <... write resumed>) = 16777216 [pid 6266] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6266] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6266] ioctl(4, LOOP_SET_FD, 3 [pid 6265] <... write resumed>) = 16777216 [pid 6266] <... ioctl resumed>) = 0 [pid 6266] close(3) = 0 [pid 6266] close(4) = 0 [pid 6265] munmap(0x7f0eeb600000, 138412032 [pid 6266] mkdir("./file0", 0777) = 0 [pid 6266] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6265] <... munmap resumed>) = 0 [pid 6265] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6265] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6265] close(3) = 0 [pid 6265] close(4) = 0 [ 99.288213][ T6266] loop2: detected capacity change from 0 to 32768 [ 99.323375][ T6265] loop1: detected capacity change from 0 to 32768 [pid 6265] mkdir("./file0", 0777) = 0 [pid 6265] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6267] <... write resumed>) = 16777216 [pid 6267] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6267] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6267] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6267] close(3) = 0 [pid 6267] close(4) = 0 [pid 6267] mkdir("./file0", 0777) = 0 [ 99.402255][ T6267] loop3: detected capacity change from 0 to 32768 [ 99.570540][ T6264] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 99.597338][ T6264] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 99.605329][ T6264] bcachefs (loop0): Version downgrade required: [ 99.612494][ T6264] bcachefs (loop0): Version upgrade required: [ 99.612494][ T6264] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 99.612494][ T6264] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 99.612494][ T6264] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 99.685495][ T6264] bcachefs (loop0): dropping and reconstructing all alloc info [ 99.711359][ T6266] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 99.724146][ T6264] bcachefs (loop0): accounting_read... done [ 99.746031][ T6264] bcachefs (loop0): alloc_read... done [ 99.751641][ T6264] bcachefs (loop0): stripes_read... done [ 99.766085][ T6266] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 99.779344][ T6265] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 99.786023][ T6264] bcachefs (loop0): snapshots_read... [ 99.788533][ T6267] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 99.788894][ T6264] done [ 99.793990][ T6267] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 99.816056][ T6265] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 99.842568][ T6264] bcachefs (loop0): check_allocations... done [ 99.957824][ T6264] bcachefs (loop0): going read-write [pid 6267] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6264] <... mount resumed>) = 0 [pid 6264] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6264] chdir("./file0") = 0 [pid 6264] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6264] ioctl(4, LOOP_CLR_FD) = 0 [pid 6264] close(4) = 0 [ 99.986001][ T6264] bcachefs (loop0): done starting filesystem [pid 6264] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6264] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6264] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6264] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6264] open(".", O_RDONLY) = 5 [pid 6266] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6264] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6266] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 100.073317][ T6266] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6266] ioctl(3, LOOP_CLR_FD) = 0 [pid 6266] close(3 [pid 6265] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6264] <... fallocate resumed>) = 0 [pid 6265] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6264] exit_group(0) = ? [pid 6265] <... openat resumed>) = 3 [pid 6265] ioctl(3, LOOP_CLR_FD) = 0 [pid 6265] close(3 [pid 6264] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6264, si_uid=0, si_status=0, si_utime=0, si_stime=36 /* 0.36 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./7/binderfs", [pid 6267] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 100.121916][ T52] bucket incorrectly unset in freespace btree [pid 5825] unlink("./7/binderfs") = 0 [pid 6267] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5829] <... umount2 resumed>) = 0 [pid 5825] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6267] <... openat resumed>) = 3 [pid 5829] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6267] ioctl(3, LOOP_CLR_FD) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6267] close(3 [pid 5829] newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [ 100.121951][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./6/file0") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./6") = 0 [pid 5829] mkdir("./7", 0777) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6299 attached , child_tidptr=0x5555819eb750) = 6299 [pid 6299] set_robust_list(0x5555819eb760, 24) = 0 [ 100.146711][ T6265] bcachefs: bch2_fs_get_tree() error: EINVAL [ 100.172452][ T6267] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6299] chdir("./7") = 0 [pid 6299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6299] setpgid(0, 0) = 0 [pid 6299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6267] <... close resumed>) = 0 [pid 6299] <... openat resumed>) = 3 [pid 6267] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6299] write(3, "1000", 4) = 4 [pid 6299] close(3) = 0 [pid 6299] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6299] write(1, "executing program\n", 18) = 18 [pid 6299] fsopen(NULL, 0) = -1 EFAULT (Bad address) [ 100.208361][ T5825] bcachefs (loop0): shutting down [ 100.208384][ T5825] bcachefs (loop0): going read-only [ 100.208405][ T5825] bcachefs (loop0): finished waiting for writes to stop [pid 6299] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6299] memfd_create("syzkaller", 0) = 3 [pid 6299] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 100.260444][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [ 100.403199][ T52] bucket incorrectly unset in freespace btree [ 100.403221][ T52] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [pid 6266] <... close resumed>) = 0 [pid 6266] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6265] <... close resumed>) = 0 [ 100.466721][ T52] bucket incorrectly unset in freespace btree [ 100.466743][ T52] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [ 100.527128][ T52] bucket incorrectly unset in freespace btree [ 100.527161][ T52] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [ 100.556430][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 100.568802][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [pid 6265] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6267] <... quotactl resumed>) = 0 [pid 6266] <... quotactl resumed>) = 0 [pid 6265] <... quotactl resumed>) = 0 [pid 6267] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6265] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6266] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6267] <... openat resumed>) = 3 [pid 6266] <... openat resumed>) = 3 [pid 6266] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6265] <... openat resumed>) = 3 [pid 6267] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6266] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6265] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6267] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6265] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6266] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6265] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6299] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6267] <... quotactl resumed>) = 0 [pid 6266] <... quotactl resumed>) = 0 [pid 6265] <... quotactl resumed>) = 0 [pid 6267] open(".", O_RDONLY [pid 6266] open(".", O_RDONLY [pid 6265] open(".", O_RDONLY [pid 6267] <... open resumed>) = 4 [pid 6266] <... open resumed>) = 4 [pid 6267] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6265] <... open resumed>) = 4 [pid 6266] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6267] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6266] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6265] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6266] exit_group(0 [pid 6265] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6267] exit_group(0 [pid 6266] <... exit_group resumed>) = ? [pid 6267] <... exit_group resumed>) = ? [pid 6265] exit_group(0) = ? [pid 6265] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6265, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=47 /* 0.47 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 6266] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6266, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=49 /* 0.49 s */} --- [pid 6267] +++ exited with 0 +++ [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6267, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=49 /* 0.49 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5826] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 3 [pid 5828] <... openat resumed>) = 3 [pid 5827] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(3, "", [pid 5828] newfstatat(3, "", [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] getdents64(3, [pid 5828] getdents64(3, [pid 5827] <... openat resumed>) = 3 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] newfstatat(3, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5828] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5827] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] unlink("./11/binderfs" [pid 5828] unlink("./12/binderfs" [pid 5826] <... unlink resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5827] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5826] newfstatat(AT_FDCWD, "./11/file0", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./12/file0", [pid 5827] unlink("./12/binderfs" [pid 5826] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 100.577637][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [ 100.609797][ T5825] bcachefs (loop0): shutdown complete [pid 5828] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... unlink resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", [pid 5828] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] newfstatat(4, "", [pid 5827] newfstatat(AT_FDCWD, "./12/file0", [pid 5826] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] getdents64(4, [pid 5826] close(4 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... close resumed>) = 0 [pid 5828] getdents64(4, [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] rmdir("./11/file0" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... rmdir resumed>) = 0 [pid 5828] close(4 [pid 5827] <... openat resumed>) = 4 [pid 5826] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] rmdir("./12/file0" [pid 5827] newfstatat(4, "", [pid 5826] newfstatat(AT_FDCWD, "./11/file1", [pid 5828] <... rmdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./11/file1") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./11") = 0 [pid 5826] mkdir("./12", 0777 [pid 5827] getdents64(4, [pid 5826] <... mkdir resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] close(4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... close resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] newfstatat(AT_FDCWD, "./12/file1", [pid 5827] rmdir("./12/file0" [pid 5826] <... openat resumed>) = 3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] unlink("./12/file1" [pid 5826] close(3 [pid 5828] <... unlink resumed>) = 0 [pid 5827] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./12/file1", [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] getdents64(3, [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6300 attached [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6300] set_robust_list(0x5555819eb760, 24 [pid 5828] close(3 [pid 5827] unlink("./12/file1" [pid 6300] <... set_robust_list resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6300 [pid 5828] rmdir("./12" [pid 5827] getdents64(3, [pid 6300] chdir("./12" [pid 5828] <... rmdir resumed>) = 0 [pid 6300] <... chdir resumed>) = 0 [pid 5828] mkdir("./13", 0777 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./12") = 0 [pid 6300] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] mkdir("./13", 0777 [pid 6300] <... prctl resumed>) = 0 [pid 6300] setpgid(0, 0 [pid 5827] <... mkdir resumed>) = 0 [pid 6300] <... setpgid resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] <... openat resumed>) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 6300] <... openat resumed>) = 3 [pid 6300] write(3, "1000", 4 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6300] <... write resumed>) = 4 [pid 6300] close(3 [pid 5827] close(3 [pid 6300] <... close resumed>) = 0 [pid 6300] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... openat resumed>) = 3 [pid 5827] <... close resumed>) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6300] <... symlink resumed>) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6301 executing program ./strace-static-x86_64: Process 6301 attached [pid 6300] write(1, "executing program\n", 18 [pid 5828] <... close resumed>) = 0 [pid 6300] <... write resumed>) = 18 [pid 6300] fsopen(NULL, 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6300] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6300] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6302 attached [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6302 [pid 6302] set_robust_list(0x5555819eb760, 24) = 0 [pid 6302] chdir("./13" [pid 6301] set_robust_list(0x5555819eb760, 24 [pid 6300] memfd_create("syzkaller", 0 [pid 6301] <... set_robust_list resumed>) = 0 [pid 6300] <... memfd_create resumed>) = 3 [pid 6301] chdir("./13" [pid 6300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6302] <... chdir resumed>) = 0 [pid 6302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6300] <... mmap resumed>) = 0x7f0eeb600000 [pid 6302] <... prctl resumed>) = 0 [pid 6301] <... chdir resumed>) = 0 [pid 6302] setpgid(0, 0) = 0 [pid 6302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6301] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6302] write(3, "1000", 4 [pid 6301] <... prctl resumed>) = 0 [pid 6301] setpgid(0, 0 [pid 6302] <... write resumed>) = 4 [pid 6302] close(3) = 0 [pid 6302] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6302] write(1, "executing program\n", 18 [pid 6301] <... setpgid resumed>) = 0 executing program [pid 6302] <... write resumed>) = 18 [pid 6302] fsopen(NULL, 0 [pid 6301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6302] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6302] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6301] <... openat resumed>) = 3 [pid 6302] memfd_create("syzkaller", 0 [pid 6301] write(3, "1000", 4) = 4 [pid 6301] close(3) = 0 [pid 6302] <... memfd_create resumed>) = 3 [pid 6301] symlink("/dev/binderfs", "./binderfs"executing program [pid 6302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6301] <... symlink resumed>) = 0 [pid 6301] write(1, "executing program\n", 18 [pid 6302] <... mmap resumed>) = 0x7f0eeb600000 [pid 6301] <... write resumed>) = 18 [pid 6301] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6301] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6301] memfd_create("syzkaller", 0) = 3 [pid 6301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6302] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6299] <... write resumed>) = 16777216 [pid 6299] munmap(0x7f0eeb600000, 138412032 [pid 6300] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6299] <... munmap resumed>) = 0 [pid 6299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6299] ioctl(4, LOOP_SET_FD, 3 [pid 6301] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6299] <... ioctl resumed>) = 0 [pid 6299] close(3) = 0 [pid 6299] close(4) = 0 [pid 6299] mkdir("./file0", 0777) = 0 [ 101.000171][ T6299] loop4: detected capacity change from 0 to 32768 [pid 6299] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6302] <... write resumed>) = 16777216 [pid 6302] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6301] <... write resumed>) = 16777216 [pid 6301] munmap(0x7f0eeb600000, 138412032 [pid 6302] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6302] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6301] <... munmap resumed>) = 0 [pid 6301] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6301] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6301] close(3 [pid 6302] close(3 [pid 6300] <... write resumed>) = 16777216 [pid 6301] <... close resumed>) = 0 [pid 6301] close(4 [pid 6302] <... close resumed>) = 0 [pid 6300] munmap(0x7f0eeb600000, 138412032 [pid 6301] <... close resumed>) = 0 [pid 6301] mkdir("./file0", 0777) = 0 [pid 6301] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6302] close(4) = 0 [pid 6302] mkdir("./file0", 0777) = 0 [pid 6302] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6300] <... munmap resumed>) = 0 [pid 6300] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 101.287752][ T6302] loop3: detected capacity change from 0 to 32768 [ 101.307036][ T6301] loop2: detected capacity change from 0 to 32768 [pid 6300] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6300] close(3) = 0 [pid 6300] close(4) = 0 [pid 6300] mkdir("./file0", 0777) = 0 [ 101.375247][ T6300] loop1: detected capacity change from 0 to 32768 [ 101.435130][ T6299] bcachefs (loop4): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 101.464592][ T6299] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 101.474715][ T6299] bcachefs (loop4): Version downgrade required: [ 101.481594][ T6299] bcachefs (loop4): Version upgrade required: [ 101.481594][ T6299] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 101.481594][ T6299] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 101.481594][ T6299] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 101.555850][ T6299] bcachefs (loop4): dropping and reconstructing all alloc info [ 101.574051][ T6299] bcachefs (loop4): accounting_read... done [ 101.589185][ T6299] bcachefs (loop4): alloc_read... done [ 101.594065][ T6302] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 101.594989][ T6299] bcachefs (loop4): stripes_read... [ 101.616012][ T6302] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 101.630024][ T6301] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 101.646756][ T6301] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 101.670924][ T6299] done [ 101.706697][ T6299] bcachefs (loop4): snapshots_read... done [ 101.712690][ T6299] bcachefs (loop4): check_allocations... done [ 101.765158][ T6300] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 101.780672][ T6299] bcachefs (loop4): going read-write [ 101.794038][ T6300] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 6300] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6302] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6302] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6302] ioctl(3, LOOP_CLR_FD) = 0 [pid 6302] close(3 [pid 6299] <... mount resumed>) = 0 [ 101.803554][ T6302] bcachefs: bch2_fs_get_tree() error: EINVAL [ 101.817366][ T6299] bcachefs (loop4): done starting filesystem [pid 6299] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6299] chdir("./file0") = 0 [pid 6299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6299] ioctl(4, LOOP_CLR_FD) = 0 [pid 6299] close(4) = 0 [pid 6299] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6299] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6299] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6299] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6299] open(".", O_RDONLY) = 5 [pid 6299] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 6299] exit_group(0) = ? [pid 5825] <... umount2 resumed>) = 0 [pid 6299] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6299, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=38 /* 0.38 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5829] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", [pid 5825] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(3, [pid 5825] newfstatat(AT_FDCWD, "./7/file0", [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5825] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... openat resumed>) = 4 [pid 5829] unlink("./7/binderfs" [pid 5825] newfstatat(4, "", [pid 5829] <... unlink resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./7/file0") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [ 101.946708][ T52] bucket incorrectly unset in freespace btree [ 101.946742][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5825] rmdir("./7") = 0 [pid 5825] mkdir("./8", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6334 attached , child_tidptr=0x5555819eb750) = 6334 [pid 6334] set_robust_list(0x5555819eb760, 24) = 0 [pid 6334] chdir("./8") = 0 [ 102.016934][ T5829] bcachefs (loop4): shutting down [ 102.025603][ T5829] bcachefs (loop4): going read-only [ 102.047101][ T6301] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6301] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6334] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6301] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6334] <... prctl resumed>) = 0 [pid 6301] <... openat resumed>) = 3 [pid 6301] ioctl(3, LOOP_CLR_FD) = 0 [pid 6301] close(3 [pid 6334] setpgid(0, 0) = 0 [pid 6334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 102.062551][ T5829] bcachefs (loop4): finished waiting for writes to stop [ 102.083074][ T52] bucket incorrectly unset in freespace btree [pid 6334] write(3, "1000", 4) = 4 [pid 6334] close(3) = 0 [pid 6334] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6334] write(1, "executing program\n", 18) = 18 [pid 6334] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6334] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6334] memfd_create("syzkaller", 0) = 3 [pid 6334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 102.083094][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 102.118772][ T5829] bcachefs (loop4): flushing journal and stopping allocators, journal seq 12 [pid 6302] <... close resumed>) = 0 [pid 6302] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6300] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6300] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6300] ioctl(3, LOOP_CLR_FD) = 0 [ 102.158179][ T6300] bcachefs: bch2_fs_get_tree() error: EINVAL [ 102.220733][ T61] bucket incorrectly unset in freespace btree [ 102.220768][ T61] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 6300] close(3 [pid 6301] <... close resumed>) = 0 [ 102.296759][ T61] bucket incorrectly unset in freespace btree [ 102.296780][ T61] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 102.326889][ T5829] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 12 [pid 6301] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6300] <... close resumed>) = 0 [pid 6302] <... quotactl resumed>) = 0 [pid 6301] <... quotactl resumed>) = 0 [pid 6302] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [ 102.351685][ T5829] bcachefs (loop4): unclean shutdown complete, journal seq 13 [ 102.367000][ T5829] bcachefs (loop4): done going read-only, filesystem not clean [pid 6301] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6334] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6302] <... openat resumed>) = 3 [pid 6301] <... openat resumed>) = 3 [pid 6300] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6301] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6301] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6302] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6302] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6301] <... quotactl resumed>) = 0 [pid 6302] <... quotactl resumed>) = 0 [pid 6300] <... quotactl resumed>) = 0 [pid 6302] open(".", O_RDONLY [pid 6301] open(".", O_RDONLY [pid 6300] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6302] <... open resumed>) = 4 [pid 6301] <... open resumed>) = 4 [pid 6300] <... openat resumed>) = 3 [pid 6302] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6301] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6300] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6302] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6301] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6302] exit_group(0 [pid 6301] exit_group(0 [pid 6300] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6301] <... exit_group resumed>) = ? [pid 6302] <... exit_group resumed>) = ? [pid 6301] +++ exited with 0 +++ [pid 6300] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6301, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=45 /* 0.45 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 6302] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6302, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=51 /* 0.51 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 6300] <... quotactl resumed>) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5827] <... restart_syscall resumed>) = 0 [pid 6300] open(".", O_RDONLY) = 4 [pid 6300] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6300] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6300] exit_group(0 [pid 5828] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6300] <... exit_group resumed>) = ? [pid 5828] <... openat resumed>) = 3 [ 102.404384][ T5829] bcachefs (loop4): shutdown complete [pid 5827] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6300] +++ exited with 0 +++ [pid 5828] newfstatat(3, "", [pid 5827] <... openat resumed>) = 3 [pid 5827] newfstatat(3, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, [pid 5827] getdents64(3, [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6300, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=47 /* 0.47 s */} --- [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] unlink("./13/binderfs" [pid 5827] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] unlink("./13/binderfs") = 0 [pid 5826] <... openat resumed>) = 3 [pid 5827] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(3, "", [pid 5828] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] newfstatat(AT_FDCWD, "./13/file0", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./13/file0", [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] unlink("./12/binderfs" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... openat resumed>) = 4 [pid 5826] <... unlink resumed>) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5827] newfstatat(4, "", [pid 5826] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(4, "", [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 5826] newfstatat(AT_FDCWD, "./12/file0", [pid 5828] getdents64(4, [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, [pid 5828] getdents64(4, [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4 [pid 5828] close(4) = 0 [pid 5827] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] rmdir("./13/file0" [pid 5827] rmdir("./13/file0" [pid 5826] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... rmdir resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./12/file0") = 0 [pid 5826] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./12/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./12/file1") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./12" [pid 5828] <... rmdir resumed>) = 0 [pid 5827] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... rmdir resumed>) = 0 [pid 5828] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./13/file1", [pid 5828] newfstatat(AT_FDCWD, "./13/file1", [pid 5826] mkdir("./13", 0777 [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./13/file1" [pid 5826] <... mkdir resumed>) = 0 [pid 5828] unlink("./13/file1" [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] <... unlink resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5828] <... unlink resumed>) = 0 [pid 5827] getdents64(3, [pid 5828] getdents64(3, [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3 [pid 5826] close(3 [pid 5828] close(3 [pid 5827] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] rmdir("./13" [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] rmdir("./13" [pid 5827] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6335 attached [pid 6335] set_robust_list(0x5555819eb760, 24 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] mkdir("./14", 0777 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6335 [pid 6335] <... set_robust_list resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 6335] chdir("./13") = 0 [pid 5828] mkdir("./14", 0777 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 6335] setpgid(0, 0 [pid 5827] <... openat resumed>) = 3 [pid 6335] <... setpgid resumed>) = 0 [pid 6335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] ioctl(3, LOOP_CLR_FD [pid 6335] <... openat resumed>) = 3 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6335] write(3, "1000", 4 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] close(3 [pid 6335] <... write resumed>) = 4 [pid 5828] <... openat resumed>) = 3 [pid 5827] <... close resumed>) = 0 [pid 6335] close(3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 6335] <... close resumed>) = 0 [pid 6335] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... close resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6335] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 6336 attached executing program ./strace-static-x86_64: Process 6337 attached [pid 6335] write(1, "executing program\n", 18 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6336 [pid 6335] <... write resumed>) = 18 [pid 6337] set_robust_list(0x5555819eb760, 24 [pid 6335] fsopen(NULL, 0 [pid 6337] <... set_robust_list resumed>) = 0 [pid 6335] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6337] chdir("./14" [pid 6335] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6337 [pid 6337] <... chdir resumed>) = 0 [pid 6335] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6337] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6336] set_robust_list(0x5555819eb760, 24 [pid 6335] memfd_create("syzkaller", 0 [pid 6336] <... set_robust_list resumed>) = 0 [pid 6337] <... prctl resumed>) = 0 [pid 6336] chdir("./14" [pid 6337] setpgid(0, 0 [pid 6336] <... chdir resumed>) = 0 [pid 6335] <... memfd_create resumed>) = 3 [pid 6337] <... setpgid resumed>) = 0 [pid 6336] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6336] <... prctl resumed>) = 0 [pid 6335] <... mmap resumed>) = 0x7f0eeb600000 [pid 6337] <... openat resumed>) = 3 [pid 6336] setpgid(0, 0) = 0 [pid 6337] write(3, "1000", 4) = 4 [pid 6337] close(3) = 0 [pid 6337] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6337] write(1, "executing program\n", 18 [pid 6336] <... openat resumed>) = 3 executing program [pid 6334] <... write resumed>) = 16777216 [pid 6337] <... write resumed>) = 18 [pid 6336] write(3, "1000", 4 [pid 6334] munmap(0x7f0eeb600000, 138412032 [pid 6337] fsopen(NULL, 0 [pid 6336] <... write resumed>) = 4 [pid 6337] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6336] close(3 [pid 6337] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6336] <... close resumed>) = 0 [pid 6337] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6336] symlink("/dev/binderfs", "./binderfs" [pid 6337] memfd_create("syzkaller", 0executing program ) = 3 [pid 6336] <... symlink resumed>) = 0 [pid 6337] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6336] write(1, "executing program\n", 18 [pid 6337] <... mmap resumed>) = 0x7f0eeb600000 [pid 6336] <... write resumed>) = 18 [pid 6334] <... munmap resumed>) = 0 [pid 6336] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6336] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6336] memfd_create("syzkaller", 0 [pid 6334] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6336] <... memfd_create resumed>) = 3 [pid 6334] <... openat resumed>) = 4 [pid 6336] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6334] ioctl(4, LOOP_SET_FD, 3 [pid 6336] <... mmap resumed>) = 0x7f0eeb600000 [pid 6334] <... ioctl resumed>) = 0 [pid 6334] close(3) = 0 [pid 6334] close(4) = 0 [pid 6334] mkdir("./file0", 0777) = 0 [ 102.628990][ T6334] loop0: detected capacity change from 0 to 32768 [pid 6334] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6335] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6337] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6336] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6337] <... write resumed>) = 16777216 [pid 6337] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6337] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6337] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6337] close(3) = 0 [pid 6337] close(4) = 0 [pid 6337] mkdir("./file0", 0777) = 0 [ 103.017431][ T6337] loop3: detected capacity change from 0 to 32768 [pid 6337] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6335] <... write resumed>) = 16777216 [pid 6335] munmap(0x7f0eeb600000, 138412032 [pid 6336] <... write resumed>) = 16777216 [pid 6335] <... munmap resumed>) = 0 [pid 6336] munmap(0x7f0eeb600000, 138412032 [pid 6335] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6336] <... munmap resumed>) = 0 [pid 6335] <... openat resumed>) = 4 [pid 6335] ioctl(4, LOOP_SET_FD, 3 [pid 6336] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6336] ioctl(4, LOOP_SET_FD, 3 [pid 6335] <... ioctl resumed>) = 0 [pid 6336] <... ioctl resumed>) = 0 [pid 6336] close(3) = 0 [pid 6336] close(4) = 0 [pid 6336] mkdir("./file0", 0777 [pid 6335] close(3 [pid 6336] <... mkdir resumed>) = 0 [pid 6336] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6335] <... close resumed>) = 0 [pid 6335] close(4) = 0 [pid 6335] mkdir("./file0", 0777) = 0 [ 103.124502][ T6335] loop1: detected capacity change from 0 to 32768 [ 103.126945][ T6336] loop2: detected capacity change from 0 to 32768 [ 103.255356][ T6334] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 103.281948][ T6334] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 103.289954][ T6334] bcachefs (loop0): Version downgrade required: [ 103.296465][ T6334] bcachefs (loop0): Version upgrade required: [ 103.296465][ T6334] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 103.296465][ T6334] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 103.296465][ T6334] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 103.369221][ T6334] bcachefs (loop0): dropping and reconstructing all alloc info [ 103.386503][ T6334] bcachefs (loop0): accounting_read... done [ 103.394227][ T6334] bcachefs (loop0): alloc_read... done [ 103.399974][ T6334] bcachefs (loop0): stripes_read... done [ 103.407167][ T6334] bcachefs (loop0): snapshots_read... done [ 103.413126][ T6334] bcachefs (loop0): check_allocations... [ 103.424973][ T6336] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 103.444016][ T6336] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 103.450172][ T6337] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 6335] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6334] <... mount resumed>) = 0 [pid 6334] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6334] chdir("./file0") = 0 [pid 6334] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 103.486085][ T6337] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 103.494297][ T6334] done [ 103.496622][ T6335] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 103.506372][ T6335] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 103.514109][ T6334] bcachefs (loop0): going read-write [ 103.527708][ T6334] bcachefs (loop0): done starting filesystem [pid 6334] ioctl(4, LOOP_CLR_FD) = 0 [pid 6334] close(4) = 0 [pid 6334] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6334] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6334] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6334] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6334] open(".", O_RDONLY) = 5 [pid 6334] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6336] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6336] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 103.652714][ T6336] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6336] ioctl(3, LOOP_CLR_FD [pid 6334] <... fallocate resumed>) = 0 [pid 6336] <... ioctl resumed>) = 0 [pid 6334] exit_group(0 [pid 6336] close(3 [pid 6334] <... exit_group resumed>) = ? [pid 6334] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6334, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=36 /* 0.36 s */} --- [pid 5825] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./8/binderfs") = 0 [ 103.699765][ T52] bucket incorrectly unset in freespace btree [ 103.699790][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 103.832504][ T5825] bcachefs (loop0): shutting down [ 103.838579][ T5825] bcachefs (loop0): going read-only [ 103.848661][ T6335] bcachefs: bch2_fs_get_tree() error: EINVAL [ 103.860351][ T52] bucket incorrectly unset in freespace btree [pid 5825] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6335] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6335] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6337] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6336] <... close resumed>) = 0 [pid 6335] <... openat resumed>) = 3 [pid 6335] ioctl(3, LOOP_CLR_FD [pid 6336] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6335] <... ioctl resumed>) = 0 [pid 6337] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6337] ioctl(3, LOOP_CLR_FD) = 0 [pid 6337] close(3 [ 103.860370][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 103.869555][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 103.880005][ T6337] bcachefs: bch2_fs_get_tree() error: EINVAL [ 103.907220][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [pid 6335] close(3 [pid 5829] <... umount2 resumed>) = 0 [ 103.963719][ T61] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 53) [ 103.995756][ T61] bucket incorrectly unset in freespace btree [pid 5829] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./7/file0") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./7") = 0 [pid 5829] mkdir("./8", 0777) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6369 attached , child_tidptr=0x5555819eb750) = 6369 [pid 6369] set_robust_list(0x5555819eb760, 24) = 0 [pid 6369] chdir("./8") = 0 [pid 6369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6369] setpgid(0, 0) = 0 [pid 6369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6369] write(3, "1000", 4) = 4 [pid 6369] close(3) = 0 [pid 6369] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6369] write(1, "executing program\n", 18executing program ) = 18 [pid 6369] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6369] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6369] memfd_create("syzkaller", 0) = 3 [pid 6369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 103.995787][ T61] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 6335] <... close resumed>) = 0 [ 104.083314][ T61] bucket incorrectly unset in freespace btree [ 104.083336][ T61] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 6335] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6337] <... close resumed>) = 0 [ 104.146239][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 104.180703][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [pid 6337] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6336] <... quotactl resumed>) = 0 [pid 6337] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6336] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6335] <... quotactl resumed>) = 0 [pid 6337] <... openat resumed>) = 3 [pid 6336] <... openat resumed>) = 3 [pid 6335] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6337] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6336] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6337] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6336] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6337] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [ 104.190469][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 6336] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6335] <... openat resumed>) = 3 [pid 6337] <... quotactl resumed>) = 0 [pid 6336] <... quotactl resumed>) = 0 [pid 6336] open(".", O_RDONLY [pid 6337] open(".", O_RDONLY [pid 6336] <... open resumed>) = 4 [pid 6337] <... open resumed>) = 4 [pid 6336] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6335] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6337] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6336] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6336] exit_group(0 [pid 6337] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6337] exit_group(0 [pid 6336] <... exit_group resumed>) = ? [pid 6336] +++ exited with 0 +++ [pid 6337] <... exit_group resumed>) = ? [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6336, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=52 /* 0.52 s */} --- [pid 6337] +++ exited with 0 +++ [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6337, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=44 /* 0.44 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 6335] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5828] <... restart_syscall resumed>) = 0 [pid 5827] <... restart_syscall resumed>) = 0 [pid 6335] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... openat resumed>) = 3 [pid 5827] newfstatat(3, "", [pid 5828] <... openat resumed>) = 3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(3, "", [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6335] <... quotactl resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] newfstatat(AT_FDCWD, "./14/binderfs", [pid 6335] open(".", O_RDONLY [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6335] <... open resumed>) = 4 [pid 5827] unlink("./14/binderfs" [pid 6335] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] getdents64(3, [pid 6335] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6335] exit_group(0) = ? [pid 6335] +++ exited with 0 +++ [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] <... unlink resumed>) = 0 [pid 5828] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6335, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=50 /* 0.50 s */} --- [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5827] newfstatat(AT_FDCWD, "./14/file0", [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] unlink("./14/binderfs" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(4, "", [pid 5828] newfstatat(AT_FDCWD, "./14/file0", [ 104.229301][ T5825] bcachefs (loop0): shutdown complete [pid 5826] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6369] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5828] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(4, [pid 5828] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... openat resumed>) = 4 [pid 5827] getdents64(4, [pid 5826] <... openat resumed>) = 3 [pid 5828] newfstatat(4, "", [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(3, "", [pid 5828] getdents64(4, [pid 5827] close(4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] <... close resumed>) = 0 [pid 5828] getdents64(4, [pid 5826] getdents64(3, [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] rmdir("./14/file0" [pid 5828] close(4 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... close resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5828] rmdir("./14/file0") = 0 [pid 5828] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./14/file1", [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] newfstatat(AT_FDCWD, "./14/file1", [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./14/file1" [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./13/binderfs" [pid 5828] <... unlink resumed>) = 0 [pid 5828] getdents64(3, [pid 5827] unlink("./14/file1" [pid 5826] <... unlink resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5828] rmdir("./14") = 0 [pid 5826] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] getdents64(3, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] newfstatat(AT_FDCWD, "./13/file0", [pid 5828] mkdir("./15", 0777 [pid 5827] close(3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5826] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] rmdir("./14" [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] <... rmdir resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 3 [pid 5826] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... openat resumed>) = 4 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] mkdir("./15", 0777 [pid 5826] newfstatat(4, "", [pid 5828] close(3 [pid 5827] <... mkdir resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] getdents64(4, [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6370 attached [pid 5826] getdents64(4, [pid 5827] <... openat resumed>) = 3 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5826] rmdir("./13/file0" [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... rmdir resumed>) = 0 [pid 6370] set_robust_list(0x5555819eb760, 24) = 0 [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6370] chdir("./15" [pid 5826] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./13/file1", [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6370 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./13/file1" [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6371 [pid 5826] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 6371 attached [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./13") = 0 [pid 5826] mkdir("./14", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6372 attached [pid 6372] set_robust_list(0x5555819eb760, 24 [pid 6371] set_robust_list(0x5555819eb760, 24 [pid 6370] <... chdir resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6372 [pid 6372] <... set_robust_list resumed>) = 0 [pid 6372] chdir("./14") = 0 [pid 6371] <... set_robust_list resumed>) = 0 [pid 6370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6372] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6371] chdir("./15" [pid 6370] setpgid(0, 0 [pid 6372] <... prctl resumed>) = 0 [pid 6370] <... setpgid resumed>) = 0 [pid 6372] setpgid(0, 0 [pid 6371] <... chdir resumed>) = 0 [pid 6372] <... setpgid resumed>) = 0 [pid 6372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6371] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6372] <... openat resumed>) = 3 [pid 6372] write(3, "1000", 4) = 4 [pid 6371] <... prctl resumed>) = 0 [pid 6370] <... openat resumed>) = 3 [pid 6371] setpgid(0, 0 [pid 6370] write(3, "1000", 4 [pid 6371] <... setpgid resumed>) = 0 [pid 6370] <... write resumed>) = 4 [pid 6372] close(3) = 0 [pid 6372] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6370] close(3) = 0 [pid 6372] write(1, "executing program\n", 18 [pid 6371] <... openat resumed>) = 3 [pid 6370] symlink("/dev/binderfs", "./binderfs" [pid 6372] <... write resumed>) = 18 [pid 6371] write(3, "1000", 4 [pid 6370] <... symlink resumed>) = 0 [pid 6371] <... write resumed>) = 4 executing program [pid 6370] write(1, "executing program\n", 18 [pid 6371] close(3 [pid 6370] <... write resumed>) = 18 [pid 6372] fsopen(NULL, 0 [pid 6371] <... close resumed>) = 0 [pid 6370] fsopen(NULL, 0 [pid 6371] symlink("/dev/binderfs", "./binderfs" [pid 6370] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6372] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6372] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6371] <... symlink resumed>) = 0 [pid 6370] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6371] write(1, "executing program\n", 18 [pid 6370] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6372] memfd_create("syzkaller", 0 [pid 6370] memfd_create("syzkaller", 0 [pid 6372] <... memfd_create resumed>) = 3 [pid 6372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6371] <... write resumed>) = 18 [pid 6370] <... memfd_create resumed>) = 3 [pid 6372] <... mmap resumed>) = 0x7f0eeb600000 [pid 6371] fsopen(NULL, 0 [pid 6370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6371] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6370] <... mmap resumed>) = 0x7f0eeb600000 [pid 6371] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6371] memfd_create("syzkaller", 0) = 3 [pid 6371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6372] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6369] <... write resumed>) = 16777216 [pid 6369] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6370] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6369] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6369] ioctl(4, LOOP_SET_FD, 3 [pid 6371] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6369] <... ioctl resumed>) = 0 [pid 6369] close(3) = 0 [pid 6369] close(4) = 0 [pid 6369] mkdir("./file0", 0777) = 0 [ 104.657089][ T6369] loop4: detected capacity change from 0 to 32768 [pid 6369] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6372] <... write resumed>) = 16777216 [pid 6372] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6371] <... write resumed>) = 16777216 [pid 6371] munmap(0x7f0eeb600000, 138412032 [pid 6372] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6372] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6371] <... munmap resumed>) = 0 [pid 6371] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6371] ioctl(4, LOOP_SET_FD, 3 [pid 6372] close(3 [pid 6371] <... ioctl resumed>) = 0 [pid 6371] close(3) = 0 [pid 6371] close(4 [pid 6372] <... close resumed>) = 0 [pid 6372] close(4) = 0 [pid 6372] mkdir("./file0", 0777) = 0 [pid 6371] <... close resumed>) = 0 [pid 6370] <... write resumed>) = 16777216 [pid 6371] mkdir("./file0", 0777) = 0 [pid 6371] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6372] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 104.937422][ T6372] loop1: detected capacity change from 0 to 32768 [ 104.946434][ T6371] loop2: detected capacity change from 0 to 32768 [pid 6370] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6370] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6370] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6370] close(3) = 0 [pid 6370] close(4) = 0 [pid 6370] mkdir("./file0", 0777) = 0 [ 105.017730][ T6370] loop3: detected capacity change from 0 to 32768 [ 105.177890][ T6369] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 105.198188][ T6369] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 105.198396][ T6371] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 105.212457][ T6372] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 105.232839][ T6371] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 105.249961][ T6371] bcachefs (loop2): Version downgrade required: [ 105.256496][ T6371] bcachefs (loop2): Version upgrade required: [ 105.256496][ T6371] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 105.256496][ T6371] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 105.256496][ T6371] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 105.336085][ T6372] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 105.351421][ T6371] bcachefs (loop2): dropping and reconstructing all alloc info [ 105.352554][ T6370] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 105.385271][ T6370] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 105.441778][ T6371] bcachefs (loop2): accounting_read... done [ 105.476190][ T6371] bcachefs (loop2): alloc_read... done [ 105.481859][ T6371] bcachefs (loop2): stripes_read... done [ 105.503166][ T6371] bcachefs (loop2): snapshots_read... done [pid 6370] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 105.524227][ T6371] bcachefs (loop2): check_allocations... done [ 105.613504][ T6371] bcachefs (loop2): going read-write [ 105.621077][ T6369] bcachefs: bch2_fs_get_tree() error: EINVAL [ 105.628719][ T6370] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5825] getdents64(4, [pid 6369] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6369] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6372] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6370] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6369] ioctl(3, LOOP_CLR_FD [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 6372] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5825] close(4 [pid 6372] <... openat resumed>) = 3 [pid 5825] <... close resumed>) = 0 [pid 6372] ioctl(3, LOOP_CLR_FD [pid 6370] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] rmdir("./8/file0" [pid 6372] <... ioctl resumed>) = 0 [pid 6370] <... openat resumed>) = 3 [pid 6369] <... ioctl resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 6369] close(3 [pid 6372] close(3 [pid 6370] ioctl(3, LOOP_CLR_FD) = 0 [pid 5825] getdents64(3, [pid 6370] close(3 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./8") = 0 [pid 5825] mkdir("./9", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 6371] <... mount resumed>) = 0 [pid 6371] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6371] chdir("./file0") = 0 [pid 6371] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6371] ioctl(4, LOOP_CLR_FD) = 0 [pid 6371] close(4) = 0 [pid 6371] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 6404 ./strace-static-x86_64: Process 6404 attached [ 105.635640][ T6372] bcachefs: bch2_fs_get_tree() error: EINVAL [ 105.660673][ T6371] bcachefs (loop2): done starting filesystem [pid 6404] set_robust_list(0x5555819eb760, 24) = 0 [pid 6404] chdir("./9") = 0 [pid 6404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6404] setpgid(0, 0) = 0 [pid 6404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6404] write(3, "1000", 4) = 4 [pid 6404] close(3) = 0 [pid 6404] symlink("/dev/binderfs", "./binderfs" [pid 6371] <... quotactl resumed>) = 0 [pid 6371] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6404] <... symlink resumed>) = 0 [pid 6404] write(1, "executing program\n", 18 [pid 6371] <... openat resumed>) = 4 [pid 6371] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6371] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULLexecuting program [pid 6404] <... write resumed>) = 18 [pid 6404] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6404] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6404] memfd_create("syzkaller", 0) = 3 [pid 6404] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6371] <... quotactl resumed>) = 0 [pid 6371] open(".", O_RDONLY) = 5 [pid 6371] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 6371] exit_group(0) = ? [pid 6371] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6371, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=47 /* 0.47 s */} --- [pid 5827] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [ 105.819259][ T3007] bucket incorrectly unset in freespace btree [ 105.819291][ T3007] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5827] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./15/binderfs") = 0 [ 105.925396][ T5827] bcachefs (loop2): shutting down [ 105.933309][ T5827] bcachefs (loop2): going read-only [ 105.942182][ T3007] bucket incorrectly unset in freespace btree [pid 5827] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6369] <... close resumed>) = 0 [ 105.942201][ T3007] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 105.976101][ T5827] bcachefs (loop2): finished waiting for writes to stop [pid 6369] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6370] <... close resumed>) = 0 [pid 6372] <... close resumed>) = 0 [pid 6370] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 105.989678][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 11 [ 106.050164][ T2913] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 53) [ 106.061125][ T2913] bucket incorrectly unset in freespace btree [ 106.061144][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 6372] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 106.076812][ T2913] bucket incorrectly unset in freespace btree [ 106.076826][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 106.099788][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [pid 6404] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6372] <... quotactl resumed>) = 0 [pid 6370] <... quotactl resumed>) = 0 [pid 6372] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6370] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6372] <... openat resumed>) = 3 [pid 6370] <... openat resumed>) = 3 [pid 6372] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6370] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6372] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6370] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6372] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6370] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6369] <... quotactl resumed>) = 0 [pid 6369] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6369] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [ 106.127795][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 106.138487][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 6369] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6372] <... quotactl resumed>) = 0 [pid 6372] open(".", O_RDONLY) = 4 [pid 6370] <... quotactl resumed>) = 0 [pid 6372] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6370] open(".", O_RDONLY [pid 6372] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6370] <... open resumed>) = 4 [pid 6369] <... quotactl resumed>) = 0 [pid 6372] exit_group(0 [pid 6370] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6369] open(".", O_RDONLY [pid 6370] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6369] <... open resumed>) = 4 [pid 6372] <... exit_group resumed>) = ? [pid 6370] exit_group(0 [pid 6369] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6370] <... exit_group resumed>) = ? [pid 6369] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6370] +++ exited with 0 +++ [pid 6369] exit_group(0) = ? [pid 6369] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6370, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=42 /* 0.42 s */} --- [pid 6372] +++ exited with 0 +++ [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6369, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=37 /* 0.37 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6372, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=49 /* 0.49 s */} --- [pid 5828] <... restart_syscall resumed>) = 0 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./15/binderfs" [pid 5826] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... openat resumed>) = 3 [pid 5828] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 3 [pid 5829] newfstatat(3, "", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(3, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] newfstatat(AT_FDCWD, "./15/file0", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] getdents64(3, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5828] <... openat resumed>) = 4 [pid 5826] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(4, "", [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./8/binderfs" [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] unlink("./14/binderfs" [pid 5829] <... unlink resumed>) = 0 [pid 5828] getdents64(4, [pid 5826] <... unlink resumed>) = 0 [pid 5829] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] getdents64(4, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./8/file0", [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] newfstatat(AT_FDCWD, "./14/file0", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] close(4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5826] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] rmdir("./15/file0" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... rmdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... openat resumed>) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 4 [pid 5829] getdents64(4, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(4, "", [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] newfstatat(AT_FDCWD, "./15/file1", [pid 5829] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] unlink("./15/file1" [pid 5826] getdents64(4, [pid 5829] close(4 [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... close resumed>) = 0 [pid 5826] getdents64(4, [pid 5829] rmdir("./8/file0" [pid 5828] getdents64(3, [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(3 [pid 5826] close(4 [pid 5829] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] rmdir("./14/file0" [pid 5828] rmdir("./15" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./8/file1", [pid 5828] <... rmdir resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... rmdir resumed>) = 0 [ 106.178942][ T5827] bcachefs (loop2): shutdown complete [pid 5828] mkdir("./16", 0777 [pid 5829] unlink("./8/file1") = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./8") = 0 [pid 5829] mkdir("./9", 0777 [pid 6404] <... write resumed>) = 16777216 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6404] munmap(0x7f0eeb600000, 138412032 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 5826] newfstatat(AT_FDCWD, "./14/file1", [pid 5828] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] unlink("./14/file1" [pid 5829] <... openat resumed>) = 3 [pid 5826] <... unlink resumed>) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] getdents64(3, [pid 5829] close(3 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] close(3 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./14") = 0 ./strace-static-x86_64: Process 6406 attached ./strace-static-x86_64: Process 6405 attached [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6405 [pid 6406] set_robust_list(0x5555819eb760, 24) = 0 [pid 6406] chdir("./16" [pid 5826] mkdir("./15", 0777 [pid 6406] <... chdir resumed>) = 0 [pid 6405] set_robust_list(0x5555819eb760, 24 [pid 6404] <... munmap resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6406 [pid 6406] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6405] <... set_robust_list resumed>) = 0 [pid 6404] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6406] <... prctl resumed>) = 0 [pid 6406] setpgid(0, 0 [pid 6405] chdir("./9" [pid 6404] <... openat resumed>) = 4 [pid 5826] <... mkdir resumed>) = 0 [pid 6406] <... setpgid resumed>) = 0 [pid 6405] <... chdir resumed>) = 0 [pid 6404] ioctl(4, LOOP_SET_FD, 3 [pid 6406] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6405] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6406] <... openat resumed>) = 3 [pid 5826] <... openat resumed>) = 3 [pid 6406] write(3, "1000", 4 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 6406] <... write resumed>) = 4 [pid 6406] close(3 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6406] <... close resumed>) = 0 [pid 5826] close(3 [pid 6406] symlink("/dev/binderfs", "./binderfs" [pid 5826] <... close resumed>) = 0 [pid 6406] <... symlink resumed>) = 0 executing program [pid 6406] write(1, "executing program\n", 18 [pid 6405] <... prctl resumed>) = 0 [pid 6406] <... write resumed>) = 18 [pid 6405] setpgid(0, 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6405] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 6407 attached [pid 6406] fsopen(NULL, 0 [pid 6405] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6404] <... ioctl resumed>) = 0 [pid 6406] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6406] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6405] <... openat resumed>) = 3 [pid 6404] close(3 [pid 6407] set_robust_list(0x5555819eb760, 24 [pid 6406] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6405] write(3, "1000", 4 [pid 6404] <... close resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6407 [pid 6407] <... set_robust_list resumed>) = 0 [pid 6404] close(4 [pid 6405] <... write resumed>) = 4 [pid 6404] <... close resumed>) = 0 [pid 6405] close(3 [pid 6404] mkdir("./file0", 0777 [pid 6405] <... close resumed>) = 0 [pid 6406] memfd_create("syzkaller", 0 [pid 6405] symlink("/dev/binderfs", "./binderfs" [pid 6404] <... mkdir resumed>) = 0 [pid 6406] <... memfd_create resumed>) = 3 [pid 6406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 executing program [pid 6407] chdir("./15" [pid 6405] <... symlink resumed>) = 0 [pid 6404] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6407] <... chdir resumed>) = 0 [pid 6405] write(1, "executing program\n", 18 [pid 6407] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6405] <... write resumed>) = 18 [pid 6407] setpgid(0, 0 [pid 6405] fsopen(NULL, 0 [pid 6407] <... setpgid resumed>) = 0 [pid 6405] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6405] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6407] <... openat resumed>) = 3 [pid 6405] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6407] write(3, "1000", 4) = 4 [pid 6405] memfd_create("syzkaller", 0 [pid 6407] close(3) = 0 [pid 6405] <... memfd_create resumed>) = 3 [pid 6407] symlink("/dev/binderfs", "./binderfs" [pid 6405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6407] <... symlink resumed>) = 0 [pid 6405] <... mmap resumed>) = 0x7f0eeb600000 [pid 6407] write(1, "executing program\n", 18executing program [ 106.284156][ T6404] loop0: detected capacity change from 0 to 32768 ) = 18 [pid 6407] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6407] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6407] memfd_create("syzkaller", 0) = 3 [pid 6407] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6406] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6407] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6406] <... write resumed>) = 16777216 [pid 6406] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6406] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6406] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6406] close(3) = 0 [pid 6406] close(4) = 0 [pid 6406] mkdir("./file0", 0777) = 0 [ 106.679225][ T6406] loop3: detected capacity change from 0 to 32768 [pid 6406] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6407] <... write resumed>) = 16777216 [pid 6407] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6407] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6407] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6407] close(3) = 0 [pid 6407] close(4) = 0 [pid 6407] mkdir("./file0", 0777) = 0 [ 106.797756][ T6407] loop1: detected capacity change from 0 to 32768 [pid 6407] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6405] <... write resumed>) = 16777216 [pid 6405] munmap(0x7f0eeb600000, 138412032) = 0 [ 106.882979][ T6404] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 106.910888][ T6404] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 106.918925][ T6404] bcachefs (loop0): Version downgrade required: [ 106.926737][ T6404] bcachefs (loop0): Version upgrade required: [ 106.926737][ T6404] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 106.926737][ T6404] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [pid 6405] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6405] ioctl(4, LOOP_SET_FD, 3) = 0 [ 106.926737][ T6404] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 106.982827][ T6406] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 107.011688][ T6405] loop4: detected capacity change from 0 to 32768 [pid 6405] close(3) = 0 [pid 6405] close(4) = 0 [pid 6405] mkdir("./file0", 0777) = 0 [ 107.027683][ T6404] bcachefs (loop0): dropping and reconstructing all alloc info [ 107.028917][ T6406] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 107.058043][ T6407] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 107.067652][ T6407] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 107.118374][ T6404] bcachefs (loop0): accounting_read... done [ 107.124595][ T6404] bcachefs (loop0): alloc_read... done [ 107.134659][ T6404] bcachefs (loop0): stripes_read... done [ 107.140705][ T6404] bcachefs (loop0): snapshots_read... done [ 107.160403][ T6404] bcachefs (loop0): check_allocations... [ 107.189956][ T6405] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 107.232119][ T6405] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 107.249080][ T6404] done [ 107.267056][ T6404] bcachefs (loop0): going read-write [pid 6405] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6404] <... mount resumed>) = 0 [pid 6406] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6404] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6406] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6404] <... openat resumed>) = 3 [pid 6404] chdir("./file0" [pid 6406] <... openat resumed>) = 3 [pid 6404] <... chdir resumed>) = 0 [pid 6406] ioctl(3, LOOP_CLR_FD [pid 6404] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6406] <... ioctl resumed>) = 0 [pid 6406] close(3 [pid 6404] <... openat resumed>) = 4 [pid 6404] ioctl(4, LOOP_CLR_FD) = 0 [pid 6404] close(4) = 0 [pid 6404] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6407] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6407] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [ 107.333533][ T6404] bcachefs (loop0): done starting filesystem [ 107.346144][ T6406] bcachefs: bch2_fs_get_tree() error: EINVAL [ 107.364374][ T6407] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6407] ioctl(3, LOOP_CLR_FD) = 0 [pid 6404] <... quotactl resumed>) = 0 [pid 6407] close(3 [pid 6404] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 5827] <... umount2 resumed>) = 0 [pid 6404] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 5827] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6404] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6404] <... quotactl resumed>) = 0 [pid 5827] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6404] open(".", O_RDONLY) = 5 [pid 6404] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./15/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./15") = 0 [pid 5827] mkdir("./16", 0777 [pid 6404] <... fallocate resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6439 attached [pid 6404] exit_group(0 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6439 [pid 6404] <... exit_group resumed>) = ? [pid 6439] set_robust_list(0x5555819eb760, 24) = 0 [pid 6439] chdir("./16") = 0 [pid 6439] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6439] setpgid(0, 0) = 0 [pid 6439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6439] write(3, "1000", 4) = 4 [pid 6439] close(3) = 0 [pid 6439] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6404] +++ exited with 0 +++ executing program [pid 6439] write(1, "executing program\n", 18) = 18 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6404, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=34 /* 0.34 s */} --- [pid 6439] fsopen(NULL, 0 [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 6439] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6439] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6439] memfd_create("syzkaller", 0) = 3 [ 107.473094][ T3007] bucket incorrectly unset in freespace btree [ 107.473128][ T3007] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 6439] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5825] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./9/binderfs") = 0 [pid 5825] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6405] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6405] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6405] ioctl(3, LOOP_CLR_FD) = 0 [ 107.590169][ T6405] bcachefs: bch2_fs_get_tree() error: EINVAL [ 107.603205][ T5825] bcachefs (loop0): shutting down [ 107.608666][ T3007] bucket incorrectly unset in freespace btree [ 107.608684][ T3007] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 107.616955][ T5825] bcachefs (loop0): going read-only [pid 6405] close(3 [pid 6406] <... close resumed>) = 0 [pid 6406] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6407] <... close resumed>) = 0 [ 107.616980][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 107.643077][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [ 107.753292][ T3007] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 53) [ 107.781186][ T3007] bucket incorrectly unset in freespace btree [pid 6407] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6405] <... close resumed>) = 0 [ 107.781236][ T3007] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 107.823304][ T3007] bucket incorrectly unset in freespace btree [ 107.823325][ T3007] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 6405] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 107.865718][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 107.876954][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 107.885022][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 6439] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6407] <... quotactl resumed>) = 0 [pid 6406] <... quotactl resumed>) = 0 [pid 6405] <... quotactl resumed>) = 0 [pid 6407] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6407] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6407] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6406] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6405] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6406] <... openat resumed>) = 3 [pid 6405] <... openat resumed>) = 3 [pid 6405] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6406] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6405] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6405] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6406] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6406] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6407] <... quotactl resumed>) = 0 [pid 6407] open(".", O_RDONLY) = 4 [pid 6407] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6407] exit_group(0) = ? [pid 6405] <... quotactl resumed>) = 0 [pid 6405] open(".", O_RDONLY) = 4 [pid 6405] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6406] <... quotactl resumed>) = 0 [pid 6405] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6407] +++ exited with 0 +++ [pid 6406] open(".", O_RDONLY [pid 6405] exit_group(0 [pid 6406] <... open resumed>) = 4 [ 107.911605][ T5825] bcachefs (loop0): shutdown complete [pid 6405] <... exit_group resumed>) = ? [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6407, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=41 /* 0.41 s */} --- [pid 6406] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6405] +++ exited with 0 +++ [pid 6406] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6405, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=47 /* 0.47 s */} --- [pid 6406] exit_group(0 [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 6406] <... exit_group resumed>) = ? [pid 6406] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6406, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=45 /* 0.45 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./16/binderfs" [pid 5829] <... restart_syscall resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5826] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(AT_FDCWD, "./16/file0", [pid 5826] newfstatat(3, "", [pid 5829] <... openat resumed>) = 3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(3, "", [pid 5828] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(3, [pid 5829] getdents64(3, [pid 5828] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... openat resumed>) = 4 [pid 5829] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(4, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(4, [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./9/binderfs" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... unlink resumed>) = 0 [pid 5828] getdents64(4, [pid 5826] unlink("./15/binderfs" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5828] close(4 [pid 5829] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] rmdir("./16/file0" [pid 5826] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./15/file0", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... openat resumed>) = 4 [pid 5828] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(4, "", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] newfstatat(AT_FDCWD, "./16/file1", [pid 5826] <... openat resumed>) = 4 [pid 5829] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] newfstatat(4, "", [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] unlink("./16/file1" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, [pid 5828] <... unlink resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5826] getdents64(4, [pid 5829] rmdir("./9/file0" [pid 5828] getdents64(3, [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] close(3 [pid 5826] getdents64(4, [pid 5829] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] rmdir("./16" [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] newfstatat(AT_FDCWD, "./9/file1", [pid 5828] <... rmdir resumed>) = 0 [pid 5826] close(4 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] mkdir("./17", 0777 [pid 5829] unlink("./9/file1") = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5829] getdents64(3, [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] rmdir("./15/file0" [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5826] <... rmdir resumed>) = 0 [pid 5829] close(3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... close resumed>) = 0 [pid 5828] close(3 [pid 5826] newfstatat(AT_FDCWD, "./15/file1", [pid 5829] rmdir("./9" [pid 5828] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./15/file1" [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... unlink resumed>) = 0 [pid 5826] getdents64(3, ./strace-static-x86_64: Process 6440 attached 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5826] close(3 [pid 5829] mkdir("./10", 0777 [pid 5826] <... close resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5826] rmdir("./15") = 0 [pid 5826] mkdir("./16", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6440 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] close(3 [pid 5829] <... openat resumed>) = 3 [pid 5826] <... close resumed>) = 0 [pid 6440] set_robust_list(0x5555819eb760, 24 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6440] <... set_robust_list resumed>) = 0 [pid 6439] <... write resumed>) = 16777216 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6440] chdir("./17" [pid 6439] munmap(0x7f0eeb600000, 138412032 [pid 5829] close(3./strace-static-x86_64: Process 6441 attached [pid 6440] <... chdir resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6441 ./strace-static-x86_64: Process 6442 attached [pid 6442] set_robust_list(0x5555819eb760, 24 [pid 6441] set_robust_list(0x5555819eb760, 24 [pid 6440] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6439] <... munmap resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6442 [pid 6442] <... set_robust_list resumed>) = 0 [pid 6441] <... set_robust_list resumed>) = 0 [pid 6440] <... prctl resumed>) = 0 [pid 6442] chdir("./10" [pid 6441] chdir("./16" [pid 6440] setpgid(0, 0 [pid 6439] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6440] <... setpgid resumed>) = 0 [pid 6440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6439] <... openat resumed>) = 4 [pid 6442] <... chdir resumed>) = 0 [pid 6440] <... openat resumed>) = 3 [pid 6439] ioctl(4, LOOP_SET_FD, 3 [pid 6440] write(3, "1000", 4) = 4 [pid 6442] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6442] setpgid(0, 0) = 0 [pid 6442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6441] <... chdir resumed>) = 0 [pid 6442] <... openat resumed>) = 3 [pid 6441] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6442] write(3, "1000", 4 [pid 6441] setpgid(0, 0 [pid 6442] <... write resumed>) = 4 [pid 6441] <... setpgid resumed>) = 0 [pid 6442] close(3 [pid 6441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6442] <... close resumed>) = 0 [pid 6441] <... openat resumed>) = 3 [pid 6442] symlink("/dev/binderfs", "./binderfs" [pid 6441] write(3, "1000", 4executing program [pid 6442] <... symlink resumed>) = 0 [pid 6441] <... write resumed>) = 4 [pid 6441] close(3) = 0 [pid 6442] write(1, "executing program\n", 18 [pid 6441] symlink("/dev/binderfs", "./binderfs" [pid 6440] close(3 [pid 6439] <... ioctl resumed>) = 0 [pid 6440] <... close resumed>) = 0 executing program [pid 6442] <... write resumed>) = 18 [pid 6441] <... symlink resumed>) = 0 [pid 6442] fsopen(NULL, 0 [pid 6441] write(1, "executing program\n", 18 [pid 6442] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6441] <... write resumed>) = 18 [pid 6442] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6440] symlink("/dev/binderfs", "./binderfs" [pid 6442] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6442] memfd_create("syzkaller", 0 [pid 6441] fsopen(NULL, 0 [pid 6440] <... symlink resumed>) = 0 [pid 6441] <... fsopen resumed>) = -1 EFAULT (Bad address) executing program [pid 6440] write(1, "executing program\n", 18 [pid 6441] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6440] <... write resumed>) = 18 [pid 6441] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6439] close(3 [pid 6442] <... memfd_create resumed>) = 3 [pid 6441] memfd_create("syzkaller", 0 [pid 6440] fsopen(NULL, 0 [pid 6441] <... memfd_create resumed>) = 3 [pid 6442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6440] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6439] <... close resumed>) = 0 [pid 6442] <... mmap resumed>) = 0x7f0eeb600000 [pid 6441] <... mmap resumed>) = 0x7f0eeb600000 [pid 6440] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6439] close(4 [pid 6440] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6439] <... close resumed>) = 0 [pid 6440] memfd_create("syzkaller", 0 [pid 6439] mkdir("./file0", 0777 [pid 6440] <... memfd_create resumed>) = 3 [pid 6440] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6439] <... mkdir resumed>) = 0 [pid 6440] <... mmap resumed>) = 0x7f0eeb600000 [ 108.067889][ T6439] loop2: detected capacity change from 0 to 32768 [pid 6439] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6440] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6441] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6442] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6441] <... write resumed>) = 16777216 [pid 6441] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6441] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6441] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6441] close(3) = 0 [pid 6441] close(4) = 0 [pid 6441] mkdir("./file0", 0777) = 0 [ 108.477208][ T6441] loop1: detected capacity change from 0 to 32768 [pid 6441] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6440] <... write resumed>) = 16777216 [pid 6440] munmap(0x7f0eeb600000, 138412032 [pid 6442] <... write resumed>) = 16777216 [pid 6440] <... munmap resumed>) = 0 [pid 6442] munmap(0x7f0eeb600000, 138412032 [pid 6440] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6440] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6442] <... munmap resumed>) = 0 [pid 6440] close(3 [pid 6442] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6440] <... close resumed>) = 0 [pid 6442] <... openat resumed>) = 4 [pid 6440] close(4 [pid 6442] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6440] <... close resumed>) = 0 [pid 6440] mkdir("./file0", 0777) = 0 [pid 6440] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6442] close(3) = 0 [pid 6442] close(4) = 0 [pid 6442] mkdir("./file0", 0777) = 0 [ 108.607298][ T6440] loop3: detected capacity change from 0 to 32768 [ 108.626703][ T6442] loop4: detected capacity change from 0 to 32768 [ 108.729165][ T6439] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 108.755868][ T6439] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 108.764482][ T6439] bcachefs (loop2): Version downgrade required: [ 108.772281][ T6439] bcachefs (loop2): Version upgrade required: [ 108.772281][ T6439] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 108.772281][ T6439] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 108.772281][ T6439] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 108.799691][ T6440] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 108.852191][ T6441] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 108.861580][ T6441] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 108.875976][ T6440] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 108.893839][ T6442] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 108.906993][ T6442] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 108.940882][ T6439] bcachefs (loop2): dropping and reconstructing all alloc info [ 108.978586][ T6439] bcachefs (loop2): accounting_read... done [ 109.002526][ T6439] bcachefs (loop2): alloc_read... done [ 109.010331][ T6439] bcachefs (loop2): stripes_read... done [ 109.023696][ T6439] bcachefs (loop2): snapshots_read... done [pid 6442] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6439] <... mount resumed>) = 0 [pid 6439] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6439] chdir("./file0") = 0 [pid 6439] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6439] ioctl(4, LOOP_CLR_FD) = 0 [pid 6439] close(4) = 0 [ 109.036093][ T6439] bcachefs (loop2): check_allocations... done [ 109.068653][ T6439] bcachefs (loop2): going read-write [ 109.077900][ T6439] bcachefs (loop2): done starting filesystem [pid 6439] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6439] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6439] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6439] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6439] open(".", O_RDONLY) = 5 [pid 6439] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 6439] exit_group(0) = ? [pid 6439] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6439, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=36 /* 0.36 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 109.193383][ T2913] bucket incorrectly unset in freespace btree [ 109.193413][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 109.219860][ T6441] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5827] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./16/binderfs" [pid 6441] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... unlink resumed>) = 0 [pid 6442] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6441] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6442] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6442] ioctl(3, LOOP_CLR_FD) = 0 [pid 6441] <... openat resumed>) = 3 [pid 6441] ioctl(3, LOOP_CLR_FD) = 0 [ 109.240039][ T2913] bucket incorrectly unset in freespace btree [ 109.240061][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 109.267930][ T6442] bcachefs: bch2_fs_get_tree() error: EINVAL [ 109.268005][ T6440] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6441] close(3 [pid 6442] close(3 [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", [pid 6440] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [ 109.305140][ T5827] bcachefs (loop2): shutting down [ 109.312653][ T5827] bcachefs (loop2): going read-only [pid 5825] rmdir("./9/file0") = 0 [pid 6440] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6440] ioctl(3, LOOP_CLR_FD) = 0 [pid 6440] close(3 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./9") = 0 [pid 5825] mkdir("./10", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 6474 [ 109.371442][ T5827] bcachefs (loop2): finished waiting for writes to stop ./strace-static-x86_64: Process 6474 attached [pid 6442] <... close resumed>) = 0 [pid 6474] set_robust_list(0x5555819eb760, 24) = 0 [pid 6474] chdir("./10") = 0 [pid 6474] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6474] setpgid(0, 0) = 0 [pid 6474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6474] write(3, "1000", 4) = 4 [pid 6442] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6474] close(3) = 0 executing program [pid 6474] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6474] write(1, "executing program\n", 18) = 18 [pid 6474] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6474] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6474] memfd_create("syzkaller", 0) = 3 [pid 6474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 109.427157][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [ 109.496502][ T2913] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 53) [ 109.527938][ T2913] bucket incorrectly unset in freespace btree [ 109.527969][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 6441] <... close resumed>) = 0 [ 109.588688][ T2913] bucket incorrectly unset in freespace btree [ 109.588709][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 6441] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6440] <... close resumed>) = 0 [pid 6440] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6441] <... quotactl resumed>) = 0 [pid 6442] <... quotactl resumed>) = 0 [pid 6441] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6440] <... quotactl resumed>) = 0 [pid 6442] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [ 109.632749][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 109.657924][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 109.667146][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 6440] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6442] <... openat resumed>) = 3 [pid 6441] <... openat resumed>) = 3 [pid 6442] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6440] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6474] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6442] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6441] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6440] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6441] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6442] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6441] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6440] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6442] <... quotactl resumed>) = 0 [pid 6441] <... quotactl resumed>) = 0 [pid 6440] <... quotactl resumed>) = 0 [pid 6442] open(".", O_RDONLY) = 4 [pid 6440] open(".", O_RDONLY) = 4 [pid 6441] open(".", O_RDONLY [pid 6442] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6441] <... open resumed>) = 4 [pid 6442] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6442] exit_group(0 [pid 6440] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6441] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6441] exit_group(0 [pid 6440] exit_group(0 [pid 6442] <... exit_group resumed>) = ? [pid 6442] +++ exited with 0 +++ [pid 6441] <... exit_group resumed>) = ? [pid 6440] <... exit_group resumed>) = ? [pid 6441] +++ exited with 0 +++ [pid 6440] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6442, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=42 /* 0.42 s */} --- [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6440, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=46 /* 0.46 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [ 109.700281][ T5827] bcachefs (loop2): shutdown complete [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5829] <... restart_syscall resumed>) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6441, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=49 /* 0.49 s */} --- [pid 5829] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] getdents64(3, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 3 [pid 5826] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5828] newfstatat(3, "", [pid 5826] <... openat resumed>) = 3 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] unlink("./10/binderfs" [pid 5828] getdents64(3, [pid 5826] newfstatat(3, "", [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(3, [pid 5829] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5829] newfstatat(AT_FDCWD, "./10/file0", [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] unlink("./17/binderfs" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... unlink resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5829] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, [pid 5828] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] unlink("./16/binderfs" [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... unlink resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./17/file0", [pid 5829] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] close(4 [pid 5828] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... close resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./16/file0", [pid 5829] rmdir("./10/file0" [pid 5828] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5826] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(4, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] newfstatat(AT_FDCWD, "./10/file1", [pid 5828] getdents64(4, [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... openat resumed>) = 4 [pid 5829] unlink("./10/file1" [pid 5828] getdents64(4, [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./17/file0" [pid 5829] getdents64(3, [pid 5828] <... rmdir resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 5826] newfstatat(4, "", [pid 5829] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] rmdir("./10" [pid 5828] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(4, [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] newfstatat(AT_FDCWD, "./17/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] mkdir("./11", 0777 [pid 5828] unlink("./17/file1" [pid 5826] close(4 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./16/file0") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5828] close(3 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5828] <... close resumed>) = 0 [pid 5826] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] rmdir("./17" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... rmdir resumed>) = 0 [pid 5829] close(3) = 0 [pid 5826] newfstatat(AT_FDCWD, "./16/file1", [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] mkdir("./18", 0777 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6474] <... write resumed>) = 16777216 ./strace-static-x86_64: Process 6475 attached [pid 5828] <... mkdir resumed>) = 0 [pid 5826] unlink("./16/file1" [pid 6475] set_robust_list(0x5555819eb760, 24 [pid 6474] munmap(0x7f0eeb600000, 138412032 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6475] <... set_robust_list resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6475 [pid 5826] <... unlink resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] getdents64(3, [pid 6475] chdir("./11" [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6475] <... chdir resumed>) = 0 [pid 5828] close(3 [pid 5826] close(3 [pid 6475] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6474] <... munmap resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 6475] <... prctl resumed>) = 0 [pid 6474] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6475] setpgid(0, 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... close resumed>) = 0 ./strace-static-x86_64: Process 6476 attached [pid 6475] <... setpgid resumed>) = 0 [pid 6474] <... openat resumed>) = 4 [pid 5826] rmdir("./16" [pid 6476] set_robust_list(0x5555819eb760, 24 [pid 6475] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6474] ioctl(4, LOOP_SET_FD, 3 [pid 5826] <... rmdir resumed>) = 0 [pid 6476] <... set_robust_list resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6476 [pid 5826] mkdir("./17", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6477 attached [pid 6477] set_robust_list(0x5555819eb760, 24 [pid 6474] <... ioctl resumed>) = 0 [pid 6477] <... set_robust_list resumed>) = 0 [pid 6477] chdir("./17") = 0 [pid 6477] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6475] <... openat resumed>) = 3 [pid 6476] chdir("./18" [pid 6474] close(3 [pid 6477] setpgid(0, 0 [pid 6476] <... chdir resumed>) = 0 [pid 6475] write(3, "1000", 4 [pid 6474] <... close resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6477 [pid 6477] <... setpgid resumed>) = 0 [pid 6476] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6475] <... write resumed>) = 4 [pid 6474] close(4 [pid 6476] <... prctl resumed>) = 0 [pid 6475] close(3 [pid 6474] <... close resumed>) = 0 [pid 6476] setpgid(0, 0 [pid 6475] <... close resumed>) = 0 [pid 6474] mkdir("./file0", 0777 [pid 6477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6476] <... setpgid resumed>) = 0 [pid 6475] symlink("/dev/binderfs", "./binderfs" [pid 6477] <... openat resumed>) = 3 [pid 6474] <... mkdir resumed>) = 0 [pid 6477] write(3, "1000", 4 [pid 6474] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6477] <... write resumed>) = 4 [pid 6475] <... symlink resumed>) = 0 [pid 6477] close(3) = 0 [pid 6477] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6476] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program executing program [pid 6475] write(1, "executing program\n", 18 [pid 6477] write(1, "executing program\n", 18 [pid 6475] <... write resumed>) = 18 [pid 6477] <... write resumed>) = 18 [pid 6475] fsopen(NULL, 0 [pid 6477] fsopen(NULL, 0 [pid 6475] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6476] <... openat resumed>) = 3 [pid 6475] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6477] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6475] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6477] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6475] memfd_create("syzkaller", 0 [pid 6477] memfd_create("syzkaller", 0 [pid 6475] <... memfd_create resumed>) = 3 [pid 6475] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6477] <... memfd_create resumed>) = 3 [pid 6475] <... mmap resumed>) = 0x7f0eeb600000 [pid 6477] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6476] write(3, "1000", 4) = 4 [pid 6476] close(3) = 0 [pid 6476] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6476] write(1, "executing program\n", 18) = 18 [pid 6476] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6476] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6476] memfd_create("syzkaller", 0) = 3 [pid 6476] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 109.868690][ T6474] loop0: detected capacity change from 0 to 32768 [pid 6475] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6476] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6477] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6475] <... write resumed>) = 16777216 [pid 6475] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6475] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6475] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6477] <... write resumed>) = 16777216 [pid 6475] close(3 [pid 6477] munmap(0x7f0eeb600000, 138412032 [pid 6476] <... write resumed>) = 16777216 [pid 6475] <... close resumed>) = 0 [pid 6476] munmap(0x7f0eeb600000, 138412032 [pid 6477] <... munmap resumed>) = 0 [pid 6475] close(4 [pid 6477] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6475] <... close resumed>) = 0 [pid 6477] <... openat resumed>) = 4 [pid 6475] mkdir("./file0", 0777) = 0 [pid 6477] ioctl(4, LOOP_SET_FD, 3 [ 110.347294][ T6475] loop4: detected capacity change from 0 to 32768 [pid 6475] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6477] <... ioctl resumed>) = 0 [pid 6476] <... munmap resumed>) = 0 [pid 6476] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6477] close(3) = 0 [pid 6476] ioctl(4, LOOP_SET_FD, 3 [pid 6477] close(4) = 0 [pid 6477] mkdir("./file0", 0777) = 0 [pid 6476] <... ioctl resumed>) = 0 [pid 6476] close(3) = 0 [pid 6476] close(4 [pid 6477] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6476] <... close resumed>) = 0 [pid 6476] mkdir("./file0", 0777) = 0 [ 110.389838][ T6477] loop1: detected capacity change from 0 to 32768 [ 110.413278][ T6476] loop3: detected capacity change from 0 to 32768 [ 110.500351][ T6474] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 110.533600][ T6477] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 110.543143][ T6474] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 110.543188][ T6474] bcachefs (loop0): Version downgrade required: [ 110.543403][ T6474] bcachefs (loop0): Version upgrade required: [ 110.543403][ T6474] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 110.543403][ T6474] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 110.543403][ T6474] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 110.586086][ T6477] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 110.629387][ T6474] bcachefs (loop0): dropping and reconstructing all alloc info [ 110.682274][ T6475] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 110.737345][ T6475] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 110.755107][ T6476] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 6476] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6477] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6477] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6477] ioctl(3, LOOP_CLR_FD) = 0 [ 110.766719][ T6474] bcachefs (loop0): accounting_read... done [ 110.794285][ T6474] bcachefs (loop0): alloc_read... done [ 110.798531][ T6476] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 110.809946][ T6477] bcachefs: bch2_fs_get_tree() error: EINVAL [ 110.828084][ T6474] bcachefs (loop0): stripes_read... done [ 110.835930][ T6474] bcachefs (loop0): snapshots_read... done [pid 6477] close(3 [pid 6474] <... mount resumed>) = 0 [pid 6474] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 110.855944][ T6474] bcachefs (loop0): check_allocations... done [ 110.935621][ T6474] bcachefs (loop0): going read-write [ 110.944382][ T6474] bcachefs (loop0): done starting filesystem [pid 6474] chdir("./file0") = 0 [pid 6474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6474] ioctl(4, LOOP_CLR_FD) = 0 [pid 6474] close(4 [pid 5827] <... umount2 resumed>) = 0 [pid 6474] <... close resumed>) = 0 [pid 6474] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5827] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./16/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./16") = 0 [pid 5827] mkdir("./17", 0777 [pid 6474] <... quotactl resumed>) = 0 [pid 6474] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6474] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6474] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] <... mkdir resumed>) = 0 [pid 6477] <... close resumed>) = 0 [pid 6474] <... quotactl resumed>) = 0 [pid 6474] open(".", O_RDONLY) = 5 [pid 6474] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6477] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6474] <... fallocate resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6476] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6475] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6474] exit_group(0 [pid 5827] close(3 [pid 6474] <... exit_group resumed>) = ? [pid 6474] +++ exited with 0 +++ [ 111.070046][ T6475] bcachefs: bch2_fs_get_tree() error: EINVAL [ 111.093980][ T2913] bucket incorrectly unset in freespace btree [ 111.094013][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 6477] <... quotactl resumed>) = 0 [pid 6476] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6475] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] <... close resumed>) = 0 [pid 6477] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6476] <... openat resumed>) = 3 [pid 6475] <... openat resumed>) = 3 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6474, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=39 /* 0.39 s */} --- [pid 6477] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6509 attached [pid 6477] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6476] ioctl(3, LOOP_CLR_FD [pid 6475] ioctl(3, LOOP_CLR_FD [pid 6476] <... ioctl resumed>) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6509 [pid 6509] set_robust_list(0x5555819eb760, 24 [pid 6477] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6476] close(3 [pid 6475] <... ioctl resumed>) = 0 [pid 6509] <... set_robust_list resumed>) = 0 [pid 6509] chdir("./17") = 0 [pid 6509] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6509] setpgid(0, 0 [pid 6477] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6475] close(3 [pid 5825] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6509] <... setpgid resumed>) = 0 [pid 6509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 111.102976][ T6476] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6509] <... openat resumed>) = 3 [pid 6509] write(3, "1000", 4 [pid 6477] <... quotactl resumed>) = 0 [pid 5825] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6509] <... write resumed>) = 4 [pid 6477] open(".", O_RDONLY [pid 6509] close(3 [pid 6477] <... open resumed>) = 4 [pid 6509] <... close resumed>) = 0 [pid 6509] symlink("/dev/binderfs", "./binderfs" [pid 6477] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6509] <... symlink resumed>) = 0 [pid 6477] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6477] exit_group(0 [pid 6509] write(1, "executing program\n", 18 [pid 6477] <... exit_group resumed>) = ? executing program [pid 6509] <... write resumed>) = 18 [pid 6477] +++ exited with 0 +++ [pid 6509] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6509] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6477, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=43 /* 0.43 s */} --- [pid 6509] memfd_create("syzkaller", 0 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5825] <... openat resumed>) = 3 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6509] <... memfd_create resumed>) = 3 [pid 5826] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 3 [pid 5825] newfstatat(AT_FDCWD, "./10/binderfs", [pid 6509] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] newfstatat(3, "", [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] unlink("./10/binderfs" [pid 5826] getdents64(3, [pid 5825] <... unlink resumed>) = 0 [pid 5825] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6509] <... mmap resumed>) = 0x7f0eeb600000 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./17/binderfs") = 0 [pid 5826] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 111.176163][ T2913] bucket incorrectly unset in freespace btree [ 111.176202][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 5826] newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./17/file0") = 0 [pid 5826] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./17/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./17/file1") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./17") = 0 [pid 5826] mkdir("./18", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 6510 ./strace-static-x86_64: Process 6510 attached [ 111.206375][ T5825] bcachefs (loop0): shutting down [ 111.206394][ T5825] bcachefs (loop0): going read-only [ 111.206414][ T5825] bcachefs (loop0): finished waiting for writes to stop [pid 6510] set_robust_list(0x5555819eb760, 24) = 0 [pid 6510] chdir("./18") = 0 [pid 6510] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6510] setpgid(0, 0) = 0 [pid 6510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6510] write(3, "1000", 4) = 4 [pid 6510] close(3) = 0 [pid 6510] symlink("/dev/binderfs", "./binderfs") = 0 [ 111.265831][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 executing program [pid 6510] write(1, "executing program\n", 18) = 18 [pid 6510] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6510] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6510] memfd_create("syzkaller", 0) = 3 [pid 6510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 111.347817][ T3007] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 53) [pid 6476] <... close resumed>) = 0 [pid 6475] <... close resumed>) = 0 [pid 6476] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 111.391653][ T3007] bucket incorrectly unset in freespace btree [ 111.391673][ T3007] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 6475] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 111.456672][ T3007] bucket incorrectly unset in freespace btree [ 111.456693][ T3007] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 111.493820][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [pid 6509] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 111.538079][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 111.563770][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 6510] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6476] <... quotactl resumed>) = 0 [pid 6475] <... quotactl resumed>) = 0 [pid 6476] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6475] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6476] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6475] <... openat resumed>) = 3 [pid 6475] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6475] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6476] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6476] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6475] <... quotactl resumed>) = 0 [pid 6476] <... quotactl resumed>) = 0 [pid 6476] open(".", O_RDONLY) = 4 [pid 6476] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6476] exit_group(0) = ? [pid 6475] open(".", O_RDONLY) = 4 [pid 6475] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6475] exit_group(0) = ? [pid 6476] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6476, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=45 /* 0.45 s */} --- [ 111.596509][ T5825] bcachefs (loop0): shutdown complete [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 6475] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6475, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=42 /* 0.42 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5829] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... openat resumed>) = 3 [pid 5828] <... openat resumed>) = 3 [pid 5829] newfstatat(3, "", [pid 5828] newfstatat(3, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5828] getdents64(3, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5828] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./11/binderfs" [pid 5828] unlink("./18/binderfs" [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5829] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./11/file0", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./18/file0", [pid 5829] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... openat resumed>) = 4 [pid 5828] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] newfstatat(4, "", [pid 5828] <... openat resumed>) = 4 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5829] getdents64(4, [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] getdents64(4, [pid 5829] close(4 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... close resumed>) = 0 [pid 5828] close(4 [pid 5829] rmdir("./11/file0" [pid 5828] <... close resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] rmdir("./18/file0") = 0 [pid 5829] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./18/file1", [pid 5829] newfstatat(AT_FDCWD, "./11/file1", [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./18/file1" [pid 5829] unlink("./11/file1" [pid 5828] <... unlink resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5828] getdents64(3, [pid 5829] getdents64(3, [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] rmdir("./18" [pid 5829] close(3 [pid 5828] <... rmdir resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5829] rmdir("./11" [pid 5828] mkdir("./19", 0777 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5829] mkdir("./12", 0777 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6511 attached [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWRexecuting program [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6511 [pid 6511] set_robust_list(0x5555819eb760, 24) = 0 [pid 6511] chdir("./19") = 0 [pid 6511] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6511] setpgid(0, 0) = 0 [pid 6511] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6511] write(3, "1000", 4) = 4 [pid 6511] close(3) = 0 [pid 6511] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6511] write(1, "executing program\n", 18) = 18 [pid 6511] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6511] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6511] memfd_create("syzkaller", 0) = 3 [pid 6511] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5829] <... openat resumed>) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6512 attached , child_tidptr=0x5555819eb750) = 6512 [pid 6512] set_robust_list(0x5555819eb760, 24) = 0 [pid 6512] chdir("./12") = 0 [pid 6512] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6512] setpgid(0, 0) = 0 [pid 6512] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6512] write(3, "1000", 4) = 4 [pid 6512] close(3) = 0 [pid 6512] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6512] write(1, "executing program\n", 18executing program ) = 18 [pid 6512] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6509] <... write resumed>) = 16777216 [pid 6512] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6512] memfd_create("syzkaller", 0) = 3 [pid 6512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6509] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6509] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6509] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6509] close(3) = 0 [ 111.863065][ T6509] loop2: detected capacity change from 0 to 32768 [pid 6509] close(4) = 0 [pid 6509] mkdir("./file0", 0777) = 0 [pid 6509] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6510] <... write resumed>) = 16777216 [pid 6511] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6510] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6510] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6510] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6510] close(3) = 0 [pid 6510] close(4) = 0 [pid 6510] mkdir("./file0", 0777 [pid 6512] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6510] <... mkdir resumed>) = 0 [ 111.983327][ T6510] loop1: detected capacity change from 0 to 32768 [pid 6510] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6512] <... write resumed>) = 16777216 [pid 6512] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6512] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6512] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6511] <... write resumed>) = 16777216 [pid 6512] close(3) = 0 [pid 6511] munmap(0x7f0eeb600000, 138412032 [pid 6512] close(4) = 0 [pid 6511] <... munmap resumed>) = 0 [pid 6512] mkdir("./file0", 0777) = 0 [pid 6512] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6511] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6511] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6511] close(3) = 0 [pid 6511] close(4) = 0 [pid 6511] mkdir("./file0", 0777) = 0 [ 112.228853][ T6512] loop4: detected capacity change from 0 to 32768 [ 112.261321][ T6511] loop3: detected capacity change from 0 to 32768 [ 112.441602][ T6509] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 112.451768][ T6510] bcachefs (loop1): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 112.481341][ T6509] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 112.507573][ T6511] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 112.526803][ T6510] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 112.536428][ T6512] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 112.537178][ T6510] bcachefs (loop1): Version downgrade required: [ 112.545691][ T6511] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 112.573220][ T6512] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 112.586120][ T6510] bcachefs (loop1): Version upgrade required: [ 112.586120][ T6510] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 112.586120][ T6510] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 112.586120][ T6510] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 112.677833][ T6510] bcachefs (loop1): dropping and reconstructing all alloc info [ 112.737921][ T6510] bcachefs (loop1): accounting_read... done [ 112.754862][ T6510] bcachefs (loop1): alloc_read... done [ 112.766607][ T6510] bcachefs (loop1): stripes_read... done [ 112.772357][ T6510] bcachefs (loop1): snapshots_read... done [ 112.789225][ T6512] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6511] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6512] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6512] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6512] ioctl(3, LOOP_CLR_FD) = 0 [pid 6512] close(3 [pid 6509] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6509] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6509] ioctl(3, LOOP_CLR_FD) = 0 [ 112.798806][ T6510] bcachefs (loop1): check_allocations... done [ 112.861535][ T6510] bcachefs (loop1): going read-write [ 112.877056][ T6509] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6509] close(3 [pid 6510] <... mount resumed>) = 0 [pid 6511] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = 0 [pid 6510] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5825] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6510] <... openat resumed>) = 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6510] chdir("./file0") = 0 [pid 5825] newfstatat(AT_FDCWD, "./10/file0", [pid 6510] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6511] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6510] <... openat resumed>) = 4 [pid 5825] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6510] ioctl(4, LOOP_CLR_FD [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6510] <... ioctl resumed>) = 0 [pid 6510] close(4) = 0 [pid 5825] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 112.946957][ T6510] bcachefs (loop1): done starting filesystem [ 112.947594][ T6511] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6510] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5825] newfstatat(4, "", [pid 6511] <... openat resumed>) = 3 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6511] ioctl(3, LOOP_CLR_FD [pid 5825] getdents64(4, [pid 6511] <... ioctl resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6511] close(3 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./10/file0") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 6510] <... quotactl resumed>) = 0 [pid 6510] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5825] rmdir("./10" [pid 6510] <... openat resumed>) = 4 [pid 5825] <... rmdir resumed>) = 0 [pid 5825] mkdir("./11", 0777 [pid 6510] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5825] <... mkdir resumed>) = 0 [pid 6510] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6510] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6549 attached , child_tidptr=0x5555819eb750) = 6549 [pid 6549] set_robust_list(0x5555819eb760, 24) = 0 [pid 6549] chdir("./11") = 0 [pid 6549] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6549] setpgid(0, 0) = 0 [pid 6549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6510] <... quotactl resumed>) = 0 [pid 6510] open(".", O_RDONLY) = 5 [pid 6549] <... openat resumed>) = 3 [pid 6510] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6509] <... close resumed>) = 0 [pid 6549] write(3, "1000", 4) = 4 [pid 6549] close(3) = 0 [pid 6509] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6549] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6509] <... quotactl resumed>) = 0 [pid 6549] write(1, "executing program\n", 18 [pid 6510] <... fallocate resumed>) = 0 [pid 6509] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512executing program [pid 6549] <... write resumed>) = 18 [pid 6510] exit_group(0 [pid 6509] <... openat resumed>) = 3 [pid 6549] fsopen(NULL, 0 [pid 6510] <... exit_group resumed>) = ? [pid 6509] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6549] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6510] +++ exited with 0 +++ [pid 6509] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6549] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6510, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=41 /* 0.41 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 6549] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... restart_syscall resumed>) = 0 [pid 5826] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./18/binderfs", [pid 6549] memfd_create("syzkaller", 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 113.107771][ T61] bucket incorrectly unset in freespace btree [ 113.107803][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 6549] <... memfd_create resumed>) = 3 [pid 6509] <... quotactl resumed>) = 0 [pid 5826] unlink("./18/binderfs") = 0 [pid 6549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6509] open(".", O_RDONLY [pid 6549] <... mmap resumed>) = 0x7f0eeb600000 [pid 5826] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6509] <... open resumed>) = 4 [pid 6512] <... close resumed>) = 0 [pid 6509] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6512] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6509] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6509] exit_group(0) = ? [pid 6509] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6509, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=44 /* 0.44 s */} --- [pid 5827] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./17/binderfs") = 0 [pid 5827] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./17/file0") = 0 [ 113.189069][ T61] bucket incorrectly unset in freespace btree [ 113.189091][ T61] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 113.210683][ T5826] bcachefs (loop1): shutting down [ 113.218340][ T5826] bcachefs (loop1): going read-only [ 113.225505][ T5826] bcachefs (loop1): finished waiting for writes to stop [pid 5827] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./17/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./17/file1") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./17") = 0 [pid 5827] mkdir("./18", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 6550 ./strace-static-x86_64: Process 6550 attached [ 113.254572][ T5826] bcachefs (loop1): flushing journal and stopping allocators, journal seq 12 [ 113.293496][ T61] bcachefs (loop1): loop1: Superblock write was silently dropped! (seq 0 expected 53) [pid 6550] set_robust_list(0x5555819eb760, 24) = 0 [pid 6550] chdir("./18") = 0 [pid 6511] <... close resumed>) = 0 [pid 6550] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6511] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6550] <... prctl resumed>) = 0 [pid 6550] setpgid(0, 0) = 0 [pid 6550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6550] write(3, "1000", 4) = 4 [pid 6550] close(3) = 0 [pid 6550] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6550] write(1, "executing program\n", 18) = 18 [pid 6550] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6550] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [ 113.320893][ T61] bucket incorrectly unset in freespace btree [ 113.320938][ T61] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 113.355036][ T61] bucket incorrectly unset in freespace btree [ 113.355056][ T61] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 6550] memfd_create("syzkaller", 0) = 3 [pid 6550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6549] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6512] <... quotactl resumed>) = 0 [pid 6511] <... quotactl resumed>) = 0 [pid 6512] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6511] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6512] <... openat resumed>) = 3 [pid 6511] <... openat resumed>) = 3 [pid 6512] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6511] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6512] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6511] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6512] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [ 113.382742][ T5826] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12 [ 113.395655][ T5826] bcachefs (loop1): unclean shutdown complete, journal seq 13 [ 113.406721][ T5826] bcachefs (loop1): done going read-only, filesystem not clean [ 113.443572][ T5826] bcachefs (loop1): shutdown complete [pid 6511] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6512] <... quotactl resumed>) = 0 [pid 6511] <... quotactl resumed>) = 0 [pid 6512] open(".", O_RDONLY [pid 6511] open(".", O_RDONLY [pid 6512] <... open resumed>) = 4 [pid 6511] <... open resumed>) = 4 [pid 6512] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6511] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6512] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6511] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6512] exit_group(0 [pid 6511] exit_group(0 [pid 6512] <... exit_group resumed>) = ? [pid 6511] <... exit_group resumed>) = ? [pid 6511] +++ exited with 0 +++ [pid 6512] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6512, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=41 /* 0.41 s */} --- [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6511, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=40 /* 0.40 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5829] <... restart_syscall resumed>) = 0 [pid 5829] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] <... restart_syscall resumed>) = 0 [pid 5829] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] getdents64(3, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(3, "", [pid 5829] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(3, [pid 5829] unlink("./12/binderfs" [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... unlink resumed>) = 0 [pid 5828] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5829] newfstatat(AT_FDCWD, "./12/file0", [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./19/binderfs" [pid 5829] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... unlink resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] newfstatat(AT_FDCWD, "./19/file0", [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] getdents64(4, [pid 5828] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] close(4 [pid 5828] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... close resumed>) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5829] rmdir("./12/file0" [pid 5828] newfstatat(4, "", [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] getdents64(4, [pid 5829] newfstatat(AT_FDCWD, "./12/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] unlink("./12/file1") = 0 [pid 5828] getdents64(4, [pid 5829] getdents64(3, [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 5828] close(4 [pid 5829] <... close resumed>) = 0 [pid 5829] rmdir("./12" [pid 5828] <... close resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] rmdir("./19/file0" [pid 5829] mkdir("./13", 0777 [pid 5828] <... rmdir resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./19/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./19/file1" [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] <... unlink resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5828] getdents64(3, [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 5829] close(3 [pid 5828] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5828] rmdir("./19" [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6551 attached [pid 5828] mkdir("./20", 0777 [pid 6551] set_robust_list(0x5555819eb760, 24) = 0 [pid 6551] chdir("./13") = 0 [pid 6551] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6551] setpgid(0, 0) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6551 [pid 6551] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6551] <... openat resumed>) = 3 [pid 5828] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6551] write(3, "1000", 4 [pid 5828] close(3 [pid 6551] <... write resumed>) = 4 [pid 5828] <... close resumed>) = 0 [pid 6551] close(3 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6551] <... close resumed>) = 0 [pid 6551] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 6552 attached ) = 0 [pid 6551] write(1, "executing program\n", 18 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6552 [pid 6552] set_robust_list(0x5555819eb760, 24executing program [pid 6551] <... write resumed>) = 18 [pid 6551] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6552] <... set_robust_list resumed>) = 0 [pid 6551] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6551] memfd_create("syzkaller", 0) = 3 [pid 6550] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6552] chdir("./20" [pid 6551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6552] <... chdir resumed>) = 0 [pid 6552] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6552] setpgid(0, 0) = 0 [pid 6552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6549] <... write resumed>) = 16777216 [pid 6552] <... openat resumed>) = 3 [pid 6552] write(3, "1000", 4) = 4 [pid 6552] close(3) = 0 [pid 6552] symlink("/dev/binderfs", "./binderfs" [pid 6549] munmap(0x7f0eeb600000, 138412032executing program [pid 6552] <... symlink resumed>) = 0 [pid 6552] write(1, "executing program\n", 18) = 18 [pid 6552] fsopen(NULL, 0 [pid 6549] <... munmap resumed>) = 0 [pid 6552] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6552] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6552] memfd_create("syzkaller", 0 [pid 6549] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6552] <... memfd_create resumed>) = 3 [pid 6552] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6549] <... openat resumed>) = 4 [pid 6552] <... mmap resumed>) = 0x7f0eeb600000 [pid 6549] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6549] close(3) = 0 [pid 6549] close(4) = 0 [pid 6549] mkdir("./file0", 0777) = 0 [ 113.707025][ T6549] loop0: detected capacity change from 0 to 32768 [pid 6549] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6551] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6550] <... write resumed>) = 16777216 [pid 6550] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6550] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6550] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6550] close(3) = 0 [pid 6550] close(4) = 0 [pid 6550] mkdir("./file0", 0777) = 0 [ 113.879656][ T6550] loop2: detected capacity change from 0 to 32768 [pid 6550] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6552] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6551] <... write resumed>) = 16777216 [pid 6551] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6551] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6551] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6551] close(3) = 0 [pid 6551] close(4) = 0 [pid 6551] mkdir("./file0", 0777) = 0 [ 114.041035][ T6551] loop4: detected capacity change from 0 to 32768 [pid 6551] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6552] <... write resumed>) = 16777216 [pid 6552] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6552] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6552] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6552] close(3) = 0 [pid 6552] close(4) = 0 [pid 6552] mkdir("./file0", 0777) = 0 [ 114.135143][ T6552] loop3: detected capacity change from 0 to 32768 [ 114.295726][ T6549] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 114.328337][ T6549] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 114.337300][ T6549] bcachefs (loop0): Version downgrade required: [ 114.343746][ T6549] bcachefs (loop0): Version upgrade required: [ 114.343746][ T6549] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 114.343746][ T6549] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 114.343746][ T6549] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 114.420709][ T6549] bcachefs (loop0): dropping and reconstructing all alloc info [ 114.445631][ T6550] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 114.463238][ T6552] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 114.472482][ T6550] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 114.473560][ T6549] bcachefs (loop0): accounting_read... [ 114.480703][ T6552] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 114.500896][ T6551] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 114.516226][ T6551] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 114.531753][ T6549] done [ 114.534581][ T6549] bcachefs (loop0): alloc_read... done [pid 6552] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5826] <... umount2 resumed>) = 0 [pid 5826] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./18/file0") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [ 114.562626][ T6549] bcachefs (loop0): stripes_read... done [ 114.600460][ T6549] bcachefs (loop0): snapshots_read... done [pid 5826] rmdir("./18") = 0 [pid 5826] mkdir("./19", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6583 attached [pid 6583] set_robust_list(0x5555819eb760, 24) = 0 [pid 6583] chdir("./19") = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6583 [pid 6583] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6583] setpgid(0, 0) = 0 [pid 6583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6583] write(3, "1000", 4) = 4 [pid 6583] close(3) = 0 [pid 6583] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6583] write(1, "executing program\n", 18executing program ) = 18 [pid 6583] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6583] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6583] memfd_create("syzkaller", 0) = 3 [pid 6583] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 114.632830][ T6549] bcachefs (loop0): check_allocations... done [ 114.736569][ T6551] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6551] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6551] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6551] ioctl(3, LOOP_CLR_FD [pid 6552] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6551] <... ioctl resumed>) = 0 [pid 6550] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6551] close(3 [pid 6550] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6552] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6550] ioctl(3, LOOP_CLR_FD [pid 6552] ioctl(3, LOOP_CLR_FD) = 0 [pid 6552] close(3 [pid 6550] <... ioctl resumed>) = 0 [ 114.762199][ T6549] bcachefs (loop0): going read-write [ 114.769723][ T6552] bcachefs: bch2_fs_get_tree() error: EINVAL [ 114.776303][ T6550] bcachefs: bch2_fs_get_tree() error: EINVAL [ 114.797258][ T6549] bcachefs (loop0): done starting filesystem [pid 6550] close(3 [pid 6549] <... mount resumed>) = 0 [pid 6549] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6549] chdir("./file0") = 0 [pid 6549] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6549] ioctl(4, LOOP_CLR_FD) = 0 [pid 6549] close(4) = 0 [pid 6549] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6549] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6549] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6549] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6549] open(".", O_RDONLY) = 5 [pid 6549] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 6549] exit_group(0) = ? [pid 6549] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6549, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=35 /* 0.35 s */} --- [pid 5825] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 114.978266][ T2913] bucket incorrectly unset in freespace btree [ 114.978297][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5825] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./11/binderfs") = 0 [pid 5825] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6552] <... close resumed>) = 0 [pid 6552] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6551] <... close resumed>) = 0 [ 115.081307][ T5825] bcachefs (loop0): shutting down [ 115.087033][ T5825] bcachefs (loop0): going read-only [ 115.092288][ T5825] bcachefs (loop0): finished waiting for writes to stop [pid 6551] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6583] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6550] <... close resumed>) = 0 [ 115.130655][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [ 115.155577][ T2913] bucket incorrectly unset in freespace btree [ 115.155610][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 115.186235][ T2913] bucket incorrectly unset in freespace btree [ 115.186255][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 115.201966][ T2913] bucket incorrectly unset in freespace btree [ 115.201986][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 115.220933][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [pid 6550] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6552] <... quotactl resumed>) = 0 [pid 6551] <... quotactl resumed>) = 0 [pid 6550] <... quotactl resumed>) = 0 [pid 6550] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6551] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6551] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6550] <... openat resumed>) = 3 [pid 6551] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6550] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6551] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6552] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6550] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6550] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6552] <... openat resumed>) = 3 [pid 6552] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6552] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6551] <... quotactl resumed>) = 0 [pid 6551] open(".", O_RDONLY) = 4 [pid 6551] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6551] exit_group(0) = ? [pid 6551] +++ exited with 0 +++ [pid 6552] <... quotactl resumed>) = 0 [pid 6550] <... quotactl resumed>) = 0 [pid 6552] open(".", O_RDONLY) = 4 [pid 6552] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6551, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=45 /* 0.45 s */} --- [pid 6552] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 6550] open(".", O_RDONLY [pid 5829] <... restart_syscall resumed>) = 0 [pid 6550] <... open resumed>) = 4 [pid 6550] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6552] exit_group(0 [pid 6550] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [ 115.232839][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 115.242036][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [ 115.270782][ T5825] bcachefs (loop0): shutdown complete [pid 5829] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6552] <... exit_group resumed>) = ? [pid 5829] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6552] +++ exited with 0 +++ [pid 5829] newfstatat(3, "", [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6552, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=46 /* 0.46 s */} --- [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6550] exit_group(0 [pid 5829] getdents64(3, [pid 6583] <... write resumed>) = 16777216 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 6583] munmap(0x7f0eeb600000, 138412032 [pid 5829] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./20/binderfs") = 0 [pid 5828] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6583] <... munmap resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6583] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6550] <... exit_group resumed>) = ? [pid 5829] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5828] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6583] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6583] close(3 [pid 6550] +++ exited with 0 +++ [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./13/binderfs" [pid 5828] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6550, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=46 /* 0.46 s */} --- [pid 6583] <... close resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 6583] close(4 [pid 5828] <... openat resumed>) = 4 [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5829] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6583] <... close resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(4, "", [pid 5827] <... restart_syscall resumed>) = 0 [pid 6583] mkdir("./file0", 0777 [pid 5829] newfstatat(AT_FDCWD, "./13/file0", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6583] <... mkdir resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(4, [pid 5829] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6583] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... openat resumed>) = 4 [pid 5828] getdents64(4, [pid 5827] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] newfstatat(4, "", [pid 5827] <... openat resumed>) = 3 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] close(4 [pid 5827] newfstatat(3, "", [pid 5828] <... close resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] rmdir("./20/file0" [pid 5829] getdents64(4, [pid 5827] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] unlink("./18/binderfs" [ 115.346279][ T6583] loop1: detected capacity change from 0 to 32768 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... unlink resumed>) = 0 [pid 5829] close(4 [pid 5827] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] rmdir("./13/file0" [pid 5828] newfstatat(AT_FDCWD, "./20/file1", [pid 5827] newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] <... rmdir resumed>) = 0 [pid 5827] newfstatat(4, "", [pid 5829] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] unlink("./20/file1" [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(AT_FDCWD, "./13/file1", [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] getdents64(4, [pid 5829] unlink("./13/file1" [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5827] close(4 [pid 5828] getdents64(3, [pid 5827] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] rmdir("./18/file0" [pid 5828] close(3 [pid 5827] <... rmdir resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] rmdir("./20" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... unlink resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./18/file1", [pid 5829] getdents64(3, [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./18/file1" [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 5827] <... unlink resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5827] getdents64(3, [pid 5828] <... rmdir resumed>) = 0 [pid 5829] rmdir("./13" [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] mkdir("./21", 0777 [pid 5829] <... rmdir resumed>) = 0 [pid 5827] close(3 [pid 5829] mkdir("./14", 0777 [pid 5827] <... close resumed>) = 0 [pid 5827] rmdir("./18") = 0 [pid 5827] mkdir("./19", 0777 [pid 5829] <... mkdir resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5829] <... openat resumed>) = 3 [pid 5828] <... mkdir resumed>) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5827] <... openat resumed>) = 3 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5829] close(3 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5829] <... close resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] close(3) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6591 attached [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6591 ./strace-static-x86_64: Process 6592 attached [pid 6591] set_robust_list(0x5555819eb760, 24./strace-static-x86_64: Process 6593 attached ) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6592 [pid 6592] set_robust_list(0x5555819eb760, 24) = 0 [pid 6591] chdir("./19" [pid 6592] chdir("./14" [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6593 [pid 6593] set_robust_list(0x5555819eb760, 24 [pid 6592] <... chdir resumed>) = 0 [pid 6591] <... chdir resumed>) = 0 [pid 6593] <... set_robust_list resumed>) = 0 [pid 6592] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6591] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6592] <... prctl resumed>) = 0 [pid 6592] setpgid(0, 0 [pid 6591] setpgid(0, 0 [pid 6592] <... setpgid resumed>) = 0 [pid 6593] chdir("./21" [pid 6592] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6591] <... setpgid resumed>) = 0 [pid 6592] <... openat resumed>) = 3 [pid 6591] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6592] write(3, "1000", 4) = 4 [pid 6592] close(3 [pid 6591] <... openat resumed>) = 3 [pid 6592] <... close resumed>) = 0 [pid 6591] write(3, "1000", 4 [pid 6593] <... chdir resumed>) = 0 [pid 6592] symlink("/dev/binderfs", "./binderfs" [pid 6591] <... write resumed>) = 4 [pid 6593] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6592] <... symlink resumed>) = 0 [pid 6591] close(3executing program [pid 6593] <... prctl resumed>) = 0 [pid 6592] write(1, "executing program\n", 18 [pid 6591] <... close resumed>) = 0 [pid 6593] setpgid(0, 0 [pid 6592] <... write resumed>) = 18 [pid 6591] symlink("/dev/binderfs", "./binderfs" [pid 6593] <... setpgid resumed>) = 0 [pid 6592] fsopen(NULL, 0 [pid 6591] <... symlink resumed>) = 0 [pid 6593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6592] <... fsopen resumed>) = -1 EFAULT (Bad address) executing program [pid 6591] write(1, "executing program\n", 18 [pid 6593] <... openat resumed>) = 3 [pid 6592] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6591] <... write resumed>) = 18 [pid 6593] write(3, "1000", 4 [pid 6592] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6591] fsopen(NULL, 0 [pid 6593] <... write resumed>) = 4 [pid 6592] memfd_create("syzkaller", 0 [pid 6591] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6593] close(3 [pid 6592] <... memfd_create resumed>) = 3 [pid 6591] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6593] <... close resumed>) = 0 [pid 6592] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6591] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6593] symlink("/dev/binderfs", "./binderfs" [pid 6592] <... mmap resumed>) = 0x7f0eeb600000 [pid 6591] memfd_create("syzkaller", 0 [pid 6593] <... symlink resumed>) = 0 executing program [pid 6593] write(1, "executing program\n", 18) = 18 [pid 6593] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6593] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6591] <... memfd_create resumed>) = 3 [pid 6593] memfd_create("syzkaller", 0 [pid 6591] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6593] <... memfd_create resumed>) = 3 [pid 6593] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6591] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6592] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6593] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6592] <... write resumed>) = 16777216 [pid 6592] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6592] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6593] <... write resumed>) = 16777216 [pid 6592] <... openat resumed>) = 4 [pid 6593] munmap(0x7f0eeb600000, 138412032 [pid 6592] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6592] close(3) = 0 [pid 6592] close(4) = 0 [pid 6592] mkdir("./file0", 0777 [pid 6593] <... munmap resumed>) = 0 [pid 6592] <... mkdir resumed>) = 0 [pid 6593] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6592] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6593] <... openat resumed>) = 4 [ 115.922488][ T6592] loop4: detected capacity change from 0 to 32768 [ 115.946406][ T6593] loop3: detected capacity change from 0 to 32768 [ 115.973230][ T6583] bcachefs (loop1): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 116.003841][ T6583] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 116.013941][ T6583] bcachefs (loop1): Version downgrade required: [pid 6593] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6593] close(3) = 0 [pid 6593] close(4) = 0 [pid 6593] mkdir("./file0", 0777) = 0 [ 116.020850][ T6583] bcachefs (loop1): Version upgrade required: [ 116.020850][ T6583] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 116.020850][ T6583] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [pid 6593] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6591] <... write resumed>) = 16777216 [pid 6591] munmap(0x7f0eeb600000, 138412032) = 0 [ 116.020850][ T6583] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [pid 6591] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6591] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6591] close(3) = 0 [pid 6591] close(4) = 0 [pid 6591] mkdir("./file0", 0777) = 0 [ 116.116655][ T6591] loop2: detected capacity change from 0 to 32768 [ 116.139966][ T6583] bcachefs (loop1): dropping and reconstructing all alloc info [ 116.178736][ T6583] bcachefs (loop1): accounting_read... done [ 116.185623][ T6583] bcachefs (loop1): alloc_read... done [ 116.191352][ T6583] bcachefs (loop1): stripes_read... done [ 116.202264][ T6583] bcachefs (loop1): snapshots_read... done [ 116.208507][ T6583] bcachefs (loop1): check_allocations... done [ 116.253209][ T6592] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 116.260619][ T6583] bcachefs (loop1): going read-write [pid 6591] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6583] <... mount resumed>) = 0 [pid 6583] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6583] chdir("./file0") = 0 [pid 6583] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6583] ioctl(4, LOOP_CLR_FD) = 0 [ 116.289704][ T6583] bcachefs (loop1): done starting filesystem [ 116.300987][ T6592] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 116.312650][ T6593] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 6583] close(4) = 0 [pid 6583] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6583] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6583] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6583] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [ 116.341346][ T6593] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 6583] open(".", O_RDONLY) = 5 [pid 6583] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 6583] exit_group(0) = ? [pid 6583] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6583, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=37 /* 0.37 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 116.388618][ T6591] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 116.400092][ T6591] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 116.419468][ T52] bucket incorrectly unset in freespace btree [pid 5826] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 116.419497][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./19/binderfs") = 0 [pid 5826] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./11/file0") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./11") = 0 [pid 5825] mkdir("./12", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [ 116.469293][ T52] bucket incorrectly unset in freespace btree [ 116.469312][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 116.496497][ T5826] bcachefs (loop1): shutting down [ 116.501615][ T5826] bcachefs (loop1): going read-only [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6620 attached , child_tidptr=0x5555819eb750) = 6620 [pid 6620] set_robust_list(0x5555819eb760, 24) = 0 [pid 6620] chdir("./12") = 0 [pid 6620] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6620] setpgid(0, 0) = 0 [pid 6620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6620] write(3, "1000", 4) = 4 [pid 6620] close(3) = 0 [pid 6620] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6620] write(1, "executing program\n", 18) = 18 [pid 6620] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6620] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6620] memfd_create("syzkaller", 0) = 3 [pid 6620] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 116.536002][ T5826] bcachefs (loop1): finished waiting for writes to stop [ 116.575474][ T5826] bcachefs (loop1): flushing journal and stopping allocators, journal seq 12 [pid 6592] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6592] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6592] ioctl(3, LOOP_CLR_FD) = 0 [ 116.599624][ T6592] bcachefs: bch2_fs_get_tree() error: EINVAL [ 116.653357][ T52] bcachefs (loop1): loop1: Superblock write was silently dropped! (seq 0 expected 53) [ 116.673765][ T52] bucket incorrectly unset in freespace btree [ 116.673796][ T52] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 116.680391][ T6591] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6592] close(3 [pid 6591] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6591] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6591] ioctl(3, LOOP_CLR_FD) = 0 [ 116.733048][ T52] bucket incorrectly unset in freespace btree [ 116.733069][ T52] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 116.737132][ T6593] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6591] close(3 [pid 6592] <... close resumed>) = 0 [pid 6592] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6593] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 116.793989][ T5826] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12 [ 116.826653][ T5826] bcachefs (loop1): unclean shutdown complete, journal seq 13 [pid 6593] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6593] ioctl(3, LOOP_CLR_FD) = 0 [ 116.844629][ T5826] bcachefs (loop1): done going read-only, filesystem not clean [pid 6593] close(3 [pid 6592] <... quotactl resumed>) = 0 [pid 6592] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6592] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6592] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [ 116.912470][ T5826] bcachefs (loop1): shutdown complete [pid 6592] open(".", O_RDONLY) = 4 [pid 6592] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6592] exit_group(0) = ? [pid 6592] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6592, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=48 /* 0.48 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6620] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5829] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./14/binderfs") = 0 [pid 5829] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./14/file0") = 0 [pid 5829] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./14/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./14/file1") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./14") = 0 [pid 5829] mkdir("./15", 0777) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6621 attached [pid 6621] set_robust_list(0x5555819eb760, 24) = 0 [pid 6621] chdir("./15") = 0 [pid 6621] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6591] <... close resumed>) = 0 [pid 6621] <... prctl resumed>) = 0 [pid 6621] setpgid(0, 0) = 0 [pid 6621] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6621] write(3, "1000", 4) = 4 [pid 6621] close(3) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6621 [pid 6621] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6621] write(1, "executing program\n", 18) = 18 [pid 6621] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6621] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6621] memfd_create("syzkaller", 0 [pid 6591] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6621] <... memfd_create resumed>) = 3 [pid 6621] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6591] <... quotactl resumed>) = 0 [pid 6591] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6591] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6593] <... close resumed>) = 0 [pid 6591] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6591] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6593] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6591] <... quotactl resumed>) = 0 [pid 6593] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6591] open(".", O_RDONLY [pid 6593] <... openat resumed>) = 3 [pid 6591] <... open resumed>) = 4 [pid 6591] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6593] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6591] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6593] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6591] exit_group(0 [pid 6593] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6591] <... exit_group resumed>) = ? [pid 6591] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6591, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=40 /* 0.40 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 6593] <... quotactl resumed>) = 0 [pid 6593] open(".", O_RDONLY [pid 5827] <... restart_syscall resumed>) = 0 [pid 6593] <... open resumed>) = 4 [pid 5827] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6593] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5827] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6593] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... openat resumed>) = 3 [pid 6593] exit_group(0 [pid 5827] newfstatat(3, "", [pid 6593] <... exit_group resumed>) = ? [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./19/binderfs") = 0 [pid 5827] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6593] +++ exited with 0 +++ [pid 5827] newfstatat(AT_FDCWD, "./19/file0", [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6593, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=43 /* 0.43 s */} --- [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5827] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./19/file0" [pid 5828] <... restart_syscall resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5827] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] newfstatat(AT_FDCWD, "./19/file1", [pid 5828] <... openat resumed>) = 3 [pid 5828] newfstatat(3, "", [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] unlink("./19/file1" [pid 5828] getdents64(3, [pid 5827] <... unlink resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] getdents64(3, [pid 5828] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] close(3 [pid 5828] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5827] <... close resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] rmdir("./19") = 0 [pid 5827] mkdir("./20", 0777 [pid 5828] unlink("./21/binderfs" [pid 5827] <... mkdir resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5828] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./21/file0", [pid 5827] <... openat resumed>) = 3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] close(3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... close resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... openat resumed>) = 4 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6622 [pid 5828] newfstatat(4, "", ./strace-static-x86_64: Process 6622 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6622] set_robust_list(0x5555819eb760, 24) = 0 [pid 6622] chdir("./20") = 0 [pid 6622] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6622] setpgid(0, 0) = 0 [pid 6622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6622] write(3, "1000", 4) = 4 [pid 6622] close(3) = 0 [pid 6622] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6622] write(1, "executing program\n", 18) = 18 [pid 6622] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6622] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6622] memfd_create("syzkaller", 0) = 3 [pid 5828] getdents64(4, [pid 6622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./21/file0") = 0 [pid 5828] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./21/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./21/file1") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./21") = 0 [pid 5828] mkdir("./22", 0777) = 0 [pid 6620] <... write resumed>) = 16777216 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6620] munmap(0x7f0eeb600000, 138412032 [pid 5828] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6623 attached , child_tidptr=0x5555819eb750) = 6623 [pid 6621] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6623] set_robust_list(0x5555819eb760, 24) = 0 [pid 6623] chdir("./22") = 0 [pid 6623] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6623] setpgid(0, 0) = 0 [pid 6623] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6623] write(3, "1000", 4) = 4 [pid 6623] close(3) = 0 [pid 6623] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6623] write(1, "executing program\n", 18) = 18 [pid 6623] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6623] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6623] memfd_create("syzkaller", 0) = 3 [pid 6623] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6620] <... munmap resumed>) = 0 [pid 6620] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6620] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6620] close(3) = 0 [pid 6620] close(4) = 0 [pid 6620] mkdir("./file0", 0777) = 0 [ 117.308056][ T6620] loop0: detected capacity change from 0 to 32768 [pid 6620] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6622] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6621] <... write resumed>) = 16777216 [pid 6621] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6623] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6621] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6621] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6621] close(3) = 0 [pid 6621] close(4) = 0 [pid 6621] mkdir("./file0", 0777) = 0 [ 117.555843][ T6621] loop4: detected capacity change from 0 to 32768 [pid 6621] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6623] <... write resumed>) = 16777216 [pid 6623] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6623] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6623] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6623] close(3) = 0 [pid 6623] close(4) = 0 [pid 6623] mkdir("./file0", 0777) = 0 [pid 6623] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6622] <... write resumed>) = 16777216 [ 117.720681][ T6623] loop3: detected capacity change from 0 to 32768 [pid 6622] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6622] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6622] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6622] close(3) = 0 [pid 6622] close(4) = 0 [pid 6622] mkdir("./file0", 0777) = 0 [ 117.787275][ T6622] loop2: detected capacity change from 0 to 32768 [ 117.917962][ T6620] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 117.948698][ T6620] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 117.957410][ T6620] bcachefs (loop0): Version downgrade required: [ 117.963810][ T6620] bcachefs (loop0): Version upgrade required: [ 117.963810][ T6620] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 117.963810][ T6620] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 117.963810][ T6620] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 118.014757][ T6623] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 118.045067][ T6623] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 118.056476][ T6622] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 118.065801][ T6620] bcachefs (loop0): dropping and reconstructing all alloc info [ 118.099539][ T6621] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 118.114151][ T6622] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 118.123118][ T6621] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 118.134107][ T6620] bcachefs (loop0): accounting_read... done [ 118.155226][ T6620] bcachefs (loop0): alloc_read... done [ 118.181266][ T6620] bcachefs (loop0): stripes_read... done [ 118.196251][ T6620] bcachefs (loop0): snapshots_read... done [ 118.206360][ T6620] bcachefs (loop0): check_allocations... done [ 118.265766][ T6620] bcachefs (loop0): going read-write [pid 6622] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6620] <... mount resumed>) = 0 [pid 5826] <... umount2 resumed>) = 0 [pid 6620] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5826] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6620] <... openat resumed>) = 3 [pid 5826] newfstatat(AT_FDCWD, "./19/file0", [pid 6620] chdir("./file0" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6620] <... chdir resumed>) = 0 [pid 6623] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6620] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6623] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6620] <... openat resumed>) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6623] <... openat resumed>) = 3 [pid 6620] ioctl(4, LOOP_CLR_FD [pid 5826] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6623] ioctl(3, LOOP_CLR_FD [pid 6620] <... ioctl resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 6623] <... ioctl resumed>) = 0 [pid 6620] close(4 [pid 6623] close(3 [pid 6620] <... close resumed>) = 0 [pid 5826] newfstatat(4, "", [pid 6620] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./19/file0") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./19") = 0 [ 118.306007][ T6620] bcachefs (loop0): done starting filesystem [ 118.324285][ T6623] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5826] mkdir("./20", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6655 attached , child_tidptr=0x5555819eb750) = 6655 [pid 6620] <... quotactl resumed>) = 0 [pid 6620] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6655] set_robust_list(0x5555819eb760, 24 [pid 6620] <... openat resumed>) = 4 [pid 6620] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6655] <... set_robust_list resumed>) = 0 [pid 6620] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6655] chdir("./20" [pid 6620] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6655] <... chdir resumed>) = 0 [pid 6655] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6655] setpgid(0, 0) = 0 [pid 6655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6655] write(3, "1000", 4) = 4 [pid 6655] close(3) = 0 [pid 6655] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6655] write(1, "executing program\n", 18executing program ) = 18 [pid 6620] <... quotactl resumed>) = 0 [pid 6655] fsopen(NULL, 0 [pid 6620] open(".", O_RDONLY [pid 6655] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6620] <... open resumed>) = 5 [pid 6655] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6620] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6655] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6655] memfd_create("syzkaller", 0) = 3 [pid 6655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6620] <... fallocate resumed>) = 0 [pid 6620] exit_group(0) = ? [pid 6620] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6620, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=40 /* 0.40 s */} --- [ 118.426861][ T2913] bucket incorrectly unset in freespace btree [ 118.426894][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 118.426968][ T6621] bcachefs: bch2_fs_get_tree() error: EINVAL [ 118.450446][ T6622] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6622] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6622] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5825] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6622] ioctl(3, LOOP_CLR_FD [pid 5825] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6622] <... ioctl resumed>) = 0 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 6622] close(3 [pid 5825] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./12/binderfs") = 0 [pid 5825] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6621] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 118.477527][ T2913] bucket incorrectly unset in freespace btree [ 118.477546][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 6621] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6621] ioctl(3, LOOP_CLR_FD) = 0 [ 118.553111][ T5825] bcachefs (loop0): shutting down [ 118.562489][ T5825] bcachefs (loop0): going read-only [ 118.586003][ T5825] bcachefs (loop0): finished waiting for writes to stop [pid 6621] close(3 [pid 6623] <... close resumed>) = 0 [ 118.618616][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [ 118.645083][ T2913] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 53) [ 118.667133][ T2913] bucket incorrectly unset in freespace btree [ 118.667162][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 118.718507][ T2913] bucket incorrectly unset in freespace btree [ 118.718527][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 118.757397][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [pid 6623] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6623] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6621] <... close resumed>) = 0 [pid 6623] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6622] <... close resumed>) = 0 [pid 6622] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6623] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6621] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6623] <... quotactl resumed>) = 0 [pid 6623] open(".", O_RDONLY) = 4 [pid 6623] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6622] <... quotactl resumed>) = 0 [pid 6621] <... quotactl resumed>) = 0 [pid 6622] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6621] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6623] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6623] exit_group(0 [pid 6621] <... openat resumed>) = 3 [pid 6622] <... openat resumed>) = 3 [pid 6655] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6623] <... exit_group resumed>) = ? [pid 6622] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6621] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6622] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6621] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6623] +++ exited with 0 +++ [pid 6622] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6621] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6623, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=35 /* 0.35 s */} --- [pid 5828] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./22/binderfs" [pid 6622] <... quotactl resumed>) = 0 [pid 6621] <... quotactl resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 6622] open(".", O_RDONLY [pid 6621] open(".", O_RDONLY [ 118.777113][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 118.786966][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [ 118.812939][ T5825] bcachefs (loop0): shutdown complete [pid 5828] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6622] <... open resumed>) = 4 [pid 6621] <... open resumed>) = 4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6622] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6621] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6622] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6621] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./22/file0", [pid 6622] exit_group(0 [pid 6621] exit_group(0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6622] <... exit_group resumed>) = ? [pid 6621] <... exit_group resumed>) = ? [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", [pid 6622] +++ exited with 0 +++ [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6622, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=43 /* 0.43 s */} --- [pid 5828] getdents64(4, [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6621] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6621, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=47 /* 0.47 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] getdents64(4, [pid 5827] <... restart_syscall resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4 [pid 5829] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5827] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] rmdir("./22/file0" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... rmdir resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5827] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(3, "", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... openat resumed>) = 3 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] newfstatat(AT_FDCWD, "./22/file1", [pid 5827] newfstatat(3, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] getdents64(3, [pid 5828] unlink("./22/file1" [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... unlink resumed>) = 0 [pid 5827] getdents64(3, [pid 5829] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(3, [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5828] close(3 [pid 5827] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./15/binderfs" [pid 5828] rmdir("./22" [pid 5827] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5829] <... unlink resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./20/binderfs" [pid 5828] <... rmdir resumed>) = 0 [pid 5828] mkdir("./23", 0777 [pid 5827] <... unlink resumed>) = 0 [pid 5829] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... mkdir resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./15/file0", [pid 5828] <... openat resumed>) = 3 [pid 5827] newfstatat(AT_FDCWD, "./20/file0", [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] close(3 [pid 5829] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5827] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6656 attached [pid 5829] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6656 [pid 6656] set_robust_list(0x5555819eb760, 24) = 0 [pid 5829] <... openat resumed>) = 4 [pid 5827] <... openat resumed>) = 4 [pid 6656] chdir("./23" [pid 5829] newfstatat(4, "", [pid 5827] newfstatat(4, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, [pid 5827] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, [pid 5827] getdents64(4, [pid 6656] <... chdir resumed>) = 0 [pid 6656] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 6656] <... prctl resumed>) = 0 [pid 5829] close(4 [pid 5827] close(4 [pid 6656] setpgid(0, 0 [pid 5829] <... close resumed>) = 0 [pid 6656] <... setpgid resumed>) = 0 [pid 5829] rmdir("./15/file0" [pid 5827] <... close resumed>) = 0 [pid 6656] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] <... rmdir resumed>) = 0 [pid 5827] rmdir("./20/file0" [pid 6656] <... openat resumed>) = 3 [pid 5829] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... rmdir resumed>) = 0 [pid 6656] write(3, "1000", 4 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6656] <... write resumed>) = 4 [pid 5829] newfstatat(AT_FDCWD, "./15/file1", [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] newfstatat(AT_FDCWD, "./20/file1", [pid 5829] unlink("./15/file1" [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5827] unlink("./20/file1" [pid 5829] getdents64(3, [pid 5827] <... unlink resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] getdents64(3, [pid 5829] close(3 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... close resumed>) = 0 [pid 5827] close(3) = 0 [pid 5829] rmdir("./15" [pid 5827] rmdir("./20" [pid 5829] <... rmdir resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 executing program [pid 6656] close(3 [pid 5829] mkdir("./16", 0777 [pid 6656] <... close resumed>) = 0 [pid 6656] symlink("/dev/binderfs", "./binderfs" [pid 5829] <... mkdir resumed>) = 0 [pid 5827] mkdir("./21", 0777 [pid 6656] <... symlink resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 6656] write(1, "executing program\n", 18) = 18 [pid 6656] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6656] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5829] <... openat resumed>) = 3 [pid 5827] <... openat resumed>) = 3 [pid 6656] memfd_create("syzkaller", 0 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 6656] <... memfd_create resumed>) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6656] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6656] <... mmap resumed>) = 0x7f0eeb600000 [pid 5829] close(3 [pid 5827] close(3 [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6657 attached [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6657 ./strace-static-x86_64: Process 6658 attached [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6658 [pid 6657] set_robust_list(0x5555819eb760, 24) = 0 [pid 6657] chdir("./16") = 0 [pid 6657] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6657] setpgid(0, 0) = 0 [pid 6657] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6657] write(3, "1000", 4 [pid 6658] set_robust_list(0x5555819eb760, 24) = 0 [pid 6658] chdir("./21" [pid 6657] <... write resumed>) = 4 [pid 6658] <... chdir resumed>) = 0 [pid 6657] close(3) = 0 [pid 6657] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6657] write(1, "executing program\n", 18) = 18 [pid 6657] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6657] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6658] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6657] memfd_create("syzkaller", 0 [pid 6658] <... prctl resumed>) = 0 [pid 6658] setpgid(0, 0) = 0 [pid 6657] <... memfd_create resumed>) = 3 [pid 6658] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6657] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6658] <... openat resumed>) = 3 [pid 6658] write(3, "1000", 4 [pid 6657] <... mmap resumed>) = 0x7f0eeb600000 [pid 6658] <... write resumed>) = 4 [pid 6658] close(3) = 0 [pid 6658] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6658] write(1, "executing program\n", 18executing program ) = 18 [pid 6658] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6658] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6658] memfd_create("syzkaller", 0) = 3 [pid 6658] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6655] <... write resumed>) = 16777216 [pid 6655] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6655] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6655] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6655] close(3) = 0 [pid 6655] close(4) = 0 [pid 6655] mkdir("./file0", 0777) = 0 [ 119.147746][ T6655] loop1: detected capacity change from 0 to 32768 [pid 6655] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6656] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6657] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6658] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6657] <... write resumed>) = 16777216 [pid 6657] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6657] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6657] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6657] close(3) = 0 [pid 6657] close(4) = 0 [pid 6657] mkdir("./file0", 0777) = 0 [pid 6657] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6656] <... write resumed>) = 16777216 [pid 6656] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6656] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 119.475564][ T6657] loop4: detected capacity change from 0 to 32768 [pid 6656] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6658] <... write resumed>) = 16777216 [pid 6656] close(3 [pid 6658] munmap(0x7f0eeb600000, 138412032 [pid 6656] <... close resumed>) = 0 [pid 6656] close(4) = 0 [pid 6656] mkdir("./file0", 0777) = 0 [pid 6656] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6658] <... munmap resumed>) = 0 [pid 6658] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6658] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6658] close(3) = 0 [pid 6658] close(4) = 0 [pid 6658] mkdir("./file0", 0777) = 0 [ 119.528623][ T6656] loop3: detected capacity change from 0 to 32768 [ 119.566774][ T6658] loop2: detected capacity change from 0 to 32768 [ 119.723866][ T6655] bcachefs (loop1): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 119.750510][ T6655] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 119.758822][ T6655] bcachefs (loop1): Version downgrade required: [ 119.765239][ T6655] bcachefs (loop1): Version upgrade required: [ 119.765239][ T6655] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 119.765239][ T6655] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 119.765239][ T6655] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 119.838034][ T6655] bcachefs (loop1): dropping and reconstructing all alloc info [ 119.848314][ T6657] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 119.858243][ T6657] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 119.869318][ T6658] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 119.898877][ T6658] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 119.907773][ T6656] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 119.922854][ T6655] bcachefs (loop1): accounting_read... done [ 119.934236][ T6656] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 119.953673][ T6655] bcachefs (loop1): alloc_read... done [ 119.999935][ T6655] bcachefs (loop1): stripes_read... done [ 120.021088][ T6655] bcachefs (loop1): snapshots_read... done [pid 6658] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6657] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6657] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6657] ioctl(3, LOOP_CLR_FD) = 0 [ 120.037856][ T6655] bcachefs (loop1): check_allocations... done [ 120.123824][ T6657] bcachefs: bch2_fs_get_tree() error: EINVAL [ 120.137079][ T6655] bcachefs (loop1): going read-write [pid 6657] close(3 [pid 6658] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6658] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6656] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6658] <... openat resumed>) = 3 [pid 6656] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6658] ioctl(3, LOOP_CLR_FD [pid 6656] <... openat resumed>) = 3 [pid 6658] <... ioctl resumed>) = 0 [pid 6656] ioctl(3, LOOP_CLR_FD [pid 6658] close(3 [pid 6656] <... ioctl resumed>) = 0 [pid 6656] close(3 [pid 6655] <... mount resumed>) = 0 [pid 6655] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6655] chdir("./file0") = 0 [pid 6655] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6655] ioctl(4, LOOP_CLR_FD) = 0 [pid 6655] close(4) = 0 [ 120.201930][ T6655] bcachefs (loop1): done starting filesystem [ 120.210042][ T6658] bcachefs: bch2_fs_get_tree() error: EINVAL [ 120.230527][ T6656] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6655] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5825] <... umount2 resumed>) = 0 [pid 6655] <... quotactl resumed>) = 0 [pid 6655] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6655] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5825] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6655] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6655] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5825] newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6655] <... quotactl resumed>) = 0 [pid 5825] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6655] open(".", O_RDONLY [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6655] <... open resumed>) = 5 [pid 5825] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6655] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5825] <... openat resumed>) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4 [pid 6655] <... fallocate resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 6655] exit_group(0) = ? [pid 5825] rmdir("./12/file0" [pid 6655] +++ exited with 0 +++ [pid 5825] <... rmdir resumed>) = 0 [pid 5825] getdents64(3, [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6655, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=32 /* 0.32 s */} --- [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3 [pid 5826] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... close resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] rmdir("./12" [pid 5826] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... rmdir resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, [pid 5825] mkdir("./13", 0777 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] <... mkdir resumed>) = 0 [pid 5826] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... openat resumed>) = 3 [pid 5826] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] unlink("./20/binderfs" [pid 5825] close(3 [pid 5826] <... unlink resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5826] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6690 attached [ 120.352332][ T2913] bucket incorrectly unset in freespace btree [pid 6690] set_robust_list(0x5555819eb760, 24) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 6690 [pid 6690] chdir("./13") = 0 [pid 6690] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6690] setpgid(0, 0) = 0 [pid 6690] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6690] write(3, "1000", 4) = 4 [pid 6690] close(3) = 0 [pid 6690] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6690] write(1, "executing program\n", 18) = 18 [pid 6690] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6690] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6690] memfd_create("syzkaller", 0) = 3 [pid 6690] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6657] <... close resumed>) = 0 [ 120.352366][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 120.429930][ T5826] bcachefs (loop1): shutting down [ 120.435090][ T5826] bcachefs (loop1): going read-only [pid 6657] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6656] <... close resumed>) = 0 [ 120.476079][ T5826] bcachefs (loop1): finished waiting for writes to stop [ 120.508021][ T2913] bucket incorrectly unset in freespace btree [ 120.508041][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 6656] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6658] <... close resumed>) = 0 [ 120.530769][ T5826] bcachefs (loop1): flushing journal and stopping allocators, journal seq 12 [ 120.576487][ T2913] bucket incorrectly unset in freespace btree [ 120.576508][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 6658] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6690] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6658] <... quotactl resumed>) = 0 [pid 6657] <... quotactl resumed>) = 0 [pid 6656] <... quotactl resumed>) = 0 [ 120.595607][ T2913] bucket incorrectly unset in freespace btree [ 120.595626][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 120.616327][ T5826] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12 [ 120.628694][ T5826] bcachefs (loop1): unclean shutdown complete, journal seq 13 [ 120.637546][ T5826] bcachefs (loop1): done going read-only, filesystem not clean [pid 6658] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6657] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6656] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6658] <... openat resumed>) = 3 [pid 6657] <... openat resumed>) = 3 [pid 6658] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6657] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6656] <... openat resumed>) = 3 [pid 6658] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6657] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6658] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6657] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6656] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6656] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6658] <... quotactl resumed>) = 0 [pid 6657] <... quotactl resumed>) = 0 [pid 6658] open(".", O_RDONLY [pid 6657] open(".", O_RDONLY [pid 6658] <... open resumed>) = 4 [pid 6658] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6657] <... open resumed>) = 4 [pid 6658] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6656] <... quotactl resumed>) = 0 [pid 6658] exit_group(0 [pid 6657] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6656] open(".", O_RDONLY [pid 6658] <... exit_group resumed>) = ? [pid 6657] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6656] <... open resumed>) = 4 [pid 6658] +++ exited with 0 +++ [pid 6657] exit_group(0 [pid 6656] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6658, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=47 /* 0.47 s */} --- [pid 6657] <... exit_group resumed>) = ? [pid 6656] exit_group(0 [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 6657] +++ exited with 0 +++ [pid 6656] <... exit_group resumed>) = ? [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6657, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=46 /* 0.46 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 6656] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6656, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=42 /* 0.42 s */} --- [pid 5827] <... restart_syscall resumed>) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... openat resumed>) = 3 [pid 5829] <... openat resumed>) = 3 [pid 5828] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] newfstatat(3, "", [pid 5829] newfstatat(3, "", [pid 5828] <... openat resumed>) = 3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, [pid 5829] getdents64(3, [pid 5828] newfstatat(3, "", [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(3, [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5829] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [ 120.662934][ T5826] bcachefs (loop1): shutdown complete [pid 5827] unlink("./21/binderfs" [pid 5829] unlink("./16/binderfs" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... unlink resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5827] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./21/file0") = 0 [pid 5829] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./16/file0", [pid 5828] unlink("./23/binderfs" [pid 5827] newfstatat(AT_FDCWD, "./21/file1", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] unlink("./21/file1" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... unlink resumed>) = 0 [pid 5829] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(AT_FDCWD, "./23/file0", [pid 5827] getdents64(3, [pid 5829] <... openat resumed>) = 4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] newfstatat(4, "", [pid 5828] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] close(3 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... close resumed>) = 0 [pid 5829] getdents64(4, [pid 5828] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] rmdir("./21" [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] <... rmdir resumed>) = 0 [pid 5829] getdents64(4, [pid 5828] <... openat resumed>) = 4 [pid 5827] mkdir("./22", 0777 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] newfstatat(4, "", [pid 5827] <... mkdir resumed>) = 0 [pid 5829] close(4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5829] <... close resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5828] getdents64(4, [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5829] rmdir("./16/file0" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... rmdir resumed>) = 0 [pid 5828] getdents64(4, [pid 5827] close(3 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] <... close resumed>) = 0 [pid 5828] close(4 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6691 attached [pid 5829] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./23/file0" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... rmdir resumed>) = 0 [pid 6691] set_robust_list(0x5555819eb760, 24 [pid 5829] newfstatat(AT_FDCWD, "./16/file1", [pid 5828] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6691] <... set_robust_list resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6691] chdir("./22" [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./23/file1", [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6691 [pid 5829] unlink("./16/file1" [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6691] <... chdir resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5828] unlink("./23/file1" [pid 6691] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5829] getdents64(3, [pid 5828] <... unlink resumed>) = 0 [pid 6691] setpgid(0, 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] getdents64(3, [pid 6691] <... setpgid resumed>) = 0 [pid 5829] close(3 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6691] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] <... close resumed>) = 0 [pid 5828] close(3 [pid 5829] rmdir("./16") = 0 [pid 5828] <... close resumed>) = 0 [pid 5829] mkdir("./17", 0777 [pid 5828] rmdir("./23" [pid 6691] <... openat resumed>) = 3 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 6691] write(3, "1000", 4 [pid 5828] mkdir("./24", 0777 [pid 6691] <... write resumed>) = 4 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6691] close(3 [pid 5828] <... mkdir resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6691] <... close resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5829] close(3 [pid 6691] symlink("/dev/binderfs", "./binderfs" [pid 5829] <... close resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6691] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 6692 attached [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6692 [pid 6692] set_robust_list(0x5555819eb760, 24) = 0 [pid 6692] chdir("./17") = 0 [pid 6692] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6692] setpgid(0, 0) = 0 [pid 6692] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6692] write(3, "1000", 4) = 4 [pid 6692] close(3) = 0 [pid 6691] write(1, "executing program\n", 18 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 6692] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6692] write(1, "executing program\n", 18) = 18 [pid 6692] fsopen(NULL, 0) = -1 EFAULT (Bad address) executing program [pid 6692] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6692] memfd_create("syzkaller", 0 [pid 6691] <... write resumed>) = 18 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6691] fsopen(NULL, 0 [pid 5828] close(3 [pid 6691] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5828] <... close resumed>) = 0 [pid 6691] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6691] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6692] <... memfd_create resumed>) = 3 [pid 6692] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 ./strace-static-x86_64: Process 6693 attached [pid 6691] memfd_create("syzkaller", 0 [pid 6690] <... write resumed>) = 16777216 [pid 6693] set_robust_list(0x5555819eb760, 24 [pid 6691] <... memfd_create resumed>) = 3 [pid 6690] munmap(0x7f0eeb600000, 138412032 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6693 [pid 6693] <... set_robust_list resumed>) = 0 [pid 6691] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6693] chdir("./24" [pid 6690] <... munmap resumed>) = 0 [pid 6693] <... chdir resumed>) = 0 [pid 6693] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6690] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6693] <... prctl resumed>) = 0 [pid 6693] setpgid(0, 0 [pid 6690] <... openat resumed>) = 4 [pid 6693] <... setpgid resumed>) = 0 [pid 6690] ioctl(4, LOOP_SET_FD, 3 [pid 6693] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6693] write(3, "1000", 4 [pid 6690] <... ioctl resumed>) = 0 [pid 6693] <... write resumed>) = 4 [pid 6690] close(3 [pid 6693] close(3executing program ) = 0 [pid 6693] symlink("/dev/binderfs", "./binderfs" [pid 6690] <... close resumed>) = 0 [pid 6693] <... symlink resumed>) = 0 [pid 6693] write(1, "executing program\n", 18 [pid 6690] close(4 [pid 6693] <... write resumed>) = 18 [pid 6690] <... close resumed>) = 0 [pid 6690] mkdir("./file0", 0777) = 0 [pid 6693] fsopen(NULL, 0 [pid 6690] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6693] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6693] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [ 120.840014][ T6690] loop0: detected capacity change from 0 to 32768 [pid 6693] memfd_create("syzkaller", 0) = 3 [pid 6693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6692] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6691] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6693] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 6691] <... write resumed>) = 16777216 [pid 6693] munmap(0x7f0eeb600000, 138412032 [pid 6691] munmap(0x7f0eeb600000, 138412032 [pid 6693] <... munmap resumed>) = 0 [pid 6693] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6691] <... munmap resumed>) = 0 [pid 6691] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6693] <... openat resumed>) = 4 [pid 6691] <... openat resumed>) = 4 [pid 6691] ioctl(4, LOOP_SET_FD, 3 [pid 6693] ioctl(4, LOOP_SET_FD, 3 [pid 6691] <... ioctl resumed>) = 0 [ 121.329549][ T6691] loop2: detected capacity change from 0 to 32768 [ 121.346313][ T6693] loop3: detected capacity change from 0 to 32768 [pid 6693] <... ioctl resumed>) = 0 [pid 6692] <... write resumed>) = 16777216 [pid 6691] close(3) = 0 [pid 6693] close(3 [pid 6692] munmap(0x7f0eeb600000, 138412032 [pid 6691] close(4) = 0 [pid 6691] mkdir("./file0", 0777 [pid 6693] <... close resumed>) = 0 [pid 6693] close(4) = 0 [pid 6693] mkdir("./file0", 0777) = 0 [pid 6693] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6691] <... mkdir resumed>) = 0 [pid 6691] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6692] <... munmap resumed>) = 0 [pid 6692] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 121.353964][ T6690] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [pid 6692] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6692] close(3) = 0 [pid 6692] close(4) = 0 [pid 6692] mkdir("./file0", 0777) = 0 [ 121.420041][ T6692] loop4: detected capacity change from 0 to 32768 [ 121.448528][ T6690] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 121.458001][ T6690] bcachefs (loop0): Version downgrade required: [ 121.464950][ T6690] bcachefs (loop0): Version upgrade required: [ 121.464950][ T6690] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 121.464950][ T6690] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 121.464950][ T6690] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 121.538322][ T6690] bcachefs (loop0): dropping and reconstructing all alloc info [ 121.571449][ T6690] bcachefs (loop0): accounting_read... done [ 121.584373][ T6690] bcachefs (loop0): alloc_read... done [ 121.590281][ T6690] bcachefs (loop0): stripes_read... done [ 121.596108][ T6690] bcachefs (loop0): snapshots_read... done [ 121.602412][ T6690] bcachefs (loop0): check_allocations... done [ 121.656616][ T6692] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 121.686132][ T6692] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 121.687724][ T6690] bcachefs (loop0): going read-write [ 121.699931][ T6693] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 121.711653][ T6693] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 121.720321][ T6691] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 121.739722][ T6691] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 121.749840][ T6690] bcachefs (loop0): done starting filesystem [pid 6692] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5826] <... umount2 resumed>) = 0 [pid 6690] <... mount resumed>) = 0 [pid 5826] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6690] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5826] <... openat resumed>) = 4 [pid 6690] <... openat resumed>) = 3 [pid 5826] newfstatat(4, "", [pid 6690] chdir("./file0" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6690] <... chdir resumed>) = 0 [pid 5826] getdents64(4, [pid 6690] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6692] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6690] <... openat resumed>) = 4 [pid 5826] getdents64(4, [pid 6692] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 6692] <... openat resumed>) = 3 [pid 6690] ioctl(4, LOOP_CLR_FD [pid 5826] close(4 [pid 6692] ioctl(3, LOOP_CLR_FD [pid 6690] <... ioctl resumed>) = 0 [pid 6692] <... ioctl resumed>) = 0 [pid 6690] close(4 [pid 5826] <... close resumed>) = 0 [pid 6692] close(3 [pid 6690] <... close resumed>) = 0 [pid 6690] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5826] rmdir("./20/file0") = 0 [pid 5826] getdents64(3, [pid 6690] <... quotactl resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6690] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6690] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5826] close(3 [pid 6690] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5826] <... close resumed>) = 0 [ 121.832290][ T6692] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6690] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5826] rmdir("./20") = 0 [pid 5826] mkdir("./21", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3 [pid 6690] <... quotactl resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 6690] open(".", O_RDONLY) = 5 [pid 6690] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6725 attached , child_tidptr=0x5555819eb750) = 6725 [pid 6725] set_robust_list(0x5555819eb760, 24) = 0 [pid 6690] <... fallocate resumed>) = 0 [pid 6725] chdir("./21" [pid 6690] exit_group(0 [pid 6725] <... chdir resumed>) = 0 [pid 6690] <... exit_group resumed>) = ? [pid 6725] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6690] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6690, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=38 /* 0.38 s */} --- [pid 5825] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6725] <... prctl resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6725] setpgid(0, 0 [pid 5825] <... openat resumed>) = 3 [pid 6725] <... setpgid resumed>) = 0 [pid 5825] newfstatat(3, "", [pid 6725] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6725] <... openat resumed>) = 3 [pid 5825] getdents64(3, [pid 6725] write(3, "1000", 4 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 6725] <... write resumed>) = 4 [pid 6725] close(3 [pid 5825] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6725] <... close resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6725] symlink("/dev/binderfs", "./binderfs" [pid 5825] newfstatat(AT_FDCWD, "./13/binderfs", executing program [pid 6725] <... symlink resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./13/binderfs") = 0 [pid 6725] write(1, "executing program\n", 18) = 18 [pid 5825] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6725] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6725] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6725] memfd_create("syzkaller", 0) = 3 [pid 6725] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 121.971780][ T2913] bucket incorrectly unset in freespace btree [ 121.971814][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 6691] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6693] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6692] <... close resumed>) = 0 [pid 6693] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6691] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6693] ioctl(3, LOOP_CLR_FD [pid 6691] <... openat resumed>) = 3 [pid 6693] <... ioctl resumed>) = 0 [pid 6691] ioctl(3, LOOP_CLR_FD [pid 6693] close(3 [pid 6691] <... ioctl resumed>) = 0 [pid 6691] close(3 [ 122.075991][ T5825] bcachefs (loop0): shutting down [ 122.082261][ T6693] bcachefs: bch2_fs_get_tree() error: EINVAL [ 122.089277][ T2913] bucket incorrectly unset in freespace btree [ 122.089298][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 122.095761][ T5825] bcachefs (loop0): going read-only [ 122.095798][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 122.098691][ T6691] bcachefs: bch2_fs_get_tree() error: EINVAL [ 122.101066][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [ 122.169833][ T3007] bucket incorrectly unset in freespace btree [ 122.169855][ T3007] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 6692] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6693] <... close resumed>) = 0 [ 122.252318][ T3007] bucket incorrectly unset in freespace btree [ 122.252348][ T3007] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 6693] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6691] <... close resumed>) = 0 [pid 6692] <... quotactl resumed>) = 0 [pid 6691] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 122.342215][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 122.367369][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 122.375573][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 6692] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6693] <... quotactl resumed>) = 0 [pid 6692] <... openat resumed>) = 3 [pid 6693] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6692] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6692] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6693] <... openat resumed>) = 3 [pid 6693] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6725] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6693] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6692] <... quotactl resumed>) = 0 [pid 6691] <... quotactl resumed>) = 0 [pid 6693] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6691] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6692] open(".", O_RDONLY [pid 6691] <... openat resumed>) = 3 [pid 6692] <... open resumed>) = 4 [pid 6691] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6692] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6691] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6691] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6693] <... quotactl resumed>) = 0 [pid 6692] exit_group(0 [pid 6693] open(".", O_RDONLY) = 4 [pid 6693] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6693] exit_group(0) = ? [pid 6693] +++ exited with 0 +++ [pid 6692] <... exit_group resumed>) = ? [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6693, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=52 /* 0.52 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 6692] +++ exited with 0 +++ [ 122.402098][ T5825] bcachefs (loop0): shutdown complete [pid 6691] <... quotactl resumed>) = 0 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6692, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=50 /* 0.50 s */} --- [pid 5828] <... restart_syscall resumed>) = 0 [pid 6691] open(".", O_RDONLY [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 6691] <... open resumed>) = 4 [pid 5829] <... restart_syscall resumed>) = 0 [pid 6691] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6691] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6691] exit_group(0 [pid 5829] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6691] <... exit_group resumed>) = ? [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 3 [pid 6691] +++ exited with 0 +++ [pid 5829] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(3, "", [pid 5829] <... openat resumed>) = 3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(3, "", [pid 5828] getdents64(3, [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] getdents64(3, [pid 5828] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6691, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=37 /* 0.37 s */} --- [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./24/binderfs", [pid 5827] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5828] unlink("./24/binderfs" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5828] umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] unlink("./17/binderfs" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... unlink resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./24/file0", [pid 5827] <... openat resumed>) = 3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] newfstatat(3, "", [pid 5829] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(AT_FDCWD, "./17/file0", [pid 5828] <... openat resumed>) = 4 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(4, "", [pid 5827] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(4, [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] getdents64(4, [pid 5829] <... openat resumed>) = 4 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] close(4 [pid 5829] newfstatat(4, "", [pid 5828] <... close resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] rmdir("./24/file0") = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] getdents64(4, [pid 5828] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] unlink("./22/binderfs" [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./24/file1", [pid 5829] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] unlink("./24/file1" [pid 5829] close(4 [pid 5828] <... unlink resumed>) = 0 [pid 5827] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... close resumed>) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] rmdir("./17/file0" [pid 5828] close(3 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] rmdir("./24") = 0 [pid 5828] mkdir("./25", 0777) = 0 [pid 5829] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./17/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./17/file1" [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5829] getdents64(3, [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] newfstatat(AT_FDCWD, "./22/file0", [pid 5829] <... close resumed>) = 0 [pid 5828] close(3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] rmdir("./17" [pid 5828] <... close resumed>) = 0 [pid 5827] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... rmdir resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6726 attached [pid 5827] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] mkdir("./18", 0777 [pid 5827] <... openat resumed>) = 4 [pid 6726] set_robust_list(0x5555819eb760, 24 [pid 5829] <... mkdir resumed>) = 0 [pid 6726] <... set_robust_list resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6726 [pid 6726] chdir("./25") = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6726] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] <... openat resumed>) = 3 [pid 5827] newfstatat(4, "", [pid 6726] <... prctl resumed>) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] close(3 [pid 5827] getdents64(4, [pid 6726] setpgid(0, 0 [pid 5829] <... close resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6726] <... setpgid resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] getdents64(4, [pid 6726] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 6726] <... openat resumed>) = 3 [pid 5827] close(4 [pid 6726] write(3, "1000", 4 [pid 5827] <... close resumed>) = 0 [pid 6726] <... write resumed>) = 4 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6727 [pid 5827] rmdir("./22/file0" [pid 6726] close(3) = 0 [pid 6726] symlink("/dev/binderfs", "./binderfs" [pid 5827] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6727 attached executing program [pid 6726] <... symlink resumed>) = 0 [pid 5827] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6727] set_robust_list(0x5555819eb760, 24 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6727] <... set_robust_list resumed>) = 0 [pid 6726] write(1, "executing program\n", 18 [pid 5827] newfstatat(AT_FDCWD, "./22/file1", [pid 6726] <... write resumed>) = 18 [pid 6727] chdir("./18" [pid 6726] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6727] <... chdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6727] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6726] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6727] <... prctl resumed>) = 0 [pid 6726] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5827] unlink("./22/file1" [pid 6727] setpgid(0, 0 [pid 5827] <... unlink resumed>) = 0 [pid 6727] <... setpgid resumed>) = 0 [pid 6726] memfd_create("syzkaller", 0 [pid 5827] getdents64(3, [pid 6727] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6726] <... memfd_create resumed>) = 3 [pid 6726] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] close(3 [pid 6727] <... openat resumed>) = 3 [pid 6726] <... mmap resumed>) = 0x7f0eeb600000 [pid 6727] write(3, "1000", 4 [pid 5827] <... close resumed>) = 0 [pid 5827] rmdir("./22" [pid 6727] <... write resumed>) = 4 [pid 5827] <... rmdir resumed>) = 0 [pid 6727] close(3) = 0 [pid 6727] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5827] mkdir("./23", 0777 [pid 6727] write(1, "executing program\n", 18 [pid 5827] <... mkdir resumed>) = 0 executing program [pid 6727] <... write resumed>) = 18 [pid 6727] fsopen(NULL, 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6727] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6727] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5827] <... openat resumed>) = 3 [pid 6727] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6727] memfd_create("syzkaller", 0 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 6727] <... memfd_create resumed>) = 3 [pid 6727] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6727] <... mmap resumed>) = 0x7f0eeb600000 [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 6728 ./strace-static-x86_64: Process 6728 attached [pid 6728] set_robust_list(0x5555819eb760, 24) = 0 [pid 6728] chdir("./23") = 0 executing program [pid 6728] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6728] setpgid(0, 0) = 0 [pid 6728] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6728] write(3, "1000", 4) = 4 [pid 6728] close(3) = 0 [pid 6728] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6728] write(1, "executing program\n", 18) = 18 [pid 6728] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6728] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6728] memfd_create("syzkaller", 0) = 3 [pid 6728] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6726] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6725] <... write resumed>) = 16777216 [pid 6725] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6725] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6725] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6725] close(3) = 0 [pid 6725] close(4) = 0 [pid 6725] mkdir("./file0", 0777) = 0 [pid 6725] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 122.752299][ T6725] loop1: detected capacity change from 0 to 32768 [pid 6727] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6728] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 6728] munmap(0x7f0eeb600000, 138412032 [pid 6727] <... write resumed>) = 16777216 [pid 6728] <... munmap resumed>) = 0 [pid 6727] munmap(0x7f0eeb600000, 138412032 [pid 6726] <... write resumed>) = 16777216 [pid 6728] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6727] <... munmap resumed>) = 0 [pid 6726] munmap(0x7f0eeb600000, 138412032 [pid 6728] <... openat resumed>) = 4 [pid 6728] ioctl(4, LOOP_SET_FD, 3 [pid 6727] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6727] ioctl(4, LOOP_SET_FD, 3 [pid 6726] <... munmap resumed>) = 0 [pid 6726] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6726] ioctl(4, LOOP_SET_FD, 3 [pid 6728] <... ioctl resumed>) = 0 [pid 6728] close(3) = 0 [pid 6728] close(4) = 0 [pid 6728] mkdir("./file0", 0777) = 0 [pid 6728] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6727] <... ioctl resumed>) = 0 [pid 6726] <... ioctl resumed>) = 0 [pid 6727] close(3) = 0 [pid 6727] close(4 [pid 6726] close(3 [pid 6727] <... close resumed>) = 0 [pid 6726] <... close resumed>) = 0 [pid 6726] close(4 [pid 6727] mkdir("./file0", 0777 [pid 6726] <... close resumed>) = 0 [pid 6727] <... mkdir resumed>) = 0 [pid 6726] mkdir("./file0", 0777 [pid 6727] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6726] <... mkdir resumed>) = 0 [ 123.094764][ T6728] loop2: detected capacity change from 0 to 32768 [ 123.102366][ T6727] loop4: detected capacity change from 0 to 32768 [ 123.112285][ T6726] loop3: detected capacity change from 0 to 32768 [ 123.307516][ T6725] bcachefs (loop1): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 123.333995][ T6725] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 123.342016][ T6725] bcachefs (loop1): Version downgrade required: [ 123.348525][ T6725] bcachefs (loop1): Version upgrade required: [ 123.348525][ T6725] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 123.348525][ T6725] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 123.348525][ T6725] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 123.423053][ T6725] bcachefs (loop1): dropping and reconstructing all alloc info [ 123.438354][ T6725] bcachefs (loop1): accounting_read... done [ 123.444570][ T6725] bcachefs (loop1): alloc_read... done [ 123.450411][ T6725] bcachefs (loop1): stripes_read... done [ 123.456358][ T6725] bcachefs (loop1): snapshots_read... done [ 123.462289][ T6725] bcachefs (loop1): check_allocations... [ 123.484945][ T6727] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 123.512438][ T6725] done [ 123.528221][ T6725] bcachefs (loop1): going read-write [ 123.534059][ T6727] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 123.542876][ T6726] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 123.556256][ T6726] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 123.560528][ T6728] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 6726] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6725] <... mount resumed>) = 0 [pid 6725] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6725] chdir("./file0") = 0 [pid 6725] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6725] ioctl(4, LOOP_CLR_FD) = 0 [pid 6725] close(4) = 0 [ 123.595544][ T6728] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 123.607174][ T6725] bcachefs (loop1): done starting filesystem [pid 6725] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6725] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6725] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6725] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6725] open(".", O_RDONLY) = 5 [pid 6725] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 6725] exit_group(0) = ? [pid 6725] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6725, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=33 /* 0.33 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 123.686180][ T52] bucket incorrectly unset in freespace btree [ 123.686214][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5826] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./21/binderfs") = 0 [ 123.799524][ T52] bucket incorrectly unset in freespace btree [ 123.799554][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 5826] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./13/file0", [pid 6727] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./13/file0") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./13") = 0 [pid 5825] mkdir("./14", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6760 attached [ 123.839908][ T5826] bcachefs (loop1): shutting down [ 123.839943][ T5826] bcachefs (loop1): going read-only [ 123.855465][ T6727] bcachefs: bch2_fs_get_tree() error: EINVAL [ 123.872284][ T5826] bcachefs (loop1): finished waiting for writes to stop [ 123.887053][ T5826] bcachefs (loop1): flushing journal and stopping allocators, journal seq 12 [pid 6727] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 6760 [pid 6727] <... openat resumed>) = 3 [pid 6760] set_robust_list(0x5555819eb760, 24) = 0 [pid 6728] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6760] chdir("./14" [pid 6728] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6760] <... chdir resumed>) = 0 [pid 6728] <... openat resumed>) = 3 [pid 6760] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6728] ioctl(3, LOOP_CLR_FD [pid 6760] <... prctl resumed>) = 0 [pid 6760] setpgid(0, 0 [pid 6728] <... ioctl resumed>) = 0 [pid 6760] <... setpgid resumed>) = 0 [pid 6728] close(3 [pid 6760] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6727] ioctl(3, LOOP_CLR_FD [pid 6760] <... openat resumed>) = 3 [pid 6760] write(3, "1000", 4) = 4 [pid 6760] close(3 [pid 6727] <... ioctl resumed>) = 0 [pid 6726] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6760] <... close resumed>) = 0 [pid 6727] close(3 [pid 6760] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6726] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6726] ioctl(3, LOOP_CLR_FD) = 0 [pid 6726] close(3executing program [pid 6760] write(1, "executing program\n", 18) = 18 [pid 6760] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6760] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6760] memfd_create("syzkaller", 0) = 3 [pid 6760] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 123.919086][ T6726] bcachefs: bch2_fs_get_tree() error: EINVAL [ 123.926859][ T6728] bcachefs: bch2_fs_get_tree() error: EINVAL [ 123.934018][ T52] bcachefs (loop1): loop1: Superblock write was silently dropped! (seq 0 expected 53) [ 123.987771][ T52] bucket incorrectly unset in freespace btree [ 123.987802][ T52] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 124.062072][ T52] bucket incorrectly unset in freespace btree [ 124.062095][ T52] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 6727] <... close resumed>) = 0 [ 124.138485][ T5826] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12 [ 124.164245][ T5826] bcachefs (loop1): unclean shutdown complete, journal seq 13 [ 124.174831][ T5826] bcachefs (loop1): done going read-only, filesystem not clean [pid 6727] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6727] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6727] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6727] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6727] open(".", O_RDONLY) = 4 [ 124.202068][ T5826] bcachefs (loop1): shutdown complete [pid 6727] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6728] <... close resumed>) = 0 [pid 6727] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6727] exit_group(0) = ? [pid 6727] +++ exited with 0 +++ [pid 6726] <... close resumed>) = 0 [pid 6726] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6726] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6726] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6726] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6728] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6727, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=51 /* 0.51 s */} --- [pid 6760] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 6728] <... quotactl resumed>) = 0 [pid 6726] <... quotactl resumed>) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 6728] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6726] open(".", O_RDONLY) = 4 [pid 6726] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6726] exit_group(0) = ? [pid 6728] <... openat resumed>) = 3 [pid 6726] +++ exited with 0 +++ [pid 5829] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6726, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=51 /* 0.51 s */} --- [pid 5829] newfstatat(3, "", [pid 5828] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(3, [pid 5828] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, [pid 6728] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 6728] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5829] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6728] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6728] <... quotactl resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./25/binderfs", [pid 6728] open(".", O_RDONLY [pid 5829] newfstatat(AT_FDCWD, "./18/binderfs", [pid 6728] <... open resumed>) = 4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6728] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./25/binderfs" [pid 6728] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./18/binderfs" [pid 6728] exit_group(0 [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 6728] <... exit_group resumed>) = ? [pid 5829] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6728] +++ exited with 0 +++ [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6728, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=38 /* 0.38 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5828] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./18/file0", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./25/file0", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... openat resumed>) = 4 [pid 5828] <... openat resumed>) = 4 [pid 5829] newfstatat(4, "", [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5829] getdents64(4, [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, [pid 5829] getdents64(4, [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4 [pid 5829] close(4 [pid 5828] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5828] rmdir("./25/file0") = 0 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5829] rmdir("./18/file0") = 0 [pid 5829] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./25/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./18/file1", [pid 5828] newfstatat(AT_FDCWD, "./25/file1", [pid 5827] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5829] unlink("./18/file1" [pid 5828] unlink("./25/file1" [pid 5827] newfstatat(3, "", [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5828] getdents64(3, [pid 5827] getdents64(3, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] close(3 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... close resumed>) = 0 [pid 5828] close(3 [pid 5827] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] rmdir("./18" [pid 5828] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... rmdir resumed>) = 0 [pid 5828] rmdir("./25" [pid 5827] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5829] mkdir("./19", 0777 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] mkdir("./26", 0777 [pid 5827] unlink("./23/binderfs" [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] <... mkdir resumed>) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5827] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 5829] close(3 [pid 5828] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6762 attached [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6761 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6762 [pid 6762] set_robust_list(0x5555819eb760, 24) = 0 [pid 6762] chdir("./19"./strace-static-x86_64: Process 6761 attached ) = 0 [pid 6762] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6762] setpgid(0, 0) = 0 [pid 6762] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6762] write(3, "1000", 4 [pid 6761] set_robust_list(0x5555819eb760, 24 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6762] <... write resumed>) = 4 [pid 6762] close(3) = 0 [pid 6762] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6761] <... set_robust_list resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./23/file0", [pid 6762] write(1, "executing program\n", 18) = 18 [pid 6761] chdir("./26" [pid 6762] fsopen(NULL, 0 [pid 6761] <... chdir resumed>) = 0 [pid 6762] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6761] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6762] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6761] setpgid(0, 0) = 0 [pid 6762] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6762] memfd_create("syzkaller", 0 [pid 6761] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6761] write(3, "1000", 4) = 4 [pid 6761] close(3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6761] <... close resumed>) = 0 [pid 6762] <... memfd_create resumed>) = 3 [pid 6761] symlink("/dev/binderfs", "./binderfs" [pid 5827] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6762] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6761] <... symlink resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6762] <... mmap resumed>) = 0x7f0eeb600000 [pid 5827] newfstatat(4, "", [pid 6761] write(1, "executing program\n", 18 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./23/file0"executing program ) = 0 [pid 6761] <... write resumed>) = 18 [pid 5827] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6761] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./23/file1", [pid 6761] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./23/file1") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./23" [pid 6761] memfd_create("syzkaller", 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5827] mkdir("./24", 0777) = 0 [pid 6761] <... memfd_create resumed>) = 3 [pid 6761] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6763 attached [pid 6763] set_robust_list(0x5555819eb760, 24 [pid 6760] <... write resumed>) = 16777216 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6763 [pid 6763] <... set_robust_list resumed>) = 0 [pid 6763] chdir("./24" [pid 6760] munmap(0x7f0eeb600000, 138412032 [pid 6763] <... chdir resumed>) = 0 [pid 6763] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6763] setpgid(0, 0) = 0 [pid 6763] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6763] write(3, "1000", 4) = 4 [pid 6763] close(3) = 0 [pid 6763] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6760] <... munmap resumed>) = 0 [pid 6763] write(1, "executing program\n", 18 [pid 6760] openat(AT_FDCWD, "/dev/loop0", O_RDWRexecuting program [pid 6763] <... write resumed>) = 18 [pid 6763] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6763] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6763] memfd_create("syzkaller", 0 [pid 6760] <... openat resumed>) = 4 [pid 6763] <... memfd_create resumed>) = 3 [pid 6763] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6760] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6760] close(3) = 0 [pid 6760] close(4) = 0 [pid 6760] mkdir("./file0", 0777) = 0 [ 124.544670][ T6760] loop0: detected capacity change from 0 to 32768 [pid 6760] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6761] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6762] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6763] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6762] <... write resumed>) = 16777216 [pid 6762] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6762] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6762] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6761] <... write resumed>) = 16777216 [pid 6762] close(3 [pid 6761] munmap(0x7f0eeb600000, 138412032 [pid 6762] <... close resumed>) = 0 [pid 6762] close(4) = 0 [ 124.916312][ T6762] loop4: detected capacity change from 0 to 32768 [pid 6762] mkdir("./file0", 0777) = 0 [pid 6762] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6763] <... write resumed>) = 16777216 [pid 6763] munmap(0x7f0eeb600000, 138412032 [pid 6761] <... munmap resumed>) = 0 [pid 6761] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6763] <... munmap resumed>) = 0 [pid 6763] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6761] <... openat resumed>) = 4 [pid 6763] <... openat resumed>) = 4 [pid 6761] ioctl(4, LOOP_SET_FD, 3 [pid 6763] ioctl(4, LOOP_SET_FD, 3 [pid 6761] <... ioctl resumed>) = 0 [pid 6761] close(3) = 0 [pid 6761] close(4) = 0 [pid 6761] mkdir("./file0", 0777 [pid 6763] <... ioctl resumed>) = 0 [pid 6761] <... mkdir resumed>) = 0 [pid 6763] close(3 [pid 6761] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6763] <... close resumed>) = 0 [pid 6763] close(4) = 0 [pid 6763] mkdir("./file0", 0777) = 0 [ 125.017893][ T6761] loop3: detected capacity change from 0 to 32768 [ 125.019803][ T6763] loop2: detected capacity change from 0 to 32768 [ 125.199447][ T6762] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 125.199825][ T6760] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 125.223921][ T6762] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 125.245497][ T6763] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 125.256461][ T6761] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 125.265724][ T6763] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 125.274602][ T6761] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 125.300948][ T6760] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 125.318367][ T6760] bcachefs (loop0): Version downgrade required: [ 125.343777][ T6760] bcachefs (loop0): Version upgrade required: [ 125.343777][ T6760] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 125.343777][ T6760] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 125.343777][ T6760] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 125.439248][ T6760] bcachefs (loop0): dropping and reconstructing all alloc info [pid 6763] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6762] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6762] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6762] ioctl(3, LOOP_CLR_FD) = 0 [ 125.483561][ T6762] bcachefs: bch2_fs_get_tree() error: EINVAL [ 125.577654][ T6760] bcachefs (loop0): accounting_read... done [ 125.592764][ T6760] bcachefs (loop0): alloc_read... done [ 125.625925][ T6760] bcachefs (loop0): stripes_read... done [pid 6762] close(3 [pid 6763] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6763] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6763] ioctl(3, LOOP_CLR_FD) = 0 [ 125.637349][ T6763] bcachefs: bch2_fs_get_tree() error: EINVAL [ 125.652184][ T6760] bcachefs (loop0): snapshots_read... done [pid 6763] close(3 [pid 5826] <... umount2 resumed>) = 0 [pid 6761] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 125.666968][ T6760] bcachefs (loop0): check_allocations... [ 125.686628][ T6761] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6761] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6761] <... openat resumed>) = 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6761] ioctl(3, LOOP_CLR_FD [pid 5826] newfstatat(AT_FDCWD, "./21/file0", [pid 6761] <... ioctl resumed>) = 0 [pid 6761] close(3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./21/file0") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [ 125.762879][ T6760] done [ 125.779851][ T6760] bcachefs (loop0): going read-write [pid 5826] close(3) = 0 [pid 5826] rmdir("./21") = 0 [pid 5826] mkdir("./22", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 6762] <... close resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6760] <... mount resumed>) = 0 [pid 5826] close(3 [pid 6762] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6760] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5826] <... close resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6760] <... openat resumed>) = 3 [pid 6760] chdir("./file0") = 0 [pid 6760] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6760] ioctl(4, LOOP_CLR_FD) = 0 [pid 6760] close(4) = 0 [pid 6760] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL./strace-static-x86_64: Process 6795 attached [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6795 [pid 6795] set_robust_list(0x5555819eb760, 24) = 0 [pid 6795] chdir("./22") = 0 [pid 6795] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 125.845383][ T6760] bcachefs (loop0): done starting filesystem [pid 6795] setpgid(0, 0) = 0 [pid 6795] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6795] write(3, "1000", 4) = 4 [pid 6795] close(3) = 0 [pid 6795] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6795] write(1, "executing program\n", 18executing program ) = 18 [pid 6762] <... quotactl resumed>) = 0 [pid 6762] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6795] fsopen(NULL, 0 [pid 6762] <... openat resumed>) = 3 [pid 6760] <... quotactl resumed>) = 0 [pid 6760] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6795] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6795] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6760] <... openat resumed>) = 4 [pid 6795] memfd_create("syzkaller", 0 [pid 6762] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6762] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6795] <... memfd_create resumed>) = 3 [pid 6760] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6760] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6795] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6760] <... quotactl resumed>) = 0 [pid 6762] <... quotactl resumed>) = 0 [pid 6760] open(".", O_RDONLY) = 5 [pid 6760] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6762] open(".", O_RDONLY) = 4 [pid 6762] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6762] exit_group(0) = ? [pid 6762] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6762, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=42 /* 0.42 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5829] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6760] <... fallocate resumed>) = 0 [pid 6763] <... close resumed>) = 0 [pid 6761] <... close resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6760] exit_group(0 [pid 5829] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6763] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6760] <... exit_group resumed>) = ? [pid 6763] <... quotactl resumed>) = 0 [pid 6761] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6760] +++ exited with 0 +++ [pid 6763] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6761] <... quotactl resumed>) = 0 [pid 6763] <... openat resumed>) = 3 [pid 6761] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6760, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=37 /* 0.37 s */} --- [pid 6761] <... openat resumed>) = 3 [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 6763] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6761] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6763] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6761] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6761] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5829] <... openat resumed>) = 3 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5829] newfstatat(3, "", [pid 5825] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(3, [pid 5825] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] <... openat resumed>) = 3 [pid 5829] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5825] newfstatat(3, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./14/binderfs" [pid 6761] <... quotactl resumed>) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 6761] open(".", O_RDONLY [pid 5825] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6763] <... quotactl resumed>) = 0 [pid 6761] <... open resumed>) = 4 [pid 6763] open(".", O_RDONLY [pid 6761] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6763] <... open resumed>) = 4 [pid 6761] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6763] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6761] exit_group(0 [pid 6763] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6761] <... exit_group resumed>) = ? [ 125.968467][ T2913] bucket incorrectly unset in freespace btree [ 125.968501][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 6763] exit_group(0 [pid 5829] unlink("./19/binderfs") = 0 [pid 5829] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6763] <... exit_group resumed>) = ? [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6763] +++ exited with 0 +++ [pid 6761] +++ exited with 0 +++ [pid 5829] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./19/file0") = 0 [pid 5829] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6763, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=47 /* 0.47 s */} --- [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6761, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=41 /* 0.41 s */} --- [pid 5829] newfstatat(AT_FDCWD, "./19/file1", [pid 5827] <... restart_syscall resumed>) = 0 [ 126.016478][ T5825] bcachefs (loop0): shutting down [ 126.027516][ T5825] bcachefs (loop0): going read-only [ 126.040045][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 126.047193][ T2913] bucket incorrectly unset in freespace btree [ 126.047216][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] unlink("./19/file1" [pid 5827] <... openat resumed>) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, [pid 5829] <... unlink resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] getdents64(3, [pid 5828] <... restart_syscall resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] close(3) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] rmdir("./19") = 0 [pid 5827] newfstatat(AT_FDCWD, "./24/binderfs", [pid 5829] mkdir("./20", 0777 [pid 5828] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... mkdir resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5828] <... openat resumed>) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] unlink("./24/binderfs" [pid 5829] close(3 [pid 5828] getdents64(3, [pid 5829] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] <... unlink resumed>) = 0 [pid 5827] umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./24/file0", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./26/binderfs", [pid 5827] umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] unlink("./26/binderfs" [pid 5827] openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 6796 attached [ 126.063099][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [pid 5828] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 4 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6796 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6796] set_robust_list(0x5555819eb760, 24 [pid 5828] newfstatat(AT_FDCWD, "./26/file0", [pid 5827] newfstatat(4, "", [pid 6796] <... set_robust_list resumed>) = 0 [pid 6796] chdir("./20") = 0 [pid 6796] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6796] setpgid(0, 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6796] <... setpgid resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] getdents64(4, [pid 6796] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6796] <... openat resumed>) = 3 [pid 6796] write(3, "1000", 4) = 4 [pid 6796] close(3) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(4, [pid 6796] symlink("/dev/binderfs", "./binderfs" [pid 5828] openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 executing program [pid 6796] <... symlink resumed>) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5827] close(4 [pid 6796] write(1, "executing program\n", 18) = 18 [pid 6796] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6796] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6796] memfd_create("syzkaller", 0) = 3 [pid 6796] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5827] <... close resumed>) = 0 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] rmdir("./24/file0" [pid 5828] getdents64(4, [pid 5827] <... rmdir resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] getdents64(4, [pid 5827] newfstatat(AT_FDCWD, "./24/file1", [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./24/file1" [pid 5828] close(4 [pid 5827] <... unlink resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] getdents64(3, [pid 5828] rmdir("./26/file0" [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] close(3) = 0 [pid 5828] umount2("./26/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] rmdir("./24") = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] mkdir("./25", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [ 126.101134][ T2913] bucket incorrectly unset in freespace btree [ 126.101156][ T2913] u64s 5 type deleted 0:4:0 len 0 ver 0, , continuing [pid 5828] newfstatat(AT_FDCWD, "./26/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] unlink("./26/file1") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3./strace-static-x86_64: Process 6797 attached ) = 0 [pid 6797] set_robust_list(0x5555819eb760, 24 [pid 5828] rmdir("./26" [pid 6797] <... set_robust_list resumed>) = 0 [pid 6797] chdir("./25" [pid 5828] <... rmdir resumed>) = 0 [pid 5828] mkdir("./27", 0777 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6797 [pid 6797] <... chdir resumed>) = 0 [pid 6797] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6797] setpgid(0, 0 [pid 5828] <... mkdir resumed>) = 0 [pid 6797] <... setpgid resumed>) = 0 [ 126.146308][ T2913] bucket incorrectly unset in freespace btree [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6797] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 6797] <... openat resumed>) = 3 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) executing program [pid 5828] close(3 [pid 6797] write(3, "1000", 4) = 4 [pid 6797] close(3) = 0 [pid 6797] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6797] write(1, "executing program\n", 18) = 18 [pid 6797] fsopen(NULL, 0 [pid 5828] <... close resumed>) = 0 [pid 6797] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6797] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6797] memfd_create("syzkaller", 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6797] <... memfd_create resumed>) = 3 [pid 6797] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 ./strace-static-x86_64: Process 6798 attached [pid 6798] set_robust_list(0x5555819eb760, 24) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6798 [pid 6798] chdir("./27") = 0 [pid 6795] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 126.146330][ T2913] u64s 5 type deleted 0:7:0 len 0 ver 0, , continuing [pid 6798] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6798] setpgid(0, 0) = 0 [pid 6798] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6798] write(3, "1000", 4) = 4 [pid 6798] close(3) = 0 [pid 6798] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6798] write(1, "executing program\n", 18) = 18 [pid 6798] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6798] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6798] memfd_create("syzkaller", 0) = 3 [pid 6798] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 126.216709][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 126.259433][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 126.287161][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [ 126.358990][ T5825] bcachefs (loop0): shutdown complete [pid 6796] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6797] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6798] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6795] <... write resumed>) = 16777216 [pid 6795] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6795] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6795] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6795] close(3) = 0 [pid 6795] close(4) = 0 [pid 6795] mkdir("./file0", 0777) = 0 [ 126.611731][ T6795] loop1: detected capacity change from 0 to 32768 [pid 6795] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6796] <... write resumed>) = 16777216 [pid 6797] <... write resumed>) = 16777216 [pid 6796] munmap(0x7f0eeb600000, 138412032 [pid 6797] munmap(0x7f0eeb600000, 138412032 [pid 6796] <... munmap resumed>) = 0 [pid 6797] <... munmap resumed>) = 0 [pid 6796] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6796] ioctl(4, LOOP_SET_FD, 3 [pid 6797] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6797] ioctl(4, LOOP_SET_FD, 3 [pid 6796] <... ioctl resumed>) = 0 [pid 6796] close(3) = 0 [pid 6796] close(4) = 0 [pid 6796] mkdir("./file0", 0777) = 0 [pid 6796] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6797] <... ioctl resumed>) = 0 [pid 6797] close(3) = 0 [pid 6797] close(4) = 0 [pid 6797] mkdir("./file0", 0777) = 0 [pid 6797] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6798] <... write resumed>) = 16777216 [ 126.765489][ T6796] loop4: detected capacity change from 0 to 32768 [ 126.775684][ T6797] loop2: detected capacity change from 0 to 32768 [pid 6798] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6798] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6798] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6798] close(3) = 0 [pid 6798] close(4) = 0 [pid 6798] mkdir("./file0", 0777) = 0 [ 126.853155][ T6798] loop3: detected capacity change from 0 to 32768 [ 127.193068][ T6796] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 127.203232][ T6797] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 127.229944][ T6795] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 127.229996][ T6796] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 127.248309][ T6798] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 127.267790][ T6797] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 127.270732][ T6795] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 127.276130][ T6797] bcachefs (loop2): Version downgrade required: [ 127.284547][ T6798] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 127.291629][ T6797] bcachefs (loop2): Version upgrade required: [ 127.291629][ T6797] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 127.291629][ T6797] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 127.291629][ T6797] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 127.472033][ T6797] bcachefs (loop2): dropping and reconstructing all alloc info [ 127.521497][ T6797] bcachefs (loop2): accounting_read... done [ 127.557435][ T6797] bcachefs (loop2): alloc_read... done [ 127.567021][ T6796] bcachefs: bch2_fs_get_tree() error: EINVAL [ 127.578264][ T6797] bcachefs (loop2): stripes_read... done [ 127.584027][ T6797] bcachefs (loop2): snapshots_read... done [pid 6798] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6796] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = 0 [pid 6796] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6796] <... openat resumed>) = 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6796] ioctl(3, LOOP_CLR_FD [pid 5825] newfstatat(AT_FDCWD, "./14/file0", [pid 6796] <... ioctl resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6796] close(3 [pid 5825] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./14/file0") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./14") = 0 [pid 5825] mkdir("./15", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6828 attached , child_tidptr=0x5555819eb750) = 6828 [pid 6828] set_robust_list(0x5555819eb760, 24) = 0 [pid 6828] chdir("./15") = 0 [pid 6828] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6828] setpgid(0, 0) = 0 [pid 6828] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6798] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6795] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6828] write(3, "1000", 4) = 4 [pid 6828] close(3) = 0 [pid 6828] symlink("/dev/binderfs", "./binderfs" [pid 6798] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6795] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6798] <... openat resumed>) = 3 [pid 6795] <... openat resumed>) = 3 [pid 6798] ioctl(3, LOOP_CLR_FDexecuting program [pid 6795] ioctl(3, LOOP_CLR_FD [pid 6798] <... ioctl resumed>) = 0 [pid 6795] <... ioctl resumed>) = 0 [pid 6798] close(3 [pid 6795] close(3 [pid 6828] <... symlink resumed>) = 0 [pid 6828] write(1, "executing program\n", 18) = 18 [pid 6828] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6828] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [ 127.596027][ T6797] bcachefs (loop2): check_allocations... [ 127.638533][ T6798] bcachefs: bch2_fs_get_tree() error: EINVAL [ 127.663816][ T6795] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6828] memfd_create("syzkaller", 0) = 3 [pid 6828] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 127.707750][ T6797] done [ 127.737162][ T6797] bcachefs (loop2): going read-write [pid 6797] <... mount resumed>) = 0 [pid 6797] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6797] chdir("./file0") = 0 [pid 6797] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6797] ioctl(4, LOOP_CLR_FD) = 0 [pid 6797] close(4) = 0 [ 127.776650][ T6797] bcachefs (loop2): done starting filesystem [pid 6797] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6797] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6797] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6797] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6797] open(".", O_RDONLY) = 5 [pid 6797] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 6797] exit_group(0) = ? [pid 6797] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6797, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=36 /* 0.36 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 6796] <... close resumed>) = 0 [pid 5827] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 127.902036][ T52] bucket incorrectly unset in freespace btree [ 127.902069][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5827] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./25/binderfs") = 0 [pid 5827] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6796] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6798] <... close resumed>) = 0 [pid 6795] <... close resumed>) = 0 [pid 6798] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 128.004228][ T52] bucket incorrectly unset in freespace btree [ 128.004250][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 128.018045][ T5827] bcachefs (loop2): shutting down [ 128.036210][ T5827] bcachefs (loop2): going read-only [ 128.043294][ T5827] bcachefs (loop2): finished waiting for writes to stop [pid 6795] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 128.054428][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [ 128.072836][ T2913] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 53) [ 128.090337][ T2913] bucket incorrectly unset in freespace btree [ 128.090368][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 128.123447][ T2913] bucket incorrectly unset in freespace btree [ 128.123468][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 6828] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6798] <... quotactl resumed>) = 0 [pid 6796] <... quotactl resumed>) = 0 [pid 6795] <... quotactl resumed>) = 0 [pid 6798] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6796] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6798] <... openat resumed>) = 3 [pid 6795] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6798] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6796] <... openat resumed>) = 3 [pid 6795] <... openat resumed>) = 3 [pid 6798] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6795] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6798] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6796] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6795] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6796] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6795] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6796] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6798] <... quotactl resumed>) = 0 [pid 6798] open(".", O_RDONLY) = 4 [pid 6795] <... quotactl resumed>) = 0 [pid 6798] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6795] open(".", O_RDONLY [pid 6798] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6795] <... open resumed>) = 4 [pid 6798] exit_group(0 [pid 6795] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6798] <... exit_group resumed>) = ? [pid 6795] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6795] exit_group(0) = ? [pid 6795] +++ exited with 0 +++ [pid 6798] +++ exited with 0 +++ [pid 6796] <... quotactl resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6795, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=47 /* 0.47 s */} --- [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6798, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=46 /* 0.46 s */} --- [pid 6828] <... write resumed>) = 16777216 [pid 6796] open(".", O_RDONLY [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 6828] munmap(0x7f0eeb600000, 138412032 [pid 6796] <... open resumed>) = 4 [pid 6796] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6796] exit_group(0) = ? [ 128.159174][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 128.171427][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 128.180497][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [ 128.202073][ T5827] bcachefs (loop2): shutdown complete [pid 5826] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6828] <... munmap resumed>) = 0 [pid 6796] +++ exited with 0 +++ [pid 5828] <... restart_syscall resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6828] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6828] <... openat resumed>) = 4 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6796, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=43 /* 0.43 s */} --- [pid 5826] <... openat resumed>) = 3 [pid 6828] ioctl(4, LOOP_SET_FD, 3 [pid 5826] newfstatat(3, "", [pid 5828] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] getdents64(3, [pid 5829] <... openat resumed>) = 3 [pid 5828] <... openat resumed>) = 3 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] newfstatat(3, "", [pid 5828] newfstatat(3, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(3, [pid 5828] getdents64(3, [pid 5826] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] unlink("./22/binderfs" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./27/binderfs", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5828] unlink("./27/binderfs") = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5826] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] unlink("./20/binderfs" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... unlink resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./27/file0", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] newfstatat(AT_FDCWD, "./22/file0", [pid 5829] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./20/file0", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6828] <... ioctl resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6828] close(3 [pid 5829] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6828] <... close resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 4 [pid 5826] <... openat resumed>) = 4 [pid 6828] close(4 [pid 5829] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(4, "", [pid 5829] <... openat resumed>) = 4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6828] <... close resumed>) = 0 [pid 5829] newfstatat(4, "", [pid 5828] getdents64(4, [pid 5826] newfstatat(4, "", [pid 6828] mkdir("./file0", 0777 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6828] <... mkdir resumed>) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4 [pid 6828] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, [pid 5828] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] getdents64(4, [pid 5828] close(4 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... close resumed>) = 0 [pid 5829] close(4 [pid 5828] rmdir("./27/file0" [pid 5829] <... close resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5829] rmdir("./20/file0" [pid 5828] umount2("./27/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./27/file1", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./20/file1", [pid 5828] unlink("./27/file1" [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5829] unlink("./20/file1" [pid 5828] getdents64(3, [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./27" [pid 5829] getdents64(3, [pid 5828] <... rmdir resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./20") = 0 [pid 5828] mkdir("./28", 0777 [pid 5826] <... close resumed>) = 0 [pid 5829] mkdir("./21", 0777 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] rmdir("./22/file0" [pid 5829] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... rmdir resumed>) = 0 [ 128.250345][ T6828] loop0: detected capacity change from 0 to 32768 [pid 5826] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] <... openat resumed>) = 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./22/file1", [pid 5829] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./22/file1" [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 5826] getdents64(3, [pid 5829] close(3 [pid 5828] <... close resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] close(3./strace-static-x86_64: Process 6835 attached [pid 5829] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./22") = 0 [pid 6835] set_robust_list(0x5555819eb760, 24 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6835] <... set_robust_list resumed>) = 0 [pid 5826] mkdir("./23", 0777./strace-static-x86_64: Process 6837 attached [pid 6835] chdir("./28" [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6835 [pid 6835] <... chdir resumed>) = 0 [pid 6837] set_robust_list(0x5555819eb760, 24 [pid 6835] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6837 [pid 5826] <... mkdir resumed>) = 0 [pid 6835] <... prctl resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6835] setpgid(0, 0 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6835] <... setpgid resumed>) = 0 [pid 5826] close(3) = 0 [pid 6835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6837] <... set_robust_list resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6838 attached [pid 6837] chdir("./21" [pid 6835] <... openat resumed>) = 3 [pid 6837] <... chdir resumed>) = 0 [pid 6835] write(3, "1000", 4 [pid 6837] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6835] <... write resumed>) = 4 [pid 6837] <... prctl resumed>) = 0 [pid 6835] close(3 [pid 6838] set_robust_list(0x5555819eb760, 24 [pid 6837] setpgid(0, 0 [pid 6835] <... close resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6838 [pid 6838] <... set_robust_list resumed>) = 0 [pid 6838] chdir("./23") = 0 [pid 6837] <... setpgid resumed>) = 0 [pid 6835] symlink("/dev/binderfs", "./binderfs" [pid 6837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6838] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6838] setpgid(0, 0 [pid 6835] <... symlink resumed>) = 0 [pid 6838] <... setpgid resumed>) = 0 [pid 6838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6837] <... openat resumed>) = 3 [pid 6835] write(1, "executing program\n", 18 [pid 6837] write(3, "1000", 4 [pid 6835] <... write resumed>) = 18 [pid 6837] <... write resumed>) = 4 executing program [pid 6835] fsopen(NULL, 0 [pid 6837] close(3 [pid 6838] <... openat resumed>) = 3 [pid 6835] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6835] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6838] write(3, "1000", 4 [pid 6837] <... close resumed>) = 0 [pid 6835] memfd_create("syzkaller", 0 [pid 6837] symlink("/dev/binderfs", "./binderfs" [pid 6838] <... write resumed>) = 4 [pid 6837] <... symlink resumed>) = 0 [pid 6835] <... memfd_create resumed>) = 3 executing program [pid 6837] write(1, "executing program\n", 18 [pid 6835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6837] <... write resumed>) = 18 [pid 6837] fsopen(NULL, 0 [pid 6835] <... mmap resumed>) = 0x7f0eeb600000 [pid 6837] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6838] close(3) = 0 [pid 6838] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6837] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6838] write(1, "executing program\n", 18) = 18 [pid 6838] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6838] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6837] memfd_create("syzkaller", 0 [pid 6838] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6838] memfd_create("syzkaller", 0) = 3 [pid 6838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6837] <... memfd_create resumed>) = 3 [pid 6837] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6837] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6838] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6835] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6837] <... write resumed>) = 16777216 [pid 6837] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6837] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6837] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6837] close(3) = 0 [pid 6837] close(4) = 0 [pid 6837] mkdir("./file0", 0777) = 0 [ 128.758248][ T6837] loop4: detected capacity change from 0 to 32768 [pid 6837] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6835] <... write resumed>) = 16777216 [ 128.882051][ T6828] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [pid 6838] <... write resumed>) = 16777216 [pid 6835] munmap(0x7f0eeb600000, 138412032 [ 128.926482][ T6837] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 128.938358][ T6837] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 128.951170][ T6828] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 128.959152][ T6828] bcachefs (loop0): Version downgrade required: [ 128.965713][ T6828] bcachefs (loop0): Version upgrade required: [ 128.965713][ T6828] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 128.965713][ T6828] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [pid 6838] munmap(0x7f0eeb600000, 138412032 [pid 6835] <... munmap resumed>) = 0 [pid 6835] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6835] ioctl(4, LOOP_SET_FD, 3 [pid 6838] <... munmap resumed>) = 0 [pid 6838] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6838] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6838] close(3) = 0 [pid 6838] close(4) = 0 [pid 6838] mkdir("./file0", 0777) = 0 [pid 6838] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6835] <... ioctl resumed>) = 0 [pid 6835] close(3) = 0 [pid 6835] close(4) = 0 [pid 6835] mkdir("./file0", 0777) = 0 [ 128.965713][ T6828] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 128.974706][ T6835] loop3: detected capacity change from 0 to 32768 [ 129.057317][ T6838] loop1: detected capacity change from 0 to 32768 [ 129.103581][ T6828] bcachefs (loop0): dropping and reconstructing all alloc info [ 129.135387][ T6828] bcachefs (loop0): accounting_read... done [ 129.149708][ T6828] bcachefs (loop0): alloc_read... done [ 129.155333][ T6828] bcachefs (loop0): stripes_read... done [ 129.174671][ T6828] bcachefs (loop0): snapshots_read... done [ 129.215286][ T6838] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 129.225029][ T6828] bcachefs (loop0): check_allocations... [ 129.243664][ T6835] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 129.244351][ T6837] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6835] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6837] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6837] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6837] ioctl(3, LOOP_CLR_FD) = 0 [ 129.249620][ T6838] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 129.273780][ T6835] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 129.297455][ T6828] done [ 129.309570][ T6828] bcachefs (loop0): going read-write [pid 6837] close(3 [pid 6828] <... mount resumed>) = 0 [pid 6828] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6828] chdir("./file0") = 0 [pid 6828] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6828] ioctl(4, LOOP_CLR_FD) = 0 [pid 6828] close(4) = 0 [ 129.373127][ T6828] bcachefs (loop0): done starting filesystem [pid 6828] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 6828] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5827] <... umount2 resumed>) = 0 [pid 6828] <... openat resumed>) = 4 [pid 6828] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6828] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6828] <... quotactl resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6828] open(".", O_RDONLY [pid 5827] newfstatat(AT_FDCWD, "./25/file0", [pid 6828] <... open resumed>) = 5 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6828] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5827] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 6828] <... fallocate resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, [pid 6828] exit_group(0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 6828] <... exit_group resumed>) = ? [pid 6828] +++ exited with 0 +++ [pid 5827] close(4) = 0 [pid 5827] rmdir("./25/file0" [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6828, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=33 /* 0.33 s */} --- [pid 5827] <... rmdir resumed>) = 0 [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./25" [pid 5825] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... rmdir resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] mkdir("./26", 0777) = 0 [pid 5825] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5825] <... openat resumed>) = 3 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] close(3 [pid 5825] newfstatat(3, "", [pid 5827] <... close resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 129.491967][ T52] bucket incorrectly unset in freespace btree [ 129.492001][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5825] getdents64(3, ./strace-static-x86_64: Process 6865 attached 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6865] set_robust_list(0x5555819eb760, 24 [pid 6837] <... close resumed>) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6865 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6865] <... set_robust_list resumed>) = 0 [pid 6865] chdir("./26") = 0 [pid 6865] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6865] setpgid(0, 0 [pid 6835] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./15/binderfs", [pid 6865] <... setpgid resumed>) = 0 [pid 6835] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6865] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6837] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6865] write(3, "1000", 4 [pid 6835] <... openat resumed>) = 3 [pid 6865] <... write resumed>) = 4 [pid 5825] unlink("./15/binderfs" [pid 6865] close(3 [pid 5825] <... unlink resumed>) = 0 [pid 6865] <... close resumed>) = 0 [pid 6865] symlink("/dev/binderfs", "./binderfs" [pid 5825] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6865] <... symlink resumed>) = 0 [pid 6835] ioctl(3, LOOP_CLR_FD [pid 6865] write(1, "executing program\n", 18 [pid 6835] <... ioctl resumed>) = 0 executing program [pid 6865] <... write resumed>) = 18 [pid 6835] close(3 [pid 6865] fsopen(NULL, 0) = -1 EFAULT (Bad address) [ 129.561379][ T6835] bcachefs: bch2_fs_get_tree() error: EINVAL [ 129.581532][ T52] bucket incorrectly unset in freespace btree [pid 6865] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6865] memfd_create("syzkaller", 0) = 3 [pid 6865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 129.581554][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 129.607890][ T5825] bcachefs (loop0): shutting down [ 129.607909][ T5825] bcachefs (loop0): going read-only [ 129.607931][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 129.617283][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [pid 6838] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6838] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6838] ioctl(3, LOOP_CLR_FD) = 0 [ 129.680942][ T6838] bcachefs: bch2_fs_get_tree() error: EINVAL [ 129.694700][ T3007] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 53) [ 129.736885][ T3007] bucket incorrectly unset in freespace btree [ 129.736918][ T3007] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 6838] close(3 [pid 6835] <... close resumed>) = 0 [ 129.803558][ T3007] bucket incorrectly unset in freespace btree [ 129.803579][ T3007] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 6835] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6838] <... close resumed>) = 0 [pid 6838] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6837] <... quotactl resumed>) = 0 [pid 6835] <... quotactl resumed>) = 0 [pid 6837] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6835] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6837] <... openat resumed>) = 3 [pid 6835] <... openat resumed>) = 3 [pid 6837] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6835] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6837] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6835] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6837] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [ 129.845074][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 129.867829][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 129.886883][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 6835] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6838] <... quotactl resumed>) = 0 [pid 6837] <... quotactl resumed>) = 0 [pid 6835] <... quotactl resumed>) = 0 [pid 6838] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6837] open(".", O_RDONLY [pid 6835] open(".", O_RDONLY [pid 6865] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6838] <... openat resumed>) = 3 [pid 6837] <... open resumed>) = 4 [pid 6835] <... open resumed>) = 4 [pid 6837] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6835] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6837] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6835] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6835] exit_group(0 [pid 6837] exit_group(0 [pid 6835] <... exit_group resumed>) = ? [pid 6838] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6837] <... exit_group resumed>) = ? [pid 6835] +++ exited with 0 +++ [pid 6838] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6835, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=46 /* 0.46 s */} --- [pid 5828] umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6838] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6837] +++ exited with 0 +++ [ 129.913260][ T5825] bcachefs (loop0): shutdown complete [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6837, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=41 /* 0.41 s */} --- [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(3, "", [pid 5829] <... openat resumed>) = 3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(3, "", [pid 5828] getdents64(3, [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5828] newfstatat(AT_FDCWD, "./28/binderfs", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./21/binderfs" [pid 5828] unlink("./28/binderfs" [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5829] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6838] <... quotactl resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./28/file0", [pid 5829] newfstatat(AT_FDCWD, "./21/file0", [pid 6838] open(".", O_RDONLY [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6838] <... open resumed>) = 4 [pid 5829] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6838] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6838] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6838] exit_group(0 [pid 5828] <... openat resumed>) = 4 [pid 6838] <... exit_group resumed>) = ? [pid 5829] newfstatat(4, "", [pid 5828] newfstatat(4, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, [pid 5828] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, [pid 5828] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4 [pid 5828] close(4 [pid 5829] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./28/file0" [pid 5829] rmdir("./21/file0" [pid 5828] <... rmdir resumed>) = 0 [pid 6838] +++ exited with 0 +++ [pid 5829] <... rmdir resumed>) = 0 [pid 5828] umount2("./28/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6838, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=42 /* 0.42 s */} --- [pid 5829] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] newfstatat(AT_FDCWD, "./28/file1", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./21/file1", [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] unlink("./28/file1" [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./21/file1" [pid 5828] <... unlink resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5828] getdents64(3, [pid 5829] getdents64(3, [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3 [pid 5829] close(3 [pid 5828] <... close resumed>) = 0 [pid 5826] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./23/binderfs" [pid 5829] <... close resumed>) = 0 [pid 5828] rmdir("./28" [pid 5826] <... unlink resumed>) = 0 [pid 5826] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] rmdir("./21" [pid 5828] <... rmdir resumed>) = 0 [pid 5826] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] mkdir("./29", 0777 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... rmdir resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, [pid 5829] mkdir("./22", 0777 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] getdents64(4, [pid 5829] <... mkdir resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5826] close(4) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] rmdir("./23/file0" [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... rmdir resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5828] close(3 [pid 5826] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5828] <... close resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 6866 attached [pid 5829] close(3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./23/file1", [pid 6866] set_robust_list(0x5555819eb760, 24 [pid 5829] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6866] <... set_robust_list resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6866 [pid 5826] unlink("./23/file1" [pid 6866] chdir("./29" [pid 5826] <... unlink resumed>) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 6866] <... chdir resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6867 [pid 6866] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5826] rmdir("./23"./strace-static-x86_64: Process 6867 attached [pid 6866] setpgid(0, 0 [pid 6867] set_robust_list(0x5555819eb760, 24 [pid 5826] <... rmdir resumed>) = 0 [pid 6866] <... setpgid resumed>) = 0 [pid 6867] <... set_robust_list resumed>) = 0 [pid 5826] mkdir("./24", 0777 [pid 6867] chdir("./22" [pid 6866] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] <... mkdir resumed>) = 0 [pid 6867] <... chdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6866] <... openat resumed>) = 3 [pid 6866] write(3, "1000", 4 [pid 5826] <... openat resumed>) = 3 [pid 6866] <... write resumed>) = 4 [pid 6867] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6866] close(3 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 6867] <... prctl resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6867] setpgid(0, 0 [pid 5826] close(3 [pid 6866] <... close resumed>) = 0 [pid 6866] symlink("/dev/binderfs", "./binderfs" [pid 6867] <... setpgid resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 6867] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6866] <... symlink resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 6867] <... openat resumed>) = 3 [pid 6866] write(1, "executing program\n", 18) = 18 ./strace-static-x86_64: Process 6868 attached [pid 6867] write(3, "1000", 4 [pid 6866] fsopen(NULL, 0 [pid 6867] <... write resumed>) = 4 [pid 6867] close(3 [pid 6866] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6868 [pid 6868] set_robust_list(0x5555819eb760, 24 [pid 6867] <... close resumed>) = 0 [pid 6866] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6868] <... set_robust_list resumed>) = 0 [pid 6867] symlink("/dev/binderfs", "./binderfs" [pid 6866] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6868] chdir("./24" [pid 6867] <... symlink resumed>) = 0 [pid 6868] <... chdir resumed>) = 0 [pid 6868] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6867] write(1, "executing program\n", 18executing program [pid 6868] <... prctl resumed>) = 0 [pid 6866] memfd_create("syzkaller", 0 [pid 6867] <... write resumed>) = 18 [pid 6868] setpgid(0, 0 [pid 6867] fsopen(NULL, 0 [pid 6866] <... memfd_create resumed>) = 3 [pid 6868] <... setpgid resumed>) = 0 [pid 6867] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6867] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6868] <... openat resumed>) = 3 [pid 6867] memfd_create("syzkaller", 0 [pid 6866] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6868] write(3, "1000", 4) = 4 [pid 6867] <... memfd_create resumed>) = 3 [pid 6866] <... mmap resumed>) = 0x7f0eeb600000 [pid 6868] close(3) = 0 [pid 6867] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6868] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6868] write(1, "executing program\n", 18executing program ) = 18 [pid 6868] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6868] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6868] memfd_create("syzkaller", 0 [pid 6865] <... write resumed>) = 16777216 [pid 6868] <... memfd_create resumed>) = 3 [pid 6868] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6865] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6865] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6865] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6865] close(3) = 0 [pid 6865] close(4) = 0 [pid 6865] mkdir("./file0", 0777) = 0 [ 130.179181][ T6865] loop2: detected capacity change from 0 to 32768 [pid 6865] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6867] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6868] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6866] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6868] <... write resumed>) = 16777216 [pid 6868] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6868] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6868] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6868] close(3) = 0 [pid 6868] close(4) = 0 [pid 6868] mkdir("./file0", 0777) = 0 [pid 6868] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6867] <... write resumed>) = 16777216 [ 130.549358][ T6868] loop1: detected capacity change from 0 to 32768 [pid 6867] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6867] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 130.629652][ T6865] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 130.666932][ T6867] loop4: detected capacity change from 0 to 32768 [pid 6867] ioctl(4, LOOP_SET_FD, 3 [pid 6866] <... write resumed>) = 16777216 [pid 6867] <... ioctl resumed>) = 0 [pid 6866] munmap(0x7f0eeb600000, 138412032 [pid 6867] close(3) = 0 [pid 6867] close(4) = 0 [ 130.674566][ T6868] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 130.690510][ T6865] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 130.698602][ T6865] bcachefs (loop2): Version downgrade required: [ 130.705761][ T6865] bcachefs (loop2): Version upgrade required: [ 130.705761][ T6865] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 130.705761][ T6865] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 130.705761][ T6865] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [pid 6867] mkdir("./file0", 0777) = 0 [pid 6867] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6866] <... munmap resumed>) = 0 [pid 6866] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 130.776349][ T6868] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 130.793684][ T6865] bcachefs (loop2): dropping and reconstructing all alloc info [pid 6866] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6866] close(3) = 0 [pid 6866] close(4) = 0 [pid 6866] mkdir("./file0", 0777) = 0 [ 130.824153][ T6866] loop3: detected capacity change from 0 to 32768 [ 130.873275][ T6865] bcachefs (loop2): accounting_read... done [ 130.883595][ T6865] bcachefs (loop2): alloc_read... done [ 130.898533][ T6865] bcachefs (loop2): stripes_read... done [ 130.915992][ T6865] bcachefs (loop2): snapshots_read... done [ 130.922092][ T6865] bcachefs (loop2): check_allocations... [ 130.956315][ T6867] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 6866] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./15/file0") = 0 [ 131.016384][ T6867] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 131.017509][ T6865] done [ 131.033193][ T6866] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 131.060103][ T6865] bcachefs (loop2): going read-write [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./15") = 0 [pid 5825] mkdir("./16", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 6865] <... mount resumed>) = 0 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6900 attached [pid 6900] set_robust_list(0x5555819eb760, 24 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 6900 [pid 6900] <... set_robust_list resumed>) = 0 [pid 6900] chdir("./16") = 0 [ 131.066584][ T6866] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 131.087709][ T6865] bcachefs (loop2): done starting filesystem [pid 6900] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6900] setpgid(0, 0) = 0 [pid 6900] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6900] write(3, "1000", 4) = 4 [pid 6900] close(3) = 0 [pid 6900] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6865] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6900] write(1, "executing program\n", 18executing program [pid 6865] chdir("./file0" [pid 6900] <... write resumed>) = 18 [pid 6868] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6865] <... chdir resumed>) = 0 [pid 6900] fsopen(NULL, 0 [pid 6868] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6865] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6868] <... openat resumed>) = 3 [pid 6865] <... openat resumed>) = 4 [pid 6865] ioctl(4, LOOP_CLR_FD) = 0 [pid 6865] close(4 [pid 6900] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6865] <... close resumed>) = 0 [pid 6868] ioctl(3, LOOP_CLR_FD [pid 6865] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6900] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6900] memfd_create("syzkaller", 0) = 3 [pid 6900] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6868] <... ioctl resumed>) = 0 [pid 6868] close(3 [pid 6865] <... quotactl resumed>) = 0 [ 131.122500][ T6868] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6865] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 6865] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6865] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6865] open(".", O_RDONLY) = 5 [pid 6865] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 6865] exit_group(0) = ? [pid 6865] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6865, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=31 /* 0.31 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./26/binderfs") = 0 [ 131.252534][ T2913] bucket incorrectly unset in freespace btree [ 131.252566][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5827] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6867] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6866] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6866] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6866] ioctl(3, LOOP_CLR_FD) = 0 [pid 6866] close(3 [pid 6867] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 131.318817][ T5827] bcachefs (loop2): shutting down [ 131.326715][ T2913] bucket incorrectly unset in freespace btree [ 131.326736][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 6867] ioctl(3, LOOP_CLR_FD) = 0 [ 131.341849][ T6867] bcachefs: bch2_fs_get_tree() error: EINVAL [ 131.342737][ T6866] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6867] close(3 [pid 6868] <... close resumed>) = 0 [pid 6868] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 131.349859][ T5827] bcachefs (loop2): going read-only [ 131.349883][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 131.368771][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [pid 6900] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6866] <... close resumed>) = 0 [ 131.567019][ T2913] bucket incorrectly unset in freespace btree [ 131.567038][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 131.606925][ T2913] bucket incorrectly unset in freespace btree [pid 6866] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6867] <... close resumed>) = 0 [ 131.606945][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 131.633230][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 131.654382][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [pid 6867] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6868] <... quotactl resumed>) = 0 [pid 6867] <... quotactl resumed>) = 0 [pid 6866] <... quotactl resumed>) = 0 [ 131.663069][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 6866] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6866] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6867] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6868] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6866] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6868] <... openat resumed>) = 3 [pid 6867] <... openat resumed>) = 3 [pid 6868] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6867] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6868] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6867] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6868] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6867] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6866] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6868] <... quotactl resumed>) = 0 [pid 6867] <... quotactl resumed>) = 0 [pid 6867] open(".", O_RDONLY [pid 6866] <... quotactl resumed>) = 0 [pid 6867] <... open resumed>) = 4 [pid 6867] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6868] open(".", O_RDONLY [pid 6867] exit_group(0 [pid 6866] open(".", O_RDONLY [pid 6868] <... open resumed>) = 4 [pid 6867] <... exit_group resumed>) = ? [pid 6868] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6867] +++ exited with 0 +++ [pid 6866] <... open resumed>) = 4 [pid 6868] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6866] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6867, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=43 /* 0.43 s */} --- [pid 6868] exit_group(0 [pid 6866] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6868] <... exit_group resumed>) = ? [pid 6866] exit_group(0 [pid 6868] +++ exited with 0 +++ [pid 6866] <... exit_group resumed>) = ? [pid 5829] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6866] +++ exited with 0 +++ [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6866, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=35 /* 0.35 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5829] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 131.688445][ T5827] bcachefs (loop2): shutdown complete [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5828] umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./29/binderfs") = 0 [pid 5828] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6868, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=40 /* 0.40 s */} --- [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./29/file0", [pid 5829] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5828] openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5826] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] unlink("./22/binderfs" [pid 5826] <... openat resumed>) = 3 [pid 5828] newfstatat(4, "", [pid 5826] newfstatat(3, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5826] getdents64(3, [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] getdents64(4, [pid 5826] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./24/binderfs", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] newfstatat(AT_FDCWD, "./22/file0", [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] close(4 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] unlink("./24/binderfs" [pid 5829] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] rmdir("./29/file0" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5829] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] umount2("./29/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... openat resumed>) = 4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(4, "", [pid 5828] newfstatat(AT_FDCWD, "./29/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./29/file1" [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(4, [pid 5828] getdents64(3, [pid 5826] newfstatat(AT_FDCWD, "./24/file0", [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] close(4) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] rmdir("./22/file0" [pid 5826] openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] close(3) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] rmdir("./29" [pid 5829] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(4, "", [pid 5829] newfstatat(AT_FDCWD, "./22/file1", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] getdents64(4, [pid 5829] unlink("./22/file1" [pid 5828] mkdir("./30", 0777 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5829] getdents64(3, [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 5826] close(4 [pid 5829] <... close resumed>) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5829] rmdir("./22" [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... close resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] close(3 [pid 5826] rmdir("./24/file0" [pid 5828] <... close resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6901 attached [pid 6901] set_robust_list(0x5555819eb760, 24 [pid 6900] <... write resumed>) = 16777216 [pid 5829] mkdir("./23", 0777 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6901 [pid 5826] <... rmdir resumed>) = 0 [pid 6901] <... set_robust_list resumed>) = 0 [pid 6901] chdir("./30" [pid 6900] munmap(0x7f0eeb600000, 138412032 [pid 5829] <... mkdir resumed>) = 0 [pid 5826] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6901] <... chdir resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6901] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6901] setpgid(0, 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5826] newfstatat(AT_FDCWD, "./24/file1", [pid 6901] <... setpgid resumed>) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6901] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] unlink("./24/file1" [pid 5829] close(3 [pid 6901] <... openat resumed>) = 3 [pid 5829] <... close resumed>) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] getdents64(3, [pid 6901] write(3, "1000", 4 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6901] <... write resumed>) = 4 [pid 6901] close(3) = 0 [pid 6901] symlink("/dev/binderfs", "./binderfs"executing program ./strace-static-x86_64: Process 6902 attached ) = 0 [pid 5826] close(3 [pid 6902] set_robust_list(0x5555819eb760, 24 [pid 6901] write(1, "executing program\n", 18 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6902 [pid 5826] <... close resumed>) = 0 [pid 6902] <... set_robust_list resumed>) = 0 [pid 5826] rmdir("./24" [pid 6901] <... write resumed>) = 18 [pid 6901] fsopen(NULL, 0 [pid 5826] <... rmdir resumed>) = 0 [pid 6902] chdir("./23" [pid 6901] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5826] mkdir("./25", 0777 [pid 6902] <... chdir resumed>) = 0 [pid 6901] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5826] <... mkdir resumed>) = 0 [pid 6902] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6902] <... prctl resumed>) = 0 [pid 6902] setpgid(0, 0 [pid 6901] memfd_create("syzkaller", 0 [pid 6900] <... munmap resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 6902] <... setpgid resumed>) = 0 [pid 6901] <... memfd_create resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 6902] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6900] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6902] <... openat resumed>) = 3 [pid 6901] <... mmap resumed>) = 0x7f0eeb600000 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6902] write(3, "1000", 4 [pid 6900] <... openat resumed>) = 4 [pid 6902] <... write resumed>) = 4 [pid 5826] close(3 [pid 6902] close(3 [pid 6900] ioctl(4, LOOP_SET_FD, 3 [pid 6902] <... close resumed>) = 0 [pid 6902] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6902] write(1, "executing program\n", 18 [pid 5826] <... close resumed>) = 0 executing program [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6902] <... write resumed>) = 18 ./strace-static-x86_64: Process 6903 attached [pid 6902] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6903 [pid 6902] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6903] set_robust_list(0x5555819eb760, 24 [pid 6902] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6903] <... set_robust_list resumed>) = 0 [pid 6903] chdir("./25" [pid 6902] memfd_create("syzkaller", 0) = 3 [pid 6902] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6900] <... ioctl resumed>) = 0 [pid 6902] <... mmap resumed>) = 0x7f0eeb600000 [pid 6900] close(3 [pid 6903] <... chdir resumed>) = 0 [pid 6903] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6900] <... close resumed>) = 0 [pid 6903] setpgid(0, 0 [pid 6900] close(4) = 0 [pid 6900] mkdir("./file0", 0777 [pid 6903] <... setpgid resumed>) = 0 [pid 6903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6903] write(3, "1000", 4) = 4 [pid 6903] close(3) = 0 [pid 6903] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6903] write(1, "executing program\n", 18) = 18 [pid 6903] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6903] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6903] memfd_create("syzkaller", 0) = 3 [pid 6903] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 131.832171][ T6900] loop0: detected capacity change from 0 to 32768 [pid 6900] <... mkdir resumed>) = 0 [pid 6900] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6902] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6901] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6903] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6902] <... write resumed>) = 16777216 [pid 6902] munmap(0x7f0eeb600000, 138412032 [pid 6903] <... write resumed>) = 16777216 [pid 6903] munmap(0x7f0eeb600000, 138412032 [pid 6902] <... munmap resumed>) = 0 [pid 6901] <... write resumed>) = 16777216 [pid 6903] <... munmap resumed>) = 0 [pid 6902] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6901] munmap(0x7f0eeb600000, 138412032 [pid 6902] <... openat resumed>) = 4 [pid 6902] ioctl(4, LOOP_SET_FD, 3 [pid 6903] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6902] <... ioctl resumed>) = 0 [pid 6903] <... openat resumed>) = 4 [pid 6901] <... munmap resumed>) = 0 [pid 6903] ioctl(4, LOOP_SET_FD, 3 [pid 6902] close(3 [pid 6901] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6902] <... close resumed>) = 0 [pid 6902] close(4 [pid 6901] <... openat resumed>) = 4 [pid 6903] <... ioctl resumed>) = 0 [pid 6902] <... close resumed>) = 0 [pid 6902] mkdir("./file0", 0777 [pid 6901] ioctl(4, LOOP_SET_FD, 3 [pid 6903] close(3 [pid 6902] <... mkdir resumed>) = 0 [pid 6901] <... ioctl resumed>) = 0 [pid 6903] <... close resumed>) = 0 [pid 6902] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6903] close(4) = 0 [pid 6903] mkdir("./file0", 0777) = 0 [pid 6903] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6901] close(3) = 0 [pid 6901] close(4) = 0 [pid 6901] mkdir("./file0", 0777) = 0 [ 132.326994][ T6902] loop4: detected capacity change from 0 to 32768 [ 132.345615][ T6903] loop1: detected capacity change from 0 to 32768 [ 132.357001][ T6901] loop3: detected capacity change from 0 to 32768 [ 132.454219][ T6900] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 132.481387][ T6900] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 132.489536][ T6900] bcachefs (loop0): Version downgrade required: [ 132.496453][ T6900] bcachefs (loop0): Version upgrade required: [ 132.496453][ T6900] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 132.496453][ T6900] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 132.496453][ T6900] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 132.582000][ T6903] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 132.590888][ T6900] bcachefs (loop0): dropping and reconstructing all alloc info [ 132.591410][ T6903] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 132.621785][ T6902] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 132.653616][ T6900] bcachefs (loop0): accounting_read... [ 132.654323][ T6902] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 132.668497][ T6901] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 132.679454][ T6900] done [ 132.682273][ T6900] bcachefs (loop0): alloc_read... done [ 132.688023][ T6901] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 132.698030][ T6900] bcachefs (loop0): stripes_read... done [ 132.703777][ T6900] bcachefs (loop0): snapshots_read... done [ 132.746027][ T6900] bcachefs (loop0): check_allocations... done [ 132.847052][ T6900] bcachefs (loop0): going read-write [pid 6901] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5827] <... umount2 resumed>) = 0 [pid 6903] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6900] <... mount resumed>) = 0 [pid 6903] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6903] ioctl(3, LOOP_CLR_FD [pid 6900] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6903] <... ioctl resumed>) = 0 [pid 6900] <... openat resumed>) = 3 [pid 6903] close(3 [pid 6900] chdir("./file0" [pid 5827] newfstatat(AT_FDCWD, "./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6900] <... chdir resumed>) = 0 [pid 6900] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6900] <... openat resumed>) = 4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6900] ioctl(4, LOOP_CLR_FD [pid 5827] openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6900] <... ioctl resumed>) = 0 [ 132.871619][ T6903] bcachefs: bch2_fs_get_tree() error: EINVAL [ 132.876787][ T6900] bcachefs (loop0): done starting filesystem [pid 6900] close(4 [pid 5827] newfstatat(4, "", [pid 6900] <... close resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6900] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 6901] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6900] <... quotactl resumed>) = 0 [pid 5827] rmdir("./26/file0" [pid 6900] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5827] <... rmdir resumed>) = 0 [pid 6902] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6900] <... openat resumed>) = 4 [pid 5827] getdents64(3, [pid 6902] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6900] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6902] <... openat resumed>) = 3 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6902] ioctl(3, LOOP_CLR_FD [pid 6900] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5827] close(3 [pid 6902] <... ioctl resumed>) = 0 [pid 6902] close(3 [pid 6900] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] <... close resumed>) = 0 [pid 6901] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] rmdir("./26" [pid 6901] <... openat resumed>) = 3 [pid 5827] <... rmdir resumed>) = 0 [ 132.930047][ T6902] bcachefs: bch2_fs_get_tree() error: EINVAL [ 132.947728][ T6901] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6901] ioctl(3, LOOP_CLR_FD [pid 5827] mkdir("./27", 0777 [pid 6901] <... ioctl resumed>) = 0 [pid 6901] close(3 [pid 6900] <... quotactl resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 6900] open(".", O_RDONLY) = 5 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6900] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5827] <... openat resumed>) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3 [pid 6900] <... fallocate resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 6900] exit_group(0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6900] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 6935 attached [pid 6900] +++ exited with 0 +++ [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 6935 [pid 6935] set_robust_list(0x5555819eb760, 24 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6900, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=34 /* 0.34 s */} --- [pid 5825] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./16/binderfs") = 0 [pid 5825] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6935] <... set_robust_list resumed>) = 0 [ 133.029746][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.041454][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [pid 6935] chdir("./27") = 0 [pid 6935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6935] setpgid(0, 0) = 0 executing program [pid 6935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6935] write(3, "1000", 4) = 4 [pid 6935] close(3) = 0 [pid 6935] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6935] write(1, "executing program\n", 18) = 18 [pid 6935] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6935] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6935] memfd_create("syzkaller", 0) = 3 [pid 6935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 133.082018][ T52] bucket incorrectly unset in freespace btree [ 133.082061][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 133.092899][ T5825] bcachefs (loop0): shutting down [ 133.092918][ T5825] bcachefs (loop0): going read-only [pid 6903] <... close resumed>) = 0 [pid 6903] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6902] <... close resumed>) = 0 [ 133.092937][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 133.126154][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [pid 6902] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6901] <... close resumed>) = 0 [ 133.294105][ T52] bucket incorrectly unset in freespace btree [ 133.294126][ T52] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [pid 6901] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 133.340967][ T52] bucket incorrectly unset in freespace btree [ 133.340989][ T52] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [ 133.361191][ T52] bucket incorrectly unset in freespace btree [ 133.361212][ T52] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [ 133.380569][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [pid 6935] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6903] <... quotactl resumed>) = 0 [pid 6902] <... quotactl resumed>) = 0 [pid 6901] <... quotactl resumed>) = 0 [pid 6902] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6901] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6902] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6902] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6903] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6902] <... quotactl resumed>) = 0 [pid 6901] <... openat resumed>) = 3 [pid 6902] open(".", O_RDONLY [pid 6901] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6901] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6902] <... open resumed>) = 4 [pid 6902] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6903] <... openat resumed>) = 3 [pid 6901] <... quotactl resumed>) = 0 [pid 6903] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6902] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6901] open(".", O_RDONLY [pid 6902] exit_group(0 [pid 6901] <... open resumed>) = 4 [pid 6903] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6902] <... exit_group resumed>) = ? [pid 6901] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6903] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6901] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6901] exit_group(0) = ? [pid 6901] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6901, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=42 /* 0.42 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 6903] <... quotactl resumed>) = 0 [pid 6903] open(".", O_RDONLY) = 4 [pid 6903] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6903] exit_group(0) = ? [pid 6902] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6902, si_uid=0, si_status=0, si_utime=8 /* 0.08 s */, si_stime=48 /* 0.48 s */} --- [pid 6903] +++ exited with 0 +++ [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5828] <... restart_syscall resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6903, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=53 /* 0.53 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 133.392633][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 133.401558][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [ 133.428944][ T5825] bcachefs (loop0): shutdown complete [pid 5828] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5828] umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./30/binderfs", [pid 5829] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] unlink("./30/binderfs" [pid 5829] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... openat resumed>) = 3 [pid 5828] <... unlink resumed>) = 0 [pid 5829] newfstatat(3, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5828] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./30/file0", [pid 5826] <... openat resumed>) = 3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] newfstatat(3, "", [pid 5829] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5828] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] unlink("./23/binderfs" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(3, [pid 5829] <... unlink resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./23/file0", [pid 5828] <... openat resumed>) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(4, "", [pid 5826] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] getdents64(4, [pid 5826] unlink("./25/binderfs" [pid 5829] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... openat resumed>) = 4 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(4, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] newfstatat(AT_FDCWD, "./25/file0", [pid 5828] close(4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] rmdir("./30/file0" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./23/file0") = 0 [pid 5829] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] newfstatat(AT_FDCWD, "./23/file1", [pid 5826] close(4 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... close resumed>) = 0 [pid 6935] <... write resumed>) = 16777216 [pid 5828] umount2("./30/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] rmdir("./25/file0" [pid 5829] unlink("./23/file1" [pid 6935] munmap(0x7f0eeb600000, 138412032 [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... rmdir resumed>) = 0 [pid 5826] umount2("./25/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./25/file1", [pid 5829] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6935] <... munmap resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./30/file1", [pid 6935] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5826] unlink("./25/file1" [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6935] <... openat resumed>) = 4 [pid 5828] unlink("./30/file1" [pid 6935] ioctl(4, LOOP_SET_FD, 3 [pid 5829] close(3 [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5829] rmdir("./23" [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] close(3 [pid 6935] <... ioctl resumed>) = 0 [pid 5829] mkdir("./24", 0777 [pid 5826] getdents64(3, [pid 6935] close(3 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 6935] <... close resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] rmdir("./30" [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6935] close(4 [pid 5829] <... openat resumed>) = 3 [pid 6935] <... close resumed>) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5826] close(3 [pid 6935] mkdir("./file0", 0777 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 6935] <... mkdir resumed>) = 0 [pid 5829] close(3 [pid 5826] rmdir("./25" [pid 5829] <... close resumed>) = 0 [pid 6935] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5828] mkdir("./31", 0777 [pid 5826] <... rmdir resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6937 attached [pid 5826] mkdir("./26", 0777 [pid 6937] set_robust_list(0x5555819eb760, 24 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6937 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... mkdir resumed>) = 0 [pid 6937] <... set_robust_list resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6937] chdir("./24" [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... openat resumed>) = 3 [pid 6937] <... chdir resumed>) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6937] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5828] close(3 [pid 6937] <... prctl resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6937] setpgid(0, 0 [pid 5828] <... close resumed>) = 0 [pid 5826] close(3 [pid 6937] <... setpgid resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... close resumed>) = 0 ./strace-static-x86_64: Process 6940 attached [pid 6937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6940 [ 133.552648][ T6935] loop2: detected capacity change from 0 to 32768 ./strace-static-x86_64: Process 6941 attached [pid 6941] set_robust_list(0x5555819eb760, 24 [pid 6940] set_robust_list(0x5555819eb760, 24 [pid 6937] <... openat resumed>) = 3 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 6941 [pid 6940] <... set_robust_list resumed>) = 0 [pid 6937] write(3, "1000", 4 [pid 6941] <... set_robust_list resumed>) = 0 [pid 6941] chdir("./26" [pid 6940] chdir("./31" [pid 6937] <... write resumed>) = 4 [pid 6941] <... chdir resumed>) = 0 [pid 6940] <... chdir resumed>) = 0 [pid 6937] close(3 [pid 6941] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6940] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6937] <... close resumed>) = 0 [pid 6941] <... prctl resumed>) = 0 [pid 6941] setpgid(0, 0) = 0 [pid 6941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6940] <... prctl resumed>) = 0 [pid 6937] symlink("/dev/binderfs", "./binderfs" [pid 6941] <... openat resumed>) = 3 [pid 6940] setpgid(0, 0 [pid 6937] <... symlink resumed>) = 0 [pid 6940] <... setpgid resumed>) = 0 [pid 6937] write(1, "executing program\n", 18executing program [pid 6940] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6937] <... write resumed>) = 18 [pid 6941] write(3, "1000", 4 [pid 6937] fsopen(NULL, 0 [pid 6940] <... openat resumed>) = 3 [pid 6941] <... write resumed>) = 4 [pid 6937] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6940] write(3, "1000", 4 [pid 6937] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6940] <... write resumed>) = 4 [pid 6937] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6940] close(3 [pid 6941] close(3) = 0 [pid 6940] <... close resumed>) = 0 [pid 6937] memfd_create("syzkaller", 0 [pid 6941] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6940] symlink("/dev/binderfs", "./binderfs" [pid 6937] <... memfd_create resumed>) = 3 executing program [pid 6941] write(1, "executing program\n", 18 [pid 6940] <... symlink resumed>) = 0 [pid 6937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6941] <... write resumed>) = 18 executing program [pid 6940] write(1, "executing program\n", 18 [pid 6937] <... mmap resumed>) = 0x7f0eeb600000 [pid 6941] fsopen(NULL, 0 [pid 6940] <... write resumed>) = 18 [pid 6941] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6940] fsopen(NULL, 0 [pid 6941] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6941] memfd_create("syzkaller", 0) = 3 [pid 6940] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6940] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6940] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6941] <... mmap resumed>) = 0x7f0eeb600000 [pid 6940] memfd_create("syzkaller", 0) = 3 [pid 6940] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6941] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6937] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 134.026272][ T6935] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 134.086415][ T6935] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 134.105350][ T6935] bcachefs (loop2): Version downgrade required: [ 134.112334][ T6935] bcachefs (loop2): Version upgrade required: [ 134.112334][ T6935] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [pid 6940] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6941] <... write resumed>) = 16777216 [pid 6937] <... write resumed>) = 16777216 [pid 6937] munmap(0x7f0eeb600000, 138412032 [pid 6941] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6937] <... munmap resumed>) = 0 [pid 6941] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 134.112334][ T6935] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 134.112334][ T6935] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [pid 6941] ioctl(4, LOOP_SET_FD, 3 [pid 6937] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6937] ioctl(4, LOOP_SET_FD, 3 [pid 6941] <... ioctl resumed>) = 0 [pid 6941] close(3) = 0 [pid 6941] close(4) = 0 [pid 6941] mkdir("./file0", 0777) = 0 [pid 6941] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6937] <... ioctl resumed>) = 0 [pid 6937] close(3) = 0 [ 134.195807][ T6941] loop1: detected capacity change from 0 to 32768 [ 134.209877][ T6937] loop4: detected capacity change from 0 to 32768 [ 134.215180][ T6935] bcachefs (loop2): dropping and reconstructing all alloc info [pid 6937] close(4) = 0 [pid 6937] mkdir("./file0", 0777) = 0 [ 134.233903][ T6935] bcachefs (loop2): accounting_read... done [ 134.254704][ T6935] bcachefs (loop2): alloc_read... done [pid 6937] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6940] <... write resumed>) = 16777216 [ 134.309644][ T6935] bcachefs (loop2): stripes_read... done [ 134.318729][ T6935] bcachefs (loop2): snapshots_read... done [pid 6940] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6940] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6940] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6940] close(3) = 0 [pid 6940] close(4) = 0 [pid 6940] mkdir("./file0", 0777) = 0 [ 134.337516][ T6935] bcachefs (loop2): check_allocations... [ 134.363990][ T6941] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 134.383685][ T6935] done [ 134.388816][ T6935] bcachefs (loop2): going read-write [ 134.395756][ T6940] loop3: detected capacity change from 0 to 32768 [pid 6940] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6935] <... mount resumed>) = 0 [pid 5825] <... umount2 resumed>) = 0 [pid 6935] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6935] chdir("./file0") = 0 [pid 6935] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6935] ioctl(4, LOOP_CLR_FD) = 0 [pid 6935] close(4) = 0 [pid 6935] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5825] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6935] <... quotactl resumed>) = 0 [pid 5825] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6935] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6935] <... openat resumed>) = 4 [pid 5825] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6935] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5825] <... openat resumed>) = 4 [pid 6935] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5825] newfstatat(4, "", [pid 6935] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6935] open(".", O_RDONLY) = 5 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6935] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [ 134.412372][ T6935] bcachefs (loop2): done starting filesystem [ 134.420510][ T6941] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 134.433062][ T6937] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 134.453757][ T6937] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 6935] <... fallocate resumed>) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4 [pid 6935] exit_group(0 [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./16/file0" [pid 6935] <... exit_group resumed>) = ? [pid 5825] <... rmdir resumed>) = 0 [pid 6935] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6935, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=30 /* 0.30 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(3, [pid 5827] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] newfstatat(3, "", [pid 5825] close(3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... close resumed>) = 0 [pid 5827] getdents64(3, [pid 5825] rmdir("./16" [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] <... rmdir resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./27/binderfs", [pid 5825] mkdir("./17", 0777 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./27/binderfs") = 0 [pid 5825] <... mkdir resumed>) = 0 [pid 5827] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6971 attached , child_tidptr=0x5555819eb750) = 6971 [pid 6971] set_robust_list(0x5555819eb760, 24) = 0 [ 134.519604][ T6940] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 134.529653][ T6940] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 6971] chdir("./17") = 0 [pid 6971] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6971] setpgid(0, 0) = 0 [pid 6971] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6971] write(3, "1000", 4) = 4 [pid 6971] close(3) = 0 [pid 6971] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6971] write(1, "executing program\n", 18executing program ) = 18 [pid 6971] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 6971] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 6971] memfd_create("syzkaller", 0) = 3 [pid 6971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 134.554696][ T61] bucket incorrectly unset in freespace btree [ 134.554731][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 134.574689][ T5827] bcachefs (loop2): shutting down [ 134.574709][ T5827] bcachefs (loop2): going read-only [ 134.575429][ T5827] bcachefs (loop2): finished waiting for writes to stop [pid 6941] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6941] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6941] ioctl(3, LOOP_CLR_FD) = 0 [ 134.586828][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 11 [ 134.712507][ T6941] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6941] close(3 [pid 6940] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6940] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6940] ioctl(3, LOOP_CLR_FD) = 0 [ 134.810867][ T6940] bcachefs: bch2_fs_get_tree() error: EINVAL [ 134.817471][ T61] bucket incorrectly unset in freespace btree [ 134.817503][ T61] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [ 134.838910][ T6937] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6940] close(3 [pid 6937] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6937] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6937] ioctl(3, LOOP_CLR_FD) = 0 [ 134.856818][ T61] bucket incorrectly unset in freespace btree [ 134.856836][ T61] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [ 134.898538][ T61] bucket incorrectly unset in freespace btree [ 134.898561][ T61] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [ 134.955006][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [pid 6937] close(3 [ 134.987516][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 135.013702][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 6971] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6941] <... close resumed>) = 0 [pid 6941] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6940] <... close resumed>) = 0 [pid 6940] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6937] <... close resumed>) = 0 [pid 6937] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6941] <... quotactl resumed>) = 0 [pid 6940] <... quotactl resumed>) = 0 [pid 6937] <... quotactl resumed>) = 0 [pid 6941] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6940] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6940] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6940] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6941] <... openat resumed>) = 3 [pid 6937] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6941] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6941] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6937] <... openat resumed>) = 3 [pid 6937] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6937] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6940] <... quotactl resumed>) = 0 [pid 6940] open(".", O_RDONLY) = 4 [pid 6940] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6940] exit_group(0) = ? [pid 6940] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6940, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=48 /* 0.48 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./31/binderfs" [pid 6937] <... quotactl resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 6941] <... quotactl resumed>) = 0 [pid 6937] open(".", O_RDONLY [pid 5828] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6941] open(".", O_RDONLY) = 4 [pid 6937] <... open resumed>) = 4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6937] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] newfstatat(AT_FDCWD, "./31/file0", [pid 6937] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6941] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6937] exit_group(0 [pid 5828] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6937] <... exit_group resumed>) = ? [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6941] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6937] +++ exited with 0 +++ [pid 5828] newfstatat(4, "", [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6937, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=44 /* 0.44 s */} --- [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./31/file0") = 0 [pid 5828] umount2("./31/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./31/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./31/file1") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 6941] exit_group(0 [pid 5828] close(3 [pid 6941] <... exit_group resumed>) = ? [pid 5828] <... close resumed>) = 0 [pid 6941] +++ exited with 0 +++ [pid 5828] rmdir("./31" [pid 5829] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... rmdir resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6941, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=43 /* 0.43 s */} --- [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", [pid 5828] mkdir("./32", 0777 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 135.152668][ T5827] bcachefs (loop2): shutdown complete [pid 5829] getdents64(3, [pid 5826] newfstatat(3, "", [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 3 [pid 5826] getdents64(3, [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] unlink("./24/binderfs" [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... unlink resumed>) = 0 [pid 5828] close(3 [pid 5826] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5829] umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] newfstatat(AT_FDCWD, "./26/binderfs", [pid 5829] newfstatat(AT_FDCWD, "./24/file0", ./strace-static-x86_64: Process 6972 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6972] set_robust_list(0x5555819eb760, 24 [pid 5829] umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6972] <... set_robust_list resumed>) = 0 [pid 5829] <... openat resumed>) = 4 [pid 5826] unlink("./26/binderfs" [pid 6972] chdir("./32" [pid 5829] newfstatat(4, "", [pid 5826] <... unlink resumed>) = 0 [pid 6972] <... chdir resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 6972 [pid 6972] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] getdents64(4, [pid 5826] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6972] <... prctl resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6972] setpgid(0, 0 [pid 5829] getdents64(4, [pid 5826] newfstatat(AT_FDCWD, "./26/file0", [pid 6972] <... setpgid resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] close(4 [pid 5826] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... close resumed>) = 0 [pid 6972] <... openat resumed>) = 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6972] write(3, "1000", 4 [pid 5829] rmdir("./24/file0" [pid 5826] openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6972] <... write resumed>) = 4 [pid 5829] <... rmdir resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 6972] close(3) = 0 [pid 6972] symlink("/dev/binderfs", "./binderfs" [pid 5826] newfstatat(4, "", [pid 6972] <... symlink resumed>) = 0 [pid 5829] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(4, [pid 5829] newfstatat(AT_FDCWD, "./24/file1", [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 executing program [pid 6972] write(1, "executing program\n", 18 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] getdents64(4, [pid 6972] <... write resumed>) = 18 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 6972] fsopen(NULL, 0 [pid 5829] unlink("./24/file1" [pid 6972] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5826] close(4 [pid 6972] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 6972] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6972] memfd_create("syzkaller", 0 [pid 5829] getdents64(3, [pid 5826] rmdir("./26/file0" [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5829] close(3 [pid 6971] <... write resumed>) = 16777216 [pid 5829] <... close resumed>) = 0 [pid 5826] umount2("./26/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6972] <... memfd_create resumed>) = 3 [pid 5829] rmdir("./24" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6971] munmap(0x7f0eeb600000, 138412032 [pid 5829] <... rmdir resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./26/file1", [pid 6972] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6972] <... mmap resumed>) = 0x7f0eeb600000 [pid 5826] unlink("./26/file1") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./26") = 0 [pid 5826] mkdir("./27", 0777 [pid 6971] <... munmap resumed>) = 0 [pid 5829] mkdir("./25", 0777 [pid 5826] <... mkdir resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6971] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6971] <... openat resumed>) = 4 [pid 5829] <... openat resumed>) = 3 [pid 5826] <... openat resumed>) = 3 [pid 6971] ioctl(4, LOOP_SET_FD, 3 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 6973 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6973 attached ./strace-static-x86_64: Process 6974 attached [pid 6973] set_robust_list(0x5555819eb760, 24) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 6974 [pid 6973] chdir("./27" [pid 6974] set_robust_list(0x5555819eb760, 24 [pid 6973] <... chdir resumed>) = 0 [pid 6974] <... set_robust_list resumed>) = 0 [pid 6973] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6974] chdir("./25" [pid 6973] <... prctl resumed>) = 0 [pid 6971] <... ioctl resumed>) = 0 [pid 6974] <... chdir resumed>) = 0 [pid 6973] setpgid(0, 0 [pid 6974] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6973] <... setpgid resumed>) = 0 [pid 6974] <... prctl resumed>) = 0 [pid 6973] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6971] close(3 [pid 6974] setpgid(0, 0 [pid 6973] <... openat resumed>) = 3 [pid 6974] <... setpgid resumed>) = 0 [pid 6974] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6973] write(3, "1000", 4 [pid 6971] <... close resumed>) = 0 [pid 6974] <... openat resumed>) = 3 [pid 6973] <... write resumed>) = 4 [pid 6971] close(4 [pid 6974] write(3, "1000", 4 [pid 6973] close(3 [pid 6974] <... write resumed>) = 4 [pid 6973] <... close resumed>) = 0 [pid 6974] close(3 [pid 6973] symlink("/dev/binderfs", "./binderfs" [pid 6974] <... close resumed>) = 0 [pid 6971] <... close resumed>) = 0 [pid 6971] mkdir("./file0", 0777 [pid 6974] symlink("/dev/binderfs", "./binderfs" [pid 6973] <... symlink resumed>) = 0 [pid 6971] <... mkdir resumed>) = 0 [pid 6974] <... symlink resumed>) = 0 [pid 6973] write(1, "executing program\n", 18 [pid 6971] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"...executing program [pid 6974] write(1, "executing program\n", 18executing program [pid 6973] <... write resumed>) = 18 [pid 6974] <... write resumed>) = 18 [pid 6973] fsopen(NULL, 0 [pid 6974] fsopen(NULL, 0 [pid 6973] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6974] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 6973] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6974] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 6973] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [ 135.324268][ T6971] loop0: detected capacity change from 0 to 32768 [pid 6974] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 6973] memfd_create("syzkaller", 0) = 3 [pid 6974] memfd_create("syzkaller", 0 [pid 6973] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6974] <... memfd_create resumed>) = 3 [pid 6974] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 6972] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6974] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6973] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6972] <... write resumed>) = 16777216 [pid 6972] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6972] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6972] ioctl(4, LOOP_SET_FD, 3 [pid 6974] <... write resumed>) = 16777216 [pid 6972] <... ioctl resumed>) = 0 [pid 6974] munmap(0x7f0eeb600000, 138412032 [pid 6972] close(3) = 0 [pid 6972] close(4) = 0 [pid 6972] mkdir("./file0", 0777) = 0 [ 135.739762][ T6972] loop3: detected capacity change from 0 to 32768 [pid 6972] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6974] <... munmap resumed>) = 0 [pid 6974] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6974] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6974] close(3) = 0 [pid 6974] close(4) = 0 [pid 6974] mkdir("./file0", 0777) = 0 [ 135.803564][ T6974] loop4: detected capacity change from 0 to 32768 [pid 6974] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 6973] <... write resumed>) = 16777216 [pid 6973] munmap(0x7f0eeb600000, 138412032) = 0 [pid 6973] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6973] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6973] close(3) = 0 [pid 6973] close(4) = 0 [pid 6973] mkdir("./file0", 0777) = 0 [ 135.899108][ T6973] loop1: detected capacity change from 0 to 32768 [ 136.004245][ T6971] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 136.030771][ T6971] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 136.039091][ T6971] bcachefs (loop0): Version downgrade required: [ 136.045590][ T6971] bcachefs (loop0): Version upgrade required: [ 136.045590][ T6971] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 136.045590][ T6971] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 136.045590][ T6971] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 136.125597][ T6973] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 136.136337][ T6973] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 136.148645][ T6972] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 136.192001][ T6972] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 136.203299][ T6974] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 136.253347][ T6974] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 136.264475][ T6971] bcachefs (loop0): dropping and reconstructing all alloc info [pid 6973] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5827] <... umount2 resumed>) = 0 [pid 5827] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./27/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./27") = 0 [pid 5827] mkdir("./28", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [ 136.344738][ T6971] bcachefs (loop0): accounting_read... done [ 136.356552][ T6971] bcachefs (loop0): alloc_read... done [ 136.373864][ T6971] bcachefs (loop0): stripes_read... done [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7004 ./strace-static-x86_64: Process 7004 attached [pid 7004] set_robust_list(0x5555819eb760, 24) = 0 [pid 7004] chdir("./28") = 0 [pid 7004] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7004] setpgid(0, 0) = 0 [pid 7004] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7004] write(3, "1000", 4executing program ) = 4 [pid 7004] close(3) = 0 [pid 7004] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7004] write(1, "executing program\n", 18) = 18 [pid 7004] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7004] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7004] memfd_create("syzkaller", 0) = 3 [pid 7004] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 136.408139][ T6971] bcachefs (loop0): snapshots_read... done [ 136.414804][ T6971] bcachefs (loop0): check_allocations... done [ 136.487960][ T6971] bcachefs (loop0): going read-write [ 136.499638][ T6971] bcachefs (loop0): done starting filesystem [pid 6973] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6971] <... mount resumed>) = 0 [pid 6971] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6973] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6973] ioctl(3, LOOP_CLR_FD) = 0 [ 136.516282][ T6973] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6973] close(3 [pid 6971] chdir("./file0") = 0 [pid 6971] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6971] ioctl(4, LOOP_CLR_FD) = 0 [pid 6971] close(4 [pid 6972] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6971] <... close resumed>) = 0 [pid 6971] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6972] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6972] ioctl(3, LOOP_CLR_FD) = 0 [pid 6972] close(3 [pid 6971] <... quotactl resumed>) = 0 [ 136.561902][ T6972] bcachefs: bch2_fs_get_tree() error: EINVAL [ 136.582216][ T6974] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 6971] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6974] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 6971] <... openat resumed>) = 4 [pid 6974] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6971] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6974] <... openat resumed>) = 3 [pid 6971] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6974] ioctl(3, LOOP_CLR_FD [pid 6971] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 6974] <... ioctl resumed>) = 0 [pid 6971] open(".", O_RDONLY [pid 6974] close(3 [pid 6971] <... open resumed>) = 5 [pid 6971] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 6971] exit_group(0) = ? [pid 6971] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6971, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=37 /* 0.37 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 136.698611][ T2913] bucket incorrectly unset in freespace btree [ 136.698643][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./17/binderfs") = 0 [pid 5825] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6974] <... close resumed>) = 0 [pid 6974] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7004] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6974] <... quotactl resumed>) = 0 [pid 6974] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 6974] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 6974] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6973] <... close resumed>) = 0 [ 136.838736][ T2913] bucket incorrectly unset in freespace btree [ 136.838759][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 6973] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6972] <... close resumed>) = 0 [ 136.888949][ T5825] bcachefs (loop0): shutting down [ 136.894991][ T5825] bcachefs (loop0): going read-only [ 136.912198][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 136.925823][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [ 136.946206][ T52] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 53) [ 136.968906][ T52] bucket incorrectly unset in freespace btree [ 136.968941][ T52] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 136.986740][ T52] bucket incorrectly unset in freespace btree [pid 6972] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 6973] <... quotactl resumed>) = 0 [pid 6972] <... quotactl resumed>) = 0 [pid 6973] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6972] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 6973] <... openat resumed>) = 3 [pid 6972] <... openat resumed>) = 3 [pid 6973] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6972] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 6973] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6972] <... mount resumed>) = -1 EFAULT (Bad address) [pid 6973] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6972] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 6974] <... quotactl resumed>) = 0 [ 136.986762][ T52] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 137.007924][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 137.018847][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 137.027781][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 6974] open(".", O_RDONLY) = 4 [pid 6973] <... quotactl resumed>) = 0 [pid 6973] open(".", O_RDONLY) = 4 [pid 6973] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 6974] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 6973] exit_group(0 [pid 7004] <... write resumed>) = 16777216 [pid 6974] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 6973] <... exit_group resumed>) = ? [pid 6972] <... quotactl resumed>) = 0 [pid 7004] munmap(0x7f0eeb600000, 138412032 [pid 6974] exit_group(0 [pid 6973] +++ exited with 0 +++ [pid 6972] open(".", O_RDONLY [pid 6974] <... exit_group resumed>) = ? [pid 6972] <... open resumed>) = 4 [pid 7004] <... munmap resumed>) = 0 [pid 6974] +++ exited with 0 +++ [pid 6972] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6973, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=39 /* 0.39 s */} --- [pid 7004] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6972] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6974, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=45 /* 0.45 s */} --- [pid 7004] <... openat resumed>) = 4 [pid 6972] exit_group(0 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 6972] <... exit_group resumed>) = ? [pid 7004] ioctl(4, LOOP_SET_FD, 3 [pid 6972] +++ exited with 0 +++ [pid 5826] <... restart_syscall resumed>) = 0 [pid 5829] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7004] <... ioctl resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6972, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=45 /* 0.45 s */} --- [pid 7004] close(3) = 0 [pid 5829] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5826] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7004] close(4 [pid 5829] <... openat resumed>) = 3 [pid 7004] <... close resumed>) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7004] mkdir("./file0", 0777 [pid 5829] newfstatat(3, "", [pid 5826] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7004] <... mkdir resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5826] newfstatat(3, "", [pid 5829] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] getdents64(3, [pid 5829] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7004] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5829] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./25/binderfs" [pid 5828] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(AT_FDCWD, "./27/binderfs", [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5829] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(3, "", [pid 5826] unlink("./27/binderfs" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(AT_FDCWD, "./25/file0", [pid 5828] getdents64(3, [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [ 137.059542][ T5825] bcachefs (loop0): shutdown complete [ 137.094804][ T7004] loop2: detected capacity change from 0 to 32768 [pid 5829] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... openat resumed>) = 4 [pid 5828] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5826] newfstatat(AT_FDCWD, "./27/file0", [pid 5829] newfstatat(4, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] getdents64(4, [pid 5828] unlink("./32/binderfs" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... unlink resumed>) = 0 [pid 5826] newfstatat(4, "", [pid 5829] getdents64(4, [pid 5828] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(4, [pid 5829] close(4 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... close resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./32/file0", [pid 5826] getdents64(4, [pid 5829] rmdir("./25/file0" [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] close(4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... close resumed>) = 0 [pid 5829] umount2("./25/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 4 [pid 5826] rmdir("./27/file0" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(4, "", [pid 5829] newfstatat(AT_FDCWD, "./25/file1", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(4, [pid 5826] <... rmdir resumed>) = 0 [pid 5829] unlink("./25/file1" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] umount2("./27/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... unlink resumed>) = 0 [pid 5828] getdents64(4, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] newfstatat(AT_FDCWD, "./27/file1", [pid 5829] getdents64(3, [pid 5828] close(4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] unlink("./27/file1" [pid 5829] close(3 [pid 5828] rmdir("./32/file0" [pid 5829] <... close resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5829] rmdir("./25") = 0 [pid 5828] umount2("./32/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(3, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] mkdir("./26", 0777 [pid 5828] newfstatat(AT_FDCWD, "./32/file1", [pid 5826] close(3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./27" [pid 5829] <... mkdir resumed>) = 0 [pid 5828] unlink("./32/file1" [pid 5826] <... rmdir resumed>) = 0 [pid 5826] mkdir("./28", 0777 [pid 5828] <... unlink resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] getdents64(3, [pid 5829] <... openat resumed>) = 3 [pid 5826] <... mkdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 5826] <... openat resumed>) = 3 [pid 5829] close(3 [pid 5828] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] rmdir("./32" [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 7012 attached [pid 5828] <... rmdir resumed>) = 0 [pid 5826] close(3) = 0 [pid 7012] set_robust_list(0x5555819eb760, 24 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7012 [pid 5828] mkdir("./33", 0777./strace-static-x86_64: Process 7013 attached ) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7013] set_robust_list(0x5555819eb760, 24 [pid 7012] <... set_robust_list resumed>) = 0 [pid 7013] <... set_robust_list resumed>) = 0 [pid 7012] chdir("./26" [pid 7013] chdir("./28" [pid 7012] <... chdir resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7013 [pid 7013] <... chdir resumed>) = 0 [pid 7012] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] ioctl(3, LOOP_CLR_FD [pid 7013] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7012] <... prctl resumed>) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7012] setpgid(0, 0 [pid 7013] <... prctl resumed>) = 0 [pid 7012] <... setpgid resumed>) = 0 [pid 5828] close(3 [pid 7013] setpgid(0, 0) = 0 [pid 7012] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... close resumed>) = 0 [pid 7013] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7012] <... openat resumed>) = 3 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7012] write(3, "1000", 4 [pid 7013] <... openat resumed>) = 3 ./strace-static-x86_64: Process 7014 attached [pid 7012] <... write resumed>) = 4 [pid 7014] set_robust_list(0x5555819eb760, 24 [pid 7013] write(3, "1000", 4 [pid 7012] close(3 [pid 7014] <... set_robust_list resumed>) = 0 [pid 7013] <... write resumed>) = 4 [pid 7012] <... close resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7014 [pid 7014] chdir("./33" [pid 7013] close(3 [pid 7012] symlink("/dev/binderfs", "./binderfs" [pid 7013] <... close resumed>) = 0 [pid 7013] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7013] write(1, "executing program\n", 18executing program [pid 7014] <... chdir resumed>) = 0 [pid 7012] <... symlink resumed>) = 0 [pid 7014] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7013] <... write resumed>) = 18 executing program [pid 7012] write(1, "executing program\n", 18 [pid 7014] <... prctl resumed>) = 0 [pid 7013] fsopen(NULL, 0 [pid 7012] <... write resumed>) = 18 [pid 7014] setpgid(0, 0 [pid 7013] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7012] fsopen(NULL, 0 [pid 7014] <... setpgid resumed>) = 0 [pid 7013] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7012] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7014] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7013] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7012] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7012] memfd_create("syzkaller", 0 [pid 7014] <... openat resumed>) = 3 [pid 7012] <... memfd_create resumed>) = 3 [pid 7013] memfd_create("syzkaller", 0 [pid 7012] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7014] write(3, "1000", 4 [pid 7012] <... mmap resumed>) = 0x7f0eeb600000 [pid 7014] <... write resumed>) = 4 [pid 7014] close(3 [pid 7013] <... memfd_create resumed>) = 3 [pid 7014] <... close resumed>) = 0 [pid 7013] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7014] symlink("/dev/binderfs", "./binderfs" [pid 7013] <... mmap resumed>) = 0x7f0eeb600000 [pid 7014] <... symlink resumed>) = 0 [pid 7014] write(1, "executing program\n", 18executing program ) = 18 [pid 7014] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7014] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7014] memfd_create("syzkaller", 0) = 3 [pid 7014] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7012] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7013] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7012] <... write resumed>) = 16777216 [pid 7012] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7014] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7012] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7012] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7012] close(3) = 0 [pid 7012] close(4) = 0 [ 137.538475][ T7012] loop4: detected capacity change from 0 to 32768 [pid 7012] mkdir("./file0", 0777) = 0 [ 137.595504][ T7004] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 137.656120][ T7004] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 137.676531][ T7004] bcachefs (loop2): Version downgrade required: [ 137.683060][ T7004] bcachefs (loop2): Version upgrade required: [ 137.683060][ T7004] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 137.683060][ T7004] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 137.683060][ T7004] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 137.756730][ T7012] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 137.783709][ T7012] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7012] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7013] <... write resumed>) = 16777216 [pid 7013] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7013] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7013] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7013] close(3) = 0 [pid 7013] close(4) = 0 [pid 7013] mkdir("./file0", 0777) = 0 [ 137.844164][ T7004] bcachefs (loop2): dropping and reconstructing all alloc info [ 137.863386][ T7013] loop1: detected capacity change from 0 to 32768 [pid 7013] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7014] <... write resumed>) = 16777216 [pid 7014] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7014] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 137.890275][ T7004] bcachefs (loop2): accounting_read... done [ 137.931357][ T7004] bcachefs (loop2): alloc_read... done [ 137.938205][ T7004] bcachefs (loop2): stripes_read... done [ 137.950840][ T7004] bcachefs (loop2): snapshots_read... done [ 137.970078][ T7004] bcachefs (loop2): check_allocations... [ 137.984941][ T7014] loop3: detected capacity change from 0 to 32768 [pid 7014] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7014] close(3) = 0 [pid 7014] close(4) = 0 [pid 7014] mkdir("./file0", 0777) = 0 [ 138.033640][ T7004] done [ 138.042994][ T7004] bcachefs (loop2): going read-write [ 138.051792][ T7012] bcachefs: bch2_fs_get_tree() error: EINVAL [ 138.068978][ T7013] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 7014] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7012] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7012] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7012] ioctl(3, LOOP_CLR_FD) = 0 [pid 7012] close(3 [pid 7004] <... mount resumed>) = 0 [ 138.085133][ T7004] bcachefs (loop2): done starting filesystem [pid 7004] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7004] chdir("./file0") = 0 [pid 7004] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7004] ioctl(4, LOOP_CLR_FD) = 0 [pid 7004] close(4) = 0 [pid 7004] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 5825] <... umount2 resumed>) = 0 [pid 7004] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7004] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5825] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7004] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7004] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5825] newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7004] <... quotactl resumed>) = 0 [pid 7004] open(".", O_RDONLY [pid 5825] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7004] <... open resumed>) = 5 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 138.140629][ T7013] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7004] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5825] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 7004] <... fallocate resumed>) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 7004] exit_group(0 [pid 5825] rmdir("./17/file0" [pid 7004] <... exit_group resumed>) = ? [pid 5825] <... rmdir resumed>) = 0 [pid 7004] +++ exited with 0 +++ [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7004, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=33 /* 0.33 s */} --- [pid 5825] close(3 [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./17") = 0 [pid 5825] mkdir("./18", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7041 attached [pid 5827] <... restart_syscall resumed>) = 0 [pid 7041] set_robust_list(0x5555819eb760, 24 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7041 [pid 7012] <... close resumed>) = 0 [pid 7041] <... set_robust_list resumed>) = 0 [pid 7041] chdir("./18") = 0 [pid 7041] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7041] <... prctl resumed>) = 0 [pid 7041] setpgid(0, 0) = 0 [pid 7041] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 138.219912][ T7014] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 138.249630][ T2913] bucket incorrectly unset in freespace btree [pid 5827] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7041] write(3, "1000", 4 [pid 5827] <... openat resumed>) = 3 [pid 7041] <... write resumed>) = 4 [pid 7012] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7041] close(3) = 0 [pid 7041] symlink("/dev/binderfs", "./binderfs" [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 7041] <... symlink resumed>) = 0 [pid 5827] getdents64(3, [pid 7041] write(1, "executing program\n", 18 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 7041] <... write resumed>) = 18 [pid 5827] umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7041] fsopen(NULL, 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7041] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5827] newfstatat(AT_FDCWD, "./28/binderfs", [pid 7041] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7041] memfd_create("syzkaller", 0 [pid 7012] <... quotactl resumed>) = 0 [pid 7041] <... memfd_create resumed>) = 3 [pid 7012] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5827] unlink("./28/binderfs" [pid 7041] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7012] <... openat resumed>) = 3 [pid 5827] <... unlink resumed>) = 0 [pid 7041] <... mmap resumed>) = 0x7f0eeb600000 [pid 7012] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 5827] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 138.249714][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 138.257223][ T7014] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 138.334176][ T5827] bcachefs (loop2): shutting down [ 138.340726][ T5827] bcachefs (loop2): going read-only [ 138.347114][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 138.364934][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [ 138.375060][ T2913] bucket incorrectly unset in freespace btree [ 138.375081][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 138.436915][ T52] bucket incorrectly unset in freespace btree [ 138.436935][ T52] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 138.458711][ T52] bucket incorrectly unset in freespace btree [ 138.458732][ T52] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 7012] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [ 138.498177][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 138.524060][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [pid 7041] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7013] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7013] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7014] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7013] <... openat resumed>) = 3 [ 138.544082][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [ 138.547358][ T7013] bcachefs: bch2_fs_get_tree() error: EINVAL [ 138.565827][ T7014] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7014] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7013] ioctl(3, LOOP_CLR_FD [pid 7012] <... quotactl resumed>) = 0 [pid 7012] open(".", O_RDONLY [pid 7013] <... ioctl resumed>) = 0 [pid 7013] close(3 [pid 7014] <... openat resumed>) = 3 [pid 7014] ioctl(3, LOOP_CLR_FD [pid 7012] <... open resumed>) = 4 [pid 7012] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7014] <... ioctl resumed>) = 0 [pid 7012] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7012] exit_group(0 [pid 7014] close(3 [pid 7012] <... exit_group resumed>) = ? [pid 7012] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7012, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=35 /* 0.35 s */} --- [pid 5829] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 138.598149][ T5827] bcachefs (loop2): shutdown complete [pid 5829] newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./26/binderfs") = 0 [pid 5829] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./26/file0") = 0 [pid 5829] umount2("./26/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./26/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./26/file1") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./26") = 0 [pid 5829] mkdir("./27", 0777) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7042 attached , child_tidptr=0x5555819eb750) = 7042 [pid 7042] set_robust_list(0x5555819eb760, 24) = 0 [pid 7042] chdir("./27") = 0 [pid 7042] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7042] setpgid(0, 0) = 0 [pid 7042] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7042] write(3, "1000", 4) = 4 [pid 7042] close(3) = 0 [pid 7042] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7042] write(1, "executing program\n", 18executing program ) = 18 [pid 7042] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7042] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7042] memfd_create("syzkaller", 0) = 3 [pid 7042] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7041] <... write resumed>) = 16777216 [pid 7041] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7041] ioctl(4, LOOP_SET_FD, 3 [pid 7014] <... close resumed>) = 0 [pid 7013] <... close resumed>) = 0 [pid 7041] <... ioctl resumed>) = 0 [pid 7014] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7013] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7041] close(3) = 0 [pid 7041] close(4) = 0 [pid 7041] mkdir("./file0", 0777) = 0 [pid 7041] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7013] <... quotactl resumed>) = 0 [pid 7014] <... quotactl resumed>) = 0 [pid 7013] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7014] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7013] <... openat resumed>) = 3 [pid 7014] <... openat resumed>) = 3 [pid 7013] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7014] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7013] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7014] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7013] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7014] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7013] <... quotactl resumed>) = 0 [pid 7014] <... quotactl resumed>) = 0 [pid 7013] open(".", O_RDONLY [pid 7014] open(".", O_RDONLY [pid 7013] <... open resumed>) = 4 [pid 7014] <... open resumed>) = 4 [pid 7013] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7014] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7013] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7013] exit_group(0 [pid 7014] exit_group(0 [pid 7013] <... exit_group resumed>) = ? [pid 7013] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7013, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=39 /* 0.39 s */} --- [pid 5826] umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", [pid 7014] <... exit_group resumed>) = ? [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7014] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7014, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=54 /* 0.54 s */} --- [ 138.870788][ T7041] loop0: detected capacity change from 0 to 32768 [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5826] umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./28/binderfs", [pid 5828] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./33/binderfs") = 0 [pid 5828] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] unlink("./28/binderfs" [pid 5828] <... openat resumed>) = 4 [pid 5826] <... unlink resumed>) = 0 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(4, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] newfstatat(AT_FDCWD, "./28/file0", [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] rmdir("./33/file0") = 0 [pid 5828] umount2("./33/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./33/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./33/file1") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./33") = 0 [pid 5826] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] mkdir("./34", 0777) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... openat resumed>) = 3 [pid 5826] <... openat resumed>) = 4 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] getdents64(4, [pid 5828] close(3 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... close resumed>) = 0 [pid 5826] getdents64(4, [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7042] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5826] close(4) = 0 ./strace-static-x86_64: Process 7048 attached [pid 5826] rmdir("./28/file0") = 0 [pid 7048] set_robust_list(0x5555819eb760, 24 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7048 [pid 7048] <... set_robust_list resumed>) = 0 [pid 7048] chdir("./34" [pid 5826] umount2("./28/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7048] <... chdir resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7048] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] newfstatat(AT_FDCWD, "./28/file1", [pid 7048] <... prctl resumed>) = 0 [pid 7048] setpgid(0, 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7048] <... setpgid resumed>) = 0 [pid 7048] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] unlink("./28/file1" [pid 7048] <... openat resumed>) = 3 [pid 7048] write(3, "1000", 4 [pid 5826] <... unlink resumed>) = 0 [pid 7048] <... write resumed>) = 4 [pid 7048] close(3 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7048] <... close resumed>) = 0 [pid 5826] close(3 [pid 7048] symlink("/dev/binderfs", "./binderfs" [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./28" [pid 7048] <... symlink resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5826] mkdir("./29", 0777executing program [pid 7048] write(1, "executing program\n", 18 [pid 5826] <... mkdir resumed>) = 0 [pid 7048] <... write resumed>) = 18 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7048] fsopen(NULL, 0 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7048] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7048] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7048] memfd_create("syzkaller", 0./strace-static-x86_64: Process 7049 attached ) = 3 [pid 7048] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7049 [pid 7048] <... mmap resumed>) = 0x7f0eeb600000 executing program [pid 7049] set_robust_list(0x5555819eb760, 24) = 0 [pid 7049] chdir("./29") = 0 [pid 7049] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7049] setpgid(0, 0) = 0 [pid 7049] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7049] write(3, "1000", 4) = 4 [pid 7049] close(3) = 0 [pid 7049] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7049] write(1, "executing program\n", 18) = 18 [pid 7049] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7049] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7049] memfd_create("syzkaller", 0) = 3 [pid 7049] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7049] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7048] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7042] <... write resumed>) = 16777216 [pid 7042] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7042] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7042] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7042] close(3) = 0 [pid 7042] close(4) = 0 [pid 7042] mkdir("./file0", 0777) = 0 [ 139.298504][ T7042] loop4: detected capacity change from 0 to 32768 [pid 7042] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7048] <... write resumed>) = 16777216 [pid 7048] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7048] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7048] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7048] close(3) = 0 [pid 7048] close(4) = 0 [pid 7048] mkdir("./file0", 0777) = 0 [ 139.398934][ T7048] loop3: detected capacity change from 0 to 32768 [pid 7048] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7049] <... write resumed>) = 16777216 [pid 7049] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7049] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 139.495846][ T7041] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 139.528769][ T7042] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 139.538148][ T7042] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 139.549589][ T7041] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 139.550417][ T7049] loop1: detected capacity change from 0 to 32768 [ 139.558413][ T7041] bcachefs (loop0): Version downgrade required: [ 139.571214][ T7041] bcachefs (loop0): Version upgrade required: [ 139.571214][ T7041] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 139.571214][ T7041] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 139.571214][ T7041] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [pid 7049] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7049] close(3) = 0 [pid 7049] close(4) = 0 [pid 7049] mkdir("./file0", 0777) = 0 [ 139.643693][ T7041] bcachefs (loop0): dropping and reconstructing all alloc info [ 139.669543][ T7041] bcachefs (loop0): accounting_read... done [ 139.686034][ T7041] bcachefs (loop0): alloc_read... done [ 139.703232][ T7041] bcachefs (loop0): stripes_read... done [ 139.704507][ T7048] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 139.720790][ T7041] bcachefs (loop0): snapshots_read... done [ 139.728473][ T7041] bcachefs (loop0): check_allocations... [ 139.729363][ T7048] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 139.798232][ T7041] done [pid 7049] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7042] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7042] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7042] ioctl(3, LOOP_CLR_FD) = 0 [pid 7042] close(3 [pid 5827] <... umount2 resumed>) = 0 [ 139.819298][ T7041] bcachefs (loop0): going read-write [ 139.825701][ T7042] bcachefs: bch2_fs_get_tree() error: EINVAL [ 139.854271][ T7049] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 7041] <... mount resumed>) = 0 [pid 5827] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 7041] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./28/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./28") = 0 [pid 5827] mkdir("./29", 0777) = 0 [pid 7041] chdir("./file0") = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 7041] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] <... openat resumed>) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7076 attached , child_tidptr=0x5555819eb750) = 7076 [pid 7041] <... openat resumed>) = 4 [pid 7076] set_robust_list(0x5555819eb760, 24) = 0 [pid 7076] chdir("./29" [pid 7041] ioctl(4, LOOP_CLR_FD [pid 7076] <... chdir resumed>) = 0 [pid 7041] <... ioctl resumed>) = 0 [pid 7076] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7041] close(4 [pid 7076] <... prctl resumed>) = 0 [pid 7041] <... close resumed>) = 0 [pid 7076] setpgid(0, 0) = 0 [ 139.897323][ T7041] bcachefs (loop0): done starting filesystem executing program [pid 7076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7041] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7076] write(3, "1000", 4) = 4 [pid 7076] close(3) = 0 [pid 7076] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7076] write(1, "executing program\n", 18) = 18 [pid 7076] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7076] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7076] memfd_create("syzkaller", 0) = 3 [pid 7041] <... quotactl resumed>) = 0 [pid 7041] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7041] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7041] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7041] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [ 139.940220][ T7049] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7041] open(".", O_RDONLY) = 5 [pid 7041] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 7041] exit_group(0) = ? [pid 7041] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7041, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=38 /* 0.38 s */} --- [pid 5825] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./18/binderfs") = 0 [ 140.046603][ T52] bucket incorrectly unset in freespace btree [ 140.046741][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5825] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7048] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7048] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7048] ioctl(3, LOOP_CLR_FD) = 0 [ 140.091253][ T5825] bcachefs (loop0): shutting down [ 140.091277][ T5825] bcachefs (loop0): going read-only [ 140.091299][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 140.132012][ T7048] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7048] close(3 [pid 7049] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7049] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7049] ioctl(3, LOOP_CLR_FD) = 0 [pid 7042] <... close resumed>) = 0 [pid 7042] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 140.134212][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [ 140.197267][ T7049] bcachefs: bch2_fs_get_tree() error: EINVAL [ 140.306470][ T52] bucket incorrectly unset in freespace btree [ 140.306505][ T52] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [pid 7049] close(3 [pid 7076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7049] <... close resumed>) = 0 [ 140.396470][ T52] bucket incorrectly unset in freespace btree [ 140.396490][ T52] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [ 140.436070][ T52] bucket incorrectly unset in freespace btree [pid 7048] <... close resumed>) = 0 [pid 7049] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 140.436092][ T52] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [ 140.466386][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 140.478571][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 140.487119][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 7048] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7049] <... quotactl resumed>) = 0 [pid 7048] <... quotactl resumed>) = 0 [pid 7042] <... quotactl resumed>) = 0 [pid 7048] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7042] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7049] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7048] <... openat resumed>) = 3 [pid 7049] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7042] <... openat resumed>) = 3 [pid 7049] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7048] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7042] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7049] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7042] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7048] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7042] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7048] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7042] <... quotactl resumed>) = 0 [pid 7048] open(".", O_RDONLY) = 4 [pid 7048] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7042] open(".", O_RDONLY [pid 7048] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7042] <... open resumed>) = 4 [pid 7048] exit_group(0 [pid 7042] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7048] <... exit_group resumed>) = ? [pid 7042] exit_group(0) = ? [pid 7048] +++ exited with 0 +++ [pid 7042] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7048, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=41 /* 0.41 s */} --- [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7042, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=40 /* 0.40 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 7049] <... quotactl resumed>) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 7049] open(".", O_RDONLY) = 4 [pid 5828] umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7049] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7049] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./34/binderfs" [pid 5829] <... openat resumed>) = 3 [pid 7049] exit_group(0 [pid 5829] newfstatat(3, "", [pid 5828] <... unlink resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7049] <... exit_group resumed>) = ? [pid 5828] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] getdents64(3, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./34/file0", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./27/binderfs", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7049] +++ exited with 0 +++ [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [ 140.513073][ T5825] bcachefs (loop0): shutdown complete [pid 5828] close(4 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./27/binderfs" [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7049, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=45 /* 0.45 s */} --- [pid 5828] <... close resumed>) = 0 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] rmdir("./34/file0") = 0 [pid 5828] umount2("./34/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./34/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./34/file1") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./34") = 0 [pid 5828] mkdir("./35", 0777 [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5829] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... mkdir resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5829] newfstatat(AT_FDCWD, "./27/file0", [pid 5828] <... openat resumed>) = 3 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... openat resumed>) = 4 [pid 5829] newfstatat(4, "", [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... openat resumed>) = 3 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] close(3 [pid 5829] getdents64(4, [pid 5828] <... close resumed>) = 0 [pid 5826] newfstatat(3, "", [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7077 ./strace-static-x86_64: Process 7077 attached [pid 7076] <... write resumed>) = 16777216 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] getdents64(3, [pid 5829] close(4) = 0 [pid 5829] rmdir("./27/file0" [pid 7077] set_robust_list(0x5555819eb760, 24 [pid 7076] munmap(0x7f0eeb600000, 138412032 [pid 5829] <... rmdir resumed>) = 0 [pid 7077] <... set_robust_list resumed>) = 0 [pid 7076] <... munmap resumed>) = 0 [pid 5829] umount2("./27/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./27/file1", [pid 7077] chdir("./35" [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./27/file1" [pid 5826] newfstatat(AT_FDCWD, "./29/binderfs", [pid 7077] <... chdir resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 7077] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7077] <... prctl resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7077] setpgid(0, 0 [pid 5829] close(3 [pid 5826] unlink("./29/binderfs" [pid 7077] <... setpgid resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 7077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] rmdir("./27" [pid 5826] <... unlink resumed>) = 0 [pid 7077] <... openat resumed>) = 3 [pid 7076] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5829] <... rmdir resumed>) = 0 [pid 5826] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7077] write(3, "1000", 4 [pid 7076] <... openat resumed>) = 4 [pid 5829] mkdir("./28", 0777 [pid 7077] <... write resumed>) = 4 [pid 7076] ioctl(4, LOOP_SET_FD, 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7077] close(3 [pid 5829] <... mkdir resumed>) = 0 [pid 7077] <... close resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] newfstatat(AT_FDCWD, "./29/file0", [pid 7077] symlink("/dev/binderfs", "./binderfs" [pid 5829] <... openat resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5826] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7077] <... symlink resumed>) = 0 executing program [pid 7076] <... ioctl resumed>) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] close(3 [pid 7076] close(3 [pid 5826] openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... close resumed>) = 0 [pid 7077] write(1, "executing program\n", 18) = 18 [pid 7077] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7077] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7077] memfd_create("syzkaller", 0) = 3 [pid 7076] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... openat resumed>) = 4 [pid 7076] close(4 [pid 7077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 7078 attached ) = 0x7f0eeb600000 [pid 7076] <... close resumed>) = 0 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7076] mkdir("./file0", 0777 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7078 [pid 5826] getdents64(4, [pid 7078] set_robust_list(0x5555819eb760, 24 [pid 7076] <... mkdir resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 7078] <... set_robust_list resumed>) = 0 [pid 5826] getdents64(4, [pid 7078] chdir("./28" [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7076] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5826] close(4 [pid 7078] <... chdir resumed>) = 0 [pid 7078] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] <... close resumed>) = 0 [pid 7078] <... prctl resumed>) = 0 [pid 5826] rmdir("./29/file0" [pid 7078] setpgid(0, 0) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 7078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] umount2("./29/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7078] <... openat resumed>) = 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7078] write(3, "1000", 4 [pid 5826] newfstatat(AT_FDCWD, "./29/file1", [pid 7078] <... write resumed>) = 4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7078] close(3 [pid 5826] unlink("./29/file1" [pid 7078] <... close resumed>) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 7078] symlink("/dev/binderfs", "./binderfs" [pid 5826] getdents64(3, executing program [pid 7078] <... symlink resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3 [pid 7078] write(1, "executing program\n", 18 [pid 5826] <... close resumed>) = 0 [pid 7078] <... write resumed>) = 18 [pid 5826] rmdir("./29" [pid 7078] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5826] <... rmdir resumed>) = 0 [pid 7078] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [ 140.631108][ T7076] loop2: detected capacity change from 0 to 32768 [pid 5826] mkdir("./30", 0777 [pid 7078] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7078] memfd_create("syzkaller", 0 [pid 5826] <... mkdir resumed>) = 0 [pid 7078] <... memfd_create resumed>) = 3 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7084 attached [pid 7084] set_robust_list(0x5555819eb760, 24) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7084 [pid 7084] chdir("./30") = 0 [pid 7084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7084] setpgid(0, 0) = 0 [pid 7084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7084] write(3, "1000", 4) = 4 [pid 7084] close(3) = 0 [pid 7084] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7084] write(1, "executing program\n", 18executing program ) = 18 [pid 7084] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7084] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7084] memfd_create("syzkaller", 0) = 3 [pid 7084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7078] <... write resumed>) = 16777216 [pid 7078] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7077] <... write resumed>) = 16777216 [pid 7078] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7077] munmap(0x7f0eeb600000, 138412032 [pid 7078] <... openat resumed>) = 4 [pid 7078] ioctl(4, LOOP_SET_FD, 3 [pid 7077] <... munmap resumed>) = 0 [pid 7078] <... ioctl resumed>) = 0 [pid 7077] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7078] close(3 [pid 7077] <... openat resumed>) = 4 [pid 7078] <... close resumed>) = 0 [pid 7077] ioctl(4, LOOP_SET_FD, 3 [pid 7078] close(4) = 0 [pid 7078] mkdir("./file0", 0777) = 0 [pid 7078] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7077] <... ioctl resumed>) = 0 [pid 7077] close(3) = 0 [pid 7077] close(4) = 0 [pid 7077] mkdir("./file0", 0777) = 0 [ 141.134615][ T7078] loop4: detected capacity change from 0 to 32768 [ 141.149415][ T7077] loop3: detected capacity change from 0 to 32768 [pid 7077] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7084] <... write resumed>) = 16777216 [pid 7084] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7084] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7084] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7084] close(3) = 0 [pid 7084] close(4) = 0 [pid 7084] mkdir("./file0", 0777) = 0 [ 141.224686][ T7084] loop1: detected capacity change from 0 to 32768 [ 141.289924][ T7076] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 141.321042][ T7076] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 141.331447][ T7076] bcachefs (loop2): Version downgrade required: [ 141.338121][ T7076] bcachefs (loop2): Version upgrade required: [ 141.338121][ T7076] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 141.338121][ T7076] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 141.338121][ T7076] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 141.410912][ T7078] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 141.421395][ T7078] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 141.447034][ T7076] bcachefs (loop2): dropping and reconstructing all alloc info [ 141.459072][ T7077] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 141.474314][ T7077] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 141.522370][ T7076] bcachefs (loop2): accounting_read... [ 141.539422][ T7084] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 141.554581][ T7076] done [ 141.563248][ T7076] bcachefs (loop2): alloc_read... done [ 141.569557][ T7084] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 141.601331][ T7076] bcachefs (loop2): stripes_read... done [ 141.619217][ T7076] bcachefs (loop2): snapshots_read... done [pid 7084] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7077] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7077] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7077] ioctl(3, LOOP_CLR_FD) = 0 [ 141.625282][ T7076] bcachefs (loop2): check_allocations... [ 141.683265][ T7077] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7077] close(3 [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 141.744315][ T7076] done [pid 5825] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7078] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... openat resumed>) = 4 [pid 7078] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] newfstatat(4, "", [pid 7078] <... openat resumed>) = 3 [pid 7078] ioctl(3, LOOP_CLR_FD [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7078] <... ioctl resumed>) = 0 [pid 7078] close(3 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [ 141.780935][ T7078] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5825] close(4) = 0 [pid 5825] rmdir("./18/file0") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./18") = 0 [ 141.826558][ T7076] bcachefs (loop2): going read-write [pid 5825] mkdir("./19", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7111 attached , child_tidptr=0x5555819eb750) = 7111 [pid 7076] <... mount resumed>) = 0 [pid 7111] set_robust_list(0x5555819eb760, 24) = 0 [pid 7076] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7076] chdir("./file0") = 0 [pid 7076] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7111] chdir("./19" [pid 7076] ioctl(4, LOOP_CLR_FD [pid 7111] <... chdir resumed>) = 0 [pid 7076] <... ioctl resumed>) = 0 [ 141.851608][ T7076] bcachefs (loop2): done starting filesystem [pid 7111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7076] close(4) = 0 [pid 7076] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7111] setpgid(0, 0) = 0 [pid 7111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7084] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7111] write(3, "1000", 4 [pid 7084] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7111] <... write resumed>) = 4 [pid 7084] <... openat resumed>) = 3 [pid 7111] close(3 [pid 7076] <... quotactl resumed>) = 0 [pid 7111] <... close resumed>) = 0 [pid 7076] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7084] ioctl(3, LOOP_CLR_FD [pid 7111] symlink("/dev/binderfs", "./binderfs" [pid 7076] <... openat resumed>) = 4 [pid 7111] <... symlink resumed>) = 0 [pid 7084] <... ioctl resumed>) = 0 [pid 7076] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7076] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL executing program [pid 7111] write(1, "executing program\n", 18 [pid 7084] close(3 [pid 7111] <... write resumed>) = 18 [pid 7111] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7111] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7111] memfd_create("syzkaller", 0) = 3 [pid 7111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7076] <... quotactl resumed>) = 0 [ 141.894417][ T7084] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7076] open(".", O_RDONLY) = 5 [pid 7076] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 7076] exit_group(0) = ? [pid 7076] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7076, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=38 /* 0.38 s */} --- [pid 5827] umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7077] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7077] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5827] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 7077] <... quotactl resumed>) = 0 [pid 7077] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7077] <... openat resumed>) = 3 [pid 7077] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7077] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7077] <... quotactl resumed>) = 0 [pid 7077] open(".", O_RDONLY) = 4 [pid 7077] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7077] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./29/binderfs", [pid 7077] exit_group(0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./29/binderfs" [pid 7077] <... exit_group resumed>) = ? [pid 5827] <... unlink resumed>) = 0 [pid 7077] +++ exited with 0 +++ [pid 5827] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7077, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=53 /* 0.53 s */} --- [ 141.991672][ T2913] bucket incorrectly unset in freespace btree [ 141.991706][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5828] umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./35/binderfs") = 0 [pid 5828] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./35/file0") = 0 [pid 5828] umount2("./35/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./35/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./35/file1") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./35") = 0 [pid 5828] mkdir("./36", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 7078] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7112 attached , child_tidptr=0x5555819eb750) = 7112 [ 142.087329][ T2913] bucket incorrectly unset in freespace btree [ 142.087353][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 142.116486][ T5827] bcachefs (loop2): shutting down [pid 7112] set_robust_list(0x5555819eb760, 24) = 0 [pid 7112] chdir("./36" [pid 7078] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7112] <... chdir resumed>) = 0 [pid 7112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7112] setpgid(0, 0) = 0 [pid 7112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7112] write(3, "1000", 4) = 4 [pid 7112] close(3) = 0 [pid 7112] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7112] write(1, "executing program\n", 18) = 18 [pid 7112] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7112] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7112] memfd_create("syzkaller", 0) = 3 [pid 7112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 142.116509][ T5827] bcachefs (loop2): going read-only [ 142.116532][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 142.146890][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 11 [ 142.207571][ T77] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 53) [ 142.240388][ T77] bucket incorrectly unset in freespace btree [ 142.240424][ T77] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 7111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7084] <... close resumed>) = 0 [ 142.288156][ T77] bucket incorrectly unset in freespace btree [ 142.288185][ T77] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 142.321531][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [pid 7084] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7078] <... quotactl resumed>) = 0 [pid 7078] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7084] <... quotactl resumed>) = 0 [pid 7078] <... openat resumed>) = 3 [pid 7084] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7078] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7084] <... openat resumed>) = 3 [pid 7078] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7078] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7084] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7084] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7078] <... quotactl resumed>) = 0 [pid 7084] open(".", O_RDONLY [pid 7078] open(".", O_RDONLY [pid 7084] <... open resumed>) = 4 [pid 7078] <... open resumed>) = 4 [pid 7084] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7078] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7084] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7078] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7084] exit_group(0 [pid 7078] exit_group(0 [pid 7084] <... exit_group resumed>) = ? [pid 7078] <... exit_group resumed>) = ? [pid 7084] +++ exited with 0 +++ [pid 7078] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7078, si_uid=0, si_status=0, si_utime=8 /* 0.08 s */, si_stime=42 /* 0.42 s */} --- [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7084, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=37 /* 0.37 s */} --- [ 142.358832][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 142.377651][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5829] umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... restart_syscall resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5826] umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7111] <... write resumed>) = 16777216 [pid 5829] newfstatat(3, "", [pid 5826] <... openat resumed>) = 3 [pid 7111] munmap(0x7f0eeb600000, 138412032 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(3, "", [pid 7111] <... munmap resumed>) = 0 [pid 5829] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./28/binderfs", [pid 5826] newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./30/binderfs" [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./28/binderfs" [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5826] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./30/file0", [pid 5829] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./28/file0", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 4 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(4, "", [pid 5829] openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... openat resumed>) = 4 [pid 5826] getdents64(4, [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, [pid 5826] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4 [pid 7111] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] getdents64(4, [pid 5826] <... close resumed>) = 0 [pid 7111] <... openat resumed>) = 4 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] rmdir("./30/file0" [ 142.442115][ T5827] bcachefs (loop2): shutdown complete [pid 7111] ioctl(4, LOOP_SET_FD, 3 [pid 5829] close(4) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5829] rmdir("./28/file0" [pid 5826] umount2("./30/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7111] <... ioctl resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 7111] close(3 [pid 5829] umount2("./28/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7111] <... close resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./30/file1", [pid 7111] close(4 [pid 5829] newfstatat(AT_FDCWD, "./28/file1", [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7111] <... close resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./30/file1" [pid 7111] mkdir("./file0", 0777) = 0 [pid 7111] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5829] unlink("./28/file1" [pid 5826] <... unlink resumed>) = 0 [pid 5826] getdents64(3, [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] getdents64(3, [pid 5826] close(3 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 5826] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5826] rmdir("./30" [pid 5829] rmdir("./28" [pid 5826] <... rmdir resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5826] mkdir("./31", 0777 [ 142.503110][ T7111] loop0: detected capacity change from 0 to 32768 [pid 5829] mkdir("./29", 0777 [pid 5826] <... mkdir resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5826] <... openat resumed>) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] close(3 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7118 attached , child_tidptr=0x5555819eb750) = 7118 [pid 7118] set_robust_list(0x5555819eb760, 24) = 0 [pid 5826] close(3) = 0 [pid 7118] chdir("./29" [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7118] <... chdir resumed>) = 0 [pid 7118] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 7119 attached ) = 0 [pid 7119] set_robust_list(0x5555819eb760, 24 [pid 7118] setpgid(0, 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7119 [pid 7118] <... setpgid resumed>) = 0 [pid 7118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7118] write(3, "1000", 4) = 4 [pid 7119] <... set_robust_list resumed>) = 0 [pid 7118] close(3) = 0 [pid 7119] chdir("./31" [pid 7118] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7119] <... chdir resumed>) = 0 [pid 7118] write(1, "executing program\n", 18executing program [pid 7119] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7118] <... write resumed>) = 18 [pid 7119] <... prctl resumed>) = 0 [pid 7119] setpgid(0, 0) = 0 [pid 7119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7118] fsopen(NULL, 0 [pid 7119] write(3, "1000", 4 [pid 7118] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7119] <... write resumed>) = 4 executing program [pid 7118] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7119] close(3 [pid 7118] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7119] <... close resumed>) = 0 [pid 7119] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7118] memfd_create("syzkaller", 0 [pid 7119] write(1, "executing program\n", 18) = 18 [pid 7119] fsopen(NULL, 0 [pid 7118] <... memfd_create resumed>) = 3 [pid 7119] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7119] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7119] memfd_create("syzkaller", 0 [pid 7118] <... mmap resumed>) = 0x7f0eeb600000 [pid 7119] <... memfd_create resumed>) = 3 [pid 7119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7112] <... write resumed>) = 16777216 [pid 7112] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7112] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7112] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7112] close(3) = 0 [pid 7112] close(4) = 0 [pid 7112] mkdir("./file0", 0777) = 0 [ 142.709141][ T7112] loop3: detected capacity change from 0 to 32768 [pid 7112] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7119] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7118] <... write resumed>) = 16777216 [pid 7118] munmap(0x7f0eeb600000, 138412032 [pid 7119] <... write resumed>) = 16777216 [pid 7119] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7118] <... munmap resumed>) = 0 [pid 7119] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 143.023085][ T7111] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 143.046059][ T7112] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 143.051844][ T7119] loop1: detected capacity change from 0 to 32768 [ 143.059491][ T7112] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7119] ioctl(4, LOOP_SET_FD, 3 [pid 7118] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7119] <... ioctl resumed>) = 0 [pid 7119] close(3) = 0 [pid 7119] close(4) = 0 [pid 7119] mkdir("./file0", 0777) = 0 [pid 7119] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7118] <... openat resumed>) = 4 [pid 7118] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7118] close(3) = 0 [pid 7118] close(4) = 0 [pid 7118] mkdir("./file0", 0777) = 0 [ 143.074835][ T7118] loop4: detected capacity change from 0 to 32768 [ 143.076553][ T7111] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 143.126068][ T7111] bcachefs (loop0): Version downgrade required: [ 143.134116][ T7111] bcachefs (loop0): Version upgrade required: [ 143.134116][ T7111] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 143.134116][ T7111] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 143.134116][ T7111] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 143.217848][ T7111] bcachefs (loop0): dropping and reconstructing all alloc info [ 143.258567][ T7111] bcachefs (loop0): accounting_read... [ 143.273918][ T7119] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 143.289088][ T7111] done [ 143.291915][ T7111] bcachefs (loop0): alloc_read... done [ 143.315388][ T7111] bcachefs (loop0): stripes_read... done [ 143.331949][ T7111] bcachefs (loop0): snapshots_read... done [ 143.332821][ T7119] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 143.338707][ T7111] bcachefs (loop0): check_allocations... [ 143.348577][ T7118] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 143.362001][ T7111] done [ 143.381849][ T7111] bcachefs (loop0): going read-write [ 143.386593][ T7118] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 143.387840][ T7112] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7118] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7112] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7112] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7112] ioctl(3, LOOP_CLR_FD) = 0 [pid 7112] close(3 [pid 7111] <... mount resumed>) = 0 [pid 7111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7111] chdir("./file0") = 0 [pid 7111] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7111] ioctl(4, LOOP_CLR_FD) = 0 [pid 7111] close(4) = 0 [ 143.420004][ T7111] bcachefs (loop0): done starting filesystem [pid 7111] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7111] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 5827] <... umount2 resumed>) = 0 [pid 7111] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5827] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7111] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7111] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] newfstatat(AT_FDCWD, "./29/file0", [pid 7111] <... quotactl resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7111] open(".", O_RDONLY [pid 5827] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7111] <... open resumed>) = 5 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7111] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5827] openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 7111] <... fallocate resumed>) = 0 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 7111] exit_group(0) = ? [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 7111] +++ exited with 0 +++ [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7111, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=41 /* 0.41 s */} --- [pid 5825] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... close resumed>) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./19/binderfs") = 0 [pid 5825] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] rmdir("./29/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [ 143.567877][ T2913] bucket incorrectly unset in freespace btree [ 143.567910][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 143.583007][ T7111] syz-executor165 (7111) used greatest stack depth: 15952 bytes left [pid 5827] rmdir("./29") = 0 [pid 5827] mkdir("./30", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3 [pid 7119] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7119] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 7146 ./strace-static-x86_64: Process 7146 attached [pid 7119] ioctl(3, LOOP_CLR_FD [pid 7146] set_robust_list(0x5555819eb760, 24 [pid 7119] <... ioctl resumed>) = 0 [pid 7146] <... set_robust_list resumed>) = 0 [pid 7146] chdir("./30" [pid 7119] close(3 [pid 7146] <... chdir resumed>) = 0 [pid 7146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 143.618880][ T5825] bcachefs (loop0): shutting down [ 143.618899][ T5825] bcachefs (loop0): going read-only [ 143.618919][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 143.624965][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [pid 7146] setpgid(0, 0) = 0 [pid 7146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7146] write(3, "1000", 4) = 4 [pid 7146] close(3) = 0 [pid 7146] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7146] write(1, "executing program\n", 18) = 18 [pid 7146] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7146] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7146] memfd_create("syzkaller", 0) = 3 [pid 7146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 143.663227][ T7119] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7112] <... close resumed>) = 0 [pid 7118] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7118] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7112] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7118] ioctl(3, LOOP_CLR_FD) = 0 [ 143.752630][ T2913] bucket incorrectly unset in freespace btree [ 143.752651][ T2913] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [ 143.759432][ T7118] bcachefs: bch2_fs_get_tree() error: EINVAL [ 143.857779][ T2913] bucket incorrectly unset in freespace btree [ 143.857799][ T2913] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [ 143.891182][ T2913] bucket incorrectly unset in freespace btree [ 143.891205][ T2913] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [pid 7118] close(3 [pid 7119] <... close resumed>) = 0 [pid 7118] <... close resumed>) = 0 [pid 7119] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 143.948936][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 143.968511][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 143.978251][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 7118] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7119] <... quotactl resumed>) = 0 [pid 7118] <... quotactl resumed>) = 0 [pid 7112] <... quotactl resumed>) = 0 [pid 7119] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7118] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7112] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7118] <... openat resumed>) = 3 [pid 7112] <... openat resumed>) = 3 [pid 7119] <... openat resumed>) = 3 [pid 7118] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7112] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7118] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7112] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7112] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7118] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7119] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7119] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7112] <... quotactl resumed>) = 0 [pid 7119] <... quotactl resumed>) = 0 [pid 7118] <... quotactl resumed>) = 0 [pid 7112] open(".", O_RDONLY [pid 7119] open(".", O_RDONLY [pid 7118] open(".", O_RDONLY [pid 7119] <... open resumed>) = 4 [pid 7118] <... open resumed>) = 4 [pid 7112] <... open resumed>) = 4 [pid 7118] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7119] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7118] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7112] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [ 143.999375][ T5825] bcachefs (loop0): shutdown complete [pid 7119] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7118] exit_group(0 [pid 7112] exit_group(0) = ? [pid 7112] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7112, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=40 /* 0.40 s */} --- [pid 7119] exit_group(0) = ? [pid 7118] <... exit_group resumed>) = ? [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 7118] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7118, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=45 /* 0.45 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 7119] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7119, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=49 /* 0.49 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./36/binderfs", [pid 5826] <... restart_syscall resumed>) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./36/binderfs" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... unlink resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 3 [pid 5829] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(3, "", [pid 5829] <... openat resumed>) = 3 [pid 5828] newfstatat(AT_FDCWD, "./36/file0", [pid 5829] newfstatat(3, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(3, [pid 5829] getdents64(3, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(4, "", [pid 5826] newfstatat(AT_FDCWD, "./31/binderfs", [pid 5829] newfstatat(AT_FDCWD, "./29/binderfs", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(4, [pid 5826] unlink("./31/binderfs" [pid 5829] unlink("./29/binderfs" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5828] getdents64(4, [pid 5826] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] close(4 [pid 5826] newfstatat(AT_FDCWD, "./31/file0", [pid 5829] newfstatat(AT_FDCWD, "./29/file0", [pid 5828] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] rmdir("./36/file0" [pid 5826] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./36/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 4 [pid 5829] <... openat resumed>) = 4 [pid 5828] newfstatat(AT_FDCWD, "./36/file1", [pid 5826] newfstatat(4, "", [pid 5829] newfstatat(4, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] unlink("./36/file1" [pid 5826] getdents64(4, [pid 5829] getdents64(4, [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(3, [pid 5826] getdents64(4, [pid 5829] getdents64(4, [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(3 [pid 5826] close(4 [pid 5829] close(4 [pid 5828] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5826] rmdir("./31/file0" [pid 5829] rmdir("./29/file0") = 0 [pid 5828] rmdir("./36" [pid 5826] <... rmdir resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5829] umount2("./29/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./29/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./31/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] unlink("./29/file1" [pid 5828] mkdir("./37", 0777 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./31/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 5826] unlink("./31/file1" [pid 5829] <... close resumed>) = 0 [pid 5829] rmdir("./29" [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... unlink resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5826] getdents64(3, [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] close(3 [pid 5828] close(3 [pid 5826] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] rmdir("./31" [pid 5829] <... rmdir resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... rmdir resumed>) = 0 [pid 5829] mkdir("./30", 0777./strace-static-x86_64: Process 7147 attached ) = 0 [pid 5826] mkdir("./32", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7147 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7148 attached [pid 7147] set_robust_list(0x5555819eb760, 24 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7147] <... set_robust_list resumed>) = 0 [pid 7148] set_robust_list(0x5555819eb760, 24 [pid 5829] <... openat resumed>) = 3 [pid 7148] <... set_robust_list resumed>) = 0 [pid 7147] chdir("./37" [pid 5829] ioctl(3, LOOP_CLR_FD [pid 7148] chdir("./32" [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7147] <... chdir resumed>) = 0 [pid 7147] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] close(3 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7148 [pid 7147] <... prctl resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7147] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 7149 attached [pid 7147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7148] <... chdir resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7149 [pid 7147] write(3, "1000", 4 [pid 7149] set_robust_list(0x5555819eb760, 24 [pid 7148] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7147] <... write resumed>) = 4 [pid 7149] <... set_robust_list resumed>) = 0 [pid 7148] <... prctl resumed>) = 0 [pid 7147] close(3 [pid 7148] setpgid(0, 0 [pid 7147] <... close resumed>) = 0 [pid 7149] chdir("./30") = 0 [pid 7148] <... setpgid resumed>) = 0 [pid 7147] symlink("/dev/binderfs", "./binderfs" [pid 7148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7147] <... symlink resumed>) = 0 executing program [pid 7149] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7148] <... openat resumed>) = 3 [pid 7147] write(1, "executing program\n", 18 [pid 7149] <... prctl resumed>) = 0 [pid 7148] write(3, "1000", 4 [pid 7147] <... write resumed>) = 18 [pid 7149] setpgid(0, 0 [pid 7148] <... write resumed>) = 4 [pid 7147] fsopen(NULL, 0 [pid 7149] <... setpgid resumed>) = 0 [pid 7149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7148] close(3 [pid 7147] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7149] <... openat resumed>) = 3 [pid 7148] <... close resumed>) = 0 [pid 7147] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7149] write(3, "1000", 4 [pid 7148] symlink("/dev/binderfs", "./binderfs" [pid 7147] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7149] <... write resumed>) = 4 [pid 7148] <... symlink resumed>) = 0 executing program [pid 7147] memfd_create("syzkaller", 0 [pid 7149] close(3 [pid 7148] write(1, "executing program\n", 18 [pid 7147] <... memfd_create resumed>) = 3 [pid 7149] <... close resumed>) = 0 [pid 7148] <... write resumed>) = 18 [pid 7149] symlink("/dev/binderfs", "./binderfs" [pid 7147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7148] fsopen(NULL, 0 [pid 7149] <... symlink resumed>) = 0 [pid 7148] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7147] <... mmap resumed>) = 0x7f0eeb600000 [pid 7148] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) executing program [pid 7148] memfd_create("syzkaller", 0 [pid 7149] write(1, "executing program\n", 18) = 18 [pid 7148] <... memfd_create resumed>) = 3 [pid 7149] fsopen(NULL, 0 [pid 7148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7149] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7149] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7148] <... mmap resumed>) = 0x7f0eeb600000 [pid 7149] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7149] memfd_create("syzkaller", 0) = 3 [pid 7149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7146] <... write resumed>) = 16777216 [pid 7146] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7146] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7146] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7146] close(3) = 0 [pid 7146] close(4) = 0 [pid 7146] mkdir("./file0", 0777) = 0 [ 144.286605][ T7146] loop2: detected capacity change from 0 to 32768 [pid 7146] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7147] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7149] <... write resumed>) = 16777216 [pid 7149] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7149] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7149] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7149] close(3) = 0 [pid 7149] close(4) = 0 [pid 7149] mkdir("./file0", 0777) = 0 [pid 7147] <... write resumed>) = 16777216 [pid 7149] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7147] munmap(0x7f0eeb600000, 138412032) = 0 [ 144.627607][ T7149] loop4: detected capacity change from 0 to 32768 [pid 7147] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7147] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7147] close(3) = 0 [pid 7147] close(4) = 0 [pid 7147] mkdir("./file0", 0777) = 0 [pid 7147] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7148] <... write resumed>) = 16777216 [pid 7148] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7148] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 144.686576][ T7147] loop3: detected capacity change from 0 to 32768 [pid 7148] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7148] close(3) = 0 [pid 7148] close(4) = 0 [ 144.732377][ T7148] loop1: detected capacity change from 0 to 32768 [pid 7148] mkdir("./file0", 0777) = 0 [ 144.763689][ T7146] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 144.790656][ T7146] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 144.799499][ T7146] bcachefs (loop2): Version downgrade required: [ 144.806090][ T7146] bcachefs (loop2): Version upgrade required: [ 144.806090][ T7146] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 144.806090][ T7146] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 144.806090][ T7146] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 144.880124][ T7147] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 144.895943][ T7146] bcachefs (loop2): dropping and reconstructing all alloc info [ 144.906026][ T7147] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 144.915758][ T7149] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 144.933144][ T7146] bcachefs (loop2): accounting_read... done [ 144.941894][ T7149] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 144.947912][ T7146] bcachefs (loop2): alloc_read... done [ 144.962598][ T7146] bcachefs (loop2): stripes_read... done [ 144.969214][ T7146] bcachefs (loop2): snapshots_read... done [ 144.977615][ T7146] bcachefs (loop2): check_allocations... [ 144.989488][ T7148] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 145.004381][ T7148] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 145.097882][ T7146] done [ 145.117652][ T7146] bcachefs (loop2): going read-write [pid 7148] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7149] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7149] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 145.190633][ T7146] bcachefs (loop2): done starting filesystem [ 145.191109][ T7149] bcachefs: bch2_fs_get_tree() error: EINVAL [ 145.228950][ T7147] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7149] ioctl(3, LOOP_CLR_FD) = 0 [pid 7147] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7146] <... mount resumed>) = 0 [pid 7146] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7146] chdir("./file0") = 0 [pid 7146] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7146] ioctl(4, LOOP_CLR_FD) = 0 [pid 7146] close(4) = 0 [pid 7146] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7147] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7147] ioctl(3, LOOP_CLR_FD) = 0 [pid 7147] close(3 [pid 7149] close(3 [pid 7146] <... quotactl resumed>) = 0 [pid 7146] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7148] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7146] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7148] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7146] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7146] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7148] ioctl(3, LOOP_CLR_FD) = 0 [pid 7146] <... quotactl resumed>) = 0 [pid 7148] close(3 [pid 7146] open(".", O_RDONLY) = 5 [ 145.283140][ T7148] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7146] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", [pid 7146] <... fallocate resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./19/file0") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./19") = 0 [pid 7146] exit_group(0) = ? [pid 7146] +++ exited with 0 +++ [pid 5825] mkdir("./20", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7146, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=36 /* 0.36 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5825] <... close resumed>) = 0 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7181 attached [pid 5827] umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7181 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7181] set_robust_list(0x5555819eb760, 24 [pid 5827] <... openat resumed>) = 3 [pid 7181] <... set_robust_list resumed>) = 0 [pid 5827] newfstatat(3, "", [pid 7181] chdir("./20") = 0 [pid 7181] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7181] setpgid(0, 0) = 0 [pid 7181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7181] write(3, "1000", 4 [pid 5827] getdents64(3, [pid 7181] <... write resumed>) = 4 [pid 7181] close(3executing program [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 7181] <... close resumed>) = 0 [pid 5827] umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7181] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7181] write(1, "executing program\n", 18) = 18 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7181] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7181] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7181] memfd_create("syzkaller", 0 [ 145.353946][ T77] bucket incorrectly unset in freespace btree [ 145.353977][ T77] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5827] newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./30/binderfs" [pid 7181] <... memfd_create resumed>) = 3 [pid 7181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5827] <... unlink resumed>) = 0 [ 145.482095][ T5827] bcachefs (loop2): shutting down [pid 5827] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7147] <... close resumed>) = 0 [ 145.519224][ T5827] bcachefs (loop2): going read-only [ 145.525275][ T77] bucket incorrectly unset in freespace btree [ 145.525294][ T77] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 7147] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7148] <... close resumed>) = 0 [ 145.539310][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 145.542027][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [pid 7148] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7149] <... close resumed>) = 0 [pid 7149] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 145.628166][ T77] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 53) [ 145.653408][ T77] bucket incorrectly unset in freespace btree [ 145.653443][ T77] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 145.684923][ T77] bucket incorrectly unset in freespace btree [ 145.684945][ T77] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 145.703999][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [pid 7181] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7149] <... quotactl resumed>) = 0 [pid 7148] <... quotactl resumed>) = 0 [pid 7147] <... quotactl resumed>) = 0 [pid 7149] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7148] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7147] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7149] <... openat resumed>) = 3 [pid 7148] <... openat resumed>) = 3 [pid 7148] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7147] <... openat resumed>) = 3 [pid 7149] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7148] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7147] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7149] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7148] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7147] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7149] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [ 145.731126][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 145.740701][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 7147] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7149] <... quotactl resumed>) = 0 [pid 7148] <... quotactl resumed>) = 0 [pid 7147] <... quotactl resumed>) = 0 [pid 7149] open(".", O_RDONLY [pid 7147] open(".", O_RDONLY) = 4 [pid 7147] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7147] exit_group(0 [pid 7148] open(".", O_RDONLY [pid 7147] <... exit_group resumed>) = ? [pid 7148] <... open resumed>) = 4 [pid 7147] +++ exited with 0 +++ [pid 7149] <... open resumed>) = 4 [pid 7148] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7147, si_uid=0, si_status=0, si_utime=9 /* 0.09 s */, si_stime=49 /* 0.49 s */} --- [pid 7149] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7148] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 7149] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7148] exit_group(0 [pid 7149] exit_group(0 [pid 7148] <... exit_group resumed>) = ? [pid 7149] <... exit_group resumed>) = ? [pid 7148] +++ exited with 0 +++ [pid 7149] +++ exited with 0 +++ [pid 5828] <... restart_syscall resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7148, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=45 /* 0.45 s */} --- [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7149, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=49 /* 0.49 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... openat resumed>) = 3 [pid 5829] newfstatat(3, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5826] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] getdents64(3, [pid 5828] newfstatat(3, "", [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... openat resumed>) = 3 [pid 5829] umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(3, "", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./30/binderfs", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(3, [pid 5829] unlink("./30/binderfs" [pid 5826] getdents64(3, [pid 5829] <... unlink resumed>) = 0 [pid 5829] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./30/file0", [pid 5828] umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./37/binderfs", [pid 5829] openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... openat resumed>) = 4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./32/binderfs" [pid 5829] newfstatat(4, "", [pid 5828] unlink("./37/binderfs" [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5829] getdents64(4, [pid 5828] <... unlink resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] close(4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... close resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./37/file0", [pid 5826] newfstatat(AT_FDCWD, "./32/file0", [pid 5829] rmdir("./30/file0") = 0 [pid 5829] umount2("./30/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./30/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./30/file1") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./30") = 0 [pid 5828] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] mkdir("./31", 0777 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 4 [pid 5826] openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 145.779226][ T5827] bcachefs (loop2): shutdown complete [pid 5828] newfstatat(4, "", [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5829] <... openat resumed>) = 3 [pid 5828] getdents64(4, [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] newfstatat(4, "", [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] close(4 [pid 5826] getdents64(4, [pid 5828] <... close resumed>) = 0 [pid 5829] close(3 [pid 5828] rmdir("./37/file0" [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... rmdir resumed>) = 0 [pid 5826] getdents64(4, ./strace-static-x86_64: Process 7182 attached [pid 5828] umount2("./37/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] close(4 [pid 7182] set_robust_list(0x5555819eb760, 24 [pid 5828] newfstatat(AT_FDCWD, "./37/file1", [pid 5826] <... close resumed>) = 0 [pid 7182] <... set_robust_list resumed>) = 0 [pid 5826] rmdir("./32/file0" [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7182 [pid 7182] chdir("./31" [pid 7181] <... write resumed>) = 16777216 [pid 5828] unlink("./37/file1" [pid 5826] <... rmdir resumed>) = 0 [pid 7182] <... chdir resumed>) = 0 [pid 7181] munmap(0x7f0eeb600000, 138412032 [pid 7182] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... unlink resumed>) = 0 [pid 5826] umount2("./32/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7182] <... prctl resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7182] setpgid(0, 0 [pid 5828] getdents64(3, [pid 5826] newfstatat(AT_FDCWD, "./32/file1", [pid 7182] <... setpgid resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7181] <... munmap resumed>) = 0 [pid 5828] close(3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7182] <... openat resumed>) = 3 [pid 7182] write(3, "1000", 4 [pid 7181] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] <... close resumed>) = 0 [pid 5826] unlink("./32/file1" [pid 7182] <... write resumed>) = 4 [pid 7181] <... openat resumed>) = 4 [pid 5828] rmdir("./37" [pid 7181] ioctl(4, LOOP_SET_FD, 3 [pid 7182] close(3 [pid 5826] <... unlink resumed>) = 0 [pid 7182] <... close resumed>) = 0 [pid 7182] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7182] write(1, "executing program\n", 18 [pid 5826] close(3executing program ) = 0 [pid 7182] <... write resumed>) = 18 [pid 7182] fsopen(NULL, 0 [pid 5826] rmdir("./32" [pid 7182] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5828] mkdir("./38", 0777 [pid 7182] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7182] memfd_create("syzkaller", 0 [pid 5826] <... rmdir resumed>) = 0 [pid 7182] <... memfd_create resumed>) = 3 [pid 7182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] <... mkdir resumed>) = 0 [pid 7182] <... mmap resumed>) = 0x7f0eeb600000 [pid 7181] <... ioctl resumed>) = 0 [pid 5826] mkdir("./33", 0777 [pid 7181] close(3 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7181] <... close resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 7181] close(4 [pid 5828] <... openat resumed>) = 3 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7181] <... close resumed>) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... openat resumed>) = 3 [pid 7181] mkdir("./file0", 0777 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] close(3) = 0 ./strace-static-x86_64: Process 7183 attached [pid 7181] <... mkdir resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7184 attached [pid 7183] set_robust_list(0x5555819eb760, 24) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7183 [pid 7184] set_robust_list(0x5555819eb760, 24 [pid 7183] chdir("./38" [pid 7181] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7184] <... set_robust_list resumed>) = 0 [pid 7184] chdir("./33" [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7184 [pid 7184] <... chdir resumed>) = 0 [pid 7184] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7184] setpgid(0, 0) = 0 [pid 7183] <... chdir resumed>) = 0 [pid 7183] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7183] setpgid(0, 0) = 0 [pid 7183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7183] <... openat resumed>) = 3 [pid 7183] write(3, "1000", 4 [pid 7184] <... openat resumed>) = 3 [pid 7183] <... write resumed>) = 4 [pid 7184] write(3, "1000", 4 [pid 7183] close(3 [pid 7184] <... write resumed>) = 4 [pid 7184] close(3 [pid 7183] <... close resumed>) = 0 [pid 7184] <... close resumed>) = 0 [pid 7183] symlink("/dev/binderfs", "./binderfs" [pid 7184] symlink("/dev/binderfs", "./binderfs" [pid 7183] <... symlink resumed>) = 0 executing program [pid 7183] write(1, "executing program\n", 18) = 18 [ 145.892287][ T7181] loop0: detected capacity change from 0 to 32768 executing program [pid 7184] <... symlink resumed>) = 0 [pid 7183] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7183] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7184] write(1, "executing program\n", 18) = 18 [pid 7184] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7183] memfd_create("syzkaller", 0 [pid 7184] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7184] memfd_create("syzkaller", 0) = 3 [pid 7184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7183] <... memfd_create resumed>) = 3 [pid 7183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7183] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7183] <... write resumed>) = 16777216 [pid 7183] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7184] <... write resumed>) = 16777216 [pid 7183] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7184] munmap(0x7f0eeb600000, 138412032 [pid 7183] <... openat resumed>) = 4 [pid 7183] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7183] close(3 [pid 7184] <... munmap resumed>) = 0 [pid 7183] <... close resumed>) = 0 [pid 7182] <... write resumed>) = 16777216 [pid 7184] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7183] close(4 [pid 7182] munmap(0x7f0eeb600000, 138412032 [pid 7184] <... openat resumed>) = 4 [pid 7183] <... close resumed>) = 0 [pid 7184] ioctl(4, LOOP_SET_FD, 3 [pid 7183] mkdir("./file0", 0777 [pid 7182] <... munmap resumed>) = 0 [pid 7184] <... ioctl resumed>) = 0 [pid 7183] <... mkdir resumed>) = 0 [pid 7183] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7184] close(3 [pid 7182] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7184] <... close resumed>) = 0 [pid 7182] <... openat resumed>) = 4 [ 146.389009][ T7183] loop3: detected capacity change from 0 to 32768 [ 146.429093][ T7184] loop1: detected capacity change from 0 to 32768 [pid 7182] ioctl(4, LOOP_SET_FD, 3 [pid 7184] close(4) = 0 [pid 7182] <... ioctl resumed>) = 0 [pid 7182] close(3 [pid 7184] mkdir("./file0", 0777 [pid 7182] <... close resumed>) = 0 [pid 7182] close(4) = 0 [pid 7182] mkdir("./file0", 0777 [pid 7184] <... mkdir resumed>) = 0 [pid 7182] <... mkdir resumed>) = 0 [pid 7182] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 146.446524][ T7182] loop4: detected capacity change from 0 to 32768 [ 146.588831][ T7181] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 146.616061][ T7183] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 146.626404][ T7183] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 146.640455][ T7181] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 146.651077][ T7182] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 146.660029][ T7181] bcachefs (loop0): Version downgrade required: [ 146.685046][ T7181] bcachefs (loop0): Version upgrade required: [ 146.685046][ T7181] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 146.685046][ T7181] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 146.685046][ T7181] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 146.734771][ T7182] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 146.756806][ T7181] bcachefs (loop0): dropping and reconstructing all alloc info [ 146.765450][ T7184] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 7184] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7183] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7183] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7183] ioctl(3, LOOP_CLR_FD) = 0 [ 146.805393][ T7184] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 146.818582][ T7183] bcachefs: bch2_fs_get_tree() error: EINVAL [ 146.819745][ T7181] bcachefs (loop0): accounting_read... done [ 146.841103][ T7181] bcachefs (loop0): alloc_read... done [ 146.874391][ T7181] bcachefs (loop0): stripes_read... done [ 146.881972][ T7181] bcachefs (loop0): snapshots_read... done [ 146.905928][ T7181] bcachefs (loop0): check_allocations... done [pid 7183] close(3 [pid 5827] <... umount2 resumed>) = 0 [pid 7183] <... close resumed>) = 0 [ 147.052538][ T7181] bcachefs (loop0): going read-write [pid 5827] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7182] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7184] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7183] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5827] newfstatat(AT_FDCWD, "./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7182] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] getdents64(4, [pid 7182] <... openat resumed>) = 3 [pid 7182] ioctl(3, LOOP_CLR_FD) = 0 [pid 7182] close(3 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./30/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./30" [pid 7184] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] <... rmdir resumed>) = 0 [pid 5827] mkdir("./31", 0777 [pid 7184] <... openat resumed>) = 3 [pid 7184] ioctl(3, LOOP_CLR_FD) = 0 [pid 7184] close(3 [pid 5827] <... mkdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7216 attached [ 147.086009][ T7182] bcachefs: bch2_fs_get_tree() error: EINVAL [ 147.088157][ T7184] bcachefs: bch2_fs_get_tree() error: EINVAL [ 147.097066][ T7181] bcachefs (loop0): done starting filesystem [pid 7183] <... quotactl resumed>) = 0 [pid 7181] <... mount resumed>) = 0 [pid 7183] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7183] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7183] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 7216 [pid 7181] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7216] set_robust_list(0x5555819eb760, 24) = 0 [pid 7216] chdir("./31" [pid 7181] chdir("./file0") = 0 [pid 7181] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7216] <... chdir resumed>) = 0 [pid 7181] ioctl(4, LOOP_CLR_FD [pid 7216] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7181] <... ioctl resumed>) = 0 [pid 7216] <... prctl resumed>) = 0 [pid 7181] close(4 [pid 7216] setpgid(0, 0 [pid 7181] <... close resumed>) = 0 [pid 7216] <... setpgid resumed>) = 0 [pid 7181] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7183] <... quotactl resumed>) = 0 [pid 7183] open(".", O_RDONLY) = 4 [pid 7183] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7183] exit_group(0) = ? [pid 7183] +++ exited with 0 +++ [pid 7181] <... quotactl resumed>) = 0 [pid 7216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7181] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7216] <... openat resumed>) = 3 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7183, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=42 /* 0.42 s */} --- [pid 7216] write(3, "1000", 4 [pid 7181] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7216] <... write resumed>) = 4 [pid 7181] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5828] umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7216] close(3 [pid 7181] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7216] <... close resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7216] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... openat resumed>) = 3 [pid 7216] <... symlink resumed>) = 0 [pid 5828] newfstatat(3, "", executing program [pid 7216] write(1, "executing program\n", 18 [pid 7181] <... quotactl resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7216] <... write resumed>) = 18 [pid 7181] open(".", O_RDONLY [pid 5828] getdents64(3, [pid 7216] fsopen(NULL, 0 [pid 7181] <... open resumed>) = 5 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 7216] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7181] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7216] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7216] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./38/binderfs", [pid 7216] memfd_create("syzkaller", 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./38/binderfs" [pid 7216] <... memfd_create resumed>) = 3 [pid 5828] <... unlink resumed>) = 0 [pid 7216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7181] <... fallocate resumed>) = 0 [pid 7216] <... mmap resumed>) = 0x7f0eeb600000 [pid 5828] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7181] exit_group(0) = ? [pid 7181] +++ exited with 0 +++ [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7181, si_uid=0, si_status=0, si_utime=8 /* 0.08 s */, si_stime=36 /* 0.36 s */} --- [pid 5825] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./38/file0", [pid 5825] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5828] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] unlink("./20/binderfs" [pid 5828] openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... unlink resumed>) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./38/file0") = 0 [pid 5828] umount2("./38/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./38/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 147.201967][ T2913] bucket incorrectly unset in freespace btree [ 147.202010][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5828] unlink("./38/file1") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./38") = 0 [pid 5828] mkdir("./39", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [ 147.270069][ T5825] bcachefs (loop0): shutting down [ 147.275160][ T5825] bcachefs (loop0): going read-only [ 147.297153][ T5825] bcachefs (loop0): finished waiting for writes to stop [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7217 ./strace-static-x86_64: Process 7217 attached [pid 7217] set_robust_list(0x5555819eb760, 24) = 0 [pid 7217] chdir("./39") = 0 [pid 7217] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7217] setpgid(0, 0) = 0 [pid 7217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7217] write(3, "1000", 4) = 4 [pid 7217] close(3) = 0 [pid 7217] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7217] write(1, "executing program\n", 18executing program ) = 18 [pid 7217] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7217] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7217] memfd_create("syzkaller", 0) = 3 [pid 7217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 147.341029][ T2913] bucket incorrectly unset in freespace btree [ 147.341051][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 7182] <... close resumed>) = 0 [ 147.358842][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [pid 7182] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7184] <... close resumed>) = 0 [ 147.456760][ T77] bucket incorrectly unset in freespace btree [ 147.456783][ T77] u64s 5 type deleted 0:4:0 len 0 ver 0, , continuing [ 147.479531][ T77] bucket incorrectly unset in freespace btree [ 147.479553][ T77] u64s 5 type deleted 0:7:0 len 0 ver 0, , continuing [pid 7184] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7216] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7184] <... quotactl resumed>) = 0 [pid 7182] <... quotactl resumed>) = 0 [pid 7184] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [ 147.525306][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 147.536615][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 147.545100][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 7182] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7184] <... openat resumed>) = 3 [pid 7182] <... openat resumed>) = 3 [pid 7182] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7182] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7184] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7184] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7184] open(".", O_RDONLY) = 4 [pid 7184] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7184] exit_group(0) = ? [pid 7184] +++ exited with 0 +++ [pid 7182] <... quotactl resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7184, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=46 /* 0.46 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 7182] open(".", O_RDONLY [pid 5826] umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7182] <... open resumed>) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7182] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5826] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7182] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 3 [pid 7182] exit_group(0 [pid 5826] newfstatat(3, "", [pid 7182] <... exit_group resumed>) = ? [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./33/binderfs") = 0 [pid 5826] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./33/file0", [pid 7217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7182] +++ exited with 0 +++ [pid 5826] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7182, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=43 /* 0.43 s */} --- [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5826] openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [ 147.571937][ T5825] bcachefs (loop0): shutdown complete [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./33/file0") = 0 [pid 5826] umount2("./33/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./33/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./33/file1") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./33") = 0 [pid 5826] mkdir("./34", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5829] umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7218 attached [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 7218] set_robust_list(0x5555819eb760, 24 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 7218] <... set_robust_list resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 7218] chdir("./34" [pid 5829] umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7218] <... chdir resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./31/binderfs") = 0 [pid 7218] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7218] setpgid(0, 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7218 [pid 7218] <... setpgid resumed>) = 0 [pid 7218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7218] <... openat resumed>) = 3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./31/file0", executing program {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7218] write(3, "1000", 4) = 4 [pid 5829] openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7218] close(3) = 0 [pid 5829] <... openat resumed>) = 4 [pid 7218] symlink("/dev/binderfs", "./binderfs" [pid 5829] newfstatat(4, "", [pid 7218] <... symlink resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7218] write(1, "executing program\n", 18 [pid 5829] getdents64(4, [pid 7218] <... write resumed>) = 18 [pid 7218] fsopen(NULL, 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7218] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5829] close(4 [pid 7218] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5829] <... close resumed>) = 0 [pid 7218] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5829] rmdir("./31/file0" [pid 7218] memfd_create("syzkaller", 0 [pid 5829] <... rmdir resumed>) = 0 [pid 7218] <... memfd_create resumed>) = 3 [pid 7218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5829] umount2("./31/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./31/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./31/file1") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./31") = 0 [pid 5829] mkdir("./32", 0777) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7219 attached [pid 7219] set_robust_list(0x5555819eb760, 24) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7219 [pid 7219] chdir("./32") = 0 [pid 7219] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7219] setpgid(0, 0) = 0 [pid 7219] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7219] write(3, "1000", 4) = 4 [pid 7219] close(3) = 0 [pid 7219] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7219] write(1, "executing program\n", 18) = 18 [pid 7219] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7219] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7219] memfd_create("syzkaller", 0) = 3 [pid 7219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7218] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7216] <... write resumed>) = 16777216 [pid 7216] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7216] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7216] ioctl(4, LOOP_SET_FD, 3 [pid 7217] <... write resumed>) = 16777216 [pid 7216] <... ioctl resumed>) = 0 [pid 7217] munmap(0x7f0eeb600000, 138412032 [pid 7216] close(3) = 0 [pid 7216] close(4) = 0 [pid 7216] mkdir("./file0", 0777) = 0 [pid 7216] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7217] <... munmap resumed>) = 0 [ 147.929479][ T7216] loop2: detected capacity change from 0 to 32768 [pid 7219] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7217] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7217] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7217] close(3) = 0 [pid 7217] close(4) = 0 [pid 7217] mkdir("./file0", 0777) = 0 [ 147.997023][ T7217] loop3: detected capacity change from 0 to 32768 [pid 7217] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7218] <... write resumed>) = 16777216 [pid 7218] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7218] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7218] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7218] close(3) = 0 [pid 7218] close(4) = 0 [pid 7218] mkdir("./file0", 0777) = 0 [ 148.138512][ T7218] loop1: detected capacity change from 0 to 32768 [pid 7218] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7219] <... write resumed>) = 16777216 [pid 7219] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7219] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7219] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7219] close(3) = 0 [pid 7219] close(4) = 0 [pid 7219] mkdir("./file0", 0777) = 0 [ 148.232925][ T7219] loop4: detected capacity change from 0 to 32768 [ 148.529744][ T7218] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 148.530232][ T7216] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 148.540329][ T7216] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 148.573945][ T7216] bcachefs (loop2): Version downgrade required: [ 148.581520][ T7216] bcachefs (loop2): Version upgrade required: [ 148.581520][ T7216] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 148.581520][ T7216] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 148.581520][ T7216] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 148.653279][ T7217] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 148.654337][ T7216] bcachefs (loop2): dropping and reconstructing all alloc info [ 148.672635][ T7217] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 148.675948][ T7219] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 148.711502][ T7218] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 148.723186][ T7216] bcachefs (loop2): accounting_read... [ 148.726027][ T7219] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 148.746139][ T7216] done [ 148.749243][ T7216] bcachefs (loop2): alloc_read... done [ 148.759359][ T7216] bcachefs (loop2): stripes_read... done [ 148.781764][ T7216] bcachefs (loop2): snapshots_read... done [ 148.790701][ T7216] bcachefs (loop2): check_allocations... done [ 148.873728][ T7216] bcachefs (loop2): going read-write [pid 7219] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7216] <... mount resumed>) = 0 [pid 7217] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7216] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 7217] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7217] ioctl(3, LOOP_CLR_FD) = 0 [ 148.935747][ T7216] bcachefs (loop2): done starting filesystem [ 148.949788][ T7217] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7217] close(3 [pid 7216] <... openat resumed>) = 3 [pid 7216] chdir("./file0") = 0 [pid 7216] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7216] ioctl(4, LOOP_CLR_FD) = 0 [pid 7216] close(4) = 0 [pid 7216] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7218] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7218] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7218] ioctl(3, LOOP_CLR_FD) = 0 [pid 7216] <... quotactl resumed>) = 0 [pid 7218] close(3 [pid 7216] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7216] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [ 149.006728][ T7218] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7216] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7216] open(".", O_RDONLY) = 5 [pid 7216] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7219] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7216] <... fallocate resumed>) = 0 [pid 7216] exit_group(0 [pid 7219] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7216] <... exit_group resumed>) = ? [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 149.082235][ T77] bucket incorrectly unset in freespace btree [ 149.082270][ T77] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 7219] <... openat resumed>) = 3 [pid 7216] +++ exited with 0 +++ [pid 5825] newfstatat(AT_FDCWD, "./20/file0", [pid 7219] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7216, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=40 /* 0.40 s */} --- [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... openat resumed>) = 4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(4, "", [pid 5827] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5825] getdents64(4, [pid 5827] newfstatat(3, "", [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, [pid 5827] getdents64(3, [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] close(4 [pid 5827] umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] rmdir("./20/file0" [pid 5827] newfstatat(AT_FDCWD, "./31/binderfs", [pid 5825] <... rmdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] getdents64(3, [pid 5827] unlink("./31/binderfs" [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5825] close(3 [pid 5827] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./20") = 0 [pid 5825] mkdir("./21", 0777 [pid 7219] close(3 [pid 5825] <... mkdir resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7251 ./strace-static-x86_64: Process 7251 attached [ 149.090411][ T7219] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7251] set_robust_list(0x5555819eb760, 24) = 0 [pid 7251] chdir("./21") = 0 [pid 7251] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7251] setpgid(0, 0) = 0 [pid 7251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7251] write(3, "1000", 4) = 4 [pid 7251] close(3) = 0 [pid 7251] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7251] write(1, "executing program\n", 18executing program ) = 18 [pid 7251] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7251] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7251] memfd_create("syzkaller", 0) = 3 [pid 7251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 149.242323][ T5827] bcachefs (loop2): shutting down [ 149.261606][ T77] bucket incorrectly unset in freespace btree [ 149.261629][ T77] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 7218] <... close resumed>) = 0 [pid 7217] <... close resumed>) = 0 [pid 7218] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 149.267834][ T5827] bcachefs (loop2): going read-only [ 149.275921][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 149.346211][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [pid 7217] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7219] <... close resumed>) = 0 [pid 7219] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 149.421470][ T77] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 53) [ 149.448135][ T77] bucket incorrectly unset in freespace btree [ 149.448168][ T77] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 149.499986][ T77] bucket incorrectly unset in freespace btree [ 149.500008][ T77] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 149.538742][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [pid 7251] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7219] <... quotactl resumed>) = 0 [pid 7218] <... quotactl resumed>) = 0 [pid 7219] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7218] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7219] <... openat resumed>) = 3 [pid 7218] <... openat resumed>) = 3 [pid 7219] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7218] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7219] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7218] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7219] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7218] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7217] <... quotactl resumed>) = 0 [pid 7217] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7217] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [ 149.562185][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 149.587293][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 7217] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7219] <... quotactl resumed>) = 0 [pid 7218] <... quotactl resumed>) = 0 [pid 7219] open(".", O_RDONLY) = 4 [pid 7219] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7219] exit_group(0) = ? [pid 7218] open(".", O_RDONLY [pid 7219] +++ exited with 0 +++ [pid 7218] <... open resumed>) = 4 [pid 7217] <... quotactl resumed>) = 0 [pid 7218] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7217] open(".", O_RDONLY [pid 7218] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7217] <... open resumed>) = 4 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7219, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=41 /* 0.41 s */} --- [pid 7218] exit_group(0 [pid 7217] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 7218] <... exit_group resumed>) = ? [pid 7217] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7218] +++ exited with 0 +++ [pid 7217] exit_group(0) = ? [pid 7217] +++ exited with 0 +++ [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7218, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=43 /* 0.43 s */} --- [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7217, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=52 /* 0.52 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5829] umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... restart_syscall resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... openat resumed>) = 3 [pid 5828] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] newfstatat(3, "", [pid 5828] <... openat resumed>) = 3 [pid 5826] umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] newfstatat(3, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] getdents64(3, [pid 5826] <... openat resumed>) = 3 [pid 5829] umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] newfstatat(3, "", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(3, [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./39/binderfs", [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] unlink("./32/binderfs" [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... unlink resumed>) = 0 [pid 5828] unlink("./39/binderfs" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... unlink resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./34/binderfs", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./32/file0", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] unlink("./34/binderfs" [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./39/file0", [pid 5826] <... unlink resumed>) = 0 [pid 5829] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./34/file0", [pid 5829] <... openat resumed>) = 4 [pid 5828] openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(4, "", [pid 5828] <... openat resumed>) = 4 [pid 5826] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] newfstatat(4, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, [pid 5826] <... openat resumed>) = 4 [pid 5829] getdents64(4, [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] newfstatat(4, "", [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] getdents64(4, [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] close(4 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] getdents64(4, [pid 5829] <... close resumed>) = 0 [pid 5828] close(4 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [ 149.632814][ T5827] bcachefs (loop2): shutdown complete [pid 5829] rmdir("./32/file0" [pid 5828] <... close resumed>) = 0 [pid 5826] getdents64(4, [pid 7251] <... write resumed>) = 16777216 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] rmdir("./39/file0" [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7251] munmap(0x7f0eeb600000, 138412032 [pid 5829] umount2("./32/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... rmdir resumed>) = 0 [pid 5826] close(4 [pid 5828] umount2("./39/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... close resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] rmdir("./34/file0" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./39/file1", [pid 5826] <... rmdir resumed>) = 0 [pid 5829] newfstatat(AT_FDCWD, "./32/file1", [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./34/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./39/file1" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./32/file1" [pid 5828] <... unlink resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./34/file1", [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./34/file1" [pid 5829] getdents64(3, [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] getdents64(3, [pid 5826] getdents64(3, [pid 5829] close(3 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... close resumed>) = 0 [pid 5828] close(3 [pid 5826] close(3 [pid 5829] rmdir("./32" [pid 5828] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] rmdir("./39" [pid 5826] rmdir("./34" [pid 7251] <... munmap resumed>) = 0 [pid 5829] mkdir("./33", 0777 [pid 7251] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] <... mkdir resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 7251] <... openat resumed>) = 4 [pid 7251] ioctl(4, LOOP_SET_FD, 3 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] mkdir("./40", 0777 [pid 5826] mkdir("./35", 0777 [pid 5829] <... openat resumed>) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3 [pid 7251] <... ioctl resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 7251] close(3) = 0 [pid 7251] close(4 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 7251] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 7251] mkdir("./file0", 0777 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7251] <... mkdir resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7251] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7252 ./strace-static-x86_64: Process 7252 attached [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7253 ./strace-static-x86_64: Process 7253 attached [pid 7253] set_robust_list(0x5555819eb760, 24 [pid 7252] set_robust_list(0x5555819eb760, 24 [pid 7253] <... set_robust_list resumed>) = 0 [pid 7252] <... set_robust_list resumed>) = 0 [pid 7253] chdir("./33" [pid 7252] chdir("./40" [pid 7253] <... chdir resumed>) = 0 [pid 7252] <... chdir resumed>) = 0 [pid 7253] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7252] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7253] setpgid(0, 0 [pid 7252] <... prctl resumed>) = 0 [pid 7253] <... setpgid resumed>) = 0 [pid 7253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7252] setpgid(0, 0 [pid 7253] <... openat resumed>) = 3 [pid 7252] <... setpgid resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7253] write(3, "1000", 4 [pid 7252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7252] write(3, "1000", 4) = 4 [pid 7253] <... write resumed>) = 4 [pid 5826] <... openat resumed>) = 3 [pid 7253] close(3 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 7253] <... close resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7253] symlink("/dev/binderfs", "./binderfs" [pid 5826] close(3 [pid 7253] <... symlink resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 149.728526][ T7251] loop0: detected capacity change from 0 to 32768 [pid 7252] close(3./strace-static-x86_64: Process 7259 attached executing program [pid 7253] write(1, "executing program\n", 18 [pid 7252] <... close resumed>) = 0 [pid 7253] <... write resumed>) = 18 [pid 7252] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 7259] set_robust_list(0x5555819eb760, 24 [pid 7252] write(1, "executing program\n", 18 [pid 7259] <... set_robust_list resumed>) = 0 [pid 7252] <... write resumed>) = 18 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7259 [pid 7252] fsopen(NULL, 0 [pid 7259] chdir("./35" [pid 7253] fsopen(NULL, 0 [pid 7252] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7252] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7253] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7252] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7253] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7253] memfd_create("syzkaller", 0 [pid 7259] <... chdir resumed>) = 0 [pid 7259] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7252] memfd_create("syzkaller", 0 [pid 7259] setpgid(0, 0 [pid 7253] <... memfd_create resumed>) = 3 [pid 7252] <... memfd_create resumed>) = 3 [pid 7259] <... setpgid resumed>) = 0 [pid 7253] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7259] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7253] <... mmap resumed>) = 0x7f0eeb600000 [pid 7252] <... mmap resumed>) = 0x7f0eeb600000 [pid 7259] <... openat resumed>) = 3 [pid 7259] write(3, "1000", 4) = 4 [pid 7259] close(3) = 0 [pid 7259] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7259] write(1, "executing program\n", 18) = 18 [pid 7259] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7259] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7259] memfd_create("syzkaller", 0) = 3 [pid 7259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7259] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7253] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7252] <... write resumed>) = 16777216 [pid 7252] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7252] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7252] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7252] close(3) = 0 [pid 7252] close(4) = 0 [pid 7252] mkdir("./file0", 0777) = 0 [ 150.126451][ T7252] loop3: detected capacity change from 0 to 32768 [pid 7252] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7253] <... write resumed>) = 16777216 [pid 7259] <... write resumed>) = 16777216 [pid 7253] munmap(0x7f0eeb600000, 138412032 [pid 7259] munmap(0x7f0eeb600000, 138412032 [pid 7253] <... munmap resumed>) = 0 [pid 7259] <... munmap resumed>) = 0 [pid 7253] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7259] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7253] <... openat resumed>) = 4 [pid 7259] <... openat resumed>) = 4 [pid 7253] ioctl(4, LOOP_SET_FD, 3 [pid 7259] ioctl(4, LOOP_SET_FD, 3 [pid 7253] <... ioctl resumed>) = 0 [pid 7253] close(3) = 0 [pid 7253] close(4) = 0 [pid 7253] mkdir("./file0", 0777) = 0 [pid 7259] <... ioctl resumed>) = 0 [pid 7253] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7259] close(3) = 0 [pid 7259] close(4) = 0 [pid 7259] mkdir("./file0", 0777) = 0 [ 150.291100][ T7253] loop4: detected capacity change from 0 to 32768 [ 150.301855][ T7259] loop1: detected capacity change from 0 to 32768 [ 150.463238][ T7251] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 150.489662][ T7251] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 150.497660][ T7251] bcachefs (loop0): Version downgrade required: [ 150.504367][ T7251] bcachefs (loop0): Version upgrade required: [ 150.504367][ T7251] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 150.504367][ T7251] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 150.504367][ T7251] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 150.581370][ T7251] bcachefs (loop0): dropping and reconstructing all alloc info [ 150.599225][ T7252] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 150.629739][ T7251] bcachefs (loop0): accounting_read... [ 150.629971][ T7252] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 150.632310][ T7259] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 150.654792][ T7251] done [ 150.659078][ T7251] bcachefs (loop0): alloc_read... done [ 150.664640][ T7251] bcachefs (loop0): stripes_read... done [ 150.686261][ T7253] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 150.695619][ T7251] bcachefs (loop0): snapshots_read... done [ 150.703050][ T7251] bcachefs (loop0): check_allocations... [ 150.716494][ T7253] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 150.716854][ T7259] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7259] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7251] <... mount resumed>) = 0 [pid 7251] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7251] chdir("./file0") = 0 [pid 7251] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7252] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7252] openat(AT_FDCWD, "/dev/loop3", O_RDWR [ 150.793654][ T7251] done [ 150.799221][ T7251] bcachefs (loop0): going read-write [ 150.809040][ T7251] bcachefs (loop0): done starting filesystem [ 150.814679][ T7252] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7251] ioctl(4, LOOP_CLR_FD) = 0 [pid 7252] <... openat resumed>) = 3 [pid 7252] ioctl(3, LOOP_CLR_FD [pid 7251] close(4 [pid 7252] <... ioctl resumed>) = 0 [pid 7251] <... close resumed>) = 0 [pid 7252] close(3 [pid 7251] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7251] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7251] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7251] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7251] open(".", O_RDONLY) = 5 [pid 7251] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 7251] exit_group(0) = ? [pid 7251] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7251, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=37 /* 0.37 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 150.953921][ T2913] bucket incorrectly unset in freespace btree [ 150.953966][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5825] unlink("./21/binderfs") = 0 [ 151.043738][ T5825] bcachefs (loop0): shutting down [ 151.052540][ T7253] bcachefs: bch2_fs_get_tree() error: EINVAL [ 151.065942][ T5825] bcachefs (loop0): going read-only [ 151.071218][ T5825] bcachefs (loop0): finished waiting for writes to stop [ 151.085525][ T2913] bucket incorrectly unset in freespace btree [pid 5825] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7253] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7253] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] <... umount2 resumed>) = 0 [pid 7253] <... openat resumed>) = 3 [pid 7253] ioctl(3, LOOP_CLR_FD) = 0 [ 151.085558][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 151.112216][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [pid 7253] close(3 [pid 7252] <... close resumed>) = 0 [pid 7259] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7259] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7259] ioctl(3, LOOP_CLR_FD) = 0 [pid 7259] close(3 [pid 5827] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 7252] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./31/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./31") = 0 [pid 5827] mkdir("./32", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [ 151.146599][ T7259] bcachefs: bch2_fs_get_tree() error: EINVAL [ 151.185832][ T2913] bucket incorrectly unset in freespace btree [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7286 attached [pid 7286] set_robust_list(0x5555819eb760, 24 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 7286 [pid 7286] <... set_robust_list resumed>) = 0 [pid 7286] chdir("./32") = 0 [pid 7286] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7286] setpgid(0, 0) = 0 [pid 7286] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7286] write(3, "1000", 4) = 4 [pid 7286] close(3) = 0 [pid 7286] symlink("/dev/binderfs", "./binderfs") = 0 [ 151.185853][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 7286] write(1, "executing program\n", 18) = 18 executing program [pid 7286] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7286] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7286] memfd_create("syzkaller", 0) = 3 [pid 7286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7253] <... close resumed>) = 0 [pid 7259] <... close resumed>) = 0 [ 151.296629][ T2913] bucket incorrectly unset in freespace btree [ 151.296650][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 151.336361][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [pid 7253] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7259] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7253] <... quotactl resumed>) = 0 [pid 7252] <... quotactl resumed>) = 0 [pid 7253] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7253] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7253] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7259] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7252] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7259] <... openat resumed>) = 3 [pid 7252] <... openat resumed>) = 3 [pid 7259] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7252] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7259] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7252] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7252] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [ 151.372684][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 151.383924][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 7259] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7253] <... quotactl resumed>) = 0 [pid 7253] open(".", O_RDONLY) = 4 [pid 7253] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7253] exit_group(0) = ? [pid 7253] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7253, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=52 /* 0.52 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5829] umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./33/binderfs" [pid 7259] <... quotactl resumed>) = 0 [pid 7252] <... quotactl resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 7259] open(".", O_RDONLY [pid 7252] open(".", O_RDONLY [pid 5829] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7259] <... open resumed>) = 4 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7252] <... open resumed>) = 4 [pid 7259] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] newfstatat(AT_FDCWD, "./33/file0", [pid 7259] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7252] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7259] exit_group(0 [pid 7252] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7259] <... exit_group resumed>) = ? [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7252] exit_group(0 [pid 5829] <... openat resumed>) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./33/file0" [pid 7259] +++ exited with 0 +++ [pid 7252] <... exit_group resumed>) = ? [pid 5829] <... rmdir resumed>) = 0 [pid 5829] umount2("./33/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7259, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=48 /* 0.48 s */} --- [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5829] newfstatat(AT_FDCWD, "./33/file1", [pid 5826] <... restart_syscall resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7252] +++ exited with 0 +++ [pid 5829] unlink("./33/file1") = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7252, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=44 /* 0.44 s */} --- [pid 5826] umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] getdents64(3, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] close(3 [pid 5826] <... openat resumed>) = 3 [pid 5829] <... close resumed>) = 0 [pid 5828] umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(3, "", [pid 5829] rmdir("./33" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] getdents64(3, [pid 5829] mkdir("./34", 0777 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5826] umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(3, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(AT_FDCWD, "./35/binderfs", [pid 5828] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] unlink("./35/binderfs" [pid 5829] <... openat resumed>) = 3 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... unlink resumed>) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5828] umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] close(3 [pid 5828] newfstatat(AT_FDCWD, "./40/binderfs", [pid 5826] newfstatat(AT_FDCWD, "./35/file0", [pid 5829] <... close resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 7287 attached [pid 5826] close(4 [pid 7287] set_robust_list(0x5555819eb760, 24 [pid 5826] <... close resumed>) = 0 [pid 7287] <... set_robust_list resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7287 [pid 5826] rmdir("./35/file0" [pid 7287] chdir("./34" [pid 5828] unlink("./40/binderfs" [pid 5826] <... rmdir resumed>) = 0 [pid 5826] umount2("./35/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7287] <... chdir resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./35/file1", [pid 5828] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7287] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7287] <... prctl resumed>) = 0 [pid 5826] unlink("./35/file1" [pid 7287] setpgid(0, 0 [pid 5828] newfstatat(AT_FDCWD, "./40/file0", [pid 5826] <... unlink resumed>) = 0 [pid 7287] <... setpgid resumed>) = 0 [pid 7287] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(3, [pid 7287] <... openat resumed>) = 3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] close(3 [pid 7287] write(3, "1000", 4 [pid 5828] <... openat resumed>) = 4 [pid 5826] <... close resumed>) = 0 [pid 7287] <... write resumed>) = 4 [pid 5828] newfstatat(4, "", [pid 7287] close(3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] rmdir("./35" [pid 7287] <... close resumed>) = 0 [pid 5828] getdents64(4, [pid 5826] <... rmdir resumed>) = 0 [pid 7287] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 7287] <... symlink resumed>) = 0 [pid 5828] getdents64(4, [pid 5826] mkdir("./36", 0777executing program [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7287] write(1, "executing program\n", 18 [pid 5828] close(4 [pid 5826] <... mkdir resumed>) = 0 [pid 7287] <... write resumed>) = 18 [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./40/file0" [pid 7287] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7287] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7287] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7288 attached [pid 7287] memfd_create("syzkaller", 0 [pid 5828] umount2("./40/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./40/file1", [pid 7288] set_robust_list(0x5555819eb760, 24 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7287] <... memfd_create resumed>) = 3 [pid 5828] unlink("./40/file1" [pid 7288] <... set_robust_list resumed>) = 0 [pid 7287] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7288] chdir("./36" [pid 7287] <... mmap resumed>) = 0x7f0eeb600000 [pid 5828] <... unlink resumed>) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 7288] <... chdir resumed>) = 0 [pid 5828] rmdir("./40" [pid 7288] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7288 [pid 7288] <... prctl resumed>) = 0 [pid 7288] setpgid(0, 0 [pid 5828] <... rmdir resumed>) = 0 [pid 7288] <... setpgid resumed>) = 0 [pid 7288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] mkdir("./41", 0777 [pid 7288] <... openat resumed>) = 3 [pid 7288] write(3, "1000", 4) = 4 [pid 7288] close(3 [pid 5828] <... mkdir resumed>) = 0 [pid 7288] <... close resumed>) = 0 [pid 7288] symlink("/dev/binderfs", "./binderfs" [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [ 151.432045][ T5825] bcachefs (loop0): shutdown complete [pid 5828] ioctl(3, LOOP_CLR_FDexecuting program [pid 7288] <... symlink resumed>) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7288] write(1, "executing program\n", 18 [pid 5828] close(3 [pid 7288] <... write resumed>) = 18 [pid 5828] <... close resumed>) = 0 [pid 7288] fsopen(NULL, 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7288] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7288] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7288] memfd_create("syzkaller", 0./strace-static-x86_64: Process 7289 attached [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7289 [pid 7288] <... memfd_create resumed>) = 3 [pid 7288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7289] set_robust_list(0x5555819eb760, 24) = 0 [pid 7289] chdir("./41") = 0 [pid 7289] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7286] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7289] <... prctl resumed>) = 0 [pid 7289] setpgid(0, 0) = 0 [pid 7289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7289] write(3, "1000", 4) = 4 [pid 7289] close(3) = 0 [pid 7289] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7289] write(1, "executing program\n", 18) = 18 [pid 7289] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7289] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7289] memfd_create("syzkaller", 0) = 3 [pid 7289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7287] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7288] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7289] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7286] <... write resumed>) = 16777216 [pid 7286] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7286] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7286] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7286] close(3) = 0 [pid 7286] close(4) = 0 [pid 7286] mkdir("./file0", 0777) = 0 [ 151.925285][ T7286] loop2: detected capacity change from 0 to 32768 [pid 7286] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7287] <... write resumed>) = 16777216 [pid 7288] <... write resumed>) = 16777216 [pid 7287] munmap(0x7f0eeb600000, 138412032 [pid 7288] munmap(0x7f0eeb600000, 138412032 [pid 7287] <... munmap resumed>) = 0 [pid 7287] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7287] ioctl(4, LOOP_SET_FD, 3 [pid 7288] <... munmap resumed>) = 0 [pid 7288] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7288] ioctl(4, LOOP_SET_FD, 3 [pid 7287] <... ioctl resumed>) = 0 [pid 7287] close(3) = 0 [pid 7287] close(4) = 0 [pid 7287] mkdir("./file0", 0777) = 0 [pid 7287] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7288] <... ioctl resumed>) = 0 [pid 7288] close(3) = 0 [pid 7288] close(4) = 0 [pid 7288] mkdir("./file0", 0777) = 0 [pid 7288] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7289] <... write resumed>) = 16777216 [ 152.059869][ T7287] loop4: detected capacity change from 0 to 32768 [ 152.070742][ T7288] loop1: detected capacity change from 0 to 32768 [pid 7289] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7289] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7289] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7289] close(3) = 0 [pid 7289] close(4) = 0 [pid 7289] mkdir("./file0", 0777) = 0 [ 152.149370][ T7289] loop3: detected capacity change from 0 to 32768 [ 152.354276][ T7288] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 152.364805][ T7286] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 152.398582][ T7288] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 152.398919][ T7286] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 152.406824][ T7287] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 152.406903][ T7287] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 152.415528][ T7289] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 152.430746][ T7286] bcachefs (loop2): Version downgrade required: [ 152.440843][ T7289] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 152.445083][ T7286] bcachefs (loop2): Version upgrade required: [ 152.445083][ T7286] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 152.445083][ T7286] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 152.445083][ T7286] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 152.528063][ T7286] bcachefs (loop2): dropping and reconstructing all alloc info [ 152.543155][ T7286] bcachefs (loop2): accounting_read... done [ 152.606254][ T7286] bcachefs (loop2): alloc_read... done [ 152.611848][ T7286] bcachefs (loop2): stripes_read... done [ 152.636523][ T7286] bcachefs (loop2): snapshots_read... done [pid 7289] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7288] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7288] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7288] ioctl(3, LOOP_CLR_FD) = 0 [ 152.642519][ T7286] bcachefs (loop2): check_allocations... [ 152.679086][ T7288] bcachefs: bch2_fs_get_tree() error: EINVAL [ 152.695321][ T7286] done [pid 7288] close(3 [pid 7287] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7287] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7287] ioctl(3, LOOP_CLR_FD) = 0 [ 152.735840][ T7287] bcachefs: bch2_fs_get_tree() error: EINVAL [ 152.763243][ T7286] bcachefs (loop2): going read-write [pid 7287] close(3 [pid 7286] <... mount resumed>) = 0 [pid 7289] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = 0 [pid 7286] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7286] chdir("./file0") = 0 [pid 7286] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7286] ioctl(4, LOOP_CLR_FD) = 0 [pid 7286] close(4) = 0 [pid 7286] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7289] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7289] <... openat resumed>) = 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7286] <... quotactl resumed>) = 0 [pid 7286] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5825] newfstatat(AT_FDCWD, "./21/file0", [pid 7289] ioctl(3, LOOP_CLR_FD) = 0 [pid 7286] <... openat resumed>) = 4 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7289] close(3 [pid 5825] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7286] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5825] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7286] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7286] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5825] <... openat resumed>) = 4 [pid 5825] newfstatat(4, "", [pid 7286] <... quotactl resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 152.826468][ T7286] bcachefs (loop2): done starting filesystem [ 152.847346][ T7289] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, [pid 7286] open(".", O_RDONLY [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7286] <... open resumed>) = 5 [pid 5825] close(4 [pid 7286] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./21/file0") = 0 [pid 7286] <... fallocate resumed>) = 0 [pid 7286] exit_group(0) = ? [pid 5825] getdents64(3, [pid 7286] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7286, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=36 /* 0.36 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5827] umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] rmdir("./21" [pid 5827] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5827] getdents64(3, [pid 5825] mkdir("./22", 0777 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5825] <... mkdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] unlink("./32/binderfs" [pid 5825] <... openat resumed>) = 3 [pid 5827] <... unlink resumed>) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5827] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7321 attached [ 152.934739][ T2913] bucket incorrectly unset in freespace btree [ 152.934772][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 7321] set_robust_list(0x5555819eb760, 24) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7321 [pid 7321] chdir("./22") = 0 [pid 7321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 152.992292][ T5827] bcachefs (loop2): shutting down [ 152.992314][ T5827] bcachefs (loop2): going read-only [ 152.992336][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 153.016151][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 11 [pid 7321] setpgid(0, 0) = 0 [pid 7321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7321] write(3, "1000", 4) = 4 [pid 7321] close(3executing program ) = 0 [pid 7321] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7321] write(1, "executing program\n", 18) = 18 [pid 7321] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7321] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7321] memfd_create("syzkaller", 0) = 3 [pid 7321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 153.048014][ T2913] bucket incorrectly unset in freespace btree [pid 7289] <... close resumed>) = 0 [pid 7288] <... close resumed>) = 0 [pid 7289] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 153.048037][ T2913] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [pid 7288] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7287] <... close resumed>) = 0 [ 153.123958][ T2913] bucket incorrectly unset in freespace btree [ 153.123982][ T2913] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [pid 7287] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 153.180639][ T2913] bucket incorrectly unset in freespace btree [ 153.180660][ T2913] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [ 153.218900][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [pid 7321] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7289] <... quotactl resumed>) = 0 [pid 7288] <... quotactl resumed>) = 0 [pid 7287] <... quotactl resumed>) = 0 [pid 7289] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7288] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7287] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7289] <... openat resumed>) = 3 [pid 7287] <... openat resumed>) = 3 [pid 7287] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7288] <... openat resumed>) = 3 [pid 7289] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7288] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7289] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7288] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7287] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7289] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7288] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [ 153.246250][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 153.256732][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 7287] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7289] <... quotactl resumed>) = 0 [pid 7288] <... quotactl resumed>) = 0 [pid 7287] <... quotactl resumed>) = 0 [pid 7289] open(".", O_RDONLY [pid 7288] open(".", O_RDONLY [pid 7287] open(".", O_RDONLY [pid 7289] <... open resumed>) = 4 [pid 7288] <... open resumed>) = 4 [pid 7287] <... open resumed>) = 4 [pid 7289] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7288] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7289] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7288] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7287] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7289] exit_group(0 [pid 7288] exit_group(0 [pid 7287] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7289] <... exit_group resumed>) = ? [pid 7288] <... exit_group resumed>) = ? [pid 7289] +++ exited with 0 +++ [pid 7288] +++ exited with 0 +++ [pid 7287] exit_group(0) = ? [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7289, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=43 /* 0.43 s */} --- [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7288, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=52 /* 0.52 s */} --- [pid 7287] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7287, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=42 /* 0.42 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] <... restart_syscall resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5829] umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... openat resumed>) = 3 [pid 5826] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 3 [pid 5828] <... openat resumed>) = 3 [pid 5826] newfstatat(3, "", [pid 5828] newfstatat(3, "", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] getdents64(3, [pid 5826] umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./36/binderfs", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./41/binderfs", [pid 5826] unlink("./36/binderfs" [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5826] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(3, "", [pid 5828] unlink("./41/binderfs" [pid 5826] newfstatat(AT_FDCWD, "./36/file0", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] getdents64(3, [pid 5828] umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./41/file0", [pid 5826] openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 153.287437][ T5827] bcachefs (loop2): shutdown complete [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5829] newfstatat(AT_FDCWD, "./34/binderfs", [pid 5828] umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(4, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] unlink("./34/binderfs" [pid 5828] openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] getdents64(4, [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(4, "", [pid 5826] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4 [pid 5828] getdents64(4, [pid 5826] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] rmdir("./36/file0") = 0 [pid 5828] getdents64(4, [pid 5826] umount2("./36/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] close(4 [pid 5826] newfstatat(AT_FDCWD, "./36/file1", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] rmdir("./41/file0" [pid 5826] unlink("./36/file1") = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5828] umount2("./41/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] rmdir("./36" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... rmdir resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./41/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./41/file1") = 0 [pid 5826] mkdir("./37", 0777 [pid 5829] newfstatat(AT_FDCWD, "./34/file0", [pid 5828] getdents64(3, [pid 5826] <... mkdir resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] close(3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... close resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] rmdir("./41" [pid 5826] <... openat resumed>) = 3 [pid 5828] <... rmdir resumed>) = 0 [pid 5829] openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5829] <... openat resumed>) = 4 [pid 5828] mkdir("./42", 0777 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7321] <... write resumed>) = 16777216 [pid 5829] newfstatat(4, "", [pid 7321] munmap(0x7f0eeb600000, 138412032 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] close(3 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... close resumed>) = 0 [pid 5829] close(4 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] <... close resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5829] rmdir("./34/file0" [pid 5828] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5829] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 7322 attached [pid 5829] umount2("./34/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7322] set_robust_list(0x5555819eb760, 24 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7322] <... set_robust_list resumed>) = 0 [pid 5829] newfstatat(AT_FDCWD, "./34/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] close(3 [pid 7322] chdir("./37" [pid 5829] unlink("./34/file1" [pid 5828] <... close resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7322 [pid 5829] <... unlink resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] getdents64(3, ./strace-static-x86_64: Process 7323 attached 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 7322] <... chdir resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 7322] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] rmdir("./34" [pid 7322] <... prctl resumed>) = 0 [pid 7323] set_robust_list(0x5555819eb760, 24) = 0 [pid 7322] setpgid(0, 0 [pid 5829] <... rmdir resumed>) = 0 [pid 7323] chdir("./42" [pid 7322] <... setpgid resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7323 [pid 7322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] mkdir("./35", 0777 [pid 7323] <... chdir resumed>) = 0 [pid 7322] <... openat resumed>) = 3 [pid 7323] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7322] write(3, "1000", 4 [pid 5829] <... mkdir resumed>) = 0 [pid 7322] <... write resumed>) = 4 [pid 7323] <... prctl resumed>) = 0 [pid 7322] close(3 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7323] setpgid(0, 0 [pid 7322] <... close resumed>) = 0 [pid 7323] <... setpgid resumed>) = 0 [pid 7323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7323] write(3, "1000", 4 [pid 7322] symlink("/dev/binderfs", "./binderfs" [pid 7321] <... munmap resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 7323] <... write resumed>) = 4 [pid 7322] <... symlink resumed>) = 0 [pid 7321] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] ioctl(3, LOOP_CLR_FDexecuting program [pid 7323] close(3 [pid 7322] write(1, "executing program\n", 18 [pid 7321] <... openat resumed>) = 4 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7323] <... close resumed>) = 0 [pid 7322] <... write resumed>) = 18 [pid 7321] ioctl(4, LOOP_SET_FD, 3 [pid 5829] close(3 [pid 7323] symlink("/dev/binderfs", "./binderfs" [pid 7322] fsopen(NULL, 0 [pid 5829] <... close resumed>) = 0 [pid 7322] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7324 attached [pid 7323] <... symlink resumed>) = 0 [pid 7322] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7321] <... ioctl resumed>) = 0 [pid 7323] write(1, "executing program\n", 18 [pid 7322] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) executing program [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7324 [pid 7321] close(3 [pid 7324] set_robust_list(0x5555819eb760, 24 [pid 7323] <... write resumed>) = 18 [pid 7322] memfd_create("syzkaller", 0 [pid 7321] <... close resumed>) = 0 [pid 7323] fsopen(NULL, 0 [pid 7322] <... memfd_create resumed>) = 3 [pid 7324] <... set_robust_list resumed>) = 0 [pid 7323] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7323] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7322] <... mmap resumed>) = 0x7f0eeb600000 [pid 7321] close(4 [pid 7324] chdir("./35" [pid 7323] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7321] <... close resumed>) = 0 [pid 7323] memfd_create("syzkaller", 0 [pid 7324] <... chdir resumed>) = 0 [pid 7323] <... memfd_create resumed>) = 3 [pid 7321] mkdir("./file0", 0777 [pid 7324] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7321] <... mkdir resumed>) = 0 [pid 7324] <... prctl resumed>) = 0 [pid 7323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7324] setpgid(0, 0 [pid 7323] <... mmap resumed>) = 0x7f0eeb600000 [pid 7324] <... setpgid resumed>) = 0 [pid 7324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7324] write(3, "1000", 4 [pid 7321] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7324] <... write resumed>) = 4 [pid 7324] close(3) = 0 [pid 7324] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7324] write(1, "executing program\n", 18) = 18 [pid 7324] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7324] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7324] memfd_create("syzkaller", 0) = 3 [pid 7324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 153.419623][ T7321] loop0: detected capacity change from 0 to 32768 [pid 7324] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7322] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7322] <... write resumed>) = 16777216 [pid 7322] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7322] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7322] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7322] close(3) = 0 [pid 7322] close(4) = 0 [pid 7322] mkdir("./file0", 0777) = 0 [ 153.831735][ T7322] loop1: detected capacity change from 0 to 32768 [pid 7322] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7324] <... write resumed>) = 16777216 [pid 7324] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7324] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7323] <... write resumed>) = 16777216 [pid 7324] <... openat resumed>) = 4 [pid 7323] munmap(0x7f0eeb600000, 138412032 [pid 7324] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7323] <... munmap resumed>) = 0 [pid 7324] close(3 [pid 7323] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7324] <... close resumed>) = 0 [pid 7324] close(4) = 0 [pid 7324] mkdir("./file0", 0777) = 0 [pid 7324] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7323] <... openat resumed>) = 4 [pid 7323] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7323] close(3) = 0 [pid 7323] close(4) = 0 [pid 7323] mkdir("./file0", 0777) = 0 [ 153.941245][ T7324] loop4: detected capacity change from 0 to 32768 [ 153.968348][ T7323] loop3: detected capacity change from 0 to 32768 [ 154.017552][ T7321] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 154.053528][ T7324] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 154.086357][ T7324] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 154.096034][ T7322] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 154.105154][ T7322] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 154.107362][ T7321] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 154.123046][ T7321] bcachefs (loop0): Version downgrade required: [ 154.130007][ T7321] bcachefs (loop0): Version upgrade required: [ 154.130007][ T7321] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 154.130007][ T7321] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 154.130007][ T7321] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 154.206954][ T7321] bcachefs (loop0): dropping and reconstructing all alloc info [ 154.223793][ T7321] bcachefs (loop0): accounting_read... done [ 154.232067][ T7321] bcachefs (loop0): alloc_read... done [ 154.238114][ T7321] bcachefs (loop0): stripes_read... done [ 154.245192][ T7321] bcachefs (loop0): snapshots_read... done [ 154.270737][ T7321] bcachefs (loop0): check_allocations... done [ 154.323440][ T7323] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 154.335821][ T7321] bcachefs (loop0): going read-write [pid 7323] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7321] <... mount resumed>) = 0 [pid 7321] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7321] chdir("./file0") = 0 [pid 7321] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7321] ioctl(4, LOOP_CLR_FD) = 0 [pid 7321] close(4) = 0 [ 154.367047][ T7321] bcachefs (loop0): done starting filesystem [ 154.376328][ T7323] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7321] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7324] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7324] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7321] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7324] <... openat resumed>) = 3 [pid 7321] <... openat resumed>) = 4 [pid 7324] ioctl(3, LOOP_CLR_FD) = 0 [pid 7322] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7324] close(3 [pid 7321] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7321] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7322] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7321] <... quotactl resumed>) = 0 [pid 7321] open(".", O_RDONLY [pid 7322] <... openat resumed>) = 3 [pid 7321] <... open resumed>) = 5 [pid 7321] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7322] ioctl(3, LOOP_CLR_FD) = 0 [ 154.435808][ T7324] bcachefs: bch2_fs_get_tree() error: EINVAL [ 154.463482][ T7322] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7322] close(3 [pid 7321] <... fallocate resumed>) = 0 [pid 7321] exit_group(0) = ? [pid 7321] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7321, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=37 /* 0.37 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5827] <... umount2 resumed>) = 0 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5827] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./32/file0", [pid 5825] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... openat resumed>) = 3 [pid 5827] openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] newfstatat(3, "", [pid 5827] <... openat resumed>) = 4 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] newfstatat(4, "", [pid 5825] getdents64(3, [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [ 154.547395][ T77] bucket incorrectly unset in freespace btree [ 154.547429][ T77] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5825] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] getdents64(4, [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5827] getdents64(4, [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] unlink("./22/binderfs" [pid 5827] close(4 [pid 5825] <... unlink resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5825] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] rmdir("./32/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./32") = 0 [pid 5827] mkdir("./33", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7356 ./strace-static-x86_64: Process 7356 attached [pid 7356] set_robust_list(0x5555819eb760, 24) = 0 [pid 7356] chdir("./33") = 0 [ 154.626658][ T77] bucket incorrectly unset in freespace btree [ 154.626678][ T77] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 7356] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7356] setpgid(0, 0) = 0 [pid 7356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7356] write(3, "1000", 4) = 4 [pid 7356] close(3) = 0 [pid 7356] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7356] write(1, "executing program\n", 18executing program ) = 18 [pid 7356] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7356] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7356] memfd_create("syzkaller", 0) = 3 [ 154.660389][ T5825] bcachefs (loop0): shutting down [ 154.660410][ T5825] bcachefs (loop0): going read-only [ 154.661163][ T5825] bcachefs (loop0): finished waiting for writes to stop [pid 7356] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7323] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7323] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7323] ioctl(3, LOOP_CLR_FD) = 0 [pid 7323] close(3 [pid 7324] <... close resumed>) = 0 [pid 7324] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7322] <... close resumed>) = 0 [ 154.667618][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [ 154.743030][ T7323] bcachefs: bch2_fs_get_tree() error: EINVAL [ 154.813187][ T52] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 53) [ 154.827932][ T52] bucket incorrectly unset in freespace btree [ 154.827963][ T52] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 154.859977][ T52] bucket incorrectly unset in freespace btree [ 154.859997][ T52] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 154.897684][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [pid 7322] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7323] <... close resumed>) = 0 [pid 7324] <... quotactl resumed>) = 0 [pid 7322] <... quotactl resumed>) = 0 [pid 7324] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7322] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7324] <... openat resumed>) = 3 [pid 7322] <... openat resumed>) = 3 [pid 7324] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7322] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7324] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7323] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7322] <... mount resumed>) = -1 EFAULT (Bad address) [ 154.922415][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 154.936928][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 7324] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7322] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7323] <... quotactl resumed>) = 0 [pid 7323] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7322] <... quotactl resumed>) = 0 [pid 7323] <... openat resumed>) = 3 [pid 7322] open(".", O_RDONLY) = 4 [pid 7322] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7324] <... quotactl resumed>) = 0 [pid 7322] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7324] open(".", O_RDONLY [pid 7322] exit_group(0 [pid 7324] <... open resumed>) = 4 [pid 7323] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7322] <... exit_group resumed>) = ? [pid 7356] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7324] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7323] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7324] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7323] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7322] +++ exited with 0 +++ [pid 7324] exit_group(0) = ? [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7322, si_uid=0, si_status=0, si_utime=0, si_stime=44 /* 0.44 s */} --- [pid 7324] +++ exited with 0 +++ [pid 5826] umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7324, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=45 /* 0.45 s */} --- [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5826] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", [pid 7323] <... quotactl resumed>) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 7323] open(".", O_RDONLY [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7323] <... open resumed>) = 4 [pid 5826] getdents64(3, [pid 7323] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7323] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 7323] exit_group(0 [pid 5829] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7323] <... exit_group resumed>) = ? [pid 5829] <... openat resumed>) = 3 [pid 5826] umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7323] +++ exited with 0 +++ [pid 5829] newfstatat(3, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7323, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=46 /* 0.46 s */} --- [pid 5829] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5826] newfstatat(AT_FDCWD, "./37/binderfs", [pid 5829] umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./37/binderfs" [pid 5829] unlink("./35/binderfs" [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5829] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5826] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 154.971428][ T5825] bcachefs (loop0): shutdown complete [pid 5829] openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", [pid 5826] newfstatat(AT_FDCWD, "./37/file0", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] getdents64(4, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] getdents64(4, [pid 5828] <... openat resumed>) = 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4 [pid 5828] newfstatat(3, "", [pid 5826] openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... close resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5829] rmdir("./35/file0" [pid 5828] getdents64(3, [pid 5826] newfstatat(4, "", [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(4, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] umount2("./35/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./42/binderfs", [pid 5826] getdents64(4, [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] newfstatat(AT_FDCWD, "./35/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./42/binderfs" [pid 5826] close(4 [pid 5829] unlink("./35/file1" [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5826] rmdir("./37/file0" [pid 5829] getdents64(3, [pid 5828] umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... rmdir resumed>) = 0 [pid 5829] close(3 [pid 5828] newfstatat(AT_FDCWD, "./42/file0", [pid 5829] <... close resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] rmdir("./35" [pid 5828] umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./37/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(AT_FDCWD, "./37/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] mkdir("./36", 0777 [pid 5828] <... openat resumed>) = 4 [pid 5826] unlink("./37/file1" [pid 5829] <... mkdir resumed>) = 0 [pid 5828] newfstatat(4, "", [pid 5826] <... unlink resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] getdents64(4, [pid 5826] getdents64(3, [pid 5829] <... openat resumed>) = 3 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... close resumed>) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5826] close(3 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] rmdir("./42/file0" [pid 5829] close(3 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] rmdir("./37") = 0 ./strace-static-x86_64: Process 7357 attached [pid 5828] umount2("./42/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./42/file1", [pid 5826] mkdir("./38", 0777 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7357] set_robust_list(0x5555819eb760, 24) = 0 [pid 5828] unlink("./42/file1" [pid 7357] chdir("./36" [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7357 [pid 5828] <... unlink resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 7357] <... chdir resumed>) = 0 [pid 7357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5828] getdents64(3, [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7357] setpgid(0, 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5828] close(3 [pid 7357] <... setpgid resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 7357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] rmdir("./42" [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7357] <... openat resumed>) = 3 [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7357] write(3, "1000", 4) = 4 [pid 7357] close(3) = 0 [pid 7357] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 7358 attached [pid 7357] write(1, "executing program\n", 18 [pid 5828] mkdir("./43", 0777 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7358 [pid 7358] set_robust_list(0x5555819eb760, 24executing program ) = 0 [pid 7357] <... write resumed>) = 18 [pid 5828] <... mkdir resumed>) = 0 [pid 7358] chdir("./38" [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7357] fsopen(NULL, 0 [pid 5828] <... openat resumed>) = 3 [pid 7357] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5828] ioctl(3, LOOP_CLR_FD [pid 7357] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7358] <... chdir resumed>) = 0 [pid 7357] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7358] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7357] memfd_create("syzkaller", 0 [pid 7358] <... prctl resumed>) = 0 [pid 7357] <... memfd_create resumed>) = 3 [pid 5828] close(3 [pid 7357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 5828] <... close resumed>) = 0 [pid 7358] setpgid(0, 0) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7359 ./strace-static-x86_64: Process 7359 attached [pid 7358] <... openat resumed>) = 3 [pid 7359] set_robust_list(0x5555819eb760, 24 [pid 7358] write(3, "1000", 4 [pid 7359] <... set_robust_list resumed>) = 0 [pid 7358] <... write resumed>) = 4 [pid 7358] close(3 [pid 7359] chdir("./43") = 0 [pid 7358] <... close resumed>) = 0 [pid 7359] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7358] symlink("/dev/binderfs", "./binderfs" [pid 7359] <... prctl resumed>) = 0 [pid 7358] <... symlink resumed>) = 0 executing program [pid 7359] setpgid(0, 0 [pid 7358] write(1, "executing program\n", 18 [pid 7359] <... setpgid resumed>) = 0 [pid 7358] <... write resumed>) = 18 [pid 7359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7358] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7359] <... openat resumed>) = 3 [pid 7358] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7359] write(3, "1000", 4 [pid 7358] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7359] <... write resumed>) = 4 [pid 7359] close(3 [pid 7358] memfd_create("syzkaller", 0 [pid 7359] <... close resumed>) = 0 [pid 7358] <... memfd_create resumed>) = 3 [pid 7359] symlink("/dev/binderfs", "./binderfs" [pid 7358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7359] <... symlink resumed>) = 0 [pid 7358] <... mmap resumed>) = 0x7f0eeb600000 executing program [pid 7359] write(1, "executing program\n", 18) = 18 [pid 7359] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7359] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7359] memfd_create("syzkaller", 0) = 3 [pid 7359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7356] <... write resumed>) = 16777216 [pid 7356] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7356] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7356] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7356] close(3) = 0 [pid 7356] close(4) = 0 [pid 7356] mkdir("./file0", 0777) = 0 [pid 7356] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 155.296564][ T7356] loop2: detected capacity change from 0 to 32768 [pid 7357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7358] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7359] <... write resumed>) = 16777216 [pid 7359] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7359] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7359] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7359] close(3) = 0 [pid 7359] close(4) = 0 [pid 7359] mkdir("./file0", 0777) = 0 [ 155.577343][ T7359] loop3: detected capacity change from 0 to 32768 [pid 7359] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7357] <... write resumed>) = 16777216 [pid 7357] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7357] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7358] <... write resumed>) = 16777216 [pid 7358] munmap(0x7f0eeb600000, 138412032 [pid 7357] <... openat resumed>) = 4 [pid 7357] ioctl(4, LOOP_SET_FD, 3 [pid 7358] <... munmap resumed>) = 0 [pid 7357] <... ioctl resumed>) = 0 [pid 7358] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7357] close(3) = 0 [pid 7358] ioctl(4, LOOP_SET_FD, 3 [ 155.687312][ T7357] loop4: detected capacity change from 0 to 32768 [pid 7357] close(4) = 0 [pid 7357] mkdir("./file0", 0777) = 0 [pid 7357] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7358] <... ioctl resumed>) = 0 [pid 7358] close(3) = 0 [pid 7358] close(4) = 0 [pid 7358] mkdir("./file0", 0777) = 0 [ 155.727390][ T7358] loop1: detected capacity change from 0 to 32768 [ 155.890740][ T7356] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 155.922899][ T7356] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 155.932166][ T7356] bcachefs (loop2): Version downgrade required: [ 155.939586][ T7356] bcachefs (loop2): Version upgrade required: [ 155.939586][ T7356] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 155.939586][ T7356] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 155.939586][ T7356] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 155.963106][ T7357] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 156.011226][ T7356] bcachefs (loop2): dropping and reconstructing all alloc info [ 156.032372][ T7358] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 156.043125][ T7356] bcachefs (loop2): accounting_read... done [ 156.043497][ T7359] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 156.055995][ T7356] bcachefs (loop2): alloc_read... done [ 156.061016][ T7359] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 156.063946][ T7356] bcachefs (loop2): stripes_read... [ 156.074383][ T7358] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 156.081729][ T7356] done [ 156.090335][ T7357] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 156.097416][ T7356] bcachefs (loop2): snapshots_read... done [ 156.129493][ T7356] bcachefs (loop2): check_allocations... done [ 156.325752][ T7356] bcachefs (loop2): going read-write [pid 7358] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 7359] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./22/file0") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./22") = 0 [pid 5825] mkdir("./23", 0777 [pid 7358] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... mkdir resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7359] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7358] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7359] <... openat resumed>) = 3 [pid 7358] <... openat resumed>) = 3 [pid 7359] ioctl(3, LOOP_CLR_FD [pid 7358] ioctl(3, LOOP_CLR_FD [pid 7359] <... ioctl resumed>) = 0 [pid 7358] <... ioctl resumed>) = 0 [pid 7359] close(3 [pid 7358] close(3 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7391 [ 156.337289][ T7359] bcachefs: bch2_fs_get_tree() error: EINVAL [ 156.346574][ T7358] bcachefs: bch2_fs_get_tree() error: EINVAL [ 156.365011][ T7356] bcachefs (loop2): done starting filesystem ./strace-static-x86_64: Process 7391 attached [pid 7356] <... mount resumed>) = 0 [pid 7391] set_robust_list(0x5555819eb760, 24) = 0 [pid 7356] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 7391] chdir("./23" [pid 7356] <... openat resumed>) = 3 [pid 7391] <... chdir resumed>) = 0 [pid 7357] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7356] chdir("./file0" [pid 7391] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7356] <... chdir resumed>) = 0 [pid 7391] <... prctl resumed>) = 0 [pid 7356] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 7391] setpgid(0, 0 [pid 7357] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7391] <... setpgid resumed>) = 0 [pid 7356] <... openat resumed>) = 4 [pid 7391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7356] ioctl(4, LOOP_CLR_FD) = 0 [pid 7391] <... openat resumed>) = 3 [pid 7357] <... openat resumed>) = 3 [pid 7356] close(4 [pid 7357] ioctl(3, LOOP_CLR_FD) = 0 [pid 7391] write(3, "1000", 4 [pid 7357] close(3 [pid 7356] <... close resumed>) = 0 [pid 7391] <... write resumed>) = 4 [pid 7356] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7391] close(3) = 0 [pid 7391] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7391] write(1, "executing program\n", 18) = 18 [ 156.394482][ T7357] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7391] fsopen(NULL, 0 [pid 7356] <... quotactl resumed>) = 0 [pid 7391] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7391] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7356] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7391] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7356] <... openat resumed>) = 4 [pid 7391] memfd_create("syzkaller", 0 [pid 7356] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7391] <... memfd_create resumed>) = 3 [pid 7391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7356] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7391] <... mmap resumed>) = 0x7f0eeb600000 [pid 7356] <... quotactl resumed>) = 0 [pid 7356] open(".", O_RDONLY) = 5 [pid 7356] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 7356] exit_group(0) = ? [pid 7356] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7356, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=41 /* 0.41 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 156.558346][ T77] bucket incorrectly unset in freespace btree [ 156.558379][ T77] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5827] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./33/binderfs") = 0 [pid 5827] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7358] <... close resumed>) = 0 [pid 7359] <... close resumed>) = 0 [pid 7358] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 156.701205][ T77] bucket incorrectly unset in freespace btree [ 156.701228][ T77] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 156.702492][ T5827] bcachefs (loop2): shutting down [ 156.702509][ T5827] bcachefs (loop2): going read-only [ 156.705737][ T5827] bcachefs (loop2): finished waiting for writes to stop [pid 7359] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7391] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7357] <... close resumed>) = 0 [ 156.772689][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [ 156.789975][ T77] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 53) [ 156.803077][ T77] bucket incorrectly unset in freespace btree [ 156.803096][ T77] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 7357] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7358] <... quotactl resumed>) = 0 [pid 7359] <... quotactl resumed>) = 0 [pid 7357] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7358] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7359] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7357] <... openat resumed>) = 3 [ 156.820026][ T77] bucket incorrectly unset in freespace btree [ 156.820048][ T77] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 156.841401][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 156.854164][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 156.863457][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 7359] <... openat resumed>) = 3 [pid 7358] <... openat resumed>) = 3 [pid 7357] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7359] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7357] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7358] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7357] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7359] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7358] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7358] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7359] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7358] <... quotactl resumed>) = 0 [pid 7357] <... quotactl resumed>) = 0 [pid 7359] open(".", O_RDONLY [pid 7357] open(".", O_RDONLY [pid 7358] open(".", O_RDONLY [pid 7359] <... open resumed>) = 4 [pid 7359] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7358] <... open resumed>) = 4 [pid 7357] <... open resumed>) = 4 [pid 7359] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7358] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7358] exit_group(0) = ? [pid 7357] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7359] exit_group(0 [pid 7357] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7359] <... exit_group resumed>) = ? [pid 7357] exit_group(0 [pid 7359] +++ exited with 0 +++ [pid 7358] +++ exited with 0 +++ [pid 7357] <... exit_group resumed>) = ? [pid 7357] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7359, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=44 /* 0.44 s */} --- [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7358, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=49 /* 0.49 s */} --- [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7357, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=47 /* 0.47 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5829] umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5828] <... restart_syscall resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW [ 156.892677][ T5827] bcachefs (loop2): shutdown complete [pid 5829] newfstatat(AT_FDCWD, "./36/binderfs", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7391] <... write resumed>) = 16777216 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./36/binderfs" [pid 5828] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7391] munmap(0x7f0eeb600000, 138412032 [pid 5828] <... openat resumed>) = 3 [pid 5826] <... openat resumed>) = 3 [pid 5829] <... unlink resumed>) = 0 [pid 5828] newfstatat(3, "", [pid 5829] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(3, "", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(AT_FDCWD, "./36/file0", [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] getdents64(3, [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... openat resumed>) = 4 [pid 5828] newfstatat(AT_FDCWD, "./43/binderfs", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(4, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] newfstatat(AT_FDCWD, "./38/binderfs", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] unlink("./43/binderfs" [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] getdents64(4, [pid 5828] <... unlink resumed>) = 0 [pid 5826] unlink("./38/binderfs" [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... unlink resumed>) = 0 [pid 5829] getdents64(4, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] newfstatat(AT_FDCWD, "./43/file0", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] close(4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] newfstatat(AT_FDCWD, "./38/file0", [pid 5829] <... close resumed>) = 0 [pid 5828] umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7391] <... munmap resumed>) = 0 [pid 5829] rmdir("./36/file0" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7391] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] <... rmdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7391] <... openat resumed>) = 4 [pid 5829] umount2("./36/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 4 [pid 7391] ioctl(4, LOOP_SET_FD, 3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(4, "", [pid 5826] openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] newfstatat(AT_FDCWD, "./36/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... openat resumed>) = 4 [pid 7391] <... ioctl resumed>) = 0 [pid 5829] unlink("./36/file1" [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(4, "", [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5828] getdents64(4, [pid 7391] close(3 [pid 5826] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7391] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 7391] close(4 [pid 5829] close(3 [pid 5828] getdents64(4, [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 7391] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] getdents64(4, [pid 7391] mkdir("./file0", 0777 [pid 5829] rmdir("./36" [pid 5828] close(4 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7391] <... mkdir resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] close(4 [pid 7391] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5829] mkdir("./37", 0777 [pid 5828] rmdir("./43/file0" [pid 5826] <... close resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] rmdir("./38/file0" [pid 5828] umount2("./43/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... rmdir resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... openat resumed>) = 3 [pid 5828] newfstatat(AT_FDCWD, "./43/file1", [pid 5826] umount2("./38/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] newfstatat(AT_FDCWD, "./38/file1", [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5828] unlink("./43/file1" [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] <... unlink resumed>) = 0 [pid 5829] close(3) = 0 [pid 5826] unlink("./38/file1" [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] getdents64(3, [pid 5826] <... unlink resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 ./strace-static-x86_64: Process 7394 attached [pid 5828] rmdir("./43" [pid 5826] getdents64(3, [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7394] set_robust_list(0x5555819eb760, 24 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7394 [pid 5826] close(3 [pid 7394] <... set_robust_list resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 7394] chdir("./37" [pid 5828] mkdir("./44", 0777 [pid 5826] rmdir("./38" [pid 7394] <... chdir resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 7394] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7394] setpgid(0, 0) = 0 [pid 5826] mkdir("./39", 0777 [pid 7394] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... mkdir resumed>) = 0 [pid 7394] <... openat resumed>) = 3 [pid 5828] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 7394] write(3, "1000", 4 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7394] <... write resumed>) = 4 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7394] close(3 [pid 5828] close(3 [pid 5826] <... openat resumed>) = 3 [pid 7394] <... close resumed>) = 0 [pid 7394] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... close resumed>) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 7394] <... symlink resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 156.972671][ T7391] loop0: detected capacity change from 0 to 32768 [pid 7394] write(1, "executing program\n", 18executing program ./strace-static-x86_64: Process 7398 attached [pid 5826] close(3) = 0 [pid 7394] <... write resumed>) = 18 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7399 attached [pid 7398] set_robust_list(0x5555819eb760, 24 [pid 7394] fsopen(NULL, 0 [pid 7398] <... set_robust_list resumed>) = 0 [pid 7394] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7398 [pid 7398] chdir("./44" [pid 7394] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7394] memfd_create("syzkaller", 0 [pid 7399] set_robust_list(0x5555819eb760, 24 [pid 7398] <... chdir resumed>) = 0 [pid 7399] <... set_robust_list resumed>) = 0 [pid 7398] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7399] chdir("./39" [pid 7398] <... prctl resumed>) = 0 [pid 7399] <... chdir resumed>) = 0 [pid 7398] setpgid(0, 0 [pid 7394] <... memfd_create resumed>) = 3 [pid 7399] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7398] <... setpgid resumed>) = 0 [pid 7394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7399] <... prctl resumed>) = 0 [pid 7398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7394] <... mmap resumed>) = 0x7f0eeb600000 [pid 7399] setpgid(0, 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7399 [pid 7398] <... openat resumed>) = 3 [pid 7398] write(3, "1000", 4 [pid 7399] <... setpgid resumed>) = 0 [pid 7398] <... write resumed>) = 4 [pid 7399] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7398] close(3) = 0 [pid 7399] <... openat resumed>) = 3 [pid 7398] symlink("/dev/binderfs", "./binderfs"executing program [pid 7399] write(3, "1000", 4 [pid 7398] <... symlink resumed>) = 0 [pid 7399] <... write resumed>) = 4 [pid 7398] write(1, "executing program\n", 18 [pid 7399] close(3 [pid 7398] <... write resumed>) = 18 [pid 7399] <... close resumed>) = 0 [pid 7398] fsopen(NULL, 0 [pid 7399] symlink("/dev/binderfs", "./binderfs" [pid 7398] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7399] <... symlink resumed>) = 0 [pid 7398] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0executing program [pid 7399] write(1, "executing program\n", 18 [pid 7398] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7399] <... write resumed>) = 18 [pid 7398] memfd_create("syzkaller", 0 [pid 7399] fsopen(NULL, 0 [pid 7398] <... memfd_create resumed>) = 3 [pid 7398] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7399] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7398] <... mmap resumed>) = 0x7f0eeb600000 [pid 7399] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7399] memfd_create("syzkaller", 0) = 3 [pid 7399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7398] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7394] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7399] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 7399] munmap(0x7f0eeb600000, 138412032 [pid 7398] <... write resumed>) = 16777216 [pid 7399] <... munmap resumed>) = 0 [pid 7394] <... write resumed>) = 16777216 [pid 7398] munmap(0x7f0eeb600000, 138412032 [pid 7394] munmap(0x7f0eeb600000, 138412032 [pid 7399] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7399] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7394] <... munmap resumed>) = 0 [pid 7394] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7399] close(3 [pid 7394] <... openat resumed>) = 4 [pid 7394] ioctl(4, LOOP_SET_FD, 3 [pid 7399] <... close resumed>) = 0 [pid 7398] <... munmap resumed>) = 0 [pid 7398] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7399] close(4) = 0 [pid 7398] <... openat resumed>) = 4 [pid 7398] ioctl(4, LOOP_SET_FD, 3 [pid 7399] mkdir("./file0", 0777) = 0 [pid 7399] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7398] <... ioctl resumed>) = 0 [pid 7398] close(3 [pid 7394] <... ioctl resumed>) = 0 [pid 7398] <... close resumed>) = 0 [pid 7398] close(4) = 0 [ 157.528159][ T7399] loop1: detected capacity change from 0 to 32768 [ 157.551427][ T7394] loop4: detected capacity change from 0 to 32768 [ 157.559507][ T7398] loop3: detected capacity change from 0 to 32768 [pid 7398] mkdir("./file0", 0777) = 0 [pid 7394] close(3 [pid 7398] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7394] <... close resumed>) = 0 [pid 7394] close(4) = 0 [pid 7394] mkdir("./file0", 0777) = 0 [ 157.595802][ T7391] bcachefs (loop0): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 157.640984][ T7391] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 157.650265][ T7391] bcachefs (loop0): Version downgrade required: [ 157.666893][ T7391] bcachefs (loop0): Version upgrade required: [ 157.666893][ T7391] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 157.666893][ T7391] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 157.666893][ T7391] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 157.744539][ T7391] bcachefs (loop0): dropping and reconstructing all alloc info [ 157.760415][ T7391] bcachefs (loop0): accounting_read... done [ 157.767265][ T7391] bcachefs (loop0): alloc_read... done [ 157.772830][ T7391] bcachefs (loop0): stripes_read... done [ 157.779048][ T7391] bcachefs (loop0): snapshots_read... done [pid 7394] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7391] <... mount resumed>) = 0 [ 157.785222][ T7391] bcachefs (loop0): check_allocations... done [ 157.803980][ T7391] bcachefs (loop0): going read-write [ 157.820170][ T7391] bcachefs (loop0): done starting filesystem [pid 7391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7391] chdir("./file0") = 0 [pid 7391] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7391] ioctl(4, LOOP_CLR_FD) = 0 [pid 7391] close(4) = 0 [ 157.842738][ T7399] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 157.852178][ T7399] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7391] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7391] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7391] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7391] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7391] open(".", O_RDONLY) = 5 [pid 7391] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [ 157.900823][ T7398] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 157.910538][ T7398] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7391] exit_group(0) = ? [pid 7391] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7391, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=32 /* 0.32 s */} --- [pid 5825] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./23/binderfs") = 0 [ 157.972521][ T7394] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 157.972595][ T7394] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 157.977462][ T77] bucket incorrectly unset in freespace btree [ 157.977512][ T77] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5825] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7398] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7398] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7398] ioctl(3, LOOP_CLR_FD) = 0 [ 158.023406][ T5825] bcachefs (loop0): shutting down [ 158.023428][ T5825] bcachefs (loop0): going read-only [ 158.024176][ T5825] bcachefs (loop0): finished waiting for writes to stop [pid 7398] close(3 [pid 7399] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7399] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [ 158.053675][ T5825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [ 158.083952][ T7398] bcachefs: bch2_fs_get_tree() error: EINVAL [ 158.159146][ T7399] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7399] ioctl(3, LOOP_CLR_FD) = 0 [ 158.235991][ T77] bucket incorrectly unset in freespace btree [ 158.236014][ T77] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [pid 7399] close(3 [pid 5827] <... umount2 resumed>) = 0 [pid 5827] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./33/file0" [pid 7394] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7394] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] <... rmdir resumed>) = 0 [pid 7394] <... openat resumed>) = 3 [pid 7394] ioctl(3, LOOP_CLR_FD [pid 5827] getdents64(3, [pid 7394] <... ioctl resumed>) = 0 [pid 7394] close(3 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [ 158.302291][ T52] bucket incorrectly unset in freespace btree [ 158.302315][ T52] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [pid 5827] close(3) = 0 [pid 5827] rmdir("./33") = 0 [pid 5827] mkdir("./34", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7426 [ 158.331581][ T7394] bcachefs: bch2_fs_get_tree() error: EINVAL ./strace-static-x86_64: Process 7426 attached [pid 7426] set_robust_list(0x5555819eb760, 24) = 0 [pid 7426] chdir("./34") = 0 [pid 7426] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7426] setpgid(0, 0) = 0 [pid 7426] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 executing program [pid 7426] write(3, "1000", 4) = 4 [pid 7426] close(3) = 0 [pid 7426] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7398] <... close resumed>) = 0 [pid 7426] write(1, "executing program\n", 18) = 18 [pid 7398] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7426] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7426] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7426] memfd_create("syzkaller", 0) = 3 [pid 7426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 158.388788][ T52] bucket incorrectly unset in freespace btree [ 158.388810][ T52] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [ 158.459667][ T5825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [pid 7394] <... close resumed>) = 0 [pid 7394] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7399] <... close resumed>) = 0 [pid 7399] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7398] <... quotactl resumed>) = 0 [pid 7394] <... quotactl resumed>) = 0 [pid 7399] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7398] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7394] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7399] <... openat resumed>) = 3 [pid 7398] <... openat resumed>) = 3 [pid 7394] <... openat resumed>) = 3 [pid 7399] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7398] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7399] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7398] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7399] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [ 158.504474][ T5825] bcachefs (loop0): unclean shutdown complete, journal seq 13 [ 158.525062][ T5825] bcachefs (loop0): done going read-only, filesystem not clean [pid 7398] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7394] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7394] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7399] <... quotactl resumed>) = 0 [pid 7398] <... quotactl resumed>) = 0 [pid 7394] <... quotactl resumed>) = 0 [pid 7399] open(".", O_RDONLY [pid 7398] open(".", O_RDONLY [pid 7394] open(".", O_RDONLY [pid 7399] <... open resumed>) = 4 [pid 7398] <... open resumed>) = 4 [pid 7394] <... open resumed>) = 4 [pid 7399] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7398] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7394] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7399] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7398] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7394] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7399] exit_group(0 [pid 7398] exit_group(0 [pid 7394] exit_group(0 [pid 7399] <... exit_group resumed>) = ? [pid 7398] <... exit_group resumed>) = ? [pid 7394] <... exit_group resumed>) = ? [pid 7399] +++ exited with 0 +++ [pid 7398] +++ exited with 0 +++ [pid 7394] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7399, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=48 /* 0.48 s */} --- [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7394, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=44 /* 0.44 s */} --- [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7398, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=43 /* 0.43 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5828] umount2("./44", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./44/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./44/binderfs") = 0 [pid 5828] umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5828] rmdir("./44/file0") = 0 [pid 5828] umount2("./44/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./44/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./44/file1" [pid 5829] umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] <... unlink resumed>) = 0 [pid 5826] umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] getdents64(3, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(3, "", [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] close(3 [pid 5826] <... openat resumed>) = 3 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] newfstatat(3, "", [pid 5828] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5828] rmdir("./44" [pid 5826] getdents64(3, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./37/binderfs", [pid 5828] mkdir("./45", 0777 [pid 5826] umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5829] unlink("./37/binderfs" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 158.574903][ T5825] bcachefs (loop0): shutdown complete [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7426] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5829] <... unlink resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./39/binderfs", [pid 5829] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./37/file0", [pid 5826] unlink("./39/binderfs" [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... unlink resumed>) = 0 [pid 5829] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(AT_FDCWD, "./39/file0", [pid 5829] <... openat resumed>) = 4 [pid 5828] close(3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(4, "", [pid 5828] <... close resumed>) = 0 [pid 5826] umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(4, [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, [pid 5826] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] close(4 [pid 5826] getdents64(4, [pid 5829] <... close resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 7427 attached [pid 5829] rmdir("./37/file0" [pid 5826] close(4 [pid 5829] <... rmdir resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7427 [pid 5826] rmdir("./39/file0" [pid 5829] umount2("./37/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... rmdir resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./37/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./37/file1" [pid 5826] umount2("./39/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./39/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] getdents64(3, [pid 5826] unlink("./39/file1" [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5829] rmdir("./37") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5829] mkdir("./38", 0777 [pid 5826] rmdir("./39") = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 7427] set_robust_list(0x5555819eb760, 24) = 0 [pid 7427] chdir("./45") = 0 [pid 7427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7427] setpgid(0, 0) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] <... openat resumed>) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 7427] <... openat resumed>) = 3 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7427] write(3, "1000", 4 [pid 5829] close(3 [pid 5826] mkdir("./40", 0777 [pid 7427] <... write resumed>) = 4 [pid 7427] close(3 [pid 5829] <... close resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 7427] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7428 attached [pid 7427] symlink("/dev/binderfs", "./binderfs" [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7427] <... symlink resumed>) = 0 [pid 5826] <... openat resumed>) = 3 executing program [pid 7427] write(1, "executing program\n", 18 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 7428] set_robust_list(0x5555819eb760, 24 [pid 7427] <... write resumed>) = 18 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7428 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7427] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5826] close(3 [pid 7428] <... set_robust_list resumed>) = 0 [pid 7427] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7428] chdir("./38" [pid 7427] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... close resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7429 attached [pid 7427] memfd_create("syzkaller", 0) = 3 [pid 7427] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7429] set_robust_list(0x5555819eb760, 24 [pid 7427] <... mmap resumed>) = 0x7f0eeb600000 [pid 7428] <... chdir resumed>) = 0 [pid 7429] <... set_robust_list resumed>) = 0 [pid 7429] chdir("./40" [pid 7428] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7429 [pid 7429] <... chdir resumed>) = 0 [pid 7429] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7429] setpgid(0, 0) = 0 [pid 7429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7429] write(3, "1000", 4) = 4 executing program [pid 7429] close(3) = 0 [pid 7429] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7428] <... prctl resumed>) = 0 [pid 7429] write(1, "executing program\n", 18) = 18 [pid 7429] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7429] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7429] memfd_create("syzkaller", 0) = 3 [pid 7428] setpgid(0, 0 [pid 7429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7428] <... setpgid resumed>) = 0 [pid 7428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7428] write(3, "1000", 4) = 4 [pid 7428] close(3) = 0 [pid 7428] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7428] write(1, "executing program\n", 18) = 18 [pid 7428] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7428] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7428] memfd_create("syzkaller", 0) = 3 [pid 7428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7429] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7427] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7426] <... write resumed>) = 16777216 [pid 7426] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7426] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7426] ioctl(4, LOOP_SET_FD, 3 [pid 7429] <... write resumed>) = 16777216 [pid 7426] <... ioctl resumed>) = 0 [pid 7429] munmap(0x7f0eeb600000, 138412032 [pid 7426] close(3) = 0 [pid 7426] close(4) = 0 [pid 7426] mkdir("./file0", 0777) = 0 [ 159.076352][ T7426] loop2: detected capacity change from 0 to 32768 [pid 7429] <... munmap resumed>) = 0 [pid 7426] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7429] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7429] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7429] close(3) = 0 [pid 7429] close(4) = 0 [pid 7429] mkdir("./file0", 0777) = 0 [ 159.156776][ T7429] loop1: detected capacity change from 0 to 32768 [pid 7429] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7428] <... write resumed>) = 16777216 [pid 7428] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7428] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7428] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7428] close(3) = 0 [pid 7428] close(4) = 0 [pid 7428] mkdir("./file0", 0777) = 0 [pid 7428] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7427] <... write resumed>) = 16777216 [pid 7427] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7427] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 159.311175][ T7428] loop4: detected capacity change from 0 to 32768 [pid 7427] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7427] close(3) = 0 [pid 7427] close(4) = 0 [pid 7427] mkdir("./file0", 0777) = 0 [ 159.360582][ T7427] loop3: detected capacity change from 0 to 32768 [ 159.478286][ T7426] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 159.504904][ T7426] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 159.513332][ T7426] bcachefs (loop2): Version downgrade required: [ 159.521482][ T7426] bcachefs (loop2): Version upgrade required: [ 159.521482][ T7426] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 159.521482][ T7426] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 159.521482][ T7426] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 159.560710][ T7427] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 159.606656][ T7427] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 159.648399][ T7428] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 159.681173][ T7428] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 159.689445][ T7429] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 7427] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"...) = -1 EINVAL (Invalid argument) [pid 7427] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7427] ioctl(3, LOOP_CLR_FD) = 0 [ 159.706882][ T7426] bcachefs (loop2): dropping and reconstructing all alloc info [ 159.716126][ T7429] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 159.732571][ T7427] bcachefs: bch2_fs_get_tree() error: EINVAL [ 159.753362][ T7426] bcachefs (loop2): accounting_read... done [ 159.772244][ T7426] bcachefs (loop2): alloc_read... done [ 159.820560][ T7426] bcachefs (loop2): stripes_read... done [ 159.851321][ T7426] bcachefs (loop2): snapshots_read... done [ 159.873244][ T7426] bcachefs (loop2): check_allocations... done [pid 7427] close(3 [pid 7426] <... mount resumed>) = 0 [ 159.956968][ T7426] bcachefs (loop2): going read-write [ 159.989705][ T7426] bcachefs (loop2): done starting filesystem [pid 7426] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7426] chdir("./file0" [pid 7428] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7429] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7426] <... chdir resumed>) = 0 [pid 7428] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7426] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 7428] <... openat resumed>) = 3 [pid 7426] <... openat resumed>) = 4 [pid 7428] ioctl(3, LOOP_CLR_FD [pid 7426] ioctl(4, LOOP_CLR_FD [pid 7429] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7428] <... ioctl resumed>) = 0 [pid 7426] <... ioctl resumed>) = 0 [pid 7429] <... openat resumed>) = 3 [pid 7428] close(3 [pid 7426] close(4 [pid 7429] ioctl(3, LOOP_CLR_FD [pid 7427] <... close resumed>) = 0 [pid 7426] <... close resumed>) = 0 [pid 7426] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7429] <... ioctl resumed>) = 0 [pid 7429] close(3 [ 160.014125][ T7428] bcachefs: bch2_fs_get_tree() error: EINVAL [ 160.028263][ T7429] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7427] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7426] <... quotactl resumed>) = 0 [pid 7427] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7426] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7427] <... openat resumed>) = 3 [pid 7427] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7426] <... openat resumed>) = 4 [pid 7427] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7427] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7426] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7426] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7427] <... quotactl resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7426] <... quotactl resumed>) = 0 [pid 7426] open(".", O_RDONLY [pid 5825] newfstatat(AT_FDCWD, "./23/file0", [pid 7426] <... open resumed>) = 5 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7426] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5825] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 7427] open(".", O_RDONLY [pid 5825] newfstatat(4, "", [pid 7427] <... open resumed>) = 4 [pid 7427] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7426] <... fallocate resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, [pid 7427] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7427] exit_group(0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 7427] <... exit_group resumed>) = ? [pid 7426] exit_group(0 [pid 7427] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7427, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=55 /* 0.55 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 7426] <... exit_group resumed>) = ? [pid 5825] getdents64(4, [pid 5828] <... restart_syscall resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] umount2("./45", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] close(4 [pid 7426] +++ exited with 0 +++ [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... close resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./45/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./45/binderfs") = 0 [pid 5828] umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7426, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=31 /* 0.31 s */} --- [pid 5825] rmdir("./23/file0" [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5828] umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... rmdir resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... restart_syscall resumed>) = 0 [pid 5825] getdents64(3, [pid 5828] openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5827] umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] close(3 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... close resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] rmdir("./23" [pid 5827] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] <... rmdir resumed>) = 0 [pid 5828] getdents64(4, [pid 5827] <... openat resumed>) = 3 [pid 5825] mkdir("./24", 0777 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] newfstatat(3, "", [pid 5828] close(4 [pid 5825] <... mkdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./45/file0" [pid 5827] getdents64(3, [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] <... rmdir resumed>) = 0 [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5825] <... openat resumed>) = 3 [pid 5827] umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5828] umount2("./45/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./45/file1", [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] close(3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] newfstatat(AT_FDCWD, "./34/binderfs", [pid 5828] unlink("./45/file1" [pid 5825] <... close resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 160.166246][ T61] bucket incorrectly unset in freespace btree [ 160.166285][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7461 attached [pid 5828] getdents64(3, [pid 5827] unlink("./34/binderfs" [pid 7461] set_robust_list(0x5555819eb760, 24 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7461 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./45") = 0 [pid 7461] <... set_robust_list resumed>) = 0 [pid 5827] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7461] chdir("./24" [pid 7429] <... close resumed>) = 0 [pid 5828] mkdir("./46", 0777 [pid 7461] <... chdir resumed>) = 0 [pid 7429] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7461] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... mkdir resumed>) = 0 [pid 7461] <... prctl resumed>) = 0 [pid 7461] setpgid(0, 0) = 0 [pid 7461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7462 attached [pid 7461] <... openat resumed>) = 3 [pid 7429] <... quotactl resumed>) = 0 [pid 7429] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7462] set_robust_list(0x5555819eb760, 24 [pid 7461] write(3, "1000", 4 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7462 [pid 7462] <... set_robust_list resumed>) = 0 [pid 7462] chdir("./46" [pid 7461] <... write resumed>) = 4 [pid 7429] <... openat resumed>) = 3 [pid 7461] close(3) = 0 [pid 7462] <... chdir resumed>) = 0 [pid 7462] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7462] setpgid(0, 0) = 0 [pid 7462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7461] symlink("/dev/binderfs", "./binderfs" [pid 7429] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7462] write(3, "1000", 4 [pid 7461] <... symlink resumed>) = 0 [pid 7429] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7461] write(1, "executing program\n", 18 [pid 7429] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7462] <... write resumed>) = 4 [pid 7462] close(3) = 0 [pid 7462] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7462] write(1, "executing program\n", 18) = 18 [pid 7462] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7462] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7462] memfd_create("syzkaller", 0) = 3 [pid 7462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 executing program [pid 7461] <... write resumed>) = 18 [ 160.276499][ T5827] bcachefs (loop2): shutting down [ 160.291496][ T5827] bcachefs (loop2): going read-only [ 160.301978][ T61] bucket incorrectly unset in freespace btree [pid 7461] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7461] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7461] memfd_create("syzkaller", 0) = 3 [pid 7461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 160.302000][ T61] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 160.316297][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 160.331122][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [pid 7428] <... close resumed>) = 0 [ 160.410674][ T61] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 53) [ 160.434199][ T61] bucket incorrectly unset in freespace btree [pid 7428] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 160.434237][ T61] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 160.476167][ T61] bucket incorrectly unset in freespace btree [ 160.476188][ T61] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 160.500681][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [pid 7462] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7461] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7429] <... quotactl resumed>) = 0 [ 160.513040][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 160.530548][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 7428] <... quotactl resumed>) = 0 [pid 7429] open(".", O_RDONLY) = 4 [pid 7429] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7428] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7429] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7428] <... openat resumed>) = 3 [pid 7428] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7428] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7429] exit_group(0) = ? [pid 7429] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7429, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=43 /* 0.43 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 7428] <... quotactl resumed>) = 0 [pid 7428] open(".", O_RDONLY [pid 5826] <... restart_syscall resumed>) = 0 [pid 5826] umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7428] <... open resumed>) = 4 [pid 7428] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./40/binderfs") = 0 [pid 5826] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7428] exit_group(0 [pid 5826] newfstatat(AT_FDCWD, "./40/file0", [pid 7428] <... exit_group resumed>) = ? [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7428] +++ exited with 0 +++ [pid 5826] close(4) = 0 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7428, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=50 /* 0.50 s */} --- [pid 5826] rmdir("./40/file0" [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5826] <... rmdir resumed>) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] umount2("./40/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./40/file1", [pid 5829] umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] unlink("./40/file1" [pid 5829] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5826] getdents64(3, [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] close(3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... close resumed>) = 0 [pid 5829] newfstatat(AT_FDCWD, "./38/binderfs", [ 160.568651][ T5827] bcachefs (loop2): shutdown complete [pid 5826] rmdir("./40" [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5829] unlink("./38/binderfs" [pid 5826] mkdir("./41", 0777 [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5829] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 3 [pid 5829] newfstatat(AT_FDCWD, "./38/file0", [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] newfstatat(4, "", [pid 5826] close(3 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... close resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./38/file0" [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7463 [pid 5829] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 7463 attached [pid 7463] set_robust_list(0x5555819eb760, 24 [pid 5829] umount2("./38/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./38/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7463] <... set_robust_list resumed>) = 0 [pid 5829] unlink("./38/file1" [pid 7463] chdir("./41") = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5829] getdents64(3, [pid 7463] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7463] <... prctl resumed>) = 0 [pid 5829] close(3 [pid 7463] setpgid(0, 0 [pid 5829] <... close resumed>) = 0 [pid 7463] <... setpgid resumed>) = 0 [pid 5829] rmdir("./38" [pid 7463] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] <... rmdir resumed>) = 0 [pid 7463] <... openat resumed>) = 3 [pid 5829] mkdir("./39", 0777 [pid 7463] write(3, "1000", 4 [pid 5829] <... mkdir resumed>) = 0 [pid 7463] <... write resumed>) = 4 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7463] close(3 [pid 5829] <... openat resumed>) = 3 [pid 7463] <... close resumed>) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 7463] symlink("/dev/binderfs", "./binderfs" [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] close(3executing program [pid 7463] <... symlink resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 7463] write(1, "executing program\n", 18 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7463] <... write resumed>) = 18 ./strace-static-x86_64: Process 7464 attached [pid 7463] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7464 [pid 7464] set_robust_list(0x5555819eb760, 24 [pid 7463] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7464] <... set_robust_list resumed>) = 0 [pid 7464] chdir("./39") = 0 [pid 7464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7463] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7464] setpgid(0, 0) = 0 [pid 7463] memfd_create("syzkaller", 0 [pid 7464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7463] <... memfd_create resumed>) = 3 [pid 7464] <... openat resumed>) = 3 [pid 7463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7464] write(3, "1000", 4 [pid 7463] <... mmap resumed>) = 0x7f0eeb600000 [pid 7464] <... write resumed>) = 4 [pid 7464] close(3) = 0 [pid 7464] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7464] write(1, "executing program\n", 18executing program ) = 18 [pid 7464] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7464] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7464] memfd_create("syzkaller", 0) = 3 [pid 7464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7461] <... write resumed>) = 16777216 [pid 7462] <... write resumed>) = 16777216 [pid 7462] munmap(0x7f0eeb600000, 138412032 [pid 7461] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7462] <... munmap resumed>) = 0 [pid 7461] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7461] ioctl(4, LOOP_SET_FD, 3 [pid 7462] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7462] ioctl(4, LOOP_SET_FD, 3 [pid 7461] <... ioctl resumed>) = 0 [pid 7461] close(3) = 0 [pid 7461] close(4 [pid 7462] <... ioctl resumed>) = 0 [pid 7461] <... close resumed>) = 0 [pid 7462] close(3 [pid 7461] mkdir("./file0", 0777 [pid 7462] <... close resumed>) = 0 [pid 7462] close(4 [pid 7461] <... mkdir resumed>) = 0 [pid 7462] <... close resumed>) = 0 [pid 7462] mkdir("./file0", 0777 [pid 7461] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7462] <... mkdir resumed>) = 0 [ 160.832321][ T7461] loop0: detected capacity change from 0 to 32768 [ 160.833085][ T7462] loop3: detected capacity change from 0 to 32768 [pid 7462] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7463] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7464] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7463] <... write resumed>) = 16777216 [pid 7463] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7463] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7463] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7463] close(3) = 0 [pid 7463] close(4 [pid 7464] <... write resumed>) = 16777216 [pid 7463] <... close resumed>) = 0 [pid 7463] mkdir("./file0", 0777 [pid 7464] munmap(0x7f0eeb600000, 138412032 [pid 7463] <... mkdir resumed>) = 0 [pid 7463] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7464] <... munmap resumed>) = 0 [ 161.134914][ T7463] loop1: detected capacity change from 0 to 32768 [pid 7464] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7464] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7464] close(3) = 0 [pid 7464] close(4) = 0 [pid 7464] mkdir("./file0", 0777) = 0 [ 161.211436][ T7464] loop4: detected capacity change from 0 to 32768 [ 161.426527][ T7461] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 161.436197][ T7463] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 161.436554][ T7462] bcachefs (loop3): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 161.445355][ T7461] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 161.471622][ T7464] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 161.486430][ T7462] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 161.497350][ T7462] bcachefs (loop3): Version downgrade required: [ 161.503841][ T7462] bcachefs (loop3): Version upgrade required: [ 161.503841][ T7462] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 161.503841][ T7462] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 161.503841][ T7462] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 161.522319][ T7464] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 161.582547][ T7463] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 161.598009][ T7462] bcachefs (loop3): dropping and reconstructing all alloc info [ 161.618246][ T7462] bcachefs (loop3): accounting_read... done [ 161.631075][ T7462] bcachefs (loop3): alloc_read... done [ 161.642067][ T7462] bcachefs (loop3): stripes_read... done [ 161.655903][ T7462] bcachefs (loop3): snapshots_read... done [ 161.670354][ T7462] bcachefs (loop3): check_allocations... done [pid 7464] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7461] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7462] <... mount resumed>) = 0 [pid 7461] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 7461] ioctl(3, LOOP_CLR_FD) = 0 [pid 7461] close(3 [pid 7462] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7462] chdir("./file0") = 0 [pid 7462] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7462] ioctl(4, LOOP_CLR_FD) = 0 [pid 7462] close(4) = 0 [ 161.748815][ T7462] bcachefs (loop3): going read-write [ 161.759787][ T7461] bcachefs: bch2_fs_get_tree() error: EINVAL [ 161.771044][ T7462] bcachefs (loop3): done starting filesystem [pid 7462] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7462] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7462] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7463] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7462] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7462] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7463] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7462] <... quotactl resumed>) = 0 [pid 7462] open(".", O_RDONLY) = 5 [pid 7463] <... openat resumed>) = 3 [pid 7462] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7463] ioctl(3, LOOP_CLR_FD) = 0 [pid 7463] close(3 [pid 7462] <... fallocate resumed>) = 0 [pid 7462] exit_group(0) = ? [ 161.827259][ T7463] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7462] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7462, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=42 /* 0.42 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] umount2("./46", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./46/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./46/binderfs") = 0 [ 161.886866][ T61] bucket incorrectly unset in freespace btree [ 161.886899][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5828] umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7464] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7464] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7464] ioctl(3, LOOP_CLR_FD) = 0 [ 161.973835][ T61] bucket incorrectly unset in freespace btree [ 161.973859][ T61] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 161.983492][ T5828] bcachefs (loop3): shutting down [pid 7464] close(3 [pid 7461] <... close resumed>) = 0 [pid 7461] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5827] <... umount2 resumed>) = 0 [pid 5827] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 161.983512][ T5828] bcachefs (loop3): going read-only [ 161.989332][ T5828] bcachefs (loop3): finished waiting for writes to stop [pid 5827] openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./34/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./34") = 0 [pid 5827] mkdir("./35", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7496 attached [pid 7496] set_robust_list(0x5555819eb760, 24 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 7496 [pid 7496] <... set_robust_list resumed>) = 0 [ 162.007101][ T5828] bcachefs (loop3): flushing journal and stopping allocators, journal seq 11 [pid 7496] chdir("./35") = 0 [pid 7496] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7496] setpgid(0, 0) = 0 [pid 7496] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7496] write(3, "1000", 4) = 4 [pid 7496] close(3 [pid 7464] <... close resumed>) = 0 [pid 7463] <... close resumed>) = 0 [pid 7496] <... close resumed>) = 0 [pid 7464] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7463] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7496] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7496] write(1, "executing program\n", 18) = 18 [pid 7496] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7496] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7496] memfd_create("syzkaller", 0) = 3 [pid 7496] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 162.020069][ T7464] bcachefs: bch2_fs_get_tree() error: EINVAL [ 162.204967][ T52] bcachefs (loop3): loop3: Superblock write was silently dropped! (seq 0 expected 53) [ 162.224586][ T52] bucket incorrectly unset in freespace btree [ 162.224618][ T52] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 162.241022][ T52] bucket incorrectly unset in freespace btree [ 162.241041][ T52] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 162.269519][ T5828] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 12 [ 162.283505][ T5828] bcachefs (loop3): unclean shutdown complete, journal seq 13 [ 162.292483][ T5828] bcachefs (loop3): done going read-only, filesystem not clean [pid 7463] <... quotactl resumed>) = 0 [pid 7461] <... quotactl resumed>) = 0 [pid 7463] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7461] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7463] <... openat resumed>) = 3 [pid 7461] <... openat resumed>) = 3 [pid 7463] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7461] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7463] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7464] <... quotactl resumed>) = 0 [pid 7463] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7464] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7461] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7461] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7464] <... openat resumed>) = 3 [pid 7464] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7464] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7463] <... quotactl resumed>) = 0 [pid 7463] open(".", O_RDONLY) = 4 [pid 7463] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7463] exit_group(0) = ? [pid 7464] <... quotactl resumed>) = 0 [pid 7463] +++ exited with 0 +++ [pid 7461] <... quotactl resumed>) = 0 [pid 7464] open(".", O_RDONLY [pid 7461] open(".", O_RDONLY [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7463, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=45 /* 0.45 s */} --- [pid 7464] <... open resumed>) = 4 [pid 7461] <... open resumed>) = 4 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 7464] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7461] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7464] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7461] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7464] exit_group(0 [pid 7461] exit_group(0 [pid 7464] <... exit_group resumed>) = ? [pid 7461] <... exit_group resumed>) = ? [pid 7464] +++ exited with 0 +++ [pid 7461] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7464, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=40 /* 0.40 s */} --- [pid 5826] <... restart_syscall resumed>) = 0 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7461, si_uid=0, si_status=0, si_utime=8 /* 0.08 s */, si_stime=40 /* 0.40 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5826] umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 3 [pid 5829] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(3, "", [pid 5829] <... openat resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(3, "", [pid 5826] getdents64(3, [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] getdents64(3, [pid 5826] umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./41/binderfs", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./39/binderfs", [pid 5826] unlink("./41/binderfs" [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5825] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] unlink("./39/binderfs" [pid 5826] umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... openat resumed>) = 3 [pid 5829] umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./41/file0", [pid 5825] newfstatat(3, "", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./39/file0", [pid 5826] umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 4 [pid 5825] getdents64(3, [pid 5829] openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(4, "", [pid 5829] <... openat resumed>) = 4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] newfstatat(4, "", [pid 5826] getdents64(4, [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] getdents64(4, [pid 5826] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(4, [pid 5826] close(4 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... close resumed>) = 0 [pid 5825] newfstatat(AT_FDCWD, "./24/binderfs", [pid 5829] close(4 [pid 5826] rmdir("./41/file0" [pid 5829] <... close resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] rmdir("./39/file0" [pid 5826] umount2("./41/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] unlink("./24/binderfs" [pid 5829] <... rmdir resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./41/file1", [pid 5829] umount2("./39/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] unlink("./41/file1" [pid 5825] umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./39/file1", [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] getdents64(3, [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./39/file1" [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] newfstatat(AT_FDCWD, "./24/file0", [pid 5829] <... unlink resumed>) = 0 [pid 5826] close(3) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] rmdir("./41" [pid 5829] getdents64(3, [pid 5826] <... rmdir resumed>) = 0 [pid 5825] umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] mkdir("./42", 0777 [pid 5829] close(3 [pid 5826] <... mkdir resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... close resumed>) = 0 [ 162.317326][ T5828] bcachefs (loop3): shutdown complete [pid 5825] openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] rmdir("./39") = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5825] <... openat resumed>) = 4 [pid 5825] newfstatat(4, "", [pid 5826] <... openat resumed>) = 3 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] mkdir("./40", 0777 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5825] getdents64(4, [pid 5829] <... mkdir resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] close(3 [pid 5825] getdents64(4, [pid 5826] <... close resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] close(4 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] <... close resumed>) = 0 ./strace-static-x86_64: Process 7497 attached [pid 5829] <... openat resumed>) = 3 [pid 5825] rmdir("./24/file0" [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 7497] set_robust_list(0x5555819eb760, 24 [pid 5829] close(3 [pid 5825] <... rmdir resumed>) = 0 [pid 7497] <... set_robust_list resumed>) = 0 [pid 5825] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7497 [pid 5829] <... close resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7498 attached [pid 7498] set_robust_list(0x5555819eb760, 24) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7498 [pid 7498] chdir("./40") = 0 [pid 7498] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7498] setpgid(0, 0) = 0 [pid 7498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7498] write(3, "1000", 4) = 4 [pid 7498] close(3) = 0 [pid 7498] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7498] write(1, "executing program\n", 18 [pid 5825] newfstatat(AT_FDCWD, "./24/file1", executing program {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7498] <... write resumed>) = 18 [pid 5825] unlink("./24/file1" [pid 7498] fsopen(NULL, 0 [pid 5825] <... unlink resumed>) = 0 [pid 7498] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5825] getdents64(3, [pid 7498] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7498] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5825] close(3 [pid 7497] chdir("./42" [pid 5825] <... close resumed>) = 0 [pid 7497] <... chdir resumed>) = 0 [pid 7497] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] rmdir("./24" [pid 7497] <... prctl resumed>) = 0 [pid 7497] setpgid(0, 0 [pid 7498] memfd_create("syzkaller", 0 [pid 7497] <... setpgid resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 7498] <... memfd_create resumed>) = 3 [pid 7497] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7498] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7497] <... openat resumed>) = 3 [pid 7498] <... mmap resumed>) = 0x7f0eeb600000 [pid 7497] write(3, "1000", 4 [pid 5825] mkdir("./25", 0777 [pid 7497] <... write resumed>) = 4 [pid 7496] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5825] <... mkdir resumed>) = 0 [pid 7497] close(3 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7497] <... close resumed>) = 0 [pid 7497] symlink("/dev/binderfs", "./binderfs" [pid 5825] <... openat resumed>) = 3 [pid 7497] <... symlink resumed>) = 0 [pid 7497] write(1, "executing program\n", 18executing program [pid 5825] ioctl(3, LOOP_CLR_FD [pid 7497] <... write resumed>) = 18 [pid 7497] fsopen(NULL, 0 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7497] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5825] close(3 [pid 7497] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5825] <... close resumed>) = 0 [pid 7497] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7499 attached [pid 7497] memfd_create("syzkaller", 0 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7499 [pid 7499] set_robust_list(0x5555819eb760, 24 [pid 7497] <... memfd_create resumed>) = 3 [pid 7499] <... set_robust_list resumed>) = 0 [pid 7497] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7499] chdir("./25" [pid 7497] <... mmap resumed>) = 0x7f0eeb600000 [pid 7499] <... chdir resumed>) = 0 [pid 7499] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7499] setpgid(0, 0) = 0 [pid 7499] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7499] write(3, "1000", 4) = 4 [pid 7499] close(3executing program ) = 0 [pid 7499] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7499] write(1, "executing program\n", 18) = 18 [pid 7499] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7499] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7499] memfd_create("syzkaller", 0) = 3 [pid 7499] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7498] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7499] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7497] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7496] <... write resumed>) = 16777216 [pid 7496] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7496] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7496] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7496] close(3) = 0 [pid 7496] close(4) = 0 [pid 7496] mkdir("./file0", 0777) = 0 [ 162.807516][ T7496] loop2: detected capacity change from 0 to 32768 [pid 7496] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7497] <... write resumed>) = 16777216 [pid 7498] <... write resumed>) = 16777216 [pid 7498] munmap(0x7f0eeb600000, 138412032 [pid 7497] munmap(0x7f0eeb600000, 138412032 [pid 7498] <... munmap resumed>) = 0 [pid 7499] <... write resumed>) = 16777216 [pid 7497] <... munmap resumed>) = 0 [pid 7499] munmap(0x7f0eeb600000, 138412032 [pid 7498] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7497] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7498] <... openat resumed>) = 4 [pid 7497] <... openat resumed>) = 4 [pid 7498] ioctl(4, LOOP_SET_FD, 3 [pid 7497] ioctl(4, LOOP_SET_FD, 3 [pid 7498] <... ioctl resumed>) = 0 [pid 7498] close(3) = 0 [pid 7498] close(4) = 0 [pid 7499] <... munmap resumed>) = 0 [pid 7497] <... ioctl resumed>) = 0 [pid 7498] mkdir("./file0", 0777 [pid 7499] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7498] <... mkdir resumed>) = 0 [pid 7497] close(3 [pid 7498] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7499] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7497] <... close resumed>) = 0 [pid 7499] close(3) = 0 [pid 7499] close(4 [pid 7497] close(4) = 0 [pid 7499] <... close resumed>) = 0 [pid 7497] mkdir("./file0", 0777 [pid 7499] mkdir("./file0", 0777) = 0 [pid 7497] <... mkdir resumed>) = 0 [pid 7499] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 163.019825][ T7498] loop4: detected capacity change from 0 to 32768 [ 163.026888][ T7497] loop1: detected capacity change from 0 to 32768 [ 163.054298][ T7499] loop0: detected capacity change from 0 to 32768 [ 163.225505][ T7496] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 163.232745][ T7498] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 163.252063][ T7496] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 163.263816][ T7498] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 163.270313][ T7496] bcachefs (loop2): Version downgrade required: [ 163.283631][ T7496] bcachefs (loop2): Version upgrade required: [ 163.283631][ T7496] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 163.283631][ T7496] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 163.283631][ T7496] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 163.315001][ T7497] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 163.364144][ T7497] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 163.375141][ T7499] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 163.393238][ T7499] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 163.407671][ T7496] bcachefs (loop2): dropping and reconstructing all alloc info [ 163.463590][ T7496] bcachefs (loop2): accounting_read... done [ 163.493433][ T7496] bcachefs (loop2): alloc_read... done [ 163.528061][ T7496] bcachefs (loop2): stripes_read... done [ 163.539033][ T7496] bcachefs (loop2): snapshots_read... done [pid 7497] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7498] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7498] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 163.576997][ T7496] bcachefs (loop2): check_allocations... done [ 163.642336][ T7498] bcachefs: bch2_fs_get_tree() error: EINVAL [ 163.659338][ T7496] bcachefs (loop2): going read-write [pid 7498] ioctl(3, LOOP_CLR_FD) = 0 [pid 7498] close(3 [pid 7496] <... mount resumed>) = 0 [pid 7496] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7496] chdir("./file0") = 0 [pid 7496] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7496] ioctl(4, LOOP_CLR_FD) = 0 [pid 7496] close(4) = 0 [ 163.684700][ T7496] bcachefs (loop2): done starting filesystem [pid 7496] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7497] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = 0 [pid 7497] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7497] ioctl(3, LOOP_CLR_FD) = 0 [pid 7497] close(3 [pid 7499] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7499] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7499] <... openat resumed>) = 3 [pid 7499] ioctl(3, LOOP_CLR_FD) = 0 [pid 7499] close(3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [ 163.726550][ T7497] bcachefs: bch2_fs_get_tree() error: EINVAL [ 163.738368][ T7499] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5828] rmdir("./46/file0") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./46") = 0 [pid 7496] <... quotactl resumed>) = 0 [pid 5828] mkdir("./47", 0777 [pid 7496] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5828] <... mkdir resumed>) = 0 [pid 7496] <... openat resumed>) = 4 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7496] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5828] <... openat resumed>) = 3 [pid 7496] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5828] ioctl(3, LOOP_CLR_FD [pid 7496] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7531 attached [pid 7531] set_robust_list(0x5555819eb760, 24) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7531 [pid 7531] chdir("./47") = 0 [pid 7496] <... quotactl resumed>) = 0 [pid 7531] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7496] open(".", O_RDONLY) = 5 [pid 7496] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7531] <... prctl resumed>) = 0 [pid 7531] setpgid(0, 0) = 0 [pid 7531] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7531] write(3, "1000", 4) = 4 [pid 7531] close(3) = 0 [pid 7531] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7531] write(1, "executing program\n", 18) = 18 [pid 7531] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7496] <... fallocate resumed>) = 0 [pid 7496] exit_group(0 [pid 7531] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7496] <... exit_group resumed>) = ? [pid 7531] memfd_create("syzkaller", 0) = 3 [pid 7531] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7496] +++ exited with 0 +++ [pid 7531] <... mmap resumed>) = 0x7f0eeb600000 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7496, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=28 /* 0.28 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./35/binderfs") = 0 [ 163.898697][ T61] bucket incorrectly unset in freespace btree [ 163.898733][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5827] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7497] <... close resumed>) = 0 [pid 7498] <... close resumed>) = 0 [ 163.981916][ T5827] bcachefs (loop2): shutting down [ 163.995926][ T5827] bcachefs (loop2): going read-only [ 164.001232][ T61] bucket incorrectly unset in freespace btree [ 164.001253][ T61] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 7498] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 164.032615][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 164.048106][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [ 164.068803][ T52] bucket incorrectly unset in freespace btree [ 164.068824][ T52] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 7497] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7499] <... close resumed>) = 0 [ 164.110123][ T52] bucket incorrectly unset in freespace btree [ 164.110146][ T52] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 7499] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7531] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7499] <... quotactl resumed>) = 0 [pid 7498] <... quotactl resumed>) = 0 [pid 7497] <... quotactl resumed>) = 0 [pid 7499] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7498] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7497] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7499] <... openat resumed>) = 3 [pid 7498] <... openat resumed>) = 3 [pid 7497] <... openat resumed>) = 3 [pid 7499] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7498] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7499] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7497] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7499] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7498] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7497] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7498] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7497] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7499] <... quotactl resumed>) = 0 [pid 7498] <... quotactl resumed>) = 0 [pid 7497] <... quotactl resumed>) = 0 [pid 7499] open(".", O_RDONLY [pid 7498] open(".", O_RDONLY [pid 7499] <... open resumed>) = 4 [pid 7497] open(".", O_RDONLY [pid 7499] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7498] <... open resumed>) = 4 [pid 7497] <... open resumed>) = 4 [pid 7499] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7498] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7497] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7499] exit_group(0 [pid 7498] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7497] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [ 164.151963][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 164.163756][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 164.172866][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [ 164.195716][ T5827] bcachefs (loop2): shutdown complete [pid 7499] <... exit_group resumed>) = ? [pid 7498] exit_group(0 [pid 7497] exit_group(0 [pid 7499] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7499, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=42 /* 0.42 s */} --- [pid 7497] <... exit_group resumed>) = ? [pid 7498] <... exit_group resumed>) = ? [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 7498] +++ exited with 0 +++ [pid 7497] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7498, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=48 /* 0.48 s */} --- [pid 5825] <... restart_syscall resumed>) = 0 [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7497, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=51 /* 0.51 s */} --- [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... openat resumed>) = 3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 3 [pid 5825] newfstatat(3, "", [pid 5829] <... openat resumed>) = 3 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(3, "", [pid 5826] newfstatat(3, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5826] getdents64(3, [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./42/binderfs", [pid 5829] newfstatat(AT_FDCWD, "./40/binderfs", [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./42/binderfs" [pid 5825] unlink("./25/binderfs" [pid 5829] unlink("./40/binderfs" [pid 5826] <... unlink resumed>) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 5825] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] <... unlink resumed>) = 0 [pid 5826] umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(AT_FDCWD, "./25/file0", [pid 5829] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./42/file0", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./40/file0", [pid 5825] openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... openat resumed>) = 4 [pid 5829] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(4, "", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] getdents64(4, [pid 5829] <... openat resumed>) = 4 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... openat resumed>) = 4 [pid 5825] getdents64(4, [pid 5826] newfstatat(4, "", [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] close(4 [pid 5829] newfstatat(4, "", [pid 5826] getdents64(4, [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./25/file0" [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] <... rmdir resumed>) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] umount2("./25/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] close(4 [pid 5829] getdents64(4, [pid 5826] <... close resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] rmdir("./42/file0" [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(4, [pid 5825] newfstatat(AT_FDCWD, "./25/file1", [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] close(4 [pid 5826] umount2("./42/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] unlink("./25/file1" [pid 5829] <... close resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] rmdir("./40/file0" [pid 5826] newfstatat(AT_FDCWD, "./42/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5826] unlink("./42/file1" [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./25" [pid 5829] umount2("./40/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(3, [pid 5829] newfstatat(AT_FDCWD, "./40/file1", [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] close(3 [pid 5825] <... rmdir resumed>) = 0 [pid 5829] unlink("./40/file1" [pid 5826] <... close resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5826] rmdir("./42" [pid 5825] mkdir("./26", 0777 [pid 5826] <... rmdir resumed>) = 0 [pid 5825] <... mkdir resumed>) = 0 [pid 5829] getdents64(3, [pid 5826] mkdir("./43", 0777 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./40" [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] <... mkdir resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5825] <... openat resumed>) = 3 [pid 5829] mkdir("./41", 0777 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5826] <... openat resumed>) = 3 [pid 5829] <... mkdir resumed>) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] close(3 [pid 7531] <... write resumed>) = 16777216 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] close(3 [pid 5829] <... openat resumed>) = 3 [pid 5826] <... close resumed>) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... close resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7531] munmap(0x7f0eeb600000, 138412032 [pid 5829] close(3./strace-static-x86_64: Process 7533 attached ./strace-static-x86_64: Process 7532 attached [pid 7531] <... munmap resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7533] set_robust_list(0x5555819eb760, 24 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7532 [pid 7533] <... set_robust_list resumed>) = 0 [pid 7532] set_robust_list(0x5555819eb760, 24 [pid 7533] chdir("./43" [pid 7532] <... set_robust_list resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7534 [pid 7532] chdir("./26" [pid 7533] <... chdir resumed>) = 0 [pid 7532] <... chdir resumed>) = 0 [pid 7533] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7532] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7533] <... prctl resumed>) = 0 [pid 7532] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 7534 attached [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7533 [pid 7532] setpgid(0, 0 [pid 7534] set_robust_list(0x5555819eb760, 24 [pid 7533] setpgid(0, 0 [pid 7532] <... setpgid resumed>) = 0 [pid 7534] <... set_robust_list resumed>) = 0 [pid 7533] <... setpgid resumed>) = 0 [pid 7532] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7534] chdir("./41" [pid 7533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7532] <... openat resumed>) = 3 [pid 7534] <... chdir resumed>) = 0 [pid 7532] write(3, "1000", 4 [pid 7533] <... openat resumed>) = 3 [pid 7534] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7532] <... write resumed>) = 4 [pid 7531] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7534] <... prctl resumed>) = 0 [pid 7533] write(3, "1000", 4 [pid 7532] close(3 [pid 7531] <... openat resumed>) = 4 [pid 7534] setpgid(0, 0 [pid 7533] <... write resumed>) = 4 [pid 7532] <... close resumed>) = 0 [pid 7534] <... setpgid resumed>) = 0 [pid 7533] close(3 [pid 7532] symlink("/dev/binderfs", "./binderfs" [pid 7531] ioctl(4, LOOP_SET_FD, 3 [pid 7534] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program [pid 7533] <... close resumed>) = 0 [pid 7532] <... symlink resumed>) = 0 [pid 7534] <... openat resumed>) = 3 [pid 7532] write(1, "executing program\n", 18 [pid 7533] symlink("/dev/binderfs", "./binderfs" [pid 7534] write(3, "1000", 4 [pid 7532] <... write resumed>) = 18 [pid 7532] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7533] <... symlink resumed>) = 0 [pid 7532] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0executing program [pid 7534] <... write resumed>) = 4 [pid 7533] write(1, "executing program\n", 18 [pid 7532] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7534] close(3 [pid 7533] <... write resumed>) = 18 [pid 7532] memfd_create("syzkaller", 0) = 3 [pid 7534] <... close resumed>) = 0 [pid 7533] fsopen(NULL, 0 [pid 7531] <... ioctl resumed>) = 0 [pid 7532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7531] close(3 [pid 7533] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7534] symlink("/dev/binderfs", "./binderfs" [pid 7533] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7534] <... symlink resumed>) = 0 [pid 7532] <... mmap resumed>) = 0x7f0eeb600000 [pid 7531] <... close resumed>) = 0 [pid 7531] close(4 [pid 7534] write(1, "executing program\n", 18 [pid 7533] memfd_create("syzkaller", 0 [pid 7531] <... close resumed>) = 0 executing program [pid 7534] <... write resumed>) = 18 [pid 7533] <... memfd_create resumed>) = 3 [pid 7534] fsopen(NULL, 0 [pid 7533] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7534] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7531] mkdir("./file0", 0777) = 0 [pid 7531] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7534] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7534] memfd_create("syzkaller", 0) = 3 [pid 7534] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 164.367342][ T7531] loop3: detected capacity change from 0 to 32768 [pid 7533] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7532] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7534] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7532] <... write resumed>) = 16777216 [pid 7532] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7532] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7532] ioctl(4, LOOP_SET_FD, 3 [pid 7533] <... write resumed>) = 16777216 [pid 7532] <... ioctl resumed>) = 0 [pid 7532] close(3) = 0 [pid 7532] close(4) = 0 [pid 7532] mkdir("./file0", 0777) = 0 [pid 7533] munmap(0x7f0eeb600000, 138412032 [ 164.787770][ T7532] loop0: detected capacity change from 0 to 32768 [pid 7532] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7534] <... write resumed>) = 16777216 [pid 7534] munmap(0x7f0eeb600000, 138412032 [pid 7533] <... munmap resumed>) = 0 [pid 7534] <... munmap resumed>) = 0 [pid 7533] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7534] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7533] <... openat resumed>) = 4 [pid 7534] <... openat resumed>) = 4 [pid 7533] ioctl(4, LOOP_SET_FD, 3 [pid 7534] ioctl(4, LOOP_SET_FD, 3 [pid 7533] <... ioctl resumed>) = 0 [pid 7534] <... ioctl resumed>) = 0 [pid 7533] close(3 [pid 7534] close(3 [pid 7533] <... close resumed>) = 0 [pid 7534] <... close resumed>) = 0 [pid 7533] close(4 [pid 7534] close(4 [pid 7533] <... close resumed>) = 0 [pid 7534] <... close resumed>) = 0 [pid 7534] mkdir("./file0", 0777 [pid 7533] mkdir("./file0", 0777 [pid 7534] <... mkdir resumed>) = 0 [pid 7533] <... mkdir resumed>) = 0 [pid 7533] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 164.871484][ T7533] loop1: detected capacity change from 0 to 32768 [ 164.873455][ T7534] loop4: detected capacity change from 0 to 32768 [ 164.965392][ T7531] bcachefs (loop3): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 164.981704][ T7532] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 165.022339][ T7531] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 165.024233][ T7532] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 165.046045][ T7531] bcachefs (loop3): Version downgrade required: [ 165.052551][ T7531] bcachefs (loop3): Version upgrade required: [ 165.052551][ T7531] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 165.052551][ T7531] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 165.052551][ T7531] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 165.129217][ T7531] bcachefs (loop3): dropping and reconstructing all alloc info [ 165.157359][ T7531] bcachefs (loop3): accounting_read... done [ 165.170215][ T7534] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 165.194895][ T7531] bcachefs (loop3): alloc_read... done [ 165.216403][ T7531] bcachefs (loop3): stripes_read... done [ 165.226910][ T7534] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7534] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7532] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7532] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 7532] ioctl(3, LOOP_CLR_FD) = 0 [ 165.237487][ T7533] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 165.247881][ T7531] bcachefs (loop3): snapshots_read... done [ 165.260996][ T7531] bcachefs (loop3): check_allocations... [ 165.263863][ T7533] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 165.284124][ T7532] bcachefs: bch2_fs_get_tree() error: EINVAL [ 165.379454][ T7531] done [ 165.407137][ T7531] bcachefs (loop3): going read-write [pid 7532] close(3 [pid 7531] <... mount resumed>) = 0 [pid 7531] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5827] <... umount2 resumed>) = 0 [pid 7531] <... openat resumed>) = 3 [pid 7531] chdir("./file0") = 0 [pid 7531] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7531] <... openat resumed>) = 4 [pid 5827] close(4) = 0 [ 165.429872][ T7531] bcachefs (loop3): done starting filesystem [pid 5827] rmdir("./35/file0" [pid 7531] ioctl(4, LOOP_CLR_FD) = 0 [pid 7531] close(4) = 0 [pid 7531] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5827] <... rmdir resumed>) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./35") = 0 [pid 7531] <... quotactl resumed>) = 0 [pid 7531] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 5827] mkdir("./36", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7566 attached [pid 7531] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7531] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7566] set_robust_list(0x5555819eb760, 24) = 0 [pid 7566] chdir("./36" [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 7566 [pid 7566] <... chdir resumed>) = 0 [pid 7566] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7566] setpgid(0, 0) = 0 [pid 7566] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 executing program [pid 7566] write(3, "1000", 4) = 4 [pid 7531] <... quotactl resumed>) = 0 [pid 7566] close(3) = 0 [pid 7566] symlink("/dev/binderfs", "./binderfs" [pid 7531] open(".", O_RDONLY [pid 7566] <... symlink resumed>) = 0 [pid 7566] write(1, "executing program\n", 18) = 18 [pid 7566] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7566] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7566] memfd_create("syzkaller", 0 [pid 7534] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7531] <... open resumed>) = 5 [pid 7534] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7531] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7566] <... memfd_create resumed>) = 3 [pid 7534] <... openat resumed>) = 3 [pid 7534] ioctl(3, LOOP_CLR_FD [pid 7566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 165.517077][ T7534] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7534] <... ioctl resumed>) = 0 [pid 7531] <... fallocate resumed>) = 0 [pid 7534] close(3 [pid 7531] exit_group(0) = ? [pid 7531] +++ exited with 0 +++ [pid 7533] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7531, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=30 /* 0.30 s */} --- [ 165.590402][ T52] bucket incorrectly unset in freespace btree [ 165.590437][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 7533] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7533] ioctl(3, LOOP_CLR_FD) = 0 [pid 7533] close(3 [pid 5828] umount2("./47", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7532] <... close resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./47/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./47/binderfs") = 0 [pid 7532] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 165.633455][ T7533] bcachefs: bch2_fs_get_tree() error: EINVAL [ 165.707718][ T5828] bcachefs (loop3): shutting down [ 165.712824][ T5828] bcachefs (loop3): going read-only [ 165.720345][ T52] bucket incorrectly unset in freespace btree [ 165.720366][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 165.757565][ T5828] bcachefs (loop3): finished waiting for writes to stop [ 165.788407][ T5828] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12 [pid 5828] umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7534] <... close resumed>) = 0 [pid 7534] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7566] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7533] <... close resumed>) = 0 [ 165.839973][ T52] bcachefs (loop3): loop3: Superblock write was silently dropped! (seq 0 expected 53) [ 165.872129][ T52] bucket incorrectly unset in freespace btree [ 165.872218][ T52] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 165.895353][ T52] bucket incorrectly unset in freespace btree [ 165.895375][ T52] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 165.922034][ T5828] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 12 [ 165.935436][ T5828] bcachefs (loop3): unclean shutdown complete, journal seq 13 [pid 7533] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7534] <... quotactl resumed>) = 0 [pid 7532] <... quotactl resumed>) = 0 [pid 7534] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7533] <... quotactl resumed>) = 0 [pid 7532] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7534] <... openat resumed>) = 3 [pid 7533] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7532] <... openat resumed>) = 3 [pid 7534] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7533] <... openat resumed>) = 3 [pid 7534] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7532] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7532] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7533] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7534] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7532] <... quotactl resumed>) = 0 [pid 7534] <... quotactl resumed>) = 0 [pid 7534] open(".", O_RDONLY [pid 7532] open(".", O_RDONLY [pid 7534] <... open resumed>) = 4 [pid 7532] <... open resumed>) = 4 [pid 7534] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7532] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7534] exit_group(0 [pid 7532] exit_group(0 [pid 7534] <... exit_group resumed>) = ? [pid 7533] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7533] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7532] <... exit_group resumed>) = ? [pid 7534] +++ exited with 0 +++ [pid 7533] <... quotactl resumed>) = 0 [pid 7532] +++ exited with 0 +++ [pid 7533] open(".", O_RDONLY [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7532, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=49 /* 0.49 s */} --- [pid 7533] <... open resumed>) = 4 [ 165.944784][ T5828] bcachefs (loop3): done going read-only, filesystem not clean [ 165.970816][ T5828] bcachefs (loop3): shutdown complete [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 7533] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7534, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=44 /* 0.44 s */} --- [pid 5825] <... restart_syscall resumed>) = 0 [pid 7533] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7533] exit_group(0) = ? [pid 5829] umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7533] +++ exited with 0 +++ [pid 5829] <... openat resumed>) = 3 [pid 5825] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(3, "", [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7533, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=46 /* 0.46 s */} --- [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5829] getdents64(3, [pid 5825] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 7566] <... write resumed>) = 16777216 [pid 5829] umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... openat resumed>) = 3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7566] munmap(0x7f0eeb600000, 138412032 [pid 5829] newfstatat(AT_FDCWD, "./41/binderfs", [pid 5825] newfstatat(3, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] unlink("./41/binderfs") = 0 [pid 5825] getdents64(3, [pid 5829] umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] <... restart_syscall resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] newfstatat(AT_FDCWD, "./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... openat resumed>) = 4 [pid 5825] newfstatat(AT_FDCWD, "./26/binderfs", [pid 5829] newfstatat(4, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] unlink("./26/binderfs" [pid 5829] getdents64(4, [pid 5826] <... openat resumed>) = 3 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] newfstatat(3, "", [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] close(4) = 0 [pid 5826] getdents64(3, [pid 5825] <... unlink resumed>) = 0 [pid 5829] rmdir("./41/file0") = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./41/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./26/file0", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./41/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./41/file1" [pid 7566] <... munmap resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./43/binderfs", [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7566] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5825] umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7566] <... openat resumed>) = 4 [pid 5829] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7566] ioctl(4, LOOP_SET_FD, 3 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] unlink("./43/binderfs" [pid 5825] openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] close(3 [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5829] rmdir("./41") = 0 [pid 7566] <... ioctl resumed>) = 0 [pid 5826] umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... openat resumed>) = 4 [pid 7566] close(3 [pid 5829] mkdir("./42", 0777 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7566] <... close resumed>) = 0 [pid 5825] newfstatat(4, "", [pid 7566] close(4 [pid 5826] newfstatat(AT_FDCWD, "./43/file0", [pid 7566] <... close resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7566] mkdir("./file0", 0777) = 0 [pid 7566] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5829] <... mkdir resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] getdents64(4, [pid 5826] umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(4, [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5826] <... openat resumed>) = 4 [pid 5825] close(4 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5826] newfstatat(4, "", [pid 5825] <... close resumed>) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] rmdir("./26/file0" [pid 5829] close(3 [pid 5826] getdents64(4, [pid 5825] <... rmdir resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] umount2("./26/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(4, [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] newfstatat(AT_FDCWD, "./26/file1", [pid 5826] close(4 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... close resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] rmdir("./43/file0") = 0 [pid 5825] unlink("./26/file1") = 0 ./strace-static-x86_64: Process 7570 attached [pid 5826] umount2("./43/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7570] set_robust_list(0x5555819eb760, 24) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7570 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(3, [pid 7570] chdir("./42" [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] newfstatat(AT_FDCWD, "./43/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7570] <... chdir resumed>) = 0 [pid 7570] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] close(3 [pid 5826] unlink("./43/file1" [pid 5825] <... close resumed>) = 0 [pid 7570] <... prctl resumed>) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 7570] setpgid(0, 0 [pid 5825] rmdir("./26" [pid 7570] <... setpgid resumed>) = 0 [pid 5826] getdents64(3, [pid 5825] <... rmdir resumed>) = 0 [pid 7570] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 166.066694][ T7566] loop2: detected capacity change from 0 to 32768 [pid 7570] write(3, "1000", 4) = 4 [pid 7570] close(3 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7570] <... close resumed>) = 0 [pid 7570] symlink("/dev/binderfs", "./binderfs" [pid 5826] close(3 [pid 7570] <... symlink resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5825] mkdir("./27", 0777executing program [pid 7570] write(1, "executing program\n", 18 [pid 5826] rmdir("./43" [pid 7570] <... write resumed>) = 18 [pid 5825] <... mkdir resumed>) = 0 [pid 7570] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5826] <... rmdir resumed>) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 7570] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5826] mkdir("./44", 0777 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7570] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7570] memfd_create("syzkaller", 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5825] close(3 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5825] <... close resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7574 attached [pid 5826] ioctl(3, LOOP_CLR_FD [pid 7570] <... memfd_create resumed>) = 3 [pid 7570] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7570] <... mmap resumed>) = 0x7f0eeb600000 [pid 5826] close(3 [pid 7574] set_robust_list(0x5555819eb760, 24 [pid 5826] <... close resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7575 attached [pid 7574] <... set_robust_list resumed>) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7574 [pid 7574] chdir("./27" [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7575 [pid 7575] set_robust_list(0x5555819eb760, 24 [pid 7574] <... chdir resumed>) = 0 [pid 7574] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7574] setpgid(0, 0 [pid 7575] <... set_robust_list resumed>) = 0 [pid 7574] <... setpgid resumed>) = 0 [pid 7575] chdir("./44" [pid 7574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7575] <... chdir resumed>) = 0 [pid 7574] <... openat resumed>) = 3 [pid 7575] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7574] write(3, "1000", 4 [pid 7575] <... prctl resumed>) = 0 [pid 7574] <... write resumed>) = 4 [pid 7575] setpgid(0, 0 [pid 7574] close(3 [pid 7575] <... setpgid resumed>) = 0 [pid 7574] <... close resumed>) = 0 executing program [pid 7575] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7574] symlink("/dev/binderfs", "./binderfs" [pid 7575] <... openat resumed>) = 3 [pid 7574] <... symlink resumed>) = 0 [pid 7575] write(3, "1000", 4 [pid 7574] write(1, "executing program\n", 18 [pid 7575] <... write resumed>) = 4 [pid 7574] <... write resumed>) = 18 [pid 7575] close(3 [pid 7574] fsopen(NULL, 0 [pid 7575] <... close resumed>) = 0 [pid 7574] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7575] symlink("/dev/binderfs", "./binderfs" [pid 7574] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7575] <... symlink resumed>) = 0 [pid 7574] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7574] memfd_create("syzkaller", 0) = 3 [pid 7574] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7575] write(1, "executing program\n", 18executing program ) = 18 [pid 7575] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7575] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7575] memfd_create("syzkaller", 0) = 3 [pid 7575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7574] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7570] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7575] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7574] <... write resumed>) = 16777216 [pid 7574] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7574] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7574] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7574] close(3) = 0 [pid 7574] close(4) = 0 [pid 7574] mkdir("./file0", 0777) = 0 [pid 7570] <... write resumed>) = 16777216 [pid 7574] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7570] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7570] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 166.586350][ T7574] loop0: detected capacity change from 0 to 32768 [pid 7570] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7570] close(3) = 0 [pid 7570] close(4) = 0 [pid 7575] <... write resumed>) = 16777216 [pid 7570] mkdir("./file0", 0777) = 0 [pid 7570] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 166.629708][ T7570] loop4: detected capacity change from 0 to 32768 [pid 7575] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7575] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 166.731989][ T7566] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 166.770197][ T7574] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 7575] ioctl(4, LOOP_SET_FD, 3) = 0 [ 166.780150][ T7575] loop1: detected capacity change from 0 to 32768 [ 166.782574][ T7566] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 166.797000][ T7566] bcachefs (loop2): Version downgrade required: [ 166.797581][ T7574] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 166.805109][ T7566] bcachefs (loop2): Version upgrade required: [ 166.805109][ T7566] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [pid 7575] close(3) = 0 [pid 7575] close(4) = 0 [ 166.805109][ T7566] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 166.805109][ T7566] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [pid 7575] mkdir("./file0", 0777) = 0 [ 166.973355][ T7566] bcachefs (loop2): dropping and reconstructing all alloc info [pid 7575] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5828] <... umount2 resumed>) = 0 [pid 5828] umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./47/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 167.017276][ T7570] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 167.033320][ T7566] bcachefs (loop2): accounting_read... [ 167.044085][ T7570] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 167.060199][ T7566] done [pid 5828] umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 167.063091][ T7566] bcachefs (loop2): alloc_read... done [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7574] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 167.087974][ T7574] bcachefs: bch2_fs_get_tree() error: EINVAL [ 167.099607][ T7566] bcachefs (loop2): stripes_read... done [ 167.105823][ T7566] bcachefs (loop2): snapshots_read... done [ 167.111890][ T7566] bcachefs (loop2): check_allocations... [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./47/file0") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./47") = 0 [pid 5828] mkdir("./48", 0777) = 0 [pid 7574] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7574] <... openat resumed>) = 3 [pid 5828] <... openat resumed>) = 3 [pid 7574] ioctl(3, LOOP_CLR_FD [pid 5828] ioctl(3, LOOP_CLR_FD [pid 7574] <... ioctl resumed>) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7574] close(3 [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7600 ./strace-static-x86_64: Process 7600 attached [pid 7600] set_robust_list(0x5555819eb760, 24) = 0 [pid 7600] chdir("./48") = 0 [pid 7600] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7600] setpgid(0, 0) = 0 [ 167.124646][ T7575] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 167.140960][ T7575] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7600] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7600] write(3, "1000", 4) = 4 [pid 7600] close(3) = 0 [pid 7600] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7600] write(1, "executing program\n", 18) = 18 [pid 7600] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7600] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7600] memfd_create("syzkaller", 0) = 3 [pid 7600] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 167.203239][ T7566] done [ 167.218571][ T7566] bcachefs (loop2): going read-write [pid 7566] <... mount resumed>) = 0 [pid 7566] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 167.244488][ T7566] bcachefs (loop2): done starting filesystem [pid 7566] chdir("./file0") = 0 [pid 7566] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 7570] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7566] <... openat resumed>) = 4 [pid 7566] ioctl(4, LOOP_CLR_FD) = 0 [pid 7566] close(4) = 0 [pid 7570] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7566] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7570] <... openat resumed>) = 3 [pid 7570] ioctl(3, LOOP_CLR_FD) = 0 [ 167.286300][ T7570] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7570] close(3 [pid 7566] <... quotactl resumed>) = 0 [pid 7566] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7566] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7566] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7566] open(".", O_RDONLY) = 5 [pid 7566] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 7566] exit_group(0) = ? [pid 7566] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7566, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=33 /* 0.33 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./36/binderfs") = 0 [ 167.401110][ T2913] bucket incorrectly unset in freespace btree [ 167.401144][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5827] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7574] <... close resumed>) = 0 [pid 7574] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7575] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7575] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7575] ioctl(3, LOOP_CLR_FD) = 0 [ 167.494437][ T5827] bcachefs (loop2): shutting down [ 167.501285][ T7575] bcachefs: bch2_fs_get_tree() error: EINVAL [ 167.509463][ T5827] bcachefs (loop2): going read-only [ 167.514717][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 167.527416][ T2913] bucket incorrectly unset in freespace btree [ 167.527446][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 7575] close(3 [pid 7570] <... close resumed>) = 0 [pid 7600] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 167.586158][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [ 167.611456][ T2913] bucket incorrectly unset in freespace btree [ 167.611476][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 167.658235][ T2913] bucket incorrectly unset in freespace btree [ 167.658257][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 7570] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7575] <... close resumed>) = 0 [pid 7575] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7600] <... write resumed>) = 16777216 [pid 7600] munmap(0x7f0eeb600000, 138412032 [pid 7575] <... quotactl resumed>) = 0 [pid 7574] <... quotactl resumed>) = 0 [pid 7570] <... quotactl resumed>) = 0 [ 167.700237][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 167.721484][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 167.737193][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 7575] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7574] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7600] <... munmap resumed>) = 0 [pid 7575] <... openat resumed>) = 3 [pid 7570] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7600] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7574] <... openat resumed>) = 3 [pid 7570] <... openat resumed>) = 3 [pid 7600] <... openat resumed>) = 4 [pid 7575] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7574] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7570] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7600] ioctl(4, LOOP_SET_FD, 3 [pid 7574] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7570] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7575] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7574] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7575] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7570] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7600] <... ioctl resumed>) = 0 [pid 7600] close(3) = 0 [pid 7600] close(4) = 0 [pid 7600] mkdir("./file0", 0777) = 0 [pid 7575] <... quotactl resumed>) = 0 [pid 7574] <... quotactl resumed>) = 0 [pid 7570] <... quotactl resumed>) = 0 [pid 7575] open(".", O_RDONLY [pid 7574] open(".", O_RDONLY [pid 7570] open(".", O_RDONLY [pid 7575] <... open resumed>) = 4 [pid 7574] <... open resumed>) = 4 [pid 7570] <... open resumed>) = 4 [pid 7575] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7574] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7570] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7575] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7574] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7570] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7575] exit_group(0 [pid 7574] exit_group(0 [pid 7570] exit_group(0 [pid 7575] <... exit_group resumed>) = ? [pid 7574] <... exit_group resumed>) = ? [pid 7570] <... exit_group resumed>) = ? [pid 7600] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7575] +++ exited with 0 +++ [pid 7574] +++ exited with 0 +++ [pid 7570] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7570, si_uid=0, si_status=0, si_utime=0, si_stime=50 /* 0.50 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7574, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=43 /* 0.43 s */} --- [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7575, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=47 /* 0.47 s */} --- [pid 5825] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... restart_syscall resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./44", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 3 [pid 5825] <... openat resumed>) = 3 [pid 5829] <... openat resumed>) = 3 [pid 5826] newfstatat(3, "", [pid 5825] newfstatat(3, "", [pid 5829] newfstatat(3, "", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, [pid 5829] getdents64(3, [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./44/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./44/binderfs", [pid 5829] newfstatat(AT_FDCWD, "./42/binderfs", [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./44/binderfs" [pid 5829] unlink("./42/binderfs" [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5826] umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./44/file0", [pid 5829] newfstatat(AT_FDCWD, "./42/file0", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 4 [pid 5829] <... openat resumed>) = 4 [ 167.778762][ T5827] bcachefs (loop2): shutdown complete [ 167.787854][ T7600] loop3: detected capacity change from 0 to 32768 [pid 5826] newfstatat(4, "", [pid 5825] getdents64(3, [pid 5829] newfstatat(4, "", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] getdents64(4, [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, [pid 5829] getdents64(4, [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4 [pid 5829] close(4 [pid 5826] <... close resumed>) = 0 [pid 5825] newfstatat(AT_FDCWD, "./27/binderfs", [pid 5829] <... close resumed>) = 0 [pid 5826] rmdir("./44/file0" [pid 5829] rmdir("./42/file0" [pid 5826] <... rmdir resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5825] unlink("./27/binderfs" [pid 5826] umount2("./44/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./42/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... unlink resumed>) = 0 [pid 5829] newfstatat(AT_FDCWD, "./42/file1", [pid 5826] newfstatat(AT_FDCWD, "./44/file1", [pid 5825] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./42/file1" [pid 5826] unlink("./44/file1" [pid 5825] newfstatat(AT_FDCWD, "./27/file0", [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] getdents64(3, [pid 5825] umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(3, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] close(3) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] rmdir("./42" [pid 5826] close(3 [pid 5825] <... openat resumed>) = 4 [pid 5829] <... rmdir resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5825] newfstatat(4, "", [pid 5829] mkdir("./43", 0777 [pid 5826] rmdir("./44" [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5825] getdents64(4, [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... openat resumed>) = 3 [pid 5825] getdents64(4, [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5826] mkdir("./45", 0777 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... mkdir resumed>) = 0 [pid 5825] close(4 [pid 5829] close(3 [pid 5825] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5825] rmdir("./27/file0" [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5825] <... rmdir resumed>) = 0 [pid 5825] umount2("./27/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./27/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5825] unlink("./27/file1"./strace-static-x86_64: Process 7608 attached [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5825] <... unlink resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7608 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] getdents64(3, [pid 7608] set_robust_list(0x5555819eb760, 24 [pid 5826] close(3 [pid 7608] <... set_robust_list resumed>) = 0 [pid 7608] chdir("./43" [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7608] <... chdir resumed>) = 0 [pid 7608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5825] close(3 [pid 7608] setpgid(0, 0 [pid 5826] <... close resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7608] <... setpgid resumed>) = 0 [pid 5825] rmdir("./27"./strace-static-x86_64: Process 7609 attached [pid 7608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] <... rmdir resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7609 [pid 7608] <... openat resumed>) = 3 [pid 7608] write(3, "1000", 4) = 4 [pid 5825] mkdir("./28", 0777 [pid 7609] set_robust_list(0x5555819eb760, 24 [pid 5825] <... mkdir resumed>) = 0 [pid 7608] close(3) = 0 [pid 7608] symlink("/dev/binderfs", "./binderfs" [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7609] <... set_robust_list resumed>) = 0 [pid 7608] <... symlink resumed>) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 7608] write(1, "executing program\n", 18 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) executing program [pid 7609] chdir("./45") = 0 [pid 7608] <... write resumed>) = 18 [pid 5825] close(3 [pid 7609] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7609] setpgid(0, 0 [pid 7608] fsopen(NULL, 0 [pid 5825] <... close resumed>) = 0 [pid 7608] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7608] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7610 attached [pid 7609] <... setpgid resumed>) = 0 [pid 7608] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7610] set_robust_list(0x5555819eb760, 24 [pid 7609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7610] <... set_robust_list resumed>) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7610 [pid 7610] chdir("./28" [pid 7609] <... openat resumed>) = 3 [pid 7608] memfd_create("syzkaller", 0) = 3 [pid 7610] <... chdir resumed>) = 0 [pid 7609] write(3, "1000", 4) = 4 [pid 7610] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7609] close(3 [pid 7608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7609] <... close resumed>) = 0 [pid 7608] <... mmap resumed>) = 0x7f0eeb600000 [pid 7610] setpgid(0, 0 [pid 7609] symlink("/dev/binderfs", "./binderfs"executing program [pid 7610] <... setpgid resumed>) = 0 [pid 7609] <... symlink resumed>) = 0 [pid 7610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7609] write(1, "executing program\n", 18 [pid 7610] <... openat resumed>) = 3 [pid 7609] <... write resumed>) = 18 [pid 7609] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7609] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7610] write(3, "1000", 4 [pid 7609] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7609] memfd_create("syzkaller", 0 [pid 7610] <... write resumed>) = 4 [pid 7610] close(3) = 0 [pid 7609] <... memfd_create resumed>) = 3 [pid 7610] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 7609] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7610] write(1, "executing program\n", 18 [pid 7609] <... mmap resumed>) = 0x7f0eeb600000 [pid 7610] <... write resumed>) = 18 [pid 7610] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7610] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7610] memfd_create("syzkaller", 0) = 3 [pid 7610] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7609] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7608] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7610] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7608] <... write resumed>) = 16777216 [pid 7608] munmap(0x7f0eeb600000, 138412032 [pid 7610] <... write resumed>) = 16777216 [pid 7610] munmap(0x7f0eeb600000, 138412032 [pid 7608] <... munmap resumed>) = 0 [pid 7610] <... munmap resumed>) = 0 [pid 7609] <... write resumed>) = 16777216 [pid 7608] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7608] ioctl(4, LOOP_SET_FD, 3 [pid 7610] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7609] munmap(0x7f0eeb600000, 138412032 [pid 7610] <... openat resumed>) = 4 [pid 7610] ioctl(4, LOOP_SET_FD, 3 [pid 7609] <... munmap resumed>) = 0 [pid 7608] <... ioctl resumed>) = 0 [pid 7608] close(3) = 0 [pid 7608] close(4) = 0 [ 168.370264][ T7608] loop4: detected capacity change from 0 to 32768 [ 168.382215][ T7610] loop0: detected capacity change from 0 to 32768 [pid 7610] <... ioctl resumed>) = 0 [pid 7608] mkdir("./file0", 0777) = 0 [pid 7609] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7608] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7609] <... openat resumed>) = 4 [pid 7609] ioctl(4, LOOP_SET_FD, 3 [pid 7610] close(3) = 0 [pid 7610] close(4) = 0 [pid 7610] mkdir("./file0", 0777 [pid 7609] <... ioctl resumed>) = 0 [pid 7610] <... mkdir resumed>) = 0 [pid 7610] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7609] close(3) = 0 [pid 7609] close(4) = 0 [pid 7609] mkdir("./file0", 0777) = 0 [ 168.411108][ T7609] loop1: detected capacity change from 0 to 32768 [ 168.417877][ T7600] bcachefs (loop3): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 168.492295][ T7600] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 168.506225][ T7600] bcachefs (loop3): Version downgrade required: [ 168.518892][ T7600] bcachefs (loop3): Version upgrade required: [ 168.518892][ T7600] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 168.518892][ T7600] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 168.518892][ T7600] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 168.591173][ T7600] bcachefs (loop3): dropping and reconstructing all alloc info [ 168.606431][ T7600] bcachefs (loop3): accounting_read... done [ 168.612668][ T7600] bcachefs (loop3): alloc_read... done [ 168.618622][ T7600] bcachefs (loop3): stripes_read... done [ 168.624542][ T7600] bcachefs (loop3): snapshots_read... done [ 168.630900][ T7600] bcachefs (loop3): check_allocations... [ 168.673288][ T7608] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 168.680904][ T7600] done [ 168.708128][ T7600] bcachefs (loop3): going read-write [ 168.712069][ T7610] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [pid 7609] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7600] <... mount resumed>) = 0 [pid 7600] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7600] chdir("./file0") = 0 [pid 7600] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7600] ioctl(4, LOOP_CLR_FD) = 0 [pid 7600] close(4) = 0 [ 168.734001][ T7600] bcachefs (loop3): done starting filesystem [ 168.746036][ T7610] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 168.746604][ T7609] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 168.764857][ T7608] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 168.774242][ T7609] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7600] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 5827] <... umount2 resumed>) = 0 [pid 7600] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5827] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7600] <... openat resumed>) = 4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4 [pid 7600] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5827] <... close resumed>) = 0 [pid 7600] <... mount resumed>) = -1 EFAULT (Bad address) [pid 5827] rmdir("./36/file0" [pid 7600] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] <... rmdir resumed>) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./36") = 0 [pid 5827] mkdir("./37", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 7600] <... quotactl resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7637 attached [pid 7600] open(".", O_RDONLY) = 5 [pid 7600] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7637] set_robust_list(0x5555819eb760, 24 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 7637 [pid 7637] <... set_robust_list resumed>) = 0 [pid 7637] chdir("./37") = 0 [pid 7637] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7637] setpgid(0, 0 [pid 7600] <... fallocate resumed>) = 0 [pid 7637] <... setpgid resumed>) = 0 [pid 7600] exit_group(0) = ? [pid 7637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7600] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7600, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=38 /* 0.38 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 7637] <... openat resumed>) = 3 [pid 7637] write(3, "1000", 4 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5828] umount2("./48", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./48/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7637] <... write resumed>) = 4 [pid 7637] close(3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./48/binderfs") = 0 [pid 7637] <... close resumed>) = 0 [pid 7637] symlink("/dev/binderfs", "./binderfs" [pid 5828] umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7637] <... symlink resumed>) = 0 [pid 7637] write(1, "executing program\n", 18executing program ) = 18 [pid 7637] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7637] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [ 168.910109][ T2913] bucket incorrectly unset in freespace btree [ 168.910144][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 7637] memfd_create("syzkaller", 0) = 3 [pid 7637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 168.986886][ T5828] bcachefs (loop3): shutting down [ 168.991993][ T5828] bcachefs (loop3): going read-only [ 169.025779][ T5828] bcachefs (loop3): finished waiting for writes to stop [pid 7609] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7609] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7609] ioctl(3, LOOP_CLR_FD) = 0 [ 169.039401][ T7609] bcachefs: bch2_fs_get_tree() error: EINVAL [ 169.066556][ T5828] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12 [pid 7609] close(3 [pid 7608] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7608] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7610] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7610] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7608] <... openat resumed>) = 3 [pid 7610] <... openat resumed>) = 3 [pid 7608] ioctl(3, LOOP_CLR_FD [pid 7610] ioctl(3, LOOP_CLR_FD [pid 7608] <... ioctl resumed>) = 0 [pid 7610] <... ioctl resumed>) = 0 [ 169.084311][ T7610] bcachefs: bch2_fs_get_tree() error: EINVAL [ 169.106766][ T2913] bucket incorrectly unset in freespace btree [ 169.106802][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 7608] close(3 [ 169.121306][ T7608] bcachefs: bch2_fs_get_tree() error: EINVAL [ 169.230229][ T52] bucket incorrectly unset in freespace btree [ 169.230252][ T52] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 7610] close(3 [pid 7637] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7609] <... close resumed>) = 0 [ 169.325651][ T52] bucket incorrectly unset in freespace btree [ 169.325673][ T52] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 7609] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7610] <... close resumed>) = 0 [pid 7608] <... close resumed>) = 0 [pid 7608] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7610] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7610] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7608] <... quotactl resumed>) = 0 [pid 7610] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7610] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7609] <... quotactl resumed>) = 0 [pid 7608] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7609] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7608] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7610] <... quotactl resumed>) = 0 [pid 7610] open(".", O_RDONLY) = 4 [pid 7610] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7610] exit_group(0) = ? [pid 7609] <... openat resumed>) = 3 [pid 7608] <... mount resumed>) = -1 EFAULT (Bad address) [ 169.385281][ T5828] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 12 [ 169.405569][ T5828] bcachefs (loop3): unclean shutdown complete, journal seq 13 [ 169.422808][ T5828] bcachefs (loop3): done going read-only, filesystem not clean [pid 7610] +++ exited with 0 +++ [pid 7609] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7608] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7609] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7609] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7610, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=43 /* 0.43 s */} --- [pid 5825] umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./28/binderfs" [pid 7609] <... quotactl resumed>) = 0 [pid 7608] <... quotactl resumed>) = 0 [pid 7609] open(".", O_RDONLY [pid 7608] open(".", O_RDONLY [pid 7609] <... open resumed>) = 4 [pid 7608] <... open resumed>) = 4 [pid 5825] <... unlink resumed>) = 0 [pid 7609] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7608] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5825] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7609] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7608] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7609] exit_group(0 [pid 7608] exit_group(0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7609] <... exit_group resumed>) = ? [pid 7608] <... exit_group resumed>) = ? [pid 5825] newfstatat(AT_FDCWD, "./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, [pid 7609] +++ exited with 0 +++ [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 7608] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7609, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=41 /* 0.41 s */} --- [pid 5825] getdents64(4, [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7608, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=42 /* 0.42 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5825] close(4) = 0 [pid 5825] rmdir("./28/file0") = 0 [ 169.460156][ T5828] bcachefs (loop3): shutdown complete [pid 5825] umount2("./28/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./28/file1", [pid 5829] umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./45", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] <... openat resumed>) = 3 [pid 5825] unlink("./28/file1" [pid 5829] newfstatat(3, "", [pid 5826] newfstatat(3, "", [pid 5825] <... unlink resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, [pid 5829] getdents64(3, [pid 5826] getdents64(3, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./45/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./43/binderfs", [pid 5826] newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./45/binderfs" [pid 5829] unlink("./43/binderfs" [pid 5825] close(3) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5825] rmdir("./28" [pid 5829] <... unlink resumed>) = 0 [pid 5826] umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... rmdir resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./45/file0", [pid 5825] mkdir("./29", 0777 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./43/file0", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... mkdir resumed>) = 0 [pid 5829] umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 4 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(4, "", [pid 5825] <... openat resumed>) = 3 [pid 5829] openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5829] <... openat resumed>) = 4 [pid 5826] getdents64(4, [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] newfstatat(4, "", [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] close(3 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, [pid 5825] <... close resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] close(4 [pid 5829] getdents64(4, [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./45/file0" [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7638 [pid 5826] <... rmdir resumed>) = 0 [pid 5826] umount2("./45/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 7638 attached ) = -1 EINVAL (Invalid argument) [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] newfstatat(AT_FDCWD, "./45/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./45/file1" [pid 7638] set_robust_list(0x5555819eb760, 24 [pid 5826] <... unlink resumed>) = 0 [pid 7638] <... set_robust_list resumed>) = 0 [pid 5829] getdents64(4, [pid 5826] getdents64(3, [pid 7638] chdir("./29" [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7638] <... chdir resumed>) = 0 [pid 5829] close(4 [pid 5826] close(3 [pid 7638] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 7638] <... prctl resumed>) = 0 [pid 7637] <... write resumed>) = 16777216 [pid 5829] rmdir("./43/file0" [pid 5826] rmdir("./45" [pid 7638] setpgid(0, 0 [pid 5826] <... rmdir resumed>) = 0 [pid 7638] <... setpgid resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 7638] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7637] munmap(0x7f0eeb600000, 138412032 [pid 5829] umount2("./43/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] mkdir("./46", 0777) = 0 [pid 7638] write(3, "1000", 4 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7638] <... write resumed>) = 4 [pid 5829] newfstatat(AT_FDCWD, "./43/file1", [pid 7638] close(3executing program [pid 7637] <... munmap resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... openat resumed>) = 3 [pid 7638] <... close resumed>) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 7638] symlink("/dev/binderfs", "./binderfs" [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7638] <... symlink resumed>) = 0 [pid 5826] close(3 [pid 7638] write(1, "executing program\n", 18 [pid 5826] <... close resumed>) = 0 [pid 7638] <... write resumed>) = 18 [pid 5829] unlink("./43/file1" [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7638] fsopen(NULL, 0 [pid 5829] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 7639 attached [pid 7638] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5829] getdents64(3, [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7639 [pid 7638] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7638] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5829] close(3 [pid 7638] memfd_create("syzkaller", 0 [pid 7637] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5829] <... close resumed>) = 0 [pid 7639] set_robust_list(0x5555819eb760, 24 [pid 7638] <... memfd_create resumed>) = 3 [pid 7637] <... openat resumed>) = 4 [pid 5829] rmdir("./43" [pid 7638] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5829] <... rmdir resumed>) = 0 [pid 7638] <... mmap resumed>) = 0x7f0eeb600000 [pid 7637] ioctl(4, LOOP_SET_FD, 3 [pid 7639] <... set_robust_list resumed>) = 0 [pid 7639] chdir("./46" [pid 5829] mkdir("./44", 0777 [pid 7639] <... chdir resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 7639] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7639] setpgid(0, 0 [pid 5829] <... openat resumed>) = 3 [pid 7639] <... setpgid resumed>) = 0 [pid 7639] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] ioctl(3, LOOP_CLR_FD [pid 7639] <... openat resumed>) = 3 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7639] write(3, "1000", 4 [pid 5829] close(3 [pid 7639] <... write resumed>) = 4 [pid 5829] <... close resumed>) = 0 [pid 7639] close(3 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7639] <... close resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7640 ./strace-static-x86_64: Process 7640 attached [pid 7639] symlink("/dev/binderfs", "./binderfs" [pid 7637] <... ioctl resumed>) = 0 [pid 7640] set_robust_list(0x5555819eb760, 24 [pid 7639] <... symlink resumed>) = 0 executing program [pid 7639] write(1, "executing program\n", 18) = 18 [pid 7640] <... set_robust_list resumed>) = 0 [pid 7639] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7637] close(3 [pid 7640] chdir("./44" [pid 7639] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7637] <... close resumed>) = 0 [pid 7640] <... chdir resumed>) = 0 [pid 7639] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7637] close(4 [pid 7640] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7637] <... close resumed>) = 0 [pid 7637] mkdir("./file0", 0777 [pid 7640] <... prctl resumed>) = 0 [pid 7639] memfd_create("syzkaller", 0 [pid 7640] setpgid(0, 0 [pid 7639] <... memfd_create resumed>) = 3 [pid 7637] <... mkdir resumed>) = 0 [pid 7640] <... setpgid resumed>) = 0 [pid 7639] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7637] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7640] write(3, "1000", 4) = 4 [pid 7640] close(3) = 0 [pid 7640] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7640] write(1, "executing program\n", 18executing program ) = 18 [pid 7640] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7640] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [ 169.596538][ T7637] loop2: detected capacity change from 0 to 32768 [pid 7640] memfd_create("syzkaller", 0) = 3 [pid 7640] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7638] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7639] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7640] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7639] <... write resumed>) = 16777216 [pid 7639] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7638] <... write resumed>) = 16777216 [pid 7639] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7638] munmap(0x7f0eeb600000, 138412032 [pid 7639] <... openat resumed>) = 4 [pid 7639] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7638] <... munmap resumed>) = 0 [pid 7640] <... write resumed>) = 16777216 [pid 7639] close(3 [pid 7640] munmap(0x7f0eeb600000, 138412032 [pid 7639] <... close resumed>) = 0 [pid 7638] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7639] close(4 [pid 7638] <... openat resumed>) = 4 [pid 7639] <... close resumed>) = 0 [pid 7639] mkdir("./file0", 0777 [pid 7638] ioctl(4, LOOP_SET_FD, 3 [pid 7639] <... mkdir resumed>) = 0 [pid 7639] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7640] <... munmap resumed>) = 0 [pid 7638] <... ioctl resumed>) = 0 [pid 7640] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7638] close(3 [pid 7640] <... openat resumed>) = 4 [pid 7638] <... close resumed>) = 0 [pid 7638] close(4 [ 170.076725][ T7639] loop1: detected capacity change from 0 to 32768 [ 170.116549][ T7638] loop0: detected capacity change from 0 to 32768 [pid 7640] ioctl(4, LOOP_SET_FD, 3 [pid 7638] <... close resumed>) = 0 [pid 7638] mkdir("./file0", 0777 [pid 7640] <... ioctl resumed>) = 0 [pid 7638] <... mkdir resumed>) = 0 [pid 7640] close(3) = 0 [pid 7640] close(4 [pid 7638] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7640] <... close resumed>) = 0 [pid 7640] mkdir("./file0", 0777) = 0 [ 170.126521][ T7640] loop4: detected capacity change from 0 to 32768 [ 170.287298][ T7637] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 170.322931][ T7637] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 170.344272][ T7640] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 170.353508][ T7637] bcachefs (loop2): Version downgrade required: [ 170.360340][ T7640] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 170.365779][ T7638] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 170.368789][ T7637] bcachefs (loop2): Version upgrade required: [ 170.368789][ T7637] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 170.368789][ T7637] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 170.368789][ T7637] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 170.405937][ T7638] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 170.448607][ T7639] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 170.466823][ T7639] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 170.501583][ T7637] bcachefs (loop2): dropping and reconstructing all alloc info [pid 7640] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"...) = -1 EINVAL (Invalid argument) [pid 7640] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7640] ioctl(3, LOOP_CLR_FD) = 0 [ 170.628153][ T7637] bcachefs (loop2): accounting_read... done [ 170.663184][ T7637] bcachefs (loop2): alloc_read... done [ 170.669515][ T7637] bcachefs (loop2): stripes_read... done [ 170.676428][ T7640] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7640] close(3 [pid 7639] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = 0 [pid 7639] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7639] <... openat resumed>) = 3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7639] ioctl(3, LOOP_CLR_FD [pid 5828] newfstatat(AT_FDCWD, "./48/file0", [pid 7639] <... ioctl resumed>) = 0 [pid 7639] close(3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 170.715997][ T7637] bcachefs (loop2): snapshots_read... done [ 170.722119][ T7637] bcachefs (loop2): check_allocations... [ 170.741894][ T7639] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5828] openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./48/file0") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./48") = 0 [pid 7638] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5828] mkdir("./49", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 7638] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] <... close resumed>) = 0 [pid 7638] <... openat resumed>) = 3 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7638] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 7670 attached ) = 0 [pid 7638] close(3 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7670 [pid 7670] set_robust_list(0x5555819eb760, 24) = 0 [pid 7670] chdir("./49") = 0 [pid 7670] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 170.837494][ T7638] bcachefs: bch2_fs_get_tree() error: EINVAL [ 170.854456][ T7637] done executing program [pid 7670] setpgid(0, 0) = 0 [pid 7670] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7670] write(3, "1000", 4) = 4 [pid 7670] close(3) = 0 [pid 7670] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7670] write(1, "executing program\n", 18) = 18 [pid 7670] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7670] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7670] memfd_create("syzkaller", 0) = 3 [pid 7670] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 170.896294][ T7637] bcachefs (loop2): going read-write [pid 7637] <... mount resumed>) = 0 [pid 7637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 170.946011][ T7637] bcachefs (loop2): done starting filesystem [pid 7637] chdir("./file0") = 0 [pid 7637] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7637] ioctl(4, LOOP_CLR_FD) = 0 [pid 7637] close(4) = 0 [pid 7637] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7637] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7637] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7637] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7637] open(".", O_RDONLY) = 5 [pid 7637] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7639] <... close resumed>) = 0 [pid 7639] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7639] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7639] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7640] <... close resumed>) = 0 [pid 7639] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7639] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7640] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7637] <... fallocate resumed>) = 0 [pid 7640] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7640] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7639] <... quotactl resumed>) = 0 [pid 7639] open(".", O_RDONLY [pid 7640] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7639] <... open resumed>) = 4 [pid 7639] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7639] exit_group(0 [pid 7637] exit_group(0) = ? [pid 7639] <... exit_group resumed>) = ? [pid 7637] +++ exited with 0 +++ [pid 7639] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7637, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=32 /* 0.32 s */} --- [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7639, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=44 /* 0.44 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5827] <... restart_syscall resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5827] umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./46", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... openat resumed>) = 3 [pid 5826] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] newfstatat(3, "", [pid 5826] <... openat resumed>) = 3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7640] <... quotactl resumed>) = 0 [pid 5826] newfstatat(3, "", [pid 7640] open(".", O_RDONLY [pid 5827] getdents64(3, [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7640] <... open resumed>) = 4 [pid 5826] getdents64(3, [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 7640] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5827] umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./46/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7640] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7640] exit_group(0 [pid 5826] newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] newfstatat(AT_FDCWD, "./37/binderfs", [pid 5826] unlink("./46/binderfs" [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7640] <... exit_group resumed>) = ? [pid 5827] unlink("./37/binderfs" [pid 5826] <... unlink resumed>) = 0 [pid 7640] +++ exited with 0 +++ [pid 5826] umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... unlink resumed>) = 0 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7640, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=41 /* 0.41 s */} --- [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5827] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./44", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 4 [pid 5829] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 171.087394][ T2913] bucket incorrectly unset in freespace btree [ 171.087430][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5826] newfstatat(4, "", [pid 7638] <... close resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, [pid 7638] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5829] newfstatat(3, "", [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, [pid 5829] getdents64(3, [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./46/file0") = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./46/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./44/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./46/file1", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./44/binderfs", [pid 5826] unlink("./46/file1" [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./44/binderfs" [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 171.150039][ T5827] bcachefs (loop2): shutting down [ 171.155828][ T5827] bcachefs (loop2): going read-only [ 171.164183][ T2913] bucket incorrectly unset in freespace btree [ 171.164205][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 171.164912][ T5827] bcachefs (loop2): finished waiting for writes to stop [pid 5826] close(3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... close resumed>) = 0 [pid 5829] newfstatat(AT_FDCWD, "./44/file0", [pid 5826] rmdir("./46") = 0 [pid 5826] mkdir("./47", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5829] umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5829] openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... openat resumed>) = 4 [pid 5826] close(3 [pid 5829] newfstatat(4, "", [pid 5826] <... close resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] getdents64(4, ./strace-static-x86_64: Process 7673 attached 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7673 [pid 7670] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./44/file0") = 0 [pid 5829] umount2("./44/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 171.198764][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [ 171.224462][ T2913] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 53) [ 171.239863][ T2913] bucket incorrectly unset in freespace btree [pid 5829] newfstatat(AT_FDCWD, "./44/file1", [pid 7673] set_robust_list(0x5555819eb760, 24 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./44/file1" [pid 7673] <... set_robust_list resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 7673] chdir("./47" [pid 5829] getdents64(3, [pid 7673] <... chdir resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7673] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] close(3 [pid 7673] <... prctl resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 7673] setpgid(0, 0 [pid 5829] rmdir("./44" [pid 7673] <... setpgid resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 7673] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] mkdir("./45", 0777 [pid 7673] <... openat resumed>) = 3 [pid 5829] <... mkdir resumed>) = 0 [pid 7673] write(3, "1000", 4) = 4 [pid 7673] close(3) = 0 executing program [pid 7673] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7673] write(1, "executing program\n", 18) = 18 [pid 5829] <... openat resumed>) = 3 [pid 7673] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7673] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 7673] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] close(3 [pid 7673] memfd_create("syzkaller", 0 [pid 5829] <... close resumed>) = 0 [pid 7673] <... memfd_create resumed>) = 3 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7674 ./strace-static-x86_64: Process 7674 attached [pid 7673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 executing program [pid 7674] set_robust_list(0x5555819eb760, 24) = 0 [pid 7674] chdir("./45") = 0 [pid 7674] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7674] setpgid(0, 0) = 0 [pid 7674] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7674] write(3, "1000", 4) = 4 [pid 7674] close(3) = 0 [pid 7674] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7674] write(1, "executing program\n", 18) = 18 [ 171.239898][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 171.269545][ T2913] bucket incorrectly unset in freespace btree [ 171.269568][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 7674] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7674] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7674] memfd_create("syzkaller", 0) = 3 [pid 7674] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 171.320599][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 171.335691][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 171.354826][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 7638] <... quotactl resumed>) = 0 [pid 7638] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7638] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7638] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7638] open(".", O_RDONLY) = 4 [pid 7638] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7638] exit_group(0) = ? [pid 7638] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7638, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=52 /* 0.52 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7673] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./29/binderfs") = 0 [ 171.428043][ T5827] bcachefs (loop2): shutdown complete [pid 5825] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 7670] <... write resumed>) = 16777216 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, [pid 7670] munmap(0x7f0eeb600000, 138412032 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./29/file0") = 0 [pid 5825] umount2("./29/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./29/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./29/file1") = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./29") = 0 [pid 5825] mkdir("./30", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7675 attached , child_tidptr=0x5555819eb750) = 7675 [pid 7675] set_robust_list(0x5555819eb760, 24 [pid 7670] <... munmap resumed>) = 0 [pid 7670] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7675] <... set_robust_list resumed>) = 0 [pid 7674] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7675] chdir("./30") = 0 [pid 7675] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7670] ioctl(4, LOOP_SET_FD, 3 [pid 7675] setpgid(0, 0) = 0 [pid 7675] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7670] <... ioctl resumed>) = 0 [pid 7675] <... openat resumed>) = 3 [pid 7675] write(3, "1000", 4) = 4 [pid 7675] close(3) = 0 [pid 7675] symlink("/dev/binderfs", "./binderfs" [pid 7670] close(3) = 0 [pid 7670] close(4 [pid 7675] <... symlink resumed>) = 0 [pid 7670] <... close resumed>) = 0 [pid 7670] mkdir("./file0", 0777) = 0 [pid 7670] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... executing program [pid 7675] write(1, "executing program\n", 18) = 18 [pid 7675] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7675] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7675] memfd_create("syzkaller", 0) = 3 [pid 7675] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 171.570204][ T7670] loop3: detected capacity change from 0 to 32768 [pid 7674] <... write resumed>) = 16777216 [pid 7673] <... write resumed>) = 16777216 [pid 7673] munmap(0x7f0eeb600000, 138412032 [pid 7674] munmap(0x7f0eeb600000, 138412032 [pid 7673] <... munmap resumed>) = 0 [pid 7673] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7675] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7674] <... munmap resumed>) = 0 [pid 7673] <... openat resumed>) = 4 [pid 7674] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7673] ioctl(4, LOOP_SET_FD, 3 [pid 7674] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7673] <... ioctl resumed>) = 0 [pid 7674] close(3 [pid 7673] close(3 [pid 7674] <... close resumed>) = 0 [pid 7673] <... close resumed>) = 0 [pid 7674] close(4 [pid 7673] close(4 [pid 7674] <... close resumed>) = 0 [pid 7674] mkdir("./file0", 0777 [pid 7673] <... close resumed>) = 0 [pid 7674] <... mkdir resumed>) = 0 [pid 7673] mkdir("./file0", 0777) = 0 [pid 7673] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 171.822133][ T7673] loop1: detected capacity change from 0 to 32768 [ 171.829591][ T7674] loop4: detected capacity change from 0 to 32768 [pid 7674] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7675] <... write resumed>) = 16777216 [pid 7675] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7675] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7675] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7675] close(3) = 0 [pid 7675] close(4) = 0 [pid 7675] mkdir("./file0", 0777) = 0 [ 172.003865][ T7675] loop0: detected capacity change from 0 to 32768 [ 172.173802][ T7673] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 172.174095][ T7670] bcachefs (loop3): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 172.183175][ T7673] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 172.215486][ T7674] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 172.220393][ T7670] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 172.237079][ T7670] bcachefs (loop3): Version downgrade required: [ 172.243573][ T7670] bcachefs (loop3): Version upgrade required: [ 172.243573][ T7670] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 172.243573][ T7670] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 172.243573][ T7670] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 172.275998][ T7674] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 172.316823][ T7675] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 172.333712][ T7675] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 172.359748][ T7670] bcachefs (loop3): dropping and reconstructing all alloc info [pid 7675] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7673] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7673] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7673] ioctl(3, LOOP_CLR_FD) = 0 [ 172.456450][ T7670] bcachefs (loop3): accounting_read... done [ 172.526590][ T7673] bcachefs: bch2_fs_get_tree() error: EINVAL [ 172.526839][ T7670] bcachefs (loop3): alloc_read... done [ 172.587771][ T7670] bcachefs (loop3): stripes_read... done [ 172.593561][ T7670] bcachefs (loop3): snapshots_read... done [ 172.613465][ T7670] bcachefs (loop3): check_allocations... [ 172.646584][ T7674] bcachefs: bch2_fs_get_tree() error: EINVAL [ 172.663000][ T7670] done [pid 7673] close(3 [pid 7674] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7674] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7674] ioctl(3, LOOP_CLR_FD) = 0 [pid 7674] close(3 [pid 5827] <... umount2 resumed>) = 0 [pid 5827] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7675] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./37/file0", [pid 7675] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7675] <... openat resumed>) = 3 [pid 5827] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7675] ioctl(3, LOOP_CLR_FD [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7675] <... ioctl resumed>) = 0 [pid 7670] <... mount resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 7675] close(3 [pid 7670] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5827] newfstatat(4, "", [pid 7670] <... openat resumed>) = 3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7670] chdir("./file0" [pid 5827] getdents64(4, [pid 7670] <... chdir resumed>) = 0 [pid 7670] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 7670] <... openat resumed>) = 4 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [ 172.692510][ T7670] bcachefs (loop3): going read-write [ 172.708181][ T7675] bcachefs: bch2_fs_get_tree() error: EINVAL [ 172.722461][ T7670] bcachefs (loop3): done starting filesystem [pid 5827] close(4 [pid 7670] ioctl(4, LOOP_CLR_FD) = 0 [pid 5827] <... close resumed>) = 0 [pid 7670] close(4) = 0 [pid 5827] rmdir("./37/file0" [pid 7670] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5827] <... rmdir resumed>) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./37") = 0 [pid 5827] mkdir("./38", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7707 ./strace-static-x86_64: Process 7707 attached [pid 7670] <... quotactl resumed>) = 0 [pid 7670] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7707] set_robust_list(0x5555819eb760, 24 [pid 7670] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7707] <... set_robust_list resumed>) = 0 [pid 7707] chdir("./38") = 0 [pid 7707] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7707] setpgid(0, 0) = 0 [pid 7707] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7707] write(3, "1000", 4) = 4 [pid 7707] close(3) = 0 [pid 7707] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7670] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULLexecuting program [pid 7707] write(1, "executing program\n", 18) = 18 [pid 7707] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7707] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7707] memfd_create("syzkaller", 0) = 3 [pid 7707] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7670] <... quotactl resumed>) = 0 [pid 7670] open(".", O_RDONLY) = 5 [pid 7670] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 7675] <... close resumed>) = 0 [pid 7675] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7673] <... close resumed>) = 0 [pid 7675] <... quotactl resumed>) = 0 [pid 7670] exit_group(0 [pid 7675] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7670] <... exit_group resumed>) = ? [pid 7675] <... openat resumed>) = 3 [pid 7673] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7675] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7675] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7670] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7670, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=42 /* 0.42 s */} --- [pid 5828] umount2("./49", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./49/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./49/binderfs") = 0 [ 172.899440][ T2913] bucket incorrectly unset in freespace btree [ 172.899477][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5828] umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7674] <... close resumed>) = 0 [ 172.973357][ T5828] bcachefs (loop3): shutting down [ 172.985432][ T5828] bcachefs (loop3): going read-only [ 172.999297][ T2913] bucket incorrectly unset in freespace btree [ 172.999427][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 173.006600][ T5828] bcachefs (loop3): finished waiting for writes to stop [ 173.035940][ T5828] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12 [ 173.065371][ T77] bucket incorrectly unset in freespace btree [ 173.065395][ T77] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 7674] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 173.097584][ T77] bucket incorrectly unset in freespace btree [ 173.097606][ T77] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 173.120021][ T5828] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 12 [ 173.133074][ T5828] bcachefs (loop3): unclean shutdown complete, journal seq 13 [pid 7707] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7675] <... quotactl resumed>) = 0 [pid 7674] <... quotactl resumed>) = 0 [pid 7673] <... quotactl resumed>) = 0 [pid 7674] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7673] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7674] <... openat resumed>) = 3 [pid 7673] <... openat resumed>) = 3 [pid 7675] open(".", O_RDONLY [pid 7674] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7673] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7674] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7674] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7673] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7673] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7675] <... open resumed>) = 4 [pid 7675] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7675] exit_group(0) = ? [pid 7675] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7675, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=47 /* 0.47 s */} --- [ 173.143686][ T5828] bcachefs (loop3): done going read-only, filesystem not clean [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 7674] <... quotactl resumed>) = 0 [pid 7673] <... quotactl resumed>) = 0 [pid 7674] open(".", O_RDONLY [pid 7673] open(".", O_RDONLY [pid 7674] <... open resumed>) = 4 [pid 5825] <... restart_syscall resumed>) = 0 [pid 7674] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7673] <... open resumed>) = 4 [pid 7674] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7673] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5825] umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7674] exit_group(0 [pid 7673] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7674] <... exit_group resumed>) = ? [pid 7673] exit_group(0 [pid 5825] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7674] +++ exited with 0 +++ [pid 7673] <... exit_group resumed>) = ? [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./30/binderfs") = 0 [pid 5825] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 7673] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7674, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=49 /* 0.49 s */} --- [pid 5825] getdents64(4, [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7673, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=48 /* 0.48 s */} --- [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5825] close(4) = 0 [pid 5825] rmdir("./30/file0") = 0 [pid 5825] umount2("./30/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./30/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5825] unlink("./30/file1") = 0 [pid 5825] getdents64(3, [pid 5829] umount2("./45", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./47", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] close(3 [pid 5829] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... close resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5826] <... openat resumed>) = 3 [pid 5825] rmdir("./30" [pid 5829] newfstatat(3, "", [pid 5826] newfstatat(3, "", [pid 5825] <... rmdir resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] mkdir("./31", 0777 [pid 5829] getdents64(3, [pid 5826] umount2("./47/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... mkdir resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./45/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./47/binderfs", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./45/binderfs", [pid 5826] unlink("./47/binderfs" [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] unlink("./45/binderfs" [pid 5826] <... unlink resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5829] umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... openat resumed>) = 3 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./45/file0", [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5826] newfstatat(AT_FDCWD, "./47/file0", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] close(3 [pid 5829] openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... openat resumed>) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(4, [pid 5826] openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, [pid 5826] <... openat resumed>) = 4 [pid 5825] <... close resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] newfstatat(4, "", [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] close(4) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] rmdir("./45/file0"./strace-static-x86_64: Process 7708 attached ) = 0 [pid 5826] getdents64(4, [pid 5829] umount2("./45/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7708] set_robust_list(0x5555819eb760, 24 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7708 [pid 7708] <... set_robust_list resumed>) = 0 [pid 5829] newfstatat(AT_FDCWD, "./45/file1", [pid 5826] getdents64(4, [pid 7708] chdir("./31" [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7708] <... chdir resumed>) = 0 [pid 5829] unlink("./45/file1" [pid 5826] close(4 [pid 7708] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] <... unlink resumed>) = 0 [pid 7708] <... prctl resumed>) = 0 [pid 5829] getdents64(3, [pid 5826] <... close resumed>) = 0 [pid 7708] setpgid(0, 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7708] <... setpgid resumed>) = 0 [pid 5829] close(3 [pid 5826] rmdir("./47/file0" [pid 5829] <... close resumed>) = 0 [pid 7708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] rmdir("./45" [pid 5826] <... rmdir resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5826] umount2("./47/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7708] <... openat resumed>) = 3 [pid 5829] mkdir("./46", 0777) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7708] write(3, "1000", 4 [pid 5829] <... openat resumed>) = 3 [pid 5826] newfstatat(AT_FDCWD, "./47/file1", [pid 7708] <... write resumed>) = 4 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 7708] close(3 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7708] <... close resumed>) = 0 [pid 5829] close(3 [pid 5826] unlink("./47/file1" [pid 7708] symlink("/dev/binderfs", "./binderfs" [pid 5829] <... close resumed>) = 0 [pid 7708] <... symlink resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... unlink resumed>) = 0 [pid 5826] getdents64(3, executing program ./strace-static-x86_64: Process 7709 attached [pid 7708] write(1, "executing program\n", 18 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7709 [pid 7709] set_robust_list(0x5555819eb760, 24 [pid 7708] <... write resumed>) = 18 [pid 7709] <... set_robust_list resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7709] chdir("./46" [pid 7708] fsopen(NULL, 0 [pid 5826] close(3 [pid 7709] <... chdir resumed>) = 0 [pid 7708] <... fsopen resumed>) = -1 EFAULT (Bad address) [ 173.179481][ T5828] bcachefs (loop3): shutdown complete [pid 5826] <... close resumed>) = 0 [pid 7708] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7709] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7708] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7709] <... prctl resumed>) = 0 [pid 7708] memfd_create("syzkaller", 0 [pid 7709] setpgid(0, 0) = 0 [pid 7709] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] rmdir("./47" [pid 7709] <... openat resumed>) = 3 [pid 7708] <... memfd_create resumed>) = 3 [pid 5826] <... rmdir resumed>) = 0 [pid 7708] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7709] write(3, "1000", 4) = 4 [pid 7709] close(3) = 0 [pid 7709] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7709] write(1, "executing program\n", 18) = 18 [pid 7709] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5826] mkdir("./48", 0777 [pid 7709] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5826] <... mkdir resumed>) = 0 [pid 7709] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7709] memfd_create("syzkaller", 0 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7709] <... memfd_create resumed>) = 3 [pid 7709] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 ./strace-static-x86_64: Process 7710 attached [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7710 [pid 7710] set_robust_list(0x5555819eb760, 24) = 0 [pid 7710] chdir("./48") = 0 [pid 7710] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7710] setpgid(0, 0) = 0 [pid 7710] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7710] write(3, "1000", 4) = 4 [pid 7710] close(3) = 0 [pid 7710] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7710] write(1, "executing program\n", 18) = 18 [pid 7710] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7710] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7710] memfd_create("syzkaller", 0) = 3 [pid 7710] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7707] <... write resumed>) = 16777216 [pid 7707] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7707] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7707] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7707] close(3) = 0 [pid 7707] close(4) = 0 [pid 7707] mkdir("./file0", 0777) = 0 [ 173.417296][ T7707] loop2: detected capacity change from 0 to 32768 [pid 7707] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7709] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7708] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7710] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 7710] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7710] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7710] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7710] close(3) = 0 [pid 7710] close(4) = 0 [pid 7710] mkdir("./file0", 0777) = 0 [pid 7708] <... write resumed>) = 16777216 [pid 7708] munmap(0x7f0eeb600000, 138412032 [pid 7710] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7709] <... write resumed>) = 16777216 [pid 7709] munmap(0x7f0eeb600000, 138412032 [pid 7708] <... munmap resumed>) = 0 [ 173.753998][ T7710] loop1: detected capacity change from 0 to 32768 [pid 7708] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7708] ioctl(4, LOOP_SET_FD, 3 [pid 7709] <... munmap resumed>) = 0 [pid 7708] <... ioctl resumed>) = 0 [pid 7709] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7708] close(3 [pid 7709] <... openat resumed>) = 4 [pid 7708] <... close resumed>) = 0 [pid 7709] ioctl(4, LOOP_SET_FD, 3 [pid 7708] close(4) = 0 [pid 7708] mkdir("./file0", 0777) = 0 [pid 7708] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7709] <... ioctl resumed>) = 0 [pid 7709] close(3) = 0 [pid 7709] close(4) = 0 [pid 7709] mkdir("./file0", 0777) = 0 [ 173.815589][ T7708] loop0: detected capacity change from 0 to 32768 [ 173.842574][ T7709] loop4: detected capacity change from 0 to 32768 [ 173.996564][ T7707] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 174.025270][ T7707] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 174.047835][ T7707] bcachefs (loop2): Version downgrade required: [ 174.054366][ T7707] bcachefs (loop2): Version upgrade required: [ 174.054366][ T7707] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 174.054366][ T7707] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 174.054366][ T7707] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 174.079688][ T7709] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 174.134422][ T7709] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 174.146239][ T7708] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 174.146487][ T7707] bcachefs (loop2): dropping and reconstructing all alloc info [ 174.155370][ T7708] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 174.171959][ T7707] bcachefs (loop2): accounting_read... [ 174.181971][ T7710] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 174.197107][ T7707] done [ 174.199194][ T7710] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 174.206469][ T7707] bcachefs (loop2): alloc_read... done [ 174.242745][ T7707] bcachefs (loop2): stripes_read... done [ 174.253228][ T7707] bcachefs (loop2): snapshots_read... done [ 174.290285][ T7707] bcachefs (loop2): check_allocations... done [pid 7709] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"...) = -1 EINVAL (Invalid argument) [pid 7709] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7709] ioctl(3, LOOP_CLR_FD) = 0 [ 174.423237][ T7709] bcachefs: bch2_fs_get_tree() error: EINVAL [ 174.428048][ T7707] bcachefs (loop2): going read-write [pid 7709] close(3 [pid 7707] <... mount resumed>) = 0 [pid 7707] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7707] chdir("./file0") = 0 [pid 7708] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7707] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 174.473136][ T7707] bcachefs (loop2): done starting filesystem [ 174.486926][ T7708] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7707] ioctl(4, LOOP_CLR_FD [pid 7708] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7707] <... ioctl resumed>) = 0 [pid 7708] <... openat resumed>) = 3 [pid 7707] close(4 [pid 7708] ioctl(3, LOOP_CLR_FD [pid 7707] <... close resumed>) = 0 [pid 7707] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7708] <... ioctl resumed>) = 0 [pid 7708] close(3 [pid 7710] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7710] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7710] ioctl(3, LOOP_CLR_FD) = 0 [pid 7710] close(3 [pid 7707] <... quotactl resumed>) = 0 [pid 7707] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7707] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7707] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7707] open(".", O_RDONLY) = 5 [ 174.516817][ T7710] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7707] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 7707] exit_group(0) = ? [pid 7707] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7707, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=34 /* 0.34 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 174.588465][ T77] bucket incorrectly unset in freespace btree [pid 5827] umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", [pid 5828] umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(3, [pid 5828] newfstatat(AT_FDCWD, "./49/file0", [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./38/binderfs", [pid 5828] openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5827] unlink("./38/binderfs" [pid 5828] newfstatat(4, "", [pid 5827] <... unlink resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5827] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [ 174.588513][ T77] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5828] rmdir("./49/file0") = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 7708] <... close resumed>) = 0 [pid 7708] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 174.714634][ T52] bucket incorrectly unset in freespace btree [ 174.714657][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 174.723289][ T5827] bcachefs (loop2): shutting down [ 174.723353][ T5827] bcachefs (loop2): going read-only [ 174.723374][ T5827] bcachefs (loop2): finished waiting for writes to stop [pid 5828] rmdir("./49") = 0 [pid 5828] mkdir("./50", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7742 attached [pid 7742] set_robust_list(0x5555819eb760, 24) = 0 [pid 7742] chdir("./50") = 0 [pid 7742] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7742] setpgid(0, 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7742 [pid 7742] <... setpgid resumed>) = 0 [pid 7742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7742] write(3, "1000", 4) = 4 [pid 7742] close(3) = 0 [ 174.731896][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 11 [pid 7742] symlink("/dev/binderfs", "./binderfs" [pid 7710] <... close resumed>) = 0 [pid 7709] <... close resumed>) = 0 [pid 7710] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7709] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7742] <... symlink resumed>) = 0 [pid 7742] write(1, "executing program\n", 18executing program ) = 18 [pid 7742] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7742] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7742] memfd_create("syzkaller", 0) = 3 [ 174.804414][ T77] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 53) [ 174.826974][ T77] bucket incorrectly unset in freespace btree [ 174.827006][ T77] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 7742] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 174.852491][ T77] bucket incorrectly unset in freespace btree [ 174.852514][ T77] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 174.873099][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 174.891873][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [pid 7708] <... quotactl resumed>) = 0 [pid 7710] <... quotactl resumed>) = 0 [pid 7710] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7710] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7709] <... quotactl resumed>) = 0 [pid 7709] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7710] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7709] <... openat resumed>) = 3 [pid 7710] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7709] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7708] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7709] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7709] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7708] <... openat resumed>) = 3 [pid 7708] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7708] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7710] <... quotactl resumed>) = 0 [pid 7710] open(".", O_RDONLY) = 4 [pid 7710] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7710] exit_group(0) = ? [pid 7710] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7710, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=48 /* 0.48 s */} --- [ 174.900475][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [ 174.923335][ T5827] bcachefs (loop2): shutdown complete [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 7709] <... quotactl resumed>) = 0 [pid 7708] <... quotactl resumed>) = 0 [pid 7709] open(".", O_RDONLY [pid 7708] open(".", O_RDONLY [pid 7709] <... open resumed>) = 4 [pid 7708] <... open resumed>) = 4 [pid 7709] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7708] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7709] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7708] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7709] exit_group(0 [pid 7708] exit_group(0 [pid 7709] <... exit_group resumed>) = ? [pid 7708] <... exit_group resumed>) = ? [pid 5826] <... restart_syscall resumed>) = 0 [pid 7708] +++ exited with 0 +++ [pid 7709] +++ exited with 0 +++ [pid 5826] umount2("./48", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7708, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=51 /* 0.51 s */} --- [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7709, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=48 /* 0.48 s */} --- [pid 5826] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5826] <... openat resumed>) = 3 [pid 5825] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(3, "", [pid 5825] <... openat resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] newfstatat(3, "", [pid 5826] getdents64(3, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] getdents64(3, [pid 5826] umount2("./48/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./48/binderfs", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] newfstatat(AT_FDCWD, "./31/binderfs", [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] unlink("./48/binderfs" [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5825] unlink("./31/binderfs" [pid 5826] umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... unlink resumed>) = 0 [pid 5829] umount2("./46", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./48/file0", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] newfstatat(AT_FDCWD, "./31/file0", [pid 5829] <... openat resumed>) = 3 [pid 5826] umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(3, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] getdents64(3, [pid 5826] <... openat resumed>) = 4 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] newfstatat(4, "", [pid 5825] openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] umount2("./46/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... openat resumed>) = 4 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(4, [pid 5829] newfstatat(AT_FDCWD, "./46/binderfs", [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] newfstatat(4, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] getdents64(4, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] unlink("./46/binderfs" [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5826] close(4 [pid 5825] getdents64(4, [pid 5829] umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... close resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] rmdir("./48/file0" [pid 5829] newfstatat(AT_FDCWD, "./46/file0", [pid 5826] <... rmdir resumed>) = 0 [pid 5825] getdents64(4, [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./48/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] close(4 [pid 5826] newfstatat(AT_FDCWD, "./48/file1", [pid 5829] openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... close resumed>) = 0 [pid 5829] <... openat resumed>) = 4 [pid 5829] newfstatat(4, "", [pid 5826] unlink("./48/file1" [pid 5825] rmdir("./31/file0" [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] getdents64(3, [pid 5829] close(4 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] umount2("./31/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... close resumed>) = 0 [pid 5829] rmdir("./46/file0" [pid 5826] close(3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... rmdir resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./48" [pid 5825] newfstatat(AT_FDCWD, "./31/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./46/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... rmdir resumed>) = 0 [pid 5825] unlink("./31/file1" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./46/file1", [pid 5825] <... unlink resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./46/file1" [pid 5826] mkdir("./49", 0777 [pid 5825] getdents64(3, [pid 5829] <... unlink resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] getdents64(3, [pid 5825] close(3 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] <... close resumed>) = 0 [pid 5829] close(3) = 0 [pid 5825] rmdir("./31" [pid 5829] rmdir("./46" [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5825] <... rmdir resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 7742] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5829] mkdir("./47", 0777 [pid 5825] mkdir("./32", 0777 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] <... mkdir resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5826] close(3 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... close resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... openat resumed>) = 3 ./strace-static-x86_64: Process 7743 attached [pid 5829] ioctl(3, LOOP_CLR_FD [pid 7743] set_robust_list(0x5555819eb760, 24 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7743 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5829] close(3 [pid 7743] <... set_robust_list resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7743] chdir("./49" [pid 5825] close(3 [pid 7743] <... chdir resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 7743] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7745 attached [pid 7743] <... prctl resumed>) = 0 [pid 7743] setpgid(0, 0) = 0 [pid 7745] set_robust_list(0x5555819eb760, 24 [pid 7743] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7744 ./strace-static-x86_64: Process 7744 attached [pid 7745] <... set_robust_list resumed>) = 0 [pid 7745] chdir("./32" [pid 7744] set_robust_list(0x5555819eb760, 24 [pid 7743] <... openat resumed>) = 3 [pid 7744] <... set_robust_list resumed>) = 0 [pid 7744] chdir("./47" [pid 7745] <... chdir resumed>) = 0 [pid 7744] <... chdir resumed>) = 0 [pid 7743] write(3, "1000", 4 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7745 [pid 7745] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7744] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7743] <... write resumed>) = 4 [pid 7744] <... prctl resumed>) = 0 [pid 7745] <... prctl resumed>) = 0 [pid 7744] setpgid(0, 0 [pid 7743] close(3 [pid 7745] setpgid(0, 0 [pid 7743] <... close resumed>) = 0 [pid 7745] <... setpgid resumed>) = 0 [pid 7744] <... setpgid resumed>) = 0 [pid 7743] symlink("/dev/binderfs", "./binderfs" [pid 7745] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7744] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7743] <... symlink resumed>) = 0 [pid 7745] <... openat resumed>) = 3 [pid 7744] <... openat resumed>) = 3 [pid 7743] write(1, "executing program\n", 18executing program [pid 7745] write(3, "1000", 4 [pid 7744] write(3, "1000", 4 [pid 7743] <... write resumed>) = 18 [pid 7744] <... write resumed>) = 4 [pid 7744] close(3) = 0 [pid 7744] symlink("/dev/binderfs", "./binderfs" [pid 7745] <... write resumed>) = 4 [pid 7744] <... symlink resumed>) = 0 [pid 7744] write(1, "executing program\n", 18executing program ) = 18 [pid 7745] close(3) = 0 [pid 7744] fsopen(NULL, 0 [pid 7745] symlink("/dev/binderfs", "./binderfs" [pid 7744] <... fsopen resumed>) = -1 EFAULT (Bad address) executing program [pid 7745] <... symlink resumed>) = 0 [pid 7744] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7743] fsopen(NULL, 0 [pid 7744] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7743] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7743] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7744] memfd_create("syzkaller", 0 [pid 7743] memfd_create("syzkaller", 0 [pid 7745] write(1, "executing program\n", 18 [pid 7744] <... memfd_create resumed>) = 3 [pid 7743] <... memfd_create resumed>) = 3 [pid 7744] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7745] <... write resumed>) = 18 [pid 7743] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7744] <... mmap resumed>) = 0x7f0eeb600000 [pid 7745] fsopen(NULL, 0 [pid 7743] <... mmap resumed>) = 0x7f0eeb600000 [pid 7745] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7745] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7745] memfd_create("syzkaller", 0) = 3 [pid 7745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7744] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7745] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7743] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7742] <... write resumed>) = 16777216 [pid 7742] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7742] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7742] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7742] close(3) = 0 [pid 7742] close(4) = 0 [pid 7742] mkdir("./file0", 0777) = 0 [ 175.406780][ T7742] loop3: detected capacity change from 0 to 32768 [pid 7742] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7743] <... write resumed>) = 16777216 [pid 7744] <... write resumed>) = 16777216 [pid 7743] munmap(0x7f0eeb600000, 138412032 [pid 7744] munmap(0x7f0eeb600000, 138412032 [pid 7743] <... munmap resumed>) = 0 [pid 7744] <... munmap resumed>) = 0 [pid 7743] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7745] <... write resumed>) = 16777216 [pid 7744] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7743] <... openat resumed>) = 4 [pid 7743] ioctl(4, LOOP_SET_FD, 3 [pid 7745] munmap(0x7f0eeb600000, 138412032 [pid 7744] <... openat resumed>) = 4 [pid 7743] <... ioctl resumed>) = 0 [pid 7744] ioctl(4, LOOP_SET_FD, 3 [pid 7743] close(3) = 0 [pid 7743] close(4) = 0 [pid 7743] mkdir("./file0", 0777 [pid 7745] <... munmap resumed>) = 0 [pid 7743] <... mkdir resumed>) = 0 [pid 7743] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7745] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7744] <... ioctl resumed>) = 0 [pid 7745] ioctl(4, LOOP_SET_FD, 3 [pid 7744] close(3) = 0 [pid 7744] close(4 [pid 7745] <... ioctl resumed>) = 0 [pid 7744] <... close resumed>) = 0 [pid 7745] close(3 [pid 7744] mkdir("./file0", 0777 [pid 7745] <... close resumed>) = 0 [pid 7744] <... mkdir resumed>) = 0 [pid 7745] close(4 [pid 7744] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7745] <... close resumed>) = 0 [pid 7745] mkdir("./file0", 0777) = 0 [ 175.655544][ T7743] loop1: detected capacity change from 0 to 32768 [ 175.664131][ T7744] loop4: detected capacity change from 0 to 32768 [ 175.681459][ T7745] loop0: detected capacity change from 0 to 32768 [ 175.901399][ T7742] bcachefs (loop3): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 175.929668][ T7743] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 175.938937][ T7743] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 175.960405][ T7742] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 175.969090][ T7742] bcachefs (loop3): Version downgrade required: [ 175.982010][ T7745] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 175.986595][ T7742] bcachefs (loop3): Version upgrade required: [ 175.986595][ T7742] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 175.986595][ T7742] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 175.986595][ T7742] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 176.076504][ T7745] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 176.077383][ T7744] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 176.106198][ T7744] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7745] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7743] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7743] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7743] ioctl(3, LOOP_CLR_FD) = 0 [ 176.190684][ T7742] bcachefs (loop3): dropping and reconstructing all alloc info [ 176.201529][ T7743] bcachefs: bch2_fs_get_tree() error: EINVAL [ 176.223448][ T7742] bcachefs (loop3): accounting_read... done [pid 7743] close(3 [pid 5827] <... umount2 resumed>) = 0 [ 176.255917][ T7742] bcachefs (loop3): alloc_read... done [pid 5827] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./38/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./38") = 0 [pid 5827] mkdir("./39", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7775 attached , child_tidptr=0x5555819eb750) = 7775 [pid 7775] set_robust_list(0x5555819eb760, 24) = 0 [pid 7775] chdir("./39") = 0 [pid 7775] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7775] setpgid(0, 0) = 0 [pid 7775] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 176.306233][ T7742] bcachefs (loop3): stripes_read... done [ 176.312077][ T7742] bcachefs (loop3): snapshots_read... done [pid 7775] write(3, "1000", 4) = 4 [pid 7775] close(3) = 0 [pid 7775] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7775] write(1, "executing program\n", 18) = 18 [pid 7775] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7775] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7775] memfd_create("syzkaller", 0) = 3 [pid 7775] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 176.344382][ T7742] bcachefs (loop3): check_allocations... [ 176.382628][ T7745] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7745] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7745] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 7745] ioctl(3, LOOP_CLR_FD) = 0 [pid 7745] close(3 [pid 7743] <... close resumed>) = 0 [pid 7743] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7743] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7744] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7744] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 176.503241][ T7744] bcachefs: bch2_fs_get_tree() error: EINVAL [ 176.506286][ T7742] done [ 176.522675][ T7742] bcachefs (loop3): going read-write [pid 7743] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7744] <... openat resumed>) = 3 [pid 7743] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7744] ioctl(3, LOOP_CLR_FD [pid 7743] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7744] <... ioctl resumed>) = 0 [pid 7744] close(3 [pid 7743] <... quotactl resumed>) = 0 [pid 7742] <... mount resumed>) = 0 [pid 7743] open(".", O_RDONLY [pid 7742] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 7743] <... open resumed>) = 4 [pid 7743] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7742] <... openat resumed>) = 3 [pid 7743] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7742] chdir("./file0" [pid 7743] exit_group(0 [pid 7742] <... chdir resumed>) = 0 [pid 7743] <... exit_group resumed>) = ? [pid 7742] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7743] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7743, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=51 /* 0.51 s */} --- [pid 7742] <... openat resumed>) = 4 [ 176.546550][ T7742] bcachefs (loop3): done starting filesystem [pid 7742] ioctl(4, LOOP_CLR_FD [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 7742] <... ioctl resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 7742] close(4) = 0 [pid 7742] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 5826] umount2("./49", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7742] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7742] <... openat resumed>) = 4 [pid 5826] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7742] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 5826] <... openat resumed>) = 3 [pid 5826] newfstatat(3, "", [pid 7742] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5826] umount2("./49/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./49/binderfs") = 0 [pid 5826] umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, [pid 7742] <... quotactl resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 7742] open(".", O_RDONLY [pid 5826] close(4) = 0 [pid 5826] rmdir("./49/file0" [pid 7742] <... open resumed>) = 5 [pid 5826] <... rmdir resumed>) = 0 [pid 7742] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5826] umount2("./49/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./49/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./49/file1") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./49") = 0 [pid 5826] mkdir("./50", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7778 attached [pid 7742] <... fallocate resumed>) = 0 [pid 7778] set_robust_list(0x5555819eb760, 24) = 0 [pid 7778] chdir("./50" [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7778 [pid 7778] <... chdir resumed>) = 0 [pid 7778] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7742] exit_group(0 [pid 7778] <... prctl resumed>) = 0 [pid 7742] <... exit_group resumed>) = ? [pid 7778] setpgid(0, 0) = 0 [pid 7778] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7778] write(3, "1000", 4 [pid 7742] +++ exited with 0 +++ [pid 7778] <... write resumed>) = 4 [pid 7778] close(3 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7742, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=40 /* 0.40 s */} --- [pid 7778] <... close resumed>) = 0 executing program [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 7778] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... restart_syscall resumed>) = 0 [pid 7778] <... symlink resumed>) = 0 [pid 7778] write(1, "executing program\n", 18) = 18 [pid 5828] umount2("./50", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7778] fsopen(NULL, 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7778] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 5828] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7778] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5828] <... openat resumed>) = 3 [pid 7778] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(3, "", [pid 7778] memfd_create("syzkaller", 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./50/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7778] <... memfd_create resumed>) = 3 [pid 7778] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] newfstatat(AT_FDCWD, "./50/binderfs", [pid 7778] <... mmap resumed>) = 0x7f0eeb600000 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./50/binderfs") = 0 [pid 5828] umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 176.670120][ T2913] bucket incorrectly unset in freespace btree [ 176.670153][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 7775] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7745] <... close resumed>) = 0 [ 176.762005][ T5828] bcachefs (loop3): shutting down [ 176.769188][ T2913] bucket incorrectly unset in freespace btree [ 176.769209][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 176.776465][ T5828] bcachefs (loop3): going read-only [ 176.776492][ T5828] bcachefs (loop3): finished waiting for writes to stop [ 176.807622][ T5828] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12 [ 176.846770][ T2913] bcachefs (loop3): loop3: Superblock write was silently dropped! (seq 0 expected 53) [ 176.877714][ T2913] bucket incorrectly unset in freespace btree [ 176.877748][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [pid 7745] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7744] <... close resumed>) = 0 [ 176.899614][ T2913] bucket incorrectly unset in freespace btree [ 176.899635][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [pid 7744] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 176.945554][ T5828] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 12 [ 176.966830][ T5828] bcachefs (loop3): unclean shutdown complete, journal seq 13 [ 176.988038][ T5828] bcachefs (loop3): done going read-only, filesystem not clean [pid 7778] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7745] <... quotactl resumed>) = 0 [pid 7745] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7744] <... quotactl resumed>) = 0 [pid 7745] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7744] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7745] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7744] <... openat resumed>) = 3 [pid 7745] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7744] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7744] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7745] <... quotactl resumed>) = 0 [pid 7744] <... quotactl resumed>) = 0 [pid 7745] open(".", O_RDONLY [pid 7744] open(".", O_RDONLY [pid 7745] <... open resumed>) = 4 [pid 7744] <... open resumed>) = 4 [pid 7745] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7744] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7745] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7744] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7745] exit_group(0) = ? [pid 7744] exit_group(0 [pid 7745] +++ exited with 0 +++ [pid 7744] <... exit_group resumed>) = ? [pid 7744] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7745, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=46 /* 0.46 s */} --- [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7744, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=44 /* 0.44 s */} --- [pid 5825] umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./47", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... openat resumed>) = 3 [pid 5829] <... openat resumed>) = 3 [pid 5825] newfstatat(3, "", [pid 5829] newfstatat(3, "", [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5825] getdents64(3, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./47/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./47/binderfs" [pid 5825] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5829] <... unlink resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] unlink("./32/binderfs" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... unlink resumed>) = 0 [pid 5825] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./47/file0", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./32/file0", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... openat resumed>) = 4 [pid 5825] openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] newfstatat(4, "", [pid 5825] <... openat resumed>) = 4 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] newfstatat(4, "", [pid 5829] getdents64(4, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, [pid 5829] getdents64(4, [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] getdents64(4, [pid 5829] close(4 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... close resumed>) = 0 [pid 5825] close(4 [pid 5829] rmdir("./47/file0" [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./32/file0" [pid 5829] <... rmdir resumed>) = 0 [pid 5829] umount2("./47/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... rmdir resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./32/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./47/file1", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./32/file1", [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./47/file1" [pid 5825] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5825] unlink("./32/file1" [pid 5829] getdents64(3, [pid 5825] <... unlink resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] getdents64(3, [pid 5829] close(3) = 0 [pid 5829] rmdir("./47") = 0 [pid 5829] mkdir("./48", 0777) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./32" [pid 7775] <... write resumed>) = 16777216 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7775] munmap(0x7f0eeb600000, 138412032 [pid 5825] <... rmdir resumed>) = 0 [pid 5825] mkdir("./33", 0777 [pid 5829] <... openat resumed>) = 3 [pid 5825] <... mkdir resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [ 177.058612][ T5828] bcachefs (loop3): shutdown complete [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7779 attached , child_tidptr=0x5555819eb750) = 7779 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 7779] set_robust_list(0x5555819eb760, 24) = 0 [pid 7779] chdir("./33") = 0 [pid 7779] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7779] setpgid(0, 0) = 0 [pid 7779] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7778] <... write resumed>) = 16777216 [pid 7775] <... munmap resumed>) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7778] munmap(0x7f0eeb600000, 138412032 [pid 7775] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5829] close(3) = 0 [pid 7775] <... openat resumed>) = 4 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7775] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 7780 attached [pid 7779] <... openat resumed>) = 3 [pid 7779] write(3, "1000", 4) = 4 [pid 7779] close(3) = 0 [pid 7779] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 7779] write(1, "executing program\n", 18) = 18 [pid 7779] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7779] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7779] memfd_create("syzkaller", 0) = 3 [pid 7779] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7775] <... ioctl resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7780 [pid 7780] set_robust_list(0x5555819eb760, 24) = 0 [pid 7780] chdir("./48") = 0 [pid 7778] <... munmap resumed>) = 0 [pid 7780] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7780] setpgid(0, 0) = 0 [pid 7780] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7780] write(3, "1000", 4) = 4 executing program [pid 7780] close(3 [pid 7778] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7775] close(3 [pid 7780] <... close resumed>) = 0 [pid 7775] <... close resumed>) = 0 [pid 7780] symlink("/dev/binderfs", "./binderfs" [pid 7778] <... openat resumed>) = 4 [pid 7775] close(4 [pid 7780] <... symlink resumed>) = 0 [pid 7780] write(1, "executing program\n", 18 [pid 7778] ioctl(4, LOOP_SET_FD, 3 [pid 7775] <... close resumed>) = 0 [pid 7780] <... write resumed>) = 18 [pid 7775] mkdir("./file0", 0777) = 0 [pid 7780] fsopen(NULL, 0 [pid 7775] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7780] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7780] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7780] memfd_create("syzkaller", 0) = 3 [pid 7780] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 177.156460][ T7775] loop2: detected capacity change from 0 to 32768 [pid 7778] <... ioctl resumed>) = 0 [pid 7778] close(3) = 0 [pid 7778] close(4) = 0 [pid 7778] mkdir("./file0", 0777) = 0 [ 177.208861][ T7778] loop1: detected capacity change from 0 to 32768 [pid 7778] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7779] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7780] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7779] <... write resumed>) = 16777216 [pid 7779] munmap(0x7f0eeb600000, 138412032 [pid 7780] <... write resumed>) = 16777216 [pid 7780] munmap(0x7f0eeb600000, 138412032 [pid 7779] <... munmap resumed>) = 0 [pid 7779] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7779] ioctl(4, LOOP_SET_FD, 3 [pid 7780] <... munmap resumed>) = 0 [pid 7779] <... ioctl resumed>) = 0 [pid 7780] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7779] close(3) = 0 [pid 7780] <... openat resumed>) = 4 [pid 7779] close(4 [pid 7780] ioctl(4, LOOP_SET_FD, 3 [pid 7779] <... close resumed>) = 0 [pid 7779] mkdir("./file0", 0777 [pid 7780] <... ioctl resumed>) = 0 [pid 7779] <... mkdir resumed>) = 0 [pid 7780] close(3) = 0 [pid 7779] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7780] close(4) = 0 [pid 7780] mkdir("./file0", 0777) = 0 [ 177.552805][ T7779] loop0: detected capacity change from 0 to 32768 [ 177.561993][ T7780] loop4: detected capacity change from 0 to 32768 [ 177.755646][ T7775] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 177.762471][ T7778] bcachefs (loop1): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 177.786180][ T7775] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 177.804281][ T7780] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 177.819601][ T7778] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 177.826515][ T7780] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 177.835985][ T7778] bcachefs (loop1): Version downgrade required: [ 177.837332][ T7779] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 177.846524][ T7778] bcachefs (loop1): Version upgrade required: [ 177.846524][ T7778] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 177.846524][ T7778] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 177.846524][ T7778] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 177.873557][ T7779] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 177.936783][ T7778] bcachefs (loop1): dropping and reconstructing all alloc info [pid 7780] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7775] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 178.012757][ T7778] bcachefs (loop1): accounting_read... done [ 178.027038][ T7775] bcachefs: bch2_fs_get_tree() error: EINVAL [ 178.027505][ T7778] bcachefs (loop1): alloc_read... done [pid 7775] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 7775] ioctl(3, LOOP_CLR_FD) = 0 [ 178.081692][ T7778] bcachefs (loop1): stripes_read... done [ 178.102119][ T7778] bcachefs (loop1): snapshots_read... done [pid 7775] close(3 [pid 7780] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 178.125713][ T7778] bcachefs (loop1): check_allocations... done [ 178.250348][ T7780] bcachefs: bch2_fs_get_tree() error: EINVAL [ 178.272228][ T7778] bcachefs (loop1): going read-write [pid 7780] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7779] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7780] ioctl(3, LOOP_CLR_FD) = 0 [pid 7780] close(3 [pid 5828] <... umount2 resumed>) = 0 [pid 7779] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7775] <... close resumed>) = 0 [pid 7779] <... openat resumed>) = 3 [ 178.287365][ T7779] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5828] umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7779] ioctl(3, LOOP_CLR_FD [pid 7775] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7779] <... ioctl resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7779] close(3 [pid 5828] <... openat resumed>) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./50/file0" [pid 7778] <... mount resumed>) = 0 [pid 7778] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7778] chdir("./file0") = 0 [pid 7778] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 178.333068][ T7778] bcachefs (loop1): done starting filesystem [pid 7778] ioctl(4, LOOP_CLR_FD) = 0 [pid 7778] close(4) = 0 [pid 7778] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5828] <... rmdir resumed>) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./50") = 0 [pid 5828] mkdir("./51", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7775] <... quotactl resumed>) = 0 [pid 7775] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5828] <... openat resumed>) = 3 [pid 7775] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7812 attached [pid 7775] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7812 [pid 7775] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7812] set_robust_list(0x5555819eb760, 24) = 0 [pid 7812] chdir("./51" [pid 7778] <... quotactl resumed>) = 0 [pid 7778] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7812] <... chdir resumed>) = 0 [pid 7778] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7812] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7778] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7812] setpgid(0, 0 [pid 7778] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7812] <... setpgid resumed>) = 0 [pid 7775] <... quotactl resumed>) = 0 [pid 7812] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7778] <... quotactl resumed>) = 0 [pid 7775] open(".", O_RDONLY [pid 7812] <... openat resumed>) = 3 [pid 7778] open(".", O_RDONLY [pid 7775] <... open resumed>) = 4 executing program [pid 7775] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7812] write(3, "1000", 4 [pid 7778] <... open resumed>) = 5 [pid 7775] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7812] <... write resumed>) = 4 [pid 7778] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7812] close(3) = 0 [pid 7775] exit_group(0 [pid 7812] symlink("/dev/binderfs", "./binderfs" [pid 7775] <... exit_group resumed>) = ? [pid 7812] <... symlink resumed>) = 0 [pid 7775] +++ exited with 0 +++ [pid 7812] write(1, "executing program\n", 18 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7775, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=45 /* 0.45 s */} --- [pid 7812] <... write resumed>) = 18 [pid 7812] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 5827] umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7812] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7812] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7812] memfd_create("syzkaller", 0 [pid 7778] <... fallocate resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 7812] <... memfd_create resumed>) = 3 [pid 7778] exit_group(0 [pid 5827] newfstatat(3, "", [pid 7812] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7778] <... exit_group resumed>) = ? [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7812] <... mmap resumed>) = 0x7f0eeb600000 [pid 7778] +++ exited with 0 +++ [pid 5827] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5827] umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7778, si_uid=0, si_status=0, si_utime=8 /* 0.08 s */, si_stime=34 /* 0.34 s */} --- [pid 5827] newfstatat(AT_FDCWD, "./39/binderfs", [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5827] unlink("./39/binderfs") = 0 [pid 5827] umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./50", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./39/file0", [pid 5826] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5827] umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(3, "", [pid 5827] openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... openat resumed>) = 4 [pid 5826] getdents64(3, [pid 5827] newfstatat(4, "", [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] umount2("./50/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] getdents64(4, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] newfstatat(AT_FDCWD, "./50/binderfs", [pid 5827] getdents64(4, [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] unlink("./50/binderfs" [pid 5827] close(4 [pid 5826] <... unlink resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5826] umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] rmdir("./39/file0") = 0 [pid 5827] umount2("./39/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./39/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./39/file1") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./39") = 0 [pid 5827] mkdir("./40", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [ 178.465694][ T52] bucket incorrectly unset in freespace btree [ 178.465729][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7813 attached [pid 7813] set_robust_list(0x5555819eb760, 24) = 0 [pid 7813] chdir("./40") = 0 [pid 7813] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7813] setpgid(0, 0) = 0 [ 178.512062][ T5826] bcachefs (loop1): shutting down [pid 7813] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 7813 [pid 7813] write(3, "1000", 4 [pid 7780] <... close resumed>) = 0 [pid 7813] <... write resumed>) = 4 [pid 7813] close(3) = 0 [pid 7813] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7780] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7813] write(1, "executing program\n", 18executing program ) = 18 [pid 7813] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7813] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7813] memfd_create("syzkaller", 0) = 3 [pid 7813] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 178.543817][ T5826] bcachefs (loop1): going read-only [ 178.571672][ T5826] bcachefs (loop1): finished waiting for writes to stop [pid 7779] <... close resumed>) = 0 [ 178.619298][ T52] bucket incorrectly unset in freespace btree [ 178.619333][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 178.652114][ T5826] bcachefs (loop1): flushing journal and stopping allocators, journal seq 12 [ 178.688993][ T52] bucket incorrectly unset in freespace btree [ 178.689015][ T52] u64s 5 type deleted 0:4:0 len 0 ver 0, , continuing [ 178.716082][ T52] bucket incorrectly unset in freespace btree [ 178.716104][ T52] u64s 5 type deleted 0:7:0 len 0 ver 0, , continuing [pid 7779] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7812] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 178.755551][ T5826] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12 [ 178.776988][ T5826] bcachefs (loop1): unclean shutdown complete, journal seq 13 [ 178.793102][ T5826] bcachefs (loop1): done going read-only, filesystem not clean [pid 7813] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7780] <... quotactl resumed>) = 0 [pid 7779] <... quotactl resumed>) = 0 [pid 7779] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7780] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7779] <... openat resumed>) = 3 [pid 7779] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7780] <... openat resumed>) = 3 [pid 7779] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7780] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7780] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7779] <... quotactl resumed>) = 0 [pid 7779] open(".", O_RDONLY) = 4 [pid 7779] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7780] <... quotactl resumed>) = 0 [pid 7779] exit_group(0 [pid 7780] open(".", O_RDONLY [pid 7779] <... exit_group resumed>) = ? [pid 7780] <... open resumed>) = 4 [pid 7779] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7779, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=42 /* 0.42 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 7780] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7780] exit_group(0) = ? [pid 5825] <... restart_syscall resumed>) = 0 [pid 7780] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7780, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=50 /* 0.50 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5825] umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./33/binderfs") = 0 [pid 5825] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... restart_syscall resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] umount2("./48", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(4, "", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5825] getdents64(4, [pid 5829] newfstatat(3, "", [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] getdents64(3, [pid 5825] close(4 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] <... close resumed>) = 0 [pid 5829] umount2("./48/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] rmdir("./33/file0" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... rmdir resumed>) = 0 [pid 5825] umount2("./33/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(AT_FDCWD, "./48/binderfs", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./33/file1", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./48/binderfs" [ 178.838828][ T5826] bcachefs (loop1): shutdown complete [pid 5825] unlink("./33/file1" [pid 5829] <... unlink resumed>) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 5829] umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] getdents64(3, [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] newfstatat(AT_FDCWD, "./48/file0", [pid 5825] close(3 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... close resumed>) = 0 [pid 5829] umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] rmdir("./33" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... rmdir resumed>) = 0 [pid 5825] mkdir("./34", 0777 [pid 5829] <... openat resumed>) = 4 [pid 5829] newfstatat(4, "", [pid 5825] <... mkdir resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] getdents64(4, [pid 5825] <... openat resumed>) = 3 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... close resumed>) = 0 [pid 5825] close(3 [pid 5829] rmdir("./48/file0" [pid 5825] <... close resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] <... rmdir resumed>) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7814 [pid 5829] umount2("./48/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 7814 attached [pid 5829] newfstatat(AT_FDCWD, "./48/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./48/file1") = 0 [pid 5829] getdents64(3, [pid 7814] set_robust_list(0x5555819eb760, 24 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7814] <... set_robust_list resumed>) = 0 [pid 5829] close(3) = 0 [pid 7814] chdir("./34" [pid 5829] rmdir("./48") = 0 [pid 7814] <... chdir resumed>) = 0 [pid 7814] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] mkdir("./49", 0777) = 0 [pid 7814] <... prctl resumed>) = 0 [pid 7814] setpgid(0, 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7814] <... setpgid resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 7814] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] ioctl(3, LOOP_CLR_FD [pid 7814] <... openat resumed>) = 3 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7814] write(3, "1000", 4 [pid 5829] close(3 [pid 7814] <... write resumed>) = 4 [pid 5829] <... close resumed>) = 0 [pid 7814] close(3 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7815 attached [pid 7814] <... close resumed>) = 0 [pid 7814] symlink("/dev/binderfs", "./binderfs" [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7815 [pid 7814] <... symlink resumed>) = 0 [pid 7815] set_robust_list(0x5555819eb760, 24) = 0 [pid 7815] chdir("./49") = 0 [pid 7815] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7815] setpgid(0, 0) = 0 [pid 7815] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7815] write(3, "1000", 4) = 4 [pid 7815] close(3) = 0 [pid 7815] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7815] write(1, "executing program\n", 18 [pid 7814] write(1, "executing program\n", 18executing program executing program ) = 18 [pid 7815] <... write resumed>) = 18 [pid 7814] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7814] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7815] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7815] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7814] memfd_create("syzkaller", 0 [pid 7815] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7815] memfd_create("syzkaller", 0) = 3 [pid 7814] <... memfd_create resumed>) = 3 [pid 7814] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7815] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7814] <... mmap resumed>) = 0x7f0eeb600000 [pid 7812] <... write resumed>) = 16777216 [pid 7812] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7812] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7812] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7812] close(3) = 0 [pid 7812] close(4 [pid 7813] <... write resumed>) = 16777216 [pid 7813] munmap(0x7f0eeb600000, 138412032 [pid 7812] <... close resumed>) = 0 [pid 7812] mkdir("./file0", 0777) = 0 [ 179.069427][ T7812] loop3: detected capacity change from 0 to 32768 [pid 7812] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7813] <... munmap resumed>) = 0 [pid 7813] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7813] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7813] close(3) = 0 [pid 7813] close(4) = 0 [pid 7813] mkdir("./file0", 0777) = 0 [ 179.131807][ T7813] loop2: detected capacity change from 0 to 32768 [pid 7813] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7815] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7814] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 7814] munmap(0x7f0eeb600000, 138412032 [pid 7815] <... write resumed>) = 16777216 [pid 7815] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7814] <... munmap resumed>) = 0 [pid 7815] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7814] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7815] <... openat resumed>) = 4 [pid 7814] <... openat resumed>) = 4 [pid 7814] ioctl(4, LOOP_SET_FD, 3 [pid 7815] ioctl(4, LOOP_SET_FD, 3 [pid 7814] <... ioctl resumed>) = 0 [pid 7814] close(3 [pid 7815] <... ioctl resumed>) = 0 [pid 7815] close(3 [pid 7814] <... close resumed>) = 0 [pid 7815] <... close resumed>) = 0 [pid 7814] close(4 [pid 7815] close(4 [pid 7814] <... close resumed>) = 0 [pid 7815] <... close resumed>) = 0 [pid 7814] mkdir("./file0", 0777 [pid 7815] mkdir("./file0", 0777 [pid 7814] <... mkdir resumed>) = 0 [pid 7815] <... mkdir resumed>) = 0 [pid 7814] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [ 179.428260][ T7814] loop0: detected capacity change from 0 to 32768 [ 179.435659][ T7815] loop4: detected capacity change from 0 to 32768 [ 179.574443][ T7813] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 179.583753][ T7812] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 179.603616][ T7813] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 179.614184][ T7812] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 179.618102][ T7813] bcachefs (loop2): Version downgrade required: [ 179.618321][ T7813] bcachefs (loop2): Version upgrade required: [ 179.618321][ T7813] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 179.618321][ T7813] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 179.618321][ T7813] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 179.706654][ T7813] bcachefs (loop2): dropping and reconstructing all alloc info [ 179.734950][ T7813] bcachefs (loop2): accounting_read... done [ 179.746914][ T7813] bcachefs (loop2): alloc_read... done [ 179.757366][ T7813] bcachefs (loop2): stripes_read... done [ 179.763366][ T7813] bcachefs (loop2): snapshots_read... done [ 179.770764][ T7815] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 179.780842][ T7815] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 179.789561][ T7813] bcachefs (loop2): check_allocations... [ 179.789601][ T7814] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 179.819669][ T7813] done [ 179.826294][ T7814] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 179.866926][ T7813] bcachefs (loop2): going read-write [pid 7815] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7813] <... mount resumed>) = 0 [pid 7813] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7813] chdir("./file0") = 0 [pid 7813] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7813] ioctl(4, LOOP_CLR_FD) = 0 [pid 7813] close(4) = 0 [ 179.897408][ T7813] bcachefs (loop2): done starting filesystem [pid 7813] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7813] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7813] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7813] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7812] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7813] <... quotactl resumed>) = 0 [pid 7813] open(".", O_RDONLY [pid 7812] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7813] <... open resumed>) = 5 [pid 7812] <... openat resumed>) = 3 [pid 7813] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7812] ioctl(3, LOOP_CLR_FD) = 0 [ 179.966767][ T7812] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7812] close(3 [pid 7813] <... fallocate resumed>) = 0 [pid 7813] exit_group(0) = ? [pid 7813] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7813, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=45 /* 0.45 s */} --- [pid 5827] umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./40/binderfs") = 0 [ 180.064031][ T52] bucket incorrectly unset in freespace btree [ 180.064063][ T52] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5827] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7814] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7814] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 7814] ioctl(3, LOOP_CLR_FD) = 0 [ 180.102973][ T7814] bcachefs: bch2_fs_get_tree() error: EINVAL [ 180.139450][ T7815] bcachefs: bch2_fs_get_tree() error: EINVAL [ 180.145699][ T5827] bcachefs (loop2): shutting down [pid 7814] close(3 [pid 7815] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7815] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7815] ioctl(3, LOOP_CLR_FD) = 0 [ 180.168568][ T5827] bcachefs (loop2): going read-only [ 180.173854][ T5827] bcachefs (loop2): finished waiting for writes to stop [pid 7815] close(3 [pid 7814] <... close resumed>) = 0 [ 180.245307][ T52] bucket incorrectly unset in freespace btree [ 180.245328][ T52] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 7814] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5826] <... umount2 resumed>) = 0 [pid 5826] umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./50/file0") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./50") = 0 [pid 5826] mkdir("./51", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7847 attached [ 180.296692][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [ 180.343402][ T52] bucket incorrectly unset in freespace btree [pid 7847] set_robust_list(0x5555819eb760, 24 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7847 [pid 7847] <... set_robust_list resumed>) = 0 [pid 7847] chdir("./51") = 0 [pid 7847] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7812] <... close resumed>) = 0 [pid 7847] setpgid(0, 0) = 0 [pid 7847] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7812] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7847] <... openat resumed>) = 3 [pid 7847] write(3, "1000", 4) = 4 [pid 7847] close(3) = 0 [pid 7847] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7847] write(1, "executing program\n", 18) = 18 [pid 7847] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7847] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [ 180.343424][ T52] u64s 5 type deleted 0:4:0 len 0 ver 0, , continuing [ 180.392397][ T52] bucket incorrectly unset in freespace btree [pid 7847] memfd_create("syzkaller", 0 [pid 7815] <... close resumed>) = 0 [pid 7847] <... memfd_create resumed>) = 3 [pid 7847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 180.392417][ T52] u64s 5 type deleted 0:7:0 len 0 ver 0, , continuing [pid 7815] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7814] <... quotactl resumed>) = 0 [ 180.436806][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 180.459617][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 180.474537][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 7812] <... quotactl resumed>) = 0 [pid 7815] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7814] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7812] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7815] <... openat resumed>) = 3 [pid 7814] <... openat resumed>) = 3 [pid 7812] <... openat resumed>) = 3 [pid 7815] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7814] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7812] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7815] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7814] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7812] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7847] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7815] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7814] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7812] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7815] <... quotactl resumed>) = 0 [pid 7814] <... quotactl resumed>) = 0 [pid 7812] <... quotactl resumed>) = 0 [pid 7815] open(".", O_RDONLY [pid 7814] open(".", O_RDONLY [pid 7812] open(".", O_RDONLY [pid 7815] <... open resumed>) = 4 [pid 7814] <... open resumed>) = 4 [pid 7812] <... open resumed>) = 4 [pid 7815] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7814] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7812] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7815] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7814] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7812] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7815] exit_group(0 [pid 7814] exit_group(0 [pid 7812] exit_group(0 [pid 7815] <... exit_group resumed>) = ? [pid 7812] <... exit_group resumed>) = ? [pid 7815] +++ exited with 0 +++ [pid 7814] <... exit_group resumed>) = ? [pid 7812] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7815, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=47 /* 0.47 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7812, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=46 /* 0.46 s */} --- [pid 5828] umount2("./51", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 7814] +++ exited with 0 +++ [pid 5828] umount2("./51/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./49", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7814, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=43 /* 0.43 s */} --- [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./51/binderfs", [pid 5829] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5828] unlink("./51/binderfs" [pid 5829] newfstatat(3, "", [pid 5828] <... unlink resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 180.513032][ T5827] bcachefs (loop2): shutdown complete [pid 5828] umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] getdents64(3, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] newfstatat(AT_FDCWD, "./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./49/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./49/binderfs", [pid 5828] openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5829] unlink("./49/binderfs" [pid 5828] newfstatat(4, "", [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(4, [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, [pid 5829] newfstatat(AT_FDCWD, "./49/file0", [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./51/file0" [pid 5829] umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... rmdir resumed>) = 0 [pid 5825] umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./51/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... openat resumed>) = 4 [pid 5828] newfstatat(AT_FDCWD, "./51/file1", [pid 5825] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] newfstatat(4, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] unlink("./51/file1" [pid 5829] getdents64(4, [pid 5828] <... unlink resumed>) = 0 [pid 5825] newfstatat(3, "", [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(3, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(3 [pid 5825] getdents64(3, [pid 5829] close(4 [pid 5828] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] rmdir("./49/file0" [pid 5828] rmdir("./51" [pid 5829] <... rmdir resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5825] umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] mkdir("./52", 0777) = 0 [pid 5825] unlink("./34/binderfs") = 0 [pid 5825] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./34/file0", [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5829] umount2("./49/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5825] umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] newfstatat(AT_FDCWD, "./49/file1", [pid 5828] close(3 [pid 5825] <... openat resumed>) = 4 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... close resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7848 [pid 5829] unlink("./49/file1" [pid 5825] newfstatat(4, "", [pid 5829] <... unlink resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./34/file0") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./49" [pid 5825] umount2("./34/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./34/file1", [pid 5829] <... rmdir resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./34/file1"./strace-static-x86_64: Process 7848 attached ) = 0 [pid 5825] getdents64(3, [pid 5829] mkdir("./50", 0777 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 7848] set_robust_list(0x5555819eb760, 24) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5825] close(3) = 0 [pid 7848] chdir("./52") = 0 [pid 5825] rmdir("./34" [pid 7848] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 7848] setpgid(0, 0) = 0 [pid 7848] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] mkdir("./35", 0777 [pid 7848] <... openat resumed>) = 3 [pid 5829] <... openat resumed>) = 3 [pid 5825] <... mkdir resumed>) = 0 [pid 7848] write(3, "1000", 4) = 4 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7848] close(3 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] <... openat resumed>) = 3 [pid 7848] <... close resumed>) = 0 [pid 7848] symlink("/dev/binderfs", "./binderfs" [pid 5825] ioctl(3, LOOP_CLR_FD [pid 7848] <... symlink resumed>) = 0 [pid 5829] close(3 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... close resumed>) = 0 [pid 5825] close(3 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7848] write(1, "executing program\n", 18 [pid 5825] <... close resumed>) = 0 executing program [pid 7848] <... write resumed>) = 18 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7848] fsopen(NULL, 0) = -1 EFAULT (Bad address) ./strace-static-x86_64: Process 7850 attached [pid 7848] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0./strace-static-x86_64: Process 7849 attached [pid 7850] set_robust_list(0x5555819eb760, 24 [pid 7848] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7847] <... write resumed>) = 16777216 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7849 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7850 [pid 7850] <... set_robust_list resumed>) = 0 [pid 7848] memfd_create("syzkaller", 0 [pid 7849] set_robust_list(0x5555819eb760, 24) = 0 [pid 7849] chdir("./50") = 0 [pid 7849] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7849] setpgid(0, 0 [pid 7848] <... memfd_create resumed>) = 3 [pid 7847] munmap(0x7f0eeb600000, 138412032 executing program [pid 7850] chdir("./35" [pid 7848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7849] <... setpgid resumed>) = 0 [pid 7848] <... mmap resumed>) = 0x7f0eeb600000 [pid 7850] <... chdir resumed>) = 0 [pid 7849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7849] write(3, "1000", 4) = 4 [pid 7849] close(3) = 0 [pid 7849] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7849] write(1, "executing program\n", 18) = 18 [pid 7849] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7849] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7849] memfd_create("syzkaller", 0 [pid 7850] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7849] <... memfd_create resumed>) = 3 [pid 7849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7850] <... prctl resumed>) = 0 [pid 7847] <... munmap resumed>) = 0 [pid 7850] setpgid(0, 0) = 0 [pid 7850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7850] write(3, "1000", 4 [pid 7847] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7850] <... write resumed>) = 4 [pid 7850] close(3 [pid 7847] <... openat resumed>) = 4 [pid 7850] <... close resumed>) = 0 [pid 7847] ioctl(4, LOOP_SET_FD, 3 [pid 7850] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7850] write(1, "executing program\n", 18) = 18 [pid 7850] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7850] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7850] memfd_create("syzkaller", 0) = 3 [pid 7850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7847] <... ioctl resumed>) = 0 [pid 7850] <... mmap resumed>) = 0x7f0eeb600000 [pid 7847] close(3) = 0 [pid 7847] close(4) = 0 [pid 7847] mkdir("./file0", 0777) = 0 [ 180.721126][ T7847] loop1: detected capacity change from 0 to 32768 [pid 7847] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7849] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7848] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7850] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7849] <... write resumed>) = 16777216 [pid 7849] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7849] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7849] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7849] close(3) = 0 [pid 7849] close(4) = 0 [pid 7849] mkdir("./file0", 0777) = 0 [ 181.088806][ T7849] loop4: detected capacity change from 0 to 32768 [pid 7849] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7848] <... write resumed>) = 16777216 [pid 7848] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7848] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7848] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7848] close(3) = 0 [pid 7848] close(4) = 0 [pid 7848] mkdir("./file0", 0777) = 0 [pid 7850] <... write resumed>) = 16777216 [pid 7850] munmap(0x7f0eeb600000, 138412032 [ 181.186969][ T7848] loop3: detected capacity change from 0 to 32768 [pid 7848] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7850] <... munmap resumed>) = 0 [pid 7850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7850] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7850] close(3) = 0 [pid 7850] close(4) = 0 [pid 7850] mkdir("./file0", 0777) = 0 [ 181.267737][ T7850] loop0: detected capacity change from 0 to 32768 [ 181.386513][ T7847] bcachefs (loop1): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 181.415616][ T7847] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 181.424196][ T7847] bcachefs (loop1): Version downgrade required: [ 181.430811][ T7847] bcachefs (loop1): Version upgrade required: [ 181.430811][ T7847] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 181.430811][ T7847] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 181.430811][ T7847] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 181.471879][ T7848] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 181.535437][ T7848] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 181.543866][ T7849] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 181.556710][ T7847] bcachefs (loop1): dropping and reconstructing all alloc info [ 181.562415][ T7849] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 181.572197][ T7850] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 181.581948][ T7850] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 181.614285][ T7847] bcachefs (loop1): accounting_read... done [ 181.620830][ T7847] bcachefs (loop1): alloc_read... done [ 181.637534][ T7847] bcachefs (loop1): stripes_read... done [ 181.643374][ T7847] bcachefs (loop1): snapshots_read... done [ 181.667443][ T7847] bcachefs (loop1): check_allocations... done [ 181.727489][ T7847] bcachefs (loop1): going read-write [pid 7850] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7847] <... mount resumed>) = 0 [pid 7847] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7847] chdir("./file0") = 0 [pid 7847] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7847] ioctl(4, LOOP_CLR_FD) = 0 [pid 7847] close(4 [pid 5827] <... umount2 resumed>) = 0 [pid 7847] <... close resumed>) = 0 [pid 7847] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7849] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7849] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7848] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7849] ioctl(3, LOOP_CLR_FD) = 0 [pid 7849] close(3 [pid 7848] openat(AT_FDCWD, "/dev/loop3", O_RDWR [ 181.804136][ T7847] bcachefs (loop1): done starting filesystem [ 181.826492][ T7849] bcachefs: bch2_fs_get_tree() error: EINVAL [ 181.844616][ T7848] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 5827] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7847] <... quotactl resumed>) = 0 [pid 7847] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7848] <... openat resumed>) = 3 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7848] ioctl(3, LOOP_CLR_FD [pid 5827] newfstatat(AT_FDCWD, "./40/file0", [pid 7848] <... ioctl resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7848] close(3 [pid 7847] <... openat resumed>) = 4 [pid 5827] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", [pid 7850] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7850] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7850] <... openat resumed>) = 3 [pid 5827] getdents64(4, [pid 7850] ioctl(3, LOOP_CLR_FD) = 0 [pid 7850] close(3 [pid 7847] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7847] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7847] open(".", O_RDONLY) = 5 [pid 7847] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, [pid 7847] exit_group(0) = ? [pid 7847] +++ exited with 0 +++ [pid 5827] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7847, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=32 /* 0.32 s */} --- [ 181.881481][ T7850] bcachefs: bch2_fs_get_tree() error: EINVAL [ 181.920018][ T2913] bucket incorrectly unset in freespace btree [pid 5827] close(4 [pid 5826] umount2("./51", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] <... close resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] rmdir("./40/file0") = 0 [pid 5826] <... openat resumed>) = 3 [pid 5827] getdents64(3, [pid 5826] newfstatat(3, "", [pid 5827] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] close(3 [pid 5826] getdents64(3, [pid 5827] <... close resumed>) = 0 [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] rmdir("./40" [pid 5826] umount2("./51/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... rmdir resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] mkdir("./41", 0777) = 0 [pid 5826] newfstatat(AT_FDCWD, "./51/binderfs", [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./51/binderfs") = 0 [pid 5826] umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 181.920058][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7882 attached [pid 7882] set_robust_list(0x5555819eb760, 24) = 0 [pid 7882] chdir("./41") = 0 [pid 7882] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7882] setpgid(0, 0 [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 7882 [pid 7882] <... setpgid resumed>) = 0 [pid 7882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7882] write(3, "1000", 4) = 4 [pid 7882] close(3) = 0 [pid 7882] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7882] write(1, "executing program\n", 18executing program ) = 18 [ 181.991815][ T5826] bcachefs (loop1): shutting down [ 182.008555][ T2913] bucket incorrectly unset in freespace btree [ 182.008578][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 7882] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7882] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7882] memfd_create("syzkaller", 0) = 3 [pid 7882] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7850] <... close resumed>) = 0 [ 182.049867][ T5826] bcachefs (loop1): going read-only [ 182.049895][ T5826] bcachefs (loop1): finished waiting for writes to stop [ 182.076748][ T5826] bcachefs (loop1): flushing journal and stopping allocators, journal seq 12 [pid 7850] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7849] <... close resumed>) = 0 [pid 7848] <... close resumed>) = 0 [pid 7848] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 182.208895][ T2913] bucket incorrectly unset in freespace btree [ 182.208918][ T2913] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 182.248350][ T2913] bucket incorrectly unset in freespace btree [pid 7849] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7882] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7850] <... quotactl resumed>) = 0 [pid 7849] <... quotactl resumed>) = 0 [pid 7848] <... quotactl resumed>) = 0 [pid 7850] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7849] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7848] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7849] <... openat resumed>) = 3 [pid 7849] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7848] <... openat resumed>) = 3 [pid 7849] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7848] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [ 182.248372][ T2913] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 182.267192][ T5826] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12 [ 182.283689][ T5826] bcachefs (loop1): unclean shutdown complete, journal seq 13 [ 182.292713][ T5826] bcachefs (loop1): done going read-only, filesystem not clean [pid 7848] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7850] <... openat resumed>) = 3 [pid 7849] <... quotactl resumed>) = 0 [pid 7848] <... quotactl resumed>) = 0 [pid 7850] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7848] open(".", O_RDONLY [pid 7850] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7850] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7849] open(".", O_RDONLY [pid 7848] <... open resumed>) = 4 [pid 7849] <... open resumed>) = 4 [pid 7848] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7849] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7849] exit_group(0) = ? [pid 7849] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7849, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=43 /* 0.43 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 7848] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7848] exit_group(0) = ? [pid 7848] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7848, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=58 /* 0.58 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5829] <... restart_syscall resumed>) = 0 [pid 7850] <... quotactl resumed>) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 7850] open(".", O_RDONLY [pid 5829] umount2("./50", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7850] <... open resumed>) = 4 [pid 7850] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7850] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7850] exit_group(0 [pid 5828] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7850] <... exit_group resumed>) = ? [pid 5828] <... openat resumed>) = 3 [pid 7850] +++ exited with 0 +++ [pid 5829] <... openat resumed>) = 3 [pid 5829] newfstatat(3, "", [pid 5828] newfstatat(3, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7850, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=44 /* 0.44 s */} --- [pid 5829] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5828] getdents64(3, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [ 182.319337][ T5826] bcachefs (loop1): shutdown complete [pid 5829] umount2("./50/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... restart_syscall resumed>) = 0 [pid 5829] newfstatat(AT_FDCWD, "./50/binderfs", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./50/binderfs" [pid 5825] umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... unlink resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(3, "", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] newfstatat(AT_FDCWD, "./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./52/binderfs", [pid 5825] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] unlink("./52/binderfs" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... unlink resumed>) = 0 [pid 5825] umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... openat resumed>) = 4 [pid 5828] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(4, "", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./35/binderfs", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] newfstatat(AT_FDCWD, "./52/file0", [pid 5829] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] unlink("./35/binderfs" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(4, [pid 5828] openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... unlink resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4 [pid 5828] <... openat resumed>) = 4 [pid 5829] <... close resumed>) = 0 [pid 5828] newfstatat(4, "", [pid 5829] rmdir("./50/file0" [pid 5825] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] getdents64(4, [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] newfstatat(AT_FDCWD, "./35/file0", [pid 5828] getdents64(4, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./50/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] close(4 [pid 5829] newfstatat(AT_FDCWD, "./50/file1", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... close resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] rmdir("./52/file0" [pid 5825] openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] unlink("./50/file1" [pid 5825] <... openat resumed>) = 4 [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5825] newfstatat(4, "", [pid 5828] umount2("./52/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(3, [pid 5828] newfstatat(AT_FDCWD, "./52/file1", [pid 5825] getdents64(4, [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] close(3 [pid 5828] unlink("./52/file1" [pid 5825] getdents64(4, [pid 5829] <... close resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] rmdir("./50" [pid 5828] <... unlink resumed>) = 0 [pid 5825] close(4 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] getdents64(3, [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./35/file0" [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5828] close(3 [pid 5829] mkdir("./51", 0777 [pid 5828] <... close resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5825] umount2("./35/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./35/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] unlink("./35/file1" [pid 5829] <... openat resumed>) = 3 [pid 5825] <... unlink resumed>) = 0 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] getdents64(3, [pid 5829] close(3) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] rmdir("./52" [pid 5825] close(3 [pid 5828] <... rmdir resumed>) = 0 [pid 5828] mkdir("./53", 0777./strace-static-x86_64: Process 7883 attached [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./35" [pid 7883] set_robust_list(0x5555819eb760, 24 [pid 5828] <... mkdir resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 7883] <... set_robust_list resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7883] chdir("./51" [pid 5828] <... openat resumed>) = 3 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7883 [pid 5825] mkdir("./36", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7884 attached , child_tidptr=0x5555819eb750) = 7884 [pid 7884] set_robust_list(0x5555819eb760, 24) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 7884] chdir("./36") = 0 [pid 7884] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7884] setpgid(0, 0) = 0 [pid 7884] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7884] <... openat resumed>) = 3 [pid 7883] <... chdir resumed>) = 0 [pid 5828] close(3 [pid 7883] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... close resumed>) = 0 [pid 7884] write(3, "1000", 4) = 4 [pid 7883] <... prctl resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7884] close(3) = 0 [pid 7883] setpgid(0, 0 [pid 7884] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 7884] write(1, "executing program\n", 18) = 18 [pid 7884] fsopen(NULL, 0) = -1 EFAULT (Bad address) ./strace-static-x86_64: Process 7885 attached [pid 7884] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7885] set_robust_list(0x5555819eb760, 24 [pid 7884] memfd_create("syzkaller", 0 [pid 7883] <... setpgid resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7885 [pid 7885] <... set_robust_list resumed>) = 0 [pid 7884] <... memfd_create resumed>) = 3 [pid 7883] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7885] chdir("./53" [pid 7883] <... openat resumed>) = 3 [pid 7885] <... chdir resumed>) = 0 [pid 7883] write(3, "1000", 4 [pid 7885] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7883] <... write resumed>) = 4 [pid 7885] <... prctl resumed>) = 0 [pid 7883] close(3 [pid 7885] setpgid(0, 0 [pid 7883] <... close resumed>) = 0 [pid 7885] <... setpgid resumed>) = 0 [pid 7883] symlink("/dev/binderfs", "./binderfs" [pid 7885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7883] <... symlink resumed>) = 0 [pid 7885] <... openat resumed>) = 3 [pid 7883] write(1, "executing program\n", 18executing program ) = 18 [pid 7885] write(3, "1000", 4 [pid 7883] fsopen(NULL, 0 [pid 7885] <... write resumed>) = 4 [pid 7883] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7885] close(3 [pid 7883] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7885] <... close resumed>) = 0 [pid 7883] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7885] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7885] write(1, "executing program\n", 18 [pid 7883] memfd_create("syzkaller", 0executing program [pid 7885] <... write resumed>) = 18 [pid 7883] <... memfd_create resumed>) = 3 [pid 7885] fsopen(NULL, 0 [pid 7883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7885] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7883] <... mmap resumed>) = 0x7f0eeb600000 [pid 7885] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7885] memfd_create("syzkaller", 0) = 3 [pid 7885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7882] <... write resumed>) = 16777216 [pid 7882] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7882] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7882] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7882] close(3) = 0 [pid 7882] close(4) = 0 [pid 7882] mkdir("./file0", 0777) = 0 [ 182.569828][ T7882] loop2: detected capacity change from 0 to 32768 [pid 7882] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7884] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7883] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7885] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7884] <... write resumed>) = 16777216 [pid 7884] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7884] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7884] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7884] close(3) = 0 [pid 7884] close(4) = 0 [pid 7884] mkdir("./file0", 0777) = 0 [ 182.836185][ T7884] loop0: detected capacity change from 0 to 32768 [pid 7884] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7885] <... write resumed>) = 16777216 [pid 7885] munmap(0x7f0eeb600000, 138412032 [pid 7883] <... write resumed>) = 16777216 [pid 7883] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7883] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7885] <... munmap resumed>) = 0 [pid 7883] ioctl(4, LOOP_SET_FD, 3 [pid 7885] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7885] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7883] <... ioctl resumed>) = 0 [pid 7883] close(3 [pid 7885] close(3 [pid 7883] <... close resumed>) = 0 [pid 7885] <... close resumed>) = 0 [pid 7885] close(4 [pid 7883] close(4 [pid 7885] <... close resumed>) = 0 [pid 7885] mkdir("./file0", 0777) = 0 [pid 7885] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7883] <... close resumed>) = 0 [ 183.006414][ T7883] loop4: detected capacity change from 0 to 32768 [ 183.017801][ T7885] loop3: detected capacity change from 0 to 32768 [pid 7883] mkdir("./file0", 0777) = 0 [ 183.142658][ T7882] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 183.195297][ T7884] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 183.221866][ T7882] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 183.230339][ T7884] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 183.238486][ T7882] bcachefs (loop2): Version downgrade required: [ 183.238761][ T7882] bcachefs (loop2): Version upgrade required: [ 183.238761][ T7882] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 183.238761][ T7882] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 183.238761][ T7882] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 183.247450][ T7885] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 183.324508][ T7885] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 183.333047][ T7883] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 183.344061][ T7883] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7883] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 5826] <... umount2 resumed>) = 0 [pid 5826] umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./51/file0") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./51") = 0 [ 183.470098][ T7882] bcachefs (loop2): dropping and reconstructing all alloc info [pid 5826] mkdir("./52", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7915 attached [pid 7915] set_robust_list(0x5555819eb760, 24) = 0 [pid 7915] chdir("./52") = 0 [pid 7915] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7885] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7915 [pid 7915] <... prctl resumed>) = 0 [pid 7915] setpgid(0, 0) = 0 [pid 7915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7915] write(3, "1000", 4) = 4 [pid 7915] close(3) = 0 [pid 7915] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 7915] write(1, "executing program\n", 18) = 18 [pid 7885] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7915] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7915] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [ 183.529476][ T7882] bcachefs (loop2): accounting_read... [ 183.558395][ T7885] bcachefs: bch2_fs_get_tree() error: EINVAL [ 183.570600][ T7882] done [ 183.573432][ T7882] bcachefs (loop2): alloc_read... done [ 183.596538][ T7882] bcachefs (loop2): stripes_read... done [ 183.599103][ T7884] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7915] memfd_create("syzkaller", 0) = 3 [pid 7885] <... openat resumed>) = 3 [pid 7915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7885] ioctl(3, LOOP_CLR_FD [pid 7884] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7885] <... ioctl resumed>) = 0 [pid 7885] close(3 [pid 7884] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 7884] ioctl(3, LOOP_CLR_FD) = 0 [ 183.602284][ T7882] bcachefs (loop2): snapshots_read... done [ 183.629321][ T7882] bcachefs (loop2): check_allocations... done [ 183.717454][ T7882] bcachefs (loop2): going read-write [pid 7884] close(3 [pid 7883] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7883] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7883] ioctl(3, LOOP_CLR_FD) = 0 [ 183.758312][ T7883] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7883] close(3 [pid 7882] <... mount resumed>) = 0 [pid 7882] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7882] chdir("./file0") = 0 [ 183.799007][ T7882] bcachefs (loop2): done starting filesystem [pid 7882] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7882] ioctl(4, LOOP_CLR_FD) = 0 [pid 7882] close(4 [pid 7885] <... close resumed>) = 0 [pid 7882] <... close resumed>) = 0 [pid 7882] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7885] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7915] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7885] <... quotactl resumed>) = 0 [pid 7882] <... quotactl resumed>) = 0 [pid 7885] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 7882] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7885] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7882] <... openat resumed>) = 4 [pid 7885] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7882] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7882] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7885] <... quotactl resumed>) = 0 [pid 7882] <... quotactl resumed>) = 0 [pid 7885] open(".", O_RDONLY [pid 7882] open(".", O_RDONLY [pid 7885] <... open resumed>) = 4 [pid 7882] <... open resumed>) = 5 [pid 7882] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7885] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7885] exit_group(0 [pid 7882] <... fallocate resumed>) = 0 [pid 7885] <... exit_group resumed>) = ? [pid 7882] exit_group(0 [pid 7885] +++ exited with 0 +++ [pid 7882] <... exit_group resumed>) = ? [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7885, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=49 /* 0.49 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 7882] +++ exited with 0 +++ [pid 5828] umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7882, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=34 /* 0.34 s */} --- [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./53/binderfs") = 0 [pid 5828] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5827] umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] rmdir("./53/file0" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... rmdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] umount2("./53/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(3, "", [pid 5828] newfstatat(AT_FDCWD, "./53/file1", [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./41/binderfs" [pid 5828] unlink("./53/file1" [pid 5827] <... unlink resumed>) = 0 [pid 5827] umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... unlink resumed>) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./53") = 0 [pid 5828] mkdir("./54", 0777) = 0 [ 183.962865][ T2913] bucket incorrectly unset in freespace btree [ 183.962898][ T2913] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7918 attached [pid 7884] <... close resumed>) = 0 [pid 7883] <... close resumed>) = 0 [pid 7884] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7918] set_robust_list(0x5555819eb760, 24 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7918 [ 184.019336][ T5827] bcachefs (loop2): shutting down [ 184.024511][ T5827] bcachefs (loop2): going read-only [ 184.037282][ T2913] bucket incorrectly unset in freespace btree [ 184.037301][ T2913] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [ 184.055930][ T5827] bcachefs (loop2): finished waiting for writes to stop [pid 7918] <... set_robust_list resumed>) = 0 [pid 7883] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7918] chdir("./54") = 0 [pid 7918] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7918] setpgid(0, 0) = 0 [pid 7918] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7918] write(3, "1000", 4) = 4 [pid 7918] close(3) = 0 [pid 7918] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7918] write(1, "executing program\n", 18executing program ) = 18 [pid 7918] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7918] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7918] memfd_create("syzkaller", 0) = 3 [pid 7918] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 184.072334][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [ 184.103498][ T77] bucket incorrectly unset in freespace btree [ 184.103521][ T77] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 184.129206][ T77] bucket incorrectly unset in freespace btree [ 184.129227][ T77] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 184.161239][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [pid 7884] <... quotactl resumed>) = 0 [pid 7883] <... quotactl resumed>) = 0 [pid 7884] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7883] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7884] <... openat resumed>) = 3 [pid 7883] <... openat resumed>) = 3 [ 184.178780][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 184.198239][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 7884] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7918] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7884] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7883] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7883] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7883] open(".", O_RDONLY [pid 7884] <... quotactl resumed>) = 0 [pid 7883] <... open resumed>) = 4 [pid 7884] open(".", O_RDONLY [pid 7883] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7884] <... open resumed>) = 4 [pid 7884] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7883] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7884] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7884] exit_group(0 [pid 7883] exit_group(0 [pid 7884] <... exit_group resumed>) = ? [pid 7883] <... exit_group resumed>) = ? [pid 7884] +++ exited with 0 +++ [pid 7883] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7884, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=43 /* 0.43 s */} --- [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7883, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=47 /* 0.47 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5829] <... restart_syscall resumed>) = 0 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5829] umount2("./51", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7915] <... write resumed>) = 16777216 [pid 5829] <... openat resumed>) = 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7915] munmap(0x7f0eeb600000, 138412032 [pid 5829] newfstatat(3, "", [pid 5825] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5829] getdents64(3, [pid 5825] newfstatat(3, "", [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] umount2("./51/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] getdents64(3, [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] newfstatat(AT_FDCWD, "./51/binderfs", [pid 5825] umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./51/binderfs" [pid 5825] newfstatat(AT_FDCWD, "./36/binderfs", [pid 5829] <... unlink resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] unlink("./36/binderfs" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... unlink resumed>) = 0 [pid 5829] newfstatat(AT_FDCWD, "./51/file0", [pid 5825] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./36/file0", [pid 5829] openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... openat resumed>) = 4 [pid 5825] umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(4, "", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] getdents64(4, [pid 5825] <... openat resumed>) = 4 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] newfstatat(4, "", [pid 5829] getdents64(4, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] getdents64(4, [pid 5829] close(4) = 0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] rmdir("./51/file0") = 0 [pid 5829] umount2("./51/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./51/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./51/file1") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 5825] getdents64(4, [pid 5829] <... close resumed>) = 0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] rmdir("./51" [pid 5825] close(4 [pid 5829] <... rmdir resumed>) = 0 [pid 5829] mkdir("./52", 0777 [pid 5825] <... close resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [ 184.242814][ T5827] bcachefs (loop2): shutdown complete [pid 5825] rmdir("./36/file0" [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3 [pid 5825] <... rmdir resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 7915] <... munmap resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] umount2("./36/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 7919 attached [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7919 [pid 7919] set_robust_list(0x5555819eb760, 24) = 0 [pid 7919] chdir("./52" [pid 7915] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./36/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7919] <... chdir resumed>) = 0 [pid 5825] unlink("./36/file1" [pid 7919] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7915] <... openat resumed>) = 4 [pid 7919] <... prctl resumed>) = 0 [pid 7915] ioctl(4, LOOP_SET_FD, 3 [pid 7919] setpgid(0, 0 [pid 5825] <... unlink resumed>) = 0 [pid 7919] <... setpgid resumed>) = 0 [pid 7919] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5825] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 7919] write(3, "1000", 4 [pid 5825] rmdir("./36" [pid 7919] <... write resumed>) = 4 [pid 7919] close(3) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 7919] symlink("/dev/binderfs", "./binderfs" [pid 5825] mkdir("./37", 0777executing program [pid 7919] <... symlink resumed>) = 0 [pid 7919] write(1, "executing program\n", 18) = 18 [pid 5825] <... mkdir resumed>) = 0 [pid 7919] fsopen(NULL, 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7919] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7919] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 5825] <... openat resumed>) = 3 [pid 7919] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 5825] ioctl(3, LOOP_CLR_FD [pid 7919] memfd_create("syzkaller", 0 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7919] <... memfd_create resumed>) = 3 [pid 5825] close(3 [pid 7919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] <... close resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7915] <... ioctl resumed>) = 0 [pid 7919] <... mmap resumed>) = 0x7f0eeb600000 [pid 7915] close(3) = 0 ./strace-static-x86_64: Process 7920 attached [pid 7915] close(4) = 0 [pid 7915] mkdir("./file0", 0777) = 0 [pid 7915] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7920] set_robust_list(0x5555819eb760, 24 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7920 [pid 7920] <... set_robust_list resumed>) = 0 [pid 7920] chdir("./37") = 0 [pid 7920] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7920] setpgid(0, 0) = 0 [pid 7920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7920] write(3, "1000", 4) = 4 [pid 7920] close(3) = 0 [ 184.319590][ T7915] loop1: detected capacity change from 0 to 32768 executing program [pid 7920] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7920] write(1, "executing program\n", 18) = 18 [pid 7920] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7920] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7920] memfd_create("syzkaller", 0) = 3 [pid 7920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7919] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7918] <... write resumed>) = 16777216 [pid 7918] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7918] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7918] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7918] close(3) = 0 [pid 7918] close(4) = 0 [pid 7918] mkdir("./file0", 0777) = 0 [ 184.580657][ T7918] loop3: detected capacity change from 0 to 32768 [pid 7918] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7920] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7919] <... write resumed>) = 16777216 [pid 7919] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7919] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7919] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7919] close(3) = 0 [pid 7919] close(4) = 0 [pid 7919] mkdir("./file0", 0777) = 0 [ 184.694587][ T7919] loop4: detected capacity change from 0 to 32768 [ 184.758030][ T7915] bcachefs (loop1): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 184.801767][ T7915] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 184.810709][ T7915] bcachefs (loop1): Version downgrade required: [ 184.817875][ T7915] bcachefs (loop1): Version upgrade required: [ 184.817875][ T7915] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 184.817875][ T7915] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [pid 7919] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7920] <... write resumed>) = 16777216 [ 184.817875][ T7915] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 184.865606][ T7918] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 184.891991][ T7915] bcachefs (loop1): dropping and reconstructing all alloc info [pid 7920] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7920] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 184.900659][ T7918] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 7920] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7920] close(3) = 0 [pid 7920] close(4) = 0 [pid 7920] mkdir("./file0", 0777) = 0 [ 184.930783][ T7915] bcachefs (loop1): accounting_read... [ 184.938870][ T7920] loop0: detected capacity change from 0 to 32768 [ 184.954915][ T7919] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 184.968576][ T7915] done [ 184.971410][ T7915] bcachefs (loop1): alloc_read... done [ 184.983302][ T7915] bcachefs (loop1): stripes_read... done [ 184.998848][ T7915] bcachefs (loop1): snapshots_read... done [ 185.004816][ T7915] bcachefs (loop1): check_allocations... [ 185.016253][ T7919] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 185.036106][ T7915] done [ 185.041899][ T7915] bcachefs (loop1): going read-write [pid 7920] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7915] <... mount resumed>) = 0 [pid 7915] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 7915] chdir("./file0") = 0 [pid 7915] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7915] ioctl(4, LOOP_CLR_FD) = 0 [pid 7915] close(4) = 0 [pid 7915] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7915] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7915] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7915] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [ 185.069529][ T7915] bcachefs (loop1): done starting filesystem [pid 7915] open(".", O_RDONLY) = 5 [pid 7915] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 7915] exit_group(0) = ? [pid 7915] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7915, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=36 /* 0.36 s */} --- [ 185.154724][ T77] bucket incorrectly unset in freespace btree [ 185.154759][ T77] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 5826] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5826] umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./52/binderfs") = 0 [ 185.162227][ T7920] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 185.162298][ T7920] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 5826] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7918] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7918] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7918] ioctl(3, LOOP_CLR_FD) = 0 [ 185.241464][ T5826] bcachefs (loop1): shutting down [ 185.241486][ T5826] bcachefs (loop1): going read-only [ 185.241508][ T5826] bcachefs (loop1): finished waiting for writes to stop [ 185.257448][ T5826] bcachefs (loop1): flushing journal and stopping allocators, journal seq 11 [ 185.311127][ T7918] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7918] close(3 [pid 7919] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7919] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7919] ioctl(3, LOOP_CLR_FD [pid 7920] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7919] <... ioctl resumed>) = 0 [pid 7919] close(3 [pid 7920] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 7920] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] <... umount2 resumed>) = 0 [pid 7920] close(3 [pid 5827] umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 185.398791][ T7919] bcachefs: bch2_fs_get_tree() error: EINVAL [ 185.402999][ T7920] bcachefs: bch2_fs_get_tree() error: EINVAL [ 185.421905][ T77] bucket incorrectly unset in freespace btree [ 185.421926][ T77] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [pid 5827] newfstatat(AT_FDCWD, "./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./41/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./41") = 0 [pid 5827] mkdir("./42", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 7952 [ 185.547007][ T2913] bucket incorrectly unset in freespace btree [ 185.547029][ T2913] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [ 185.568361][ T2913] bucket incorrectly unset in freespace btree [ 185.568382][ T2913] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing ./strace-static-x86_64: Process 7952 attached [pid 7952] set_robust_list(0x5555819eb760, 24) = 0 [pid 7918] <... close resumed>) = 0 [pid 7952] chdir("./42" [pid 7918] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7952] <... chdir resumed>) = 0 [pid 7952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7952] setpgid(0, 0) = 0 [pid 7952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7952] write(3, "1000", 4) = 4 [pid 7952] close(3) = 0 [pid 7952] symlink("/dev/binderfs", "./binderfs" [pid 7920] <... close resumed>) = 0 [pid 7952] <... symlink resumed>) = 0 executing program [pid 7952] write(1, "executing program\n", 18 [pid 7920] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7952] <... write resumed>) = 18 [pid 7952] fsopen(NULL, 0) = -1 EFAULT (Bad address) [ 185.626166][ T5826] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12 [ 185.665611][ T5826] bcachefs (loop1): unclean shutdown complete, journal seq 13 [pid 7919] <... close resumed>) = 0 [pid 7952] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7919] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7952] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7920] <... quotactl resumed>) = 0 [pid 7919] <... quotactl resumed>) = 0 [pid 7918] <... quotactl resumed>) = 0 [pid 7920] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7919] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7918] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7952] memfd_create("syzkaller", 0 [pid 7920] <... openat resumed>) = 3 [pid 7918] <... openat resumed>) = 3 [pid 7918] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7919] <... openat resumed>) = 3 [pid 7918] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7952] <... memfd_create resumed>) = 3 [pid 7952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7918] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7919] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7952] <... mmap resumed>) = 0x7f0eeb600000 [pid 7920] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7919] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7920] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7919] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7918] <... quotactl resumed>) = 0 [pid 7920] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7919] <... quotactl resumed>) = 0 [pid 7920] <... quotactl resumed>) = 0 [pid 7919] open(".", O_RDONLY [pid 7918] open(".", O_RDONLY [pid 7920] open(".", O_RDONLY [pid 7919] <... open resumed>) = 4 [pid 7920] <... open resumed>) = 4 [pid 7919] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7920] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7919] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7920] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7919] exit_group(0 [pid 7918] <... open resumed>) = 4 [pid 7920] exit_group(0 [pid 7919] <... exit_group resumed>) = ? [pid 7918] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7920] <... exit_group resumed>) = ? [pid 7918] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7918] exit_group(0) = ? [pid 7920] +++ exited with 0 +++ [pid 7918] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7918, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=47 /* 0.47 s */} --- [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7920, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=40 /* 0.40 s */} --- [pid 7919] +++ exited with 0 +++ [pid 5825] umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7919, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=46 /* 0.46 s */} --- [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5825] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 185.689993][ T5826] bcachefs (loop1): done going read-only, filesystem not clean [ 185.726716][ T5826] bcachefs (loop1): shutdown complete [pid 5825] newfstatat(3, "", [pid 5829] <... restart_syscall resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, [pid 5829] umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... openat resumed>) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(3, "", [pid 5828] getdents64(3, [pid 5825] newfstatat(AT_FDCWD, "./37/binderfs", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] getdents64(3, [pid 5828] umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] unlink("./37/binderfs" [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... unlink resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./52/binderfs", [pid 5828] newfstatat(AT_FDCWD, "./54/binderfs", [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./52/binderfs" [pid 5828] unlink("./54/binderfs" [pid 5829] <... unlink resumed>) = 0 [pid 5825] newfstatat(AT_FDCWD, "./37/file0", [pid 5828] <... unlink resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] newfstatat(AT_FDCWD, "./52/file0", [pid 5828] newfstatat(AT_FDCWD, "./54/file0", [pid 5825] <... openat resumed>) = 4 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] newfstatat(4, "", [pid 5829] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(4, [pid 5829] openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... openat resumed>) = 4 [pid 5828] <... openat resumed>) = 4 [pid 5825] getdents64(4, [pid 5828] newfstatat(4, "", [pid 5829] newfstatat(4, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5825] close(4 [pid 5829] getdents64(4, [pid 5825] <... close resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] rmdir("./37/file0" [pid 5829] getdents64(4, [pid 5828] getdents64(4, [pid 5825] <... rmdir resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] close(4 [pid 5829] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5829] rmdir("./52/file0" [pid 5825] umount2("./37/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... rmdir resumed>) = 0 [pid 5828] rmdir("./54/file0" [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... rmdir resumed>) = 0 [pid 5825] newfstatat(AT_FDCWD, "./37/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./52/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] unlink("./37/file1" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./54/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... unlink resumed>) = 0 [pid 5829] newfstatat(AT_FDCWD, "./52/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] unlink("./52/file1" [pid 5828] newfstatat(AT_FDCWD, "./54/file1", [pid 5825] getdents64(3, [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] unlink("./54/file1" [pid 5825] close(3 [pid 5829] getdents64(3, [pid 5828] <... unlink resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5825] rmdir("./37" [pid 5829] close(3 [pid 5828] getdents64(3, [pid 5825] <... rmdir resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] rmdir("./52" [pid 7952] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] close(3 [pid 5825] mkdir("./38", 0777 [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./54") = 0 [pid 5829] mkdir("./53", 0777) = 0 [pid 5828] mkdir("./55", 0777 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] <... mkdir resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5825] <... mkdir resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5825] <... openat resumed>) = 3 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5829] close(3 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... close resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5825] close(3 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5825] <... close resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] close(3./strace-static-x86_64: Process 7954 attached ) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7954 ./strace-static-x86_64: Process 7953 attached [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7954] set_robust_list(0x5555819eb760, 24 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7953 [pid 7954] <... set_robust_list resumed>) = 0 [pid 7954] chdir("./38") = 0 [pid 7954] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7955 [pid 7954] <... prctl resumed>) = 0 [pid 7954] setpgid(0, 0) = 0 [pid 7954] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 7955 attached [pid 7953] set_robust_list(0x5555819eb760, 24executing program [pid 7955] set_robust_list(0x5555819eb760, 24 [pid 7953] <... set_robust_list resumed>) = 0 [pid 7954] write(3, "1000", 4) = 4 [pid 7954] close(3) = 0 [pid 7954] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7954] write(1, "executing program\n", 18) = 18 [pid 7954] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7954] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7954] memfd_create("syzkaller", 0) = 3 [pid 7954] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7955] <... set_robust_list resumed>) = 0 [pid 7953] chdir("./53" [pid 7955] chdir("./55" [pid 7953] <... chdir resumed>) = 0 [pid 7955] <... chdir resumed>) = 0 [pid 7953] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7955] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7953] <... prctl resumed>) = 0 [pid 7955] <... prctl resumed>) = 0 [pid 7955] setpgid(0, 0 [pid 7953] setpgid(0, 0 [pid 7955] <... setpgid resumed>) = 0 [pid 7953] <... setpgid resumed>) = 0 [pid 7955] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7953] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7955] <... openat resumed>) = 3 [pid 7953] <... openat resumed>) = 3 [pid 7953] write(3, "1000", 4 [pid 7955] write(3, "1000", 4 [pid 7953] <... write resumed>) = 4 [pid 7953] close(3 [pid 7955] <... write resumed>) = 4 [pid 7953] <... close resumed>) = 0 [pid 7955] close(3 [pid 7953] symlink("/dev/binderfs", "./binderfs" [pid 7955] <... close resumed>) = 0 [pid 7955] symlink("/dev/binderfs", "./binderfs" [pid 7953] <... symlink resumed>) = 0 executing program executing program [pid 7955] <... symlink resumed>) = 0 [pid 7953] write(1, "executing program\n", 18 [pid 7955] write(1, "executing program\n", 18 [pid 7953] <... write resumed>) = 18 [pid 7955] <... write resumed>) = 18 [pid 7953] fsopen(NULL, 0 [pid 7955] fsopen(NULL, 0 [pid 7953] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7955] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7955] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7953] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7955] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7953] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7955] memfd_create("syzkaller", 0 [pid 7953] memfd_create("syzkaller", 0 [pid 7955] <... memfd_create resumed>) = 3 [pid 7953] <... memfd_create resumed>) = 3 [pid 7955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7955] <... mmap resumed>) = 0x7f0eeb600000 [pid 7953] <... mmap resumed>) = 0x7f0eeb600000 [pid 7954] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7952] <... write resumed>) = 16777216 [pid 7952] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7952] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7952] ioctl(4, LOOP_SET_FD, 3 [pid 7955] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7952] <... ioctl resumed>) = 0 [pid 7953] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7952] close(3) = 0 [pid 7952] close(4) = 0 [pid 7952] mkdir("./file0", 0777) = 0 [ 186.166398][ T7952] loop2: detected capacity change from 0 to 32768 [pid 7952] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7954] <... write resumed>) = 16777216 [pid 7954] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7954] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7954] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7954] close(3) = 0 [pid 7954] close(4) = 0 [pid 7954] mkdir("./file0", 0777) = 0 [pid 7954] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7955] <... write resumed>) = 16777216 [pid 7953] <... write resumed>) = 16777216 [pid 7953] munmap(0x7f0eeb600000, 138412032 [ 186.396693][ T7954] loop0: detected capacity change from 0 to 32768 [pid 7955] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7953] <... munmap resumed>) = 0 [pid 7955] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7953] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7955] <... openat resumed>) = 4 [pid 7953] ioctl(4, LOOP_SET_FD, 3 [pid 7955] ioctl(4, LOOP_SET_FD, 3 [pid 7953] <... ioctl resumed>) = 0 [pid 7953] close(3) = 0 [pid 7953] close(4 [pid 7955] <... ioctl resumed>) = 0 [pid 7953] <... close resumed>) = 0 [pid 7953] mkdir("./file0", 0777 [pid 7955] close(3 [pid 7953] <... mkdir resumed>) = 0 [pid 7955] <... close resumed>) = 0 [pid 7953] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7955] close(4) = 0 [pid 7955] mkdir("./file0", 0777) = 0 [ 186.479260][ T7953] loop4: detected capacity change from 0 to 32768 [ 186.480567][ T7955] loop3: detected capacity change from 0 to 32768 [ 186.664522][ T7952] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 186.671365][ T7954] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 186.691167][ T7952] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 186.708519][ T7952] bcachefs (loop2): Version downgrade required: [ 186.714993][ T7952] bcachefs (loop2): Version upgrade required: [ 186.714993][ T7952] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 186.714993][ T7952] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 186.714993][ T7952] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 186.745919][ T7953] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 186.795535][ T7952] bcachefs (loop2): dropping and reconstructing all alloc info [ 186.804157][ T7955] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 186.815633][ T7955] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 186.820692][ T7954] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 186.823890][ T7953] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 186.910328][ T7952] bcachefs (loop2): accounting_read... done [ 186.927654][ T7952] bcachefs (loop2): alloc_read... done [ 186.933216][ T7952] bcachefs (loop2): stripes_read... done [ 186.965975][ T7952] bcachefs (loop2): snapshots_read... done [ 186.971982][ T7952] bcachefs (loop2): check_allocations... [ 187.067249][ T7953] bcachefs: bch2_fs_get_tree() error: EINVAL [ 187.094564][ T7952] done [ 187.104960][ T7954] bcachefs: bch2_fs_get_tree() error: EINVAL [ 187.107454][ T7952] bcachefs (loop2): going read-write [pid 7955] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7953] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = 0 [pid 7954] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7953] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7954] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7954] <... openat resumed>) = 3 [pid 7953] <... openat resumed>) = 3 [pid 7954] ioctl(3, LOOP_CLR_FD [pid 7953] ioctl(3, LOOP_CLR_FD [pid 5826] newfstatat(AT_FDCWD, "./52/file0", [pid 7953] <... ioctl resumed>) = 0 [pid 7953] close(3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7954] <... ioctl resumed>) = 0 [pid 7954] close(3 [pid 5826] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./52/file0") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./52") = 0 [pid 5826] mkdir("./53", 0777) = 0 [pid 7952] <... mount resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 7955] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7955] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] close(3) = 0 [pid 7955] <... openat resumed>) = 3 [pid 7955] ioctl(3, LOOP_CLR_FD [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7955] <... ioctl resumed>) = 0 [pid 7955] close(3 [pid 7952] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 7987 [pid 7952] chdir("./file0") = 0 [pid 7952] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7952] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 7987 attached ) = 0 [pid 7952] close(4 [pid 7987] set_robust_list(0x5555819eb760, 24 [pid 7952] <... close resumed>) = 0 [pid 7952] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7987] <... set_robust_list resumed>) = 0 [ 187.157053][ T7952] bcachefs (loop2): done starting filesystem [ 187.157530][ T7955] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 7987] chdir("./53" [pid 7952] <... quotactl resumed>) = 0 [pid 7952] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 7952] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7952] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7952] open(".", O_RDONLY) = 5 [pid 7987] <... chdir resumed>) = 0 [pid 7987] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7952] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7987] setpgid(0, 0) = 0 [pid 7987] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7952] <... fallocate resumed>) = 0 [pid 7987] write(3, "1000", 4) = 4 [pid 7952] exit_group(0) = ? [pid 7987] close(3 [pid 7952] +++ exited with 0 +++ [pid 7987] <... close resumed>) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7952, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=42 /* 0.42 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", [pid 7987] symlink("/dev/binderfs", "./binderfs" [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./42/binderfs") = 0 [pid 5827] umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 7987] <... symlink resumed>) = 0 [pid 7987] write(1, "executing program\n", 18) = 18 [pid 7987] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7987] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7987] memfd_create("syzkaller", 0) = 3 [pid 7987] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 187.277464][ T61] bucket incorrectly unset in freespace btree [ 187.277500][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 187.306064][ T5827] bcachefs (loop2): shutting down [ 187.306085][ T5827] bcachefs (loop2): going read-only [pid 7953] <... close resumed>) = 0 [ 187.306106][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 187.361991][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 11 [ 187.430585][ T61] bucket incorrectly unset in freespace btree [ 187.430607][ T61] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [pid 7953] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7954] <... close resumed>) = 0 [ 187.472328][ T61] bucket incorrectly unset in freespace btree [ 187.472359][ T61] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [ 187.511190][ T61] bucket incorrectly unset in freespace btree [pid 7954] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7955] <... close resumed>) = 0 [ 187.511210][ T61] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [ 187.550090][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [pid 7955] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 7987] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7955] <... quotactl resumed>) = 0 [pid 7954] <... quotactl resumed>) = 0 [pid 7953] <... quotactl resumed>) = 0 [pid 7955] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7954] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7953] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7955] <... openat resumed>) = 3 [pid 7954] <... openat resumed>) = 3 [pid 7953] <... openat resumed>) = 3 [pid 7955] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7954] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7953] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7954] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7953] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7954] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7953] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7955] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7955] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 7954] <... quotactl resumed>) = 0 [pid 7955] open(".", O_RDONLY [pid 7954] open(".", O_RDONLY [pid 7955] <... open resumed>) = 4 [pid 7954] <... open resumed>) = 4 [pid 7955] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7954] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 7955] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7954] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 7955] exit_group(0 [pid 7954] exit_group(0 [pid 7955] <... exit_group resumed>) = ? [pid 7954] <... exit_group resumed>) = ? [pid 7955] +++ exited with 0 +++ [pid 7954] +++ exited with 0 +++ [pid 7953] <... quotactl resumed>) = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7955, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=46 /* 0.46 s */} --- [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7954, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=44 /* 0.44 s */} --- [pid 7953] open(".", O_RDONLY [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 7953] <... open resumed>) = 4 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5828] umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7953] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7953] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7953] exit_group(0 [pid 5828] <... openat resumed>) = 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(3, "", [pid 5825] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7953] <... exit_group resumed>) = ? [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... openat resumed>) = 3 [pid 7953] +++ exited with 0 +++ [pid 5828] getdents64(3, [pid 5825] newfstatat(3, "", [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7953, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=51 /* 0.51 s */} --- [pid 5828] umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./55/binderfs", [pid 5825] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] unlink("./55/binderfs") = 0 [pid 5825] umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... restart_syscall resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./55/file0", [pid 5825] newfstatat(AT_FDCWD, "./38/binderfs", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 187.568046][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 187.577225][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [ 187.609688][ T5827] bcachefs (loop2): shutdown complete [pid 5829] umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] unlink("./38/binderfs" [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... unlink resumed>) = 0 [pid 5829] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] newfstatat(3, "", [pid 5828] newfstatat(4, "", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, [pid 5828] getdents64(4, [pid 5825] newfstatat(AT_FDCWD, "./38/file0", [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(4, [pid 5825] umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./53/binderfs", [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] close(4 [pid 5825] openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] unlink("./53/binderfs" [pid 5828] <... close resumed>) = 0 [pid 5825] <... openat resumed>) = 4 [pid 5829] <... unlink resumed>) = 0 [pid 5828] rmdir("./55/file0" [pid 5825] newfstatat(4, "", [pid 5829] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... rmdir resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(4, [pid 5829] newfstatat(AT_FDCWD, "./53/file0", [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./55/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] getdents64(4, [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... openat resumed>) = 4 [pid 5828] newfstatat(AT_FDCWD, "./55/file1", [pid 5825] close(4 [pid 5829] newfstatat(4, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... close resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] unlink("./55/file1" [pid 5825] rmdir("./38/file0" [pid 5829] getdents64(4, [pid 5828] <... unlink resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, [pid 5828] getdents64(3, [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5825] umount2("./38/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] rmdir("./53/file0" [pid 5828] close(3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... close resumed>) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5828] rmdir("./55" [pid 5825] newfstatat(AT_FDCWD, "./38/file1", [pid 5828] <... rmdir resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./38/file1") = 0 [pid 5829] umount2("./53/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] mkdir("./56", 0777) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(3, [pid 5829] newfstatat(AT_FDCWD, "./53/file1", [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./53/file1" [pid 5825] close(3 [pid 5829] <... unlink resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] <... close resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5825] rmdir("./38") = 0 [pid 5829] getdents64(3, [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] mkdir("./39", 0777 [pid 5829] close(3 [pid 5828] close(3 [pid 5825] <... mkdir resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5829] rmdir("./53" [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7988 attached [pid 5829] <... rmdir resumed>) = 0 [pid 7988] set_robust_list(0x5555819eb760, 24 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7988] <... set_robust_list resumed>) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 7988] chdir("./56" [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7988] <... chdir resumed>) = 0 [pid 5829] mkdir("./54", 0777 [pid 5825] close(3 [pid 7988] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] <... mkdir resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 7988 [pid 5825] <... close resumed>) = 0 [pid 7988] <... prctl resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7989 attached [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7989] set_robust_list(0x5555819eb760, 24 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 7989] <... set_robust_list resumed>) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 7989] chdir("./39" [pid 5829] close(3 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 7989 [pid 5829] <... close resumed>) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7989] <... chdir resumed>) = 0 [pid 7988] setpgid(0, 0 [pid 7989] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7989] setpgid(0, 0) = 0 [pid 7989] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 7990 [pid 7989] write(3, "1000", 4) = 4 [pid 7989] close(3) = 0 [pid 7989] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 7990 attached ) = 0 [pid 7988] <... setpgid resumed>) = 0 [pid 7990] set_robust_list(0x5555819eb760, 24) = 0 [pid 7990] chdir("./54" [pid 7988] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7990] <... chdir resumed>) = 0 [pid 7988] <... openat resumed>) = 3 [pid 7990] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program [pid 7989] write(1, "executing program\n", 18 [pid 7988] write(3, "1000", 4 [pid 7990] <... prctl resumed>) = 0 [pid 7989] <... write resumed>) = 18 [pid 7988] <... write resumed>) = 4 [pid 7990] setpgid(0, 0 [pid 7989] fsopen(NULL, 0 [pid 7990] <... setpgid resumed>) = 0 [pid 7989] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7988] close(3 [pid 7990] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7989] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0 [pid 7988] <... close resumed>) = 0 [pid 7990] write(3, "1000", 4 [pid 7989] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 7988] symlink("/dev/binderfs", "./binderfs" [pid 7990] <... write resumed>) = 4 [pid 7989] memfd_create("syzkaller", 0 [pid 7990] close(3 [pid 7988] <... symlink resumed>) = 0 [pid 7990] <... close resumed>) = 0 [pid 7990] symlink("/dev/binderfs", "./binderfs" [pid 7988] write(1, "executing program\n", 18 [pid 7990] <... symlink resumed>) = 0 [pid 7990] write(1, "executing program\n", 18executing program ) = 18 [pid 7990] fsopen(NULL, 0 [pid 7989] <... memfd_create resumed>) = 3 [pid 7990] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 7989] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7990] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7989] <... mmap resumed>) = 0x7f0eeb600000 [pid 7990] memfd_create("syzkaller", 0executing program ) = 3 [pid 7988] <... write resumed>) = 18 [pid 7990] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7988] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 7988] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 7988] memfd_create("syzkaller", 0) = 3 [pid 7988] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7987] <... write resumed>) = 16777216 [pid 7987] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7987] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7987] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7987] close(3) = 0 [pid 7987] close(4) = 0 [pid 7987] mkdir("./file0", 0777) = 0 [ 187.845725][ T7987] loop1: detected capacity change from 0 to 32768 [pid 7987] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7990] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7989] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7988] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 7988] munmap(0x7f0eeb600000, 138412032) = 0 [pid 7988] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7988] ioctl(4, LOOP_SET_FD, 3 [pid 7990] <... write resumed>) = 16777216 [pid 7988] <... ioctl resumed>) = 0 [pid 7988] close(3) = 0 [pid 7988] close(4) = 0 [pid 7988] mkdir("./file0", 0777 [pid 7990] munmap(0x7f0eeb600000, 138412032 [pid 7988] <... mkdir resumed>) = 0 [pid 7990] <... munmap resumed>) = 0 [pid 7988] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7990] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 188.206972][ T7988] loop3: detected capacity change from 0 to 32768 [pid 7990] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7990] close(3) = 0 [pid 7990] close(4 [pid 7989] <... write resumed>) = 16777216 [pid 7990] <... close resumed>) = 0 [pid 7989] munmap(0x7f0eeb600000, 138412032 [pid 7990] mkdir("./file0", 0777) = 0 [pid 7990] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7989] <... munmap resumed>) = 0 [pid 7989] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7989] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7989] close(3) = 0 [pid 7989] close(4) = 0 [pid 7989] mkdir("./file0", 0777) = 0 [ 188.267431][ T7990] loop4: detected capacity change from 0 to 32768 [ 188.303326][ T7989] loop0: detected capacity change from 0 to 32768 [ 188.433098][ T7987] bcachefs (loop1): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 188.438032][ T7990] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 188.469260][ T7990] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 188.500628][ T7989] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 188.516045][ T7987] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 188.524022][ T7987] bcachefs (loop1): Version downgrade required: [ 188.536146][ T7988] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 188.536188][ T7989] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 188.564128][ T7988] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 188.573435][ T7987] bcachefs (loop1): Version upgrade required: [ 188.573435][ T7987] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 188.573435][ T7987] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 188.573435][ T7987] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [pid 7989] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 7990] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7990] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7990] ioctl(3, LOOP_CLR_FD) = 0 [ 188.705269][ T7987] bcachefs (loop1): dropping and reconstructing all alloc info [ 188.716105][ T7990] bcachefs: bch2_fs_get_tree() error: EINVAL [ 188.761740][ T7987] bcachefs (loop1): accounting_read... done [ 188.855932][ T7987] bcachefs (loop1): alloc_read... done [pid 7990] close(3 [pid 7988] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = 0 [pid 5827] umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7988] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7988] <... openat resumed>) = 3 [pid 5827] newfstatat(AT_FDCWD, "./42/file0", [pid 7988] ioctl(3, LOOP_CLR_FD [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7988] <... ioctl resumed>) = 0 [pid 5827] umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7988] close(3 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [ 188.856488][ T7988] bcachefs: bch2_fs_get_tree() error: EINVAL [ 188.876961][ T7987] bcachefs (loop1): stripes_read... done [ 188.904562][ T7987] bcachefs (loop1): snapshots_read... done [pid 5827] rmdir("./42/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./42") = 0 [pid 5827] mkdir("./43", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [ 188.925758][ T7987] bcachefs (loop1): check_allocations... done [ 188.978716][ T7987] bcachefs (loop1): going read-write [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 8022 attached , child_tidptr=0x5555819eb750) = 8022 [pid 8022] set_robust_list(0x5555819eb760, 24) = 0 [pid 7989] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 7987] <... mount resumed>) = 0 [pid 8022] chdir("./43" [pid 7989] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 8022] <... chdir resumed>) = 0 [pid 8022] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7989] <... openat resumed>) = 3 [pid 7987] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 8022] <... prctl resumed>) = 0 [pid 7989] ioctl(3, LOOP_CLR_FD [pid 7987] <... openat resumed>) = 3 [pid 7989] <... ioctl resumed>) = 0 [pid 7987] chdir("./file0" [pid 7989] close(3 [pid 7987] <... chdir resumed>) = 0 [pid 8022] setpgid(0, 0 [pid 7987] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 8022] <... setpgid resumed>) = 0 [pid 7987] <... openat resumed>) = 4 [pid 7987] ioctl(4, LOOP_CLR_FD) = 0 [pid 7987] close(4) = 0 [pid 7987] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 8022] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 189.004202][ T7987] bcachefs (loop1): done starting filesystem [ 189.018084][ T7989] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 8022] write(3, "1000", 4) = 4 [pid 8022] close(3 [pid 7990] <... close resumed>) = 0 [pid 7987] <... quotactl resumed>) = 0 [pid 8022] <... close resumed>) = 0 [pid 8022] symlink("/dev/binderfs", "./binderfs" [pid 7987] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 8022] <... symlink resumed>) = 0 [pid 7987] <... openat resumed>) = 4 [pid 7987] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7987] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULLexecuting program [pid 8022] write(1, "executing program\n", 18) = 18 [pid 8022] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 8022] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 8022] memfd_create("syzkaller", 0) = 3 [pid 8022] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 7987] <... quotactl resumed>) = 0 [pid 7987] open(".", O_RDONLY) = 5 [pid 7987] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 7987] exit_group(0) = ? [pid 7990] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 7987] +++ exited with 0 +++ [pid 7990] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7987, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=35 /* 0.35 s */} --- [pid 7990] <... openat resumed>) = 3 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 7990] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 5826] <... restart_syscall resumed>) = 0 [pid 7990] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7990] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5826] umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 189.126775][ T61] bucket incorrectly unset in freespace btree [ 189.126812][ T61] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [pid 7990] <... quotactl resumed>) = 0 [pid 7990] open(".", O_RDONLY) = 4 [pid 7990] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5826] getdents64(3, [pid 7990] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 7990] exit_group(0 [pid 5826] umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 7990] <... exit_group resumed>) = ? [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./53/binderfs", [pid 7990] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7990, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=37 /* 0.37 s */} --- [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5826] unlink("./53/binderfs" [pid 5829] <... restart_syscall resumed>) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5829] umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./54/binderfs") = 0 [pid 5829] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./54/file0", [pid 7988] <... close resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5829] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(4, [pid 7988] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] close(4) = 0 [pid 5829] rmdir("./54/file0") = 0 [pid 5829] umount2("./54/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./54/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./54/file1") = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [pid 5829] rmdir("./54") = 0 [ 189.206167][ T61] bucket incorrectly unset in freespace btree [ 189.206189][ T61] u64s 5 type deleted POS_MIN len 0 ver 0, , continuing [pid 5829] mkdir("./55", 0777) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 189.270989][ T5826] bcachefs (loop1): shutting down [pid 5829] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5829] close(3) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555819eb750) = 8023 ./strace-static-x86_64: Process 8023 attached [pid 8023] set_robust_list(0x5555819eb760, 24) = 0 [pid 8023] chdir("./55") = 0 [pid 8023] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 8023] setpgid(0, 0) = 0 [pid 8023] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 8023] write(3, "1000", 4) = 4 [pid 8023] close(3) = 0 [pid 8023] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 8023] write(1, "executing program\n", 18) = 18 [pid 8023] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 8023] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 8023] memfd_create("syzkaller", 0) = 3 [pid 8023] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 189.296420][ T5826] bcachefs (loop1): going read-only [ 189.314451][ T5826] bcachefs (loop1): finished waiting for writes to stop [pid 7989] <... close resumed>) = 0 [pid 7989] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [ 189.358113][ T5826] bcachefs (loop1): flushing journal and stopping allocators, journal seq 12 [ 189.381576][ T52] bcachefs (loop1): loop1: Superblock write was silently dropped! (seq 0 expected 53) [ 189.406693][ T52] bucket incorrectly unset in freespace btree [ 189.406729][ T52] u64s 5 type deleted 0:3:0 len 0 ver 0, , continuing [ 189.446894][ T52] bucket incorrectly unset in freespace btree [ 189.446918][ T52] u64s 5 type deleted 0:6:0 len 0 ver 0, , continuing [ 189.478655][ T5826] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12 [ 189.490894][ T5826] bcachefs (loop1): unclean shutdown complete, journal seq 13 [ 189.511828][ T5826] bcachefs (loop1): done going read-only, filesystem not clean [pid 8022] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 8023] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7989] <... quotactl resumed>) = 0 [pid 7988] <... quotactl resumed>) = 0 [pid 7989] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7988] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 7989] <... openat resumed>) = 3 [pid 7988] <... openat resumed>) = 3 [pid 7989] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 7988] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 7989] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7988] <... mount resumed>) = -1 EFAULT (Bad address) [pid 7988] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 7989] <... quotactl resumed>) = 0 [pid 7989] open(".", O_RDONLY) = 4 [pid 7989] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 7989] exit_group(0) = ? [pid 7989] +++ exited with 0 +++ [pid 7988] <... quotactl resumed>) = 0 [pid 7988] open(".", O_RDONLY [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7989, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=50 /* 0.50 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 7988] <... open resumed>) = 4 [pid 7988] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 8022] <... write resumed>) = 16777216 [pid 7988] exit_group(0 [pid 5825] <... restart_syscall resumed>) = 0 [pid 7988] <... exit_group resumed>) = ? [pid 8022] munmap(0x7f0eeb600000, 138412032 [pid 5825] umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, [pid 7988] +++ exited with 0 +++ [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7988, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=45 /* 0.45 s */} --- [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5825] newfstatat(AT_FDCWD, "./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./39/binderfs") = 0 [pid 5825] umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... restart_syscall resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 189.550662][ T5826] bcachefs (loop1): shutdown complete [pid 5825] openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] <... openat resumed>) = 4 [pid 5828] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(4, "", [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] getdents64(4, [pid 5828] umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5828] newfstatat(AT_FDCWD, "./56/binderfs", [pid 5825] close(4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./39/file0" [pid 5828] unlink("./56/binderfs") = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5828] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./39/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./56/file0", [pid 5825] newfstatat(AT_FDCWD, "./39/file1", [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] unlink("./39/file1" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] <... unlink resumed>) = 0 [pid 8022] <... munmap resumed>) = 0 [pid 5828] newfstatat(4, "", [pid 5825] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] close(3 [pid 5828] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] <... close resumed>) = 0 [pid 5828] close(4 [pid 5825] rmdir("./39" [pid 8022] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5828] <... close resumed>) = 0 [pid 8022] <... openat resumed>) = 4 [pid 5828] rmdir("./56/file0" [pid 5825] <... rmdir resumed>) = 0 [pid 8022] ioctl(4, LOOP_SET_FD, 3 [pid 5828] <... rmdir resumed>) = 0 [pid 5825] mkdir("./40", 0777 [pid 5828] umount2("./56/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... mkdir resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./56/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5828] unlink("./56/file1" [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5828] <... unlink resumed>) = 0 [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] close(3 [pid 5828] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./56") = 0 [pid 5828] mkdir("./57", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5825] <... close resumed>) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] close(3 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... close resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 8022] <... ioctl resumed>) = 0 [pid 8022] close(3) = 0 [pid 8022] close(4) = 0 ./strace-static-x86_64: Process 8025 attached ./strace-static-x86_64: Process 8024 attached [pid 8022] mkdir("./file0", 0777 [pid 8024] set_robust_list(0x5555819eb760, 24 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 8025 [pid 8024] <... set_robust_list resumed>) = 0 [pid 8022] <... mkdir resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 8024 [pid 8024] chdir("./57" [pid 8025] set_robust_list(0x5555819eb760, 24 [pid 8024] <... chdir resumed>) = 0 [pid 8022] mount("/dev/loop2", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 8024] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 8025] <... set_robust_list resumed>) = 0 [pid 8024] <... prctl resumed>) = 0 [pid 8025] chdir("./40" [pid 8024] setpgid(0, 0 [pid 8025] <... chdir resumed>) = 0 [pid 8024] <... setpgid resumed>) = 0 [pid 8025] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 8024] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 8024] write(3, "1000", 4 [pid 8025] <... prctl resumed>) = 0 [pid 8024] <... write resumed>) = 4 [pid 8025] setpgid(0, 0) = 0 [pid 8025] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 8024] close(3 [pid 8025] <... openat resumed>) = 3 [pid 8024] <... close resumed>) = 0 [pid 8024] symlink("/dev/binderfs", "./binderfs" [pid 8025] write(3, "1000", 4) = 4 [pid 8025] close(3 [pid 8024] <... symlink resumed>) = 0 [pid 8025] <... close resumed>) = 0 [pid 8024] write(1, "executing program\n", 18 [pid 8025] symlink("/dev/binderfs", "./binderfs") = 0 [pid 8025] write(1, "executing program\n", 18executing program ) = 18 [pid 8025] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 8025] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) executing program [pid 8025] memfd_create("syzkaller", 0 [pid 8024] <... write resumed>) = 18 [ 189.634712][ T8022] loop2: detected capacity change from 0 to 32768 [pid 8024] fsopen(NULL, 0 [pid 8025] <... memfd_create resumed>) = 3 [pid 8024] <... fsopen resumed>) = -1 EFAULT (Bad address) [pid 8025] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 8024] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 8025] <... mmap resumed>) = 0x7f0eeb600000 [pid 8024] memfd_create("syzkaller", 0) = 3 [pid 8024] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 8025] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 8023] <... write resumed>) = 16777216 [pid 8023] munmap(0x7f0eeb600000, 138412032) = 0 [pid 8023] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 8023] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 8023] close(3) = 0 [pid 8024] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 8023] close(4) = 0 [ 189.875764][ T8023] loop4: detected capacity change from 0 to 32768 [pid 8023] mkdir("./file0", 0777) = 0 [pid 8023] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 8025] <... write resumed>) = 16777216 [pid 8025] munmap(0x7f0eeb600000, 138412032) = 0 [pid 8024] <... write resumed>) = 16777216 [pid 8025] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 8024] munmap(0x7f0eeb600000, 138412032 [pid 8025] <... openat resumed>) = 4 [pid 8025] ioctl(4, LOOP_SET_FD, 3 [pid 8024] <... munmap resumed>) = 0 [pid 8024] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 8025] <... ioctl resumed>) = 0 [pid 8025] close(3 [pid 8024] <... openat resumed>) = 4 [pid 8025] <... close resumed>) = 0 [pid 8025] close(4 [pid 8024] ioctl(4, LOOP_SET_FD, 3 [pid 8025] <... close resumed>) = 0 [pid 8025] mkdir("./file0", 0777) = 0 [pid 8024] <... ioctl resumed>) = 0 [pid 8025] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 8024] close(3) = 0 [pid 8024] close(4) = 0 [pid 8024] mkdir("./file0", 0777) = 0 [ 190.113507][ T8025] loop0: detected capacity change from 0 to 32768 [ 190.135609][ T8024] loop3: detected capacity change from 0 to 32768 [ 190.233111][ T8022] bcachefs (loop2): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 190.259767][ T8022] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 190.267834][ T8022] bcachefs (loop2): Version downgrade required: [ 190.274245][ T8022] bcachefs (loop2): Version upgrade required: [ 190.274245][ T8022] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 190.274245][ T8022] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [ 190.274245][ T8022] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 190.360666][ T8023] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 190.371074][ T8022] bcachefs (loop2): dropping and reconstructing all alloc info [ 190.379917][ T8023] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 190.402810][ T8025] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 190.406480][ T8022] bcachefs (loop2): accounting_read... done [ 190.446440][ T8025] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 190.454704][ T8024] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 190.463973][ T8022] bcachefs (loop2): alloc_read... done [ 190.476069][ T8022] bcachefs (loop2): stripes_read... done [ 190.481864][ T8022] bcachefs (loop2): snapshots_read... done [ 190.502910][ T8024] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 190.518248][ T8022] bcachefs (loop2): check_allocations... [ 190.526685][ T8023] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 8024] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 8023] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 8023] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 8023] ioctl(3, LOOP_CLR_FD) = 0 [ 190.559296][ T8022] done [ 190.569851][ T8022] bcachefs (loop2): going read-write [pid 8023] close(3 [pid 8022] <... mount resumed>) = 0 [pid 8022] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 8022] chdir("./file0") = 0 [ 190.602675][ T8022] bcachefs (loop2): done starting filesystem [pid 8022] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 8022] ioctl(4, LOOP_CLR_FD) = 0 [pid 8022] close(4) = 0 [pid 8022] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 8022] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 8022] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 8022] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL) = 0 [pid 8022] open(".", O_RDONLY) = 5 [pid 8022] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768) = 0 [pid 8022] exit_group(0 [pid 8024] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 8022] <... exit_group resumed>) = ? [pid 8022] +++ exited with 0 +++ [pid 8024] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8022, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=35 /* 0.35 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 8024] <... openat resumed>) = 3 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 8024] ioctl(3, LOOP_CLR_FD [pid 5827] newfstatat(AT_FDCWD, "./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./43/binderfs") = 0 [pid 5827] umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 8024] <... ioctl resumed>) = 0 [ 190.767454][ T77] bucket incorrectly unset in freespace btree [ 190.767486][ T77] u64s 5 type deleted 0:1:0 len 0 ver 0, , continuing [ 190.789618][ T8024] bcachefs: bch2_fs_get_tree() error: EINVAL [pid 8025] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 8025] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 8025] ioctl(3, LOOP_CLR_FD) = 0 [pid 8025] close(3 [ 190.814810][ T8025] bcachefs: bch2_fs_get_tree() error: EINVAL [ 190.833130][ T5827] bcachefs (loop2): shutting down [ 190.833150][ T5827] bcachefs (loop2): going read-only [pid 8024] close(3 [pid 8023] <... close resumed>) = 0 [ 190.833170][ T5827] bcachefs (loop2): finished waiting for writes to stop [ 190.855000][ T5827] bcachefs (loop2): flushing journal and stopping allocators, journal seq 11 [pid 8023] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 8025] <... close resumed>) = 0 [pid 5826] <... umount2 resumed>) = 0 [pid 8025] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 5826] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./53/file0") = 0 [pid 5826] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./53") = 0 [pid 5826] mkdir("./54", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] close(3) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 8057 attached [pid 8057] set_robust_list(0x5555819eb760, 24) = 0 [pid 8057] chdir("./54") = 0 [pid 8057] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 8057] setpgid(0, 0) = 0 [pid 8057] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 8057] write(3, "1000", 4) = 4 [pid 8057] close(3) = 0 [pid 8057] symlink("/dev/binderfs", "./binderfs" [pid 5826] <... clone resumed>, child_tidptr=0x5555819eb750) = 8057 [pid 8057] <... symlink resumed>) = 0 executing program [ 190.986391][ T77] bucket incorrectly unset in freespace btree [ 190.986415][ T77] u64s 5 type deleted 0:2:0 len 0 ver 0, , continuing [pid 8057] write(1, "executing program\n", 18) = 18 [pid 8057] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 8057] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 8057] memfd_create("syzkaller", 0) = 3 [pid 8057] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [ 191.041540][ T77] bucket incorrectly unset in freespace btree [ 191.041561][ T77] u64s 5 type deleted 0:5:0 len 0 ver 0, , continuing [pid 8024] <... close resumed>) = 0 [ 191.105015][ T77] bucket incorrectly unset in freespace btree [ 191.105036][ T77] u64s 5 type deleted 0:8:0 len 0 ver 0, , continuing [ 191.140336][ T5827] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12 [ 191.158711][ T5827] bcachefs (loop2): unclean shutdown complete, journal seq 13 [ 191.177073][ T5827] bcachefs (loop2): done going read-only, filesystem not clean [pid 8024] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 8025] <... quotactl resumed>) = 0 [pid 8024] <... quotactl resumed>) = 0 [pid 8023] <... quotactl resumed>) = 0 [pid 8023] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 8024] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 8023] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 8023] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 8025] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 8024] <... openat resumed>) = 3 [pid 8025] <... openat resumed>) = 3 [pid 8024] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 8023] <... quotactl resumed>) = 0 [pid 8025] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 8024] <... mount resumed>) = -1 EFAULT (Bad address) [pid 8023] open(".", O_RDONLY [pid 8025] <... mount resumed>) = -1 EFAULT (Bad address) [pid 8024] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 8023] <... open resumed>) = 4 [pid 8025] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 8023] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768) = -1 EINVAL (Invalid argument) [pid 8023] exit_group(0) = ? [pid 8025] <... quotactl resumed>) = 0 [pid 8024] <... quotactl resumed>) = 0 [pid 8023] +++ exited with 0 +++ [pid 8025] open(".", O_RDONLY [pid 8024] open(".", O_RDONLY [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8023, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=50 /* 0.50 s */} --- [pid 8025] <... open resumed>) = 4 [pid 8024] <... open resumed>) = 4 [pid 8025] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 8024] fallocate(3, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 8025] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 8024] <... fallocate resumed>) = -1 EINVAL (Invalid argument) [pid 8025] exit_group(0 [pid 8024] exit_group(0 [pid 5829] umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW [pid 8025] <... exit_group resumed>) = ? [pid 8024] <... exit_group resumed>) = ? [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 191.211259][ T5827] bcachefs (loop2): shutdown complete [pid 8025] +++ exited with 0 +++ [pid 8024] +++ exited with 0 +++ [pid 5829] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8025, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=47 /* 0.47 s */} --- [pid 5829] newfstatat(3, "", [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8024, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=46 /* 0.46 s */} --- [pid 5829] newfstatat(AT_FDCWD, "./55/binderfs", [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5829] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./55/binderfs") = 0 [pid 5829] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 8057] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... openat resumed>) = 4 [pid 5828] <... openat resumed>) = 3 [pid 5825] <... openat resumed>) = 3 [pid 5829] newfstatat(4, "", [pid 5828] newfstatat(3, "", [pid 5825] newfstatat(3, "", [pid 5829] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(3, [pid 5829] getdents64(4, [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5825] getdents64(3, [pid 5829] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 5 entries */, 32768) = 144 [pid 5829] close(4 [pid 5828] umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... close resumed>) = 0 [pid 5829] rmdir("./55/file0" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... rmdir resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./57/binderfs", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] umount2("./55/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(AT_FDCWD, "./40/binderfs", [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] unlink("./57/binderfs" [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] newfstatat(AT_FDCWD, "./55/file1", [pid 5828] <... unlink resumed>) = 0 [pid 5829] <... newfstatat resumed>{st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./40/binderfs" [pid 5829] unlink("./55/file1" [pid 5828] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... unlink resumed>) = 0 [pid 5829] <... unlink resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] getdents64(3, [pid 5828] newfstatat(AT_FDCWD, "./57/file0", [pid 5825] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5829] close(3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... close resumed>) = 0 [pid 5829] rmdir("./55" [pid 5828] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(AT_FDCWD, "./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] <... rmdir resumed>) = 0 [pid 5825] umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] mkdir("./56", 0777 [pid 5828] openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 4 [pid 5825] openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(4, "", [pid 5825] <... openat resumed>) = 4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5829] <... mkdir resumed>) = 0 [pid 5825] newfstatat(4, "", [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5828] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5825] getdents64(4, [pid 5828] close(4 [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5829] <... openat resumed>) = 3 [pid 5825] getdents64(4, [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5825] <... getdents64 resumed>0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5828] <... close resumed>) = 0 [pid 5825] close(4 [pid 5829] close(3 [pid 5825] <... close resumed>) = 0 [pid 5828] rmdir("./57/file0" [pid 5825] rmdir("./40/file0" [pid 5829] <... close resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5828] umount2("./57/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... rmdir resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./57/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./57/file1") = 0 [pid 5825] umount2("./40/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(3, [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 8058 attached [pid 5829] <... clone resumed>, child_tidptr=0x5555819eb750) = 8058 [pid 5825] newfstatat(AT_FDCWD, "./40/file1", {st_mode=S_IFREG|0500, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 8058] set_robust_list(0x5555819eb760, 24 [pid 5825] unlink("./40/file1" [pid 5828] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3 [pid 8058] <... set_robust_list resumed>) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5825] getdents64(3, [pid 8058] chdir("./56" [pid 5825] <... getdents64 resumed>0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 8058] <... chdir resumed>) = 0 [pid 5828] rmdir("./57" [pid 5825] close(3 [pid 5828] <... rmdir resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 8058] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5828] mkdir("./58", 0777 [pid 5825] rmdir("./40" [pid 8058] setpgid(0, 0) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 8058] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] mkdir("./41", 0777 [pid 5828] <... mkdir resumed>) = 0 [pid 8058] <... openat resumed>) = 3 [pid 5825] <... mkdir resumed>) = 0 [pid 8058] write(3, "1000", 4 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 8058] <... write resumed>) = 4 [pid 5828] <... openat resumed>) = 3 [pid 5825] <... openat resumed>) = 3 [pid 8058] close(3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5825] ioctl(3, LOOP_CLR_FD [pid 8058] <... close resumed>) = 0 [pid 8058] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 8058] <... symlink resumed>) = 0 [pid 5828] close(3 [pid 5825] close(3 [pid 8058] write(1, "executing program\n", 18) = 18 [pid 5825] <... close resumed>) = 0 [pid 8058] fsopen(NULL, 0 [pid 5828] <... close resumed>) = 0 [pid 8058] <... fsopen resumed>) = -1 EFAULT (Bad address) executing program [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 8058] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 8058] memfd_create("syzkaller", 0./strace-static-x86_64: Process 8059 attached ./strace-static-x86_64: Process 8060 attached ) = 3 [pid 5828] <... clone resumed>, child_tidptr=0x5555819eb750) = 8060 [pid 5825] <... clone resumed>, child_tidptr=0x5555819eb750) = 8059 [pid 8059] set_robust_list(0x5555819eb760, 24 [pid 8058] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 8059] <... set_robust_list resumed>) = 0 [pid 8059] chdir("./41" [pid 8058] <... mmap resumed>) = 0x7f0eeb600000 [pid 8059] <... chdir resumed>) = 0 [pid 8059] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 8059] setpgid(0, 0) = 0 [pid 8059] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 8060] set_robust_list(0x5555819eb760, 24) = 0 [pid 8059] write(3, "1000", 4 [pid 8060] chdir("./58" [pid 8059] <... write resumed>) = 4 [pid 8060] <... chdir resumed>) = 0 [pid 8060] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 8059] close(3 [pid 8060] <... prctl resumed>) = 0 [pid 8059] <... close resumed>) = 0 [pid 8060] setpgid(0, 0 [pid 8059] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 8059] write(1, "executing program\n", 18) = 18 [pid 8059] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 8059] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 8060] <... setpgid resumed>) = 0 [pid 8059] memfd_create("syzkaller", 0) = 3 [pid 8059] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 8060] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 8059] <... mmap resumed>) = 0x7f0eeb600000 [pid 8060] <... openat resumed>) = 3 [pid 8060] write(3, "1000", 4) = 4 [pid 8060] close(3) = 0 [pid 8060] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 8060] write(1, "executing program\n", 18) = 18 [pid 8060] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 8060] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 8060] memfd_create("syzkaller", 0) = 3 [pid 8060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 8057] <... write resumed>) = 16777216 [pid 8057] munmap(0x7f0eeb600000, 138412032) = 0 [pid 8057] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 8057] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 8057] close(3) = 0 [pid 8057] close(4) = 0 [pid 8057] mkdir("./file0", 0777) = 0 [ 191.492609][ T8057] loop1: detected capacity change from 0 to 32768 [pid 8057] mount("/dev/loop1", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 8058] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 8059] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 8060] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 8058] <... write resumed>) = 16777216 [pid 8058] munmap(0x7f0eeb600000, 138412032) = 0 [pid 8058] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 191.882998][ T8057] bcachefs (loop1): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc [ 191.904993][ T8058] loop4: detected capacity change from 0 to 32768 [pid 8058] ioctl(4, LOOP_SET_FD, 3 [pid 8060] <... write resumed>) = 16777216 [pid 8058] <... ioctl resumed>) = 0 [pid 8058] close(3) = 0 [pid 8058] close(4) = 0 [pid 8060] munmap(0x7f0eeb600000, 138412032 [pid 8058] mkdir("./file0", 0777) = 0 [ 191.936125][ T8057] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 191.944734][ T8057] bcachefs (loop1): Version downgrade required: [ 191.968477][ T8057] bcachefs (loop1): Version upgrade required: [ 191.968477][ T8057] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete [ 191.968477][ T8057] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size [pid 8058] mount("/dev/loop4", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 8059] <... write resumed>) = 16777216 [pid 8060] <... munmap resumed>) = 0 [ 191.968477][ T8057] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [pid 8059] munmap(0x7f0eeb600000, 138412032 [pid 8060] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 8059] <... munmap resumed>) = 0 [pid 8059] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 8059] ioctl(4, LOOP_SET_FD, 3 [pid 8060] <... openat resumed>) = 4 [pid 8060] ioctl(4, LOOP_SET_FD, 3 [pid 8059] <... ioctl resumed>) = 0 [pid 8060] <... ioctl resumed>) = 0 [ 192.063173][ T8057] bcachefs (loop1): dropping and reconstructing all alloc info [ 192.080289][ T8057] bcachefs (loop1): accounting_read... done [ 192.083954][ T8059] loop0: detected capacity change from 0 to 32768 [ 192.098349][ T8060] loop3: detected capacity change from 0 to 32768 [ 192.105582][ T8057] bcachefs (loop1): alloc_read... done [pid 8060] close(3 [pid 8059] close(3) = 0 [pid 8059] close(4) = 0 [pid 8059] mkdir("./file0", 0777) = 0 [pid 8059] mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 8060] <... close resumed>) = 0 [pid 8060] close(4) = 0 [ 192.111392][ T8057] bcachefs (loop1): stripes_read... done [pid 8060] mkdir("./file0", 0777) = 0 [ 192.177045][ T8057] bcachefs (loop1): snapshots_read... done [ 192.183046][ T8057] bcachefs (loop1): check_allocations... [ 192.185289][ T8058] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 192.246693][ T8058] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 192.255185][ T8059] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 192.280909][ T8057] done [ 192.282208][ T8059] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [pid 8060] mount("/dev/loop3", "./file0", "bcachefs", MS_NOEXEC, "data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,erro"... [pid 8057] <... mount resumed>) = 0 [ 192.286396][ T8060] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): filesystem UUID already open [ 192.302511][ T8060] bcachefs (04000000-0000-0000-999b-c1f40db4fee2): shutdown complete [ 192.312189][ T8057] bcachefs (loop1): going read-write [ 192.334331][ T8057] bcachefs (loop1): done starting filesystem [pid 8057] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 8057] chdir("./file0") = 0 [pid 8057] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 8057] ioctl(4, LOOP_CLR_FD) = 0 [pid 8057] close(4) = 0 [pid 8057] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL) = 0 [pid 8057] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 4 [pid 8057] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [pid 8057] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 5827] <... umount2 resumed>) = 0 [pid 5827] umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 8057] <... quotactl resumed>) = 0 [pid 8057] open(".", O_RDONLY) = 5 [pid 8057] fallocate(4, FALLOC_FL_INSERT_RANGE, 0, 32768 [pid 5827] umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x5555819f4830 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x5555819f4830 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./43/file0") = 0 [pid 5827] getdents64(3, 0x5555819ec7f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./43") = 0 [pid 5827] mkdir("./44", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 192.482185][ T8057] ------------[ cut here ]------------ [ 192.487998][ T8057] kernel BUG at fs/bcachefs/btree_journal_iter.c:83! [ 192.506339][ T61] bucket incorrectly unset in freespace btree [ 192.506373][ T61] u64s 5 type deleted 0:26:0 len 0 ver 0, , continuing [pid 5827] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5827] close(3) = 0 [ 192.535687][ T8060] bcachefs: bch2_fs_get_tree() error: EINVAL [ 192.561768][ T8057] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 192.568777][ T8057] CPU: 0 UID: 0 PID: 8057 Comm: syz-executor165 Not tainted 6.14.0-rc4-syzkaller-00073-g5394eea10651 #0 [ 192.580002][ T8057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 192.590069][ T8057] RIP: 0010:bch2_journal_keys_peek_max+0x164f/0x1660 [ 192.596756][ T8057] Code: 10 48 8d 5c 08 18 48 89 d8 48 c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 0f 78 d9 fd 4c 8b 33 e9 d7 fe ff ff e8 22 c5 74 fd 90 <0f> 0b e8 9a 94 b3 07 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 192.616366][ T8057] RSP: 0018:ffffc900035a6620 EFLAGS: 00010293 [ 192.622441][ T8057] RAX: ffffffff844cf87e RBX: 0000000000000039 RCX: ffff888025481e00 [ 192.630415][ T8057] RDX: 0000000000000000 RSI: 0000000000000039 RDI: ffffffffffffffff [ 192.638385][ T8057] RBP: ffffc900035a67e0 R08: ffffffff844ce375 R09: 0000000000000000 [ 192.646355][ T8057] R10: 00000001ffffffff R11: 2000000000000000 R12: dffffc0000000000 [ 192.654325][ T8057] R13: ffff88805ef00000 R14: ffffffffffffffff R15: ffffc900035a7018 [ 192.662300][ T8057] FS: 00005555819eb480(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 192.671243][ T8057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.677823][ T8057] CR2: 0000000000000000 CR3: 000000002d984000 CR4: 00000000003526f0 [ 192.685812][ T8057] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 192.693781][ T8057] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 192.701753][ T8057] Call Trace: [ 192.705032][ T8057] [ 192.707966][ T8057] ? __die_body+0x5f/0xb0 [ 192.712305][ T8057] ? die+0x9e/0xc0 [ 192.716033][ T8057] ? do_trap+0x15a/0x3a0 [ 192.720278][ T8057] ? bch2_journal_keys_peek_max+0x164f/0x1660 [ 192.726351][ T8057] ? do_error_trap+0x1dc/0x2c0 [ 192.731132][ T8057] ? bch2_journal_keys_peek_max+0x164f/0x1660 [ 192.737207][ T8057] ? __pfx_do_error_trap+0x10/0x10 [ 192.742405][ T8057] ? report_bug+0x3e8/0x500 [ 192.746923][ T8057] ? handle_invalid_op+0x34/0x40 [ 192.751863][ T8057] ? bch2_journal_keys_peek_max+0x164f/0x1660 [ 192.757945][ T8057] ? exc_invalid_op+0x38/0x50 [ 192.762639][ T8057] ? asm_exc_invalid_op+0x1a/0x20 [ 192.767670][ T8057] ? bch2_journal_keys_peek_max+0x145/0x1660 [ 192.773656][ T8057] ? bch2_journal_keys_peek_max+0x164e/0x1660 [ 192.779729][ T8057] ? bch2_journal_keys_peek_max+0x164f/0x1660 [ 192.785817][ T8057] ? __pfx_bch2_btree_path_verify_level+0x10/0x10 [ 192.792246][ T8057] ? __bch2_bkey_cmp_left_packed+0x301/0x790 [ 192.798230][ T8057] ? __pfx_bch2_journal_keys_peek_max+0x10/0x10 [ 192.804476][ T8057] ? __asan_memset+0x23/0x50 [ 192.809070][ T8057] ? bch2_btree_path_verify_level+0x36e/0x19a0 [ 192.815232][ T8057] btree_trans_peek_journal+0x342/0x5a0 [ 192.820788][ T8057] ? __pfx_btree_trans_peek_journal+0x10/0x10 [ 192.826862][ T8057] ? bch2_btree_path_verify_locks+0x854/0xb30 [ 192.832930][ T8057] ? bch2_btree_iter_peek_max+0xf06/0x6320 [ 192.838778][ T8057] bch2_btree_iter_peek_max+0x1502/0x6320 [ 192.844580][ T8057] ? __pfx_bch2_btree_iter_peek_max+0x10/0x10 [ 192.850659][ T8057] ? bch2_btree_node_relock+0x22a/0x440 [ 192.856223][ T8057] ? bch2_btree_iter_peek_prev_min+0x1f3/0x6390 [ 192.862492][ T8057] ? __pfx_bch2_btree_path_traverse_one+0x10/0x10 [ 192.868932][ T8057] ? __bch2_btree_path_set_pos+0xe90/0x17e0 [ 192.874845][ T8057] ? __pfx___bch2_btree_path_set_pos+0x10/0x10 [ 192.881012][ T8057] ? bch2_trans_copy_iter+0x56/0x5e0 [ 192.886316][ T8057] ? bch2_trans_copy_iter+0x3df/0x5e0 [ 192.891702][ T8057] bch2_btree_iter_peek_slot+0xe0a/0x27c0 [ 192.897447][ T8057] ? __bch2_resume_logged_op_finsert+0x5ca/0x36b0 [ 192.903876][ T8057] ? __pfx_bch2_btree_iter_peek_slot+0x10/0x10 [ 192.910059][ T8057] ? __asan_memset+0x23/0x50 [ 192.914669][ T8057] ? bch2_btree_iter_peek_slot+0xdbe/0x27c0 [ 192.920573][ T8057] ? __pfx_btree_trans_peek_slot_journal+0x10/0x10 [ 192.927089][ T8057] ? __pfx_bch2_btree_path_peek_slot+0x10/0x10 [ 192.933256][ T8057] ? bch2_btree_path_verify_locks+0x854/0xb30 [ 192.939330][ T8057] bch2_btree_iter_peek_prev_min+0x1f3/0x6390 [ 192.945414][ T8057] ? __bch2_subvolume_get_snapshot+0x1e1/0x930 [ 192.951579][ T8057] ? __pfx_bch2_btree_iter_peek_slot+0x10/0x10 [ 192.957740][ T8057] ? bch2_path_get+0xf03/0x15d0 [ 192.962597][ T8057] ? __pfx_bch2_btree_iter_peek_prev_min+0x10/0x10 [ 192.969105][ T8057] ? bch2_path_put+0xe1d/0x2290 [ 192.973969][ T8057] ? __asan_memset+0x23/0x50 [ 192.978577][ T8057] ? bch2_trans_iter_exit+0x16f/0x230 [ 192.983965][ T8057] ? __bch2_subvolume_get_snapshot+0x652/0x930 [ 192.990126][ T8057] ? __bch2_subvolume_get_snapshot+0x1e1/0x930 [ 192.996288][ T8057] ? __pfx___bch2_subvolume_get_snapshot+0x10/0x10 [ 193.002807][ T8057] ? __bch2_resume_logged_op_finsert+0x1a6e/0x36b0 [ 193.009318][ T8057] ? __bch2_subvolume_get_snapshot+0x1e1/0x930 [ 193.015477][ T8057] ? bch2_bkey_set_needs_rebalance+0x84/0x870 [ 193.021561][ T8057] ? __bch2_resume_logged_op_finsert+0x17e7/0x36b0 [ 193.028071][ T8057] __bch2_resume_logged_op_finsert+0xd5f/0x36b0 [ 193.034361][ T8057] ? __pfx___bch2_resume_logged_op_finsert+0x10/0x10 [ 193.041060][ T8057] ? __pfx___bch2_trans_commit+0x10/0x10 [ 193.046713][ T8057] ? __bch2_resume_logged_op_finsert+0x5ca/0x36b0 [ 193.053149][ T8057] ? __pfx_bch2_logged_op_start+0x10/0x10 [ 193.058883][ T8057] ? lockdep_init_map_type+0xa1/0x910 [ 193.064276][ T8057] bch2_fcollapse_finsert+0x286/0x3b0 [ 193.069667][ T8057] ? __pfx_bch2_fcollapse_finsert+0x10/0x10 [ 193.075566][ T8057] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 193.081552][ T8057] ? bch2_write_invalidate_inode_pages_range+0xe2/0x120 [ 193.088518][ T8057] bchfs_fcollapse_finsert+0x3a8/0x630 [ 193.093995][ T8057] ? _raw_spin_unlock_irq+0x23/0x50 [ 193.099206][ T8057] ? __pfx_bchfs_fcollapse_finsert+0x10/0x10 [ 193.105198][ T8057] ? mnt_put_write_access_file+0xbf/0x100 [ 193.110928][ T8057] bch2_fallocate_dispatch+0x3c9/0x540 [ 193.116401][ T8057] ? __pfx_bch2_fallocate_dispatch+0x10/0x10 [ 193.122392][ T8057] ? __pfx_bch2_fallocate_dispatch+0x10/0x10 [ 193.128385][ T8057] vfs_fallocate+0x623/0x7a0 [ 193.132988][ T8057] ? __pfx_vfs_fallocate+0x10/0x10 [ 193.138105][ T8057] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 193.144445][ T8057] __x64_sys_fallocate+0xbc/0x110 [ 193.149531][ T8057] do_syscall_64+0xf3/0x230 [ 193.154137][ T8057] ? clear_bhb_loop+0x35/0x90 [ 193.158832][ T8057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.164738][ T8057] RIP: 0033:0x7f0ef3bf2789 [ 193.169184][ T8057] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 1c 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 193.188798][ T8057] RSP: 002b:00007ffd1b0b4ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 193.197217][ T8057] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f0ef3bf2789 [ 193.205194][ T8057] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000000000004 [ 193.213194][ T8057] RBP: 0000000000000000 R08: 00007ffd1b0b4cdc R09: 00007ffd1b0b4cdc [ 193.221168][ T8057] R10: 0000000000008000 R11: 0000000000000246 R12: 00007ffd1b0b4cdc [ 193.229225][ T8057] R13: 0000000000000036 R14: 431bde82d7b634db R15: 00007ffd1b0b4d10 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 8092 attached [pid 8060] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 8092] set_robust_list(0x5555819eb760, 24 [pid 8060] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] <... clone resumed>, child_tidptr=0x5555819eb750) = 8092 [pid 8092] <... set_robust_list resumed>) = 0 [pid 8092] chdir("./44" [pid 8060] <... openat resumed>) = 3 [pid 8092] <... chdir resumed>) = 0 [ 193.237207][ T8057] [ 193.240225][ T8057] Modules linked in: [ 193.244584][ T8057] ---[ end trace 0000000000000000 ]--- [ 193.267153][ T8057] RIP: 0010:bch2_journal_keys_peek_max+0x164f/0x1660 [ 193.275501][ T61] bucket incorrectly unset in freespace btree [pid 8092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 8092] setpgid(0, 0) = 0 [pid 8092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 8092] write(3, "1000", 4) = 4 [pid 8092] close(3) = 0 executing program [pid 8092] symlink("/dev/binderfs", "./binderfs") = 0 [pid 8092] write(1, "executing program\n", 18) = 18 [pid 8092] fsopen(NULL, 0) = -1 EFAULT (Bad address) [pid 8092] fsconfig(-1, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 8092] memfd_create("syzkaller", 0) = 3 [pid 8092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0eeb600000 [pid 8058] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 8060] ioctl(3, LOOP_CLR_FD [pid 8058] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 8059] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 8059] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 8059] ioctl(3, LOOP_CLR_FD) = 0 [ 193.275517][ T61] u64s 5 type deleted 0:25:0 len 0 ver 0, , continuing [ 193.282714][ T8058] bcachefs: bch2_fs_get_tree() error: EINVAL [ 193.298766][ T8059] bcachefs: bch2_fs_get_tree() error: EINVAL [ 193.303073][ T8057] Code: 10 48 8d 5c 08 18 48 89 d8 48 c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 0f 78 d9 fd 4c 8b 33 e9 d7 fe ff ff e8 22 c5 74 fd 90 <0f> 0b e8 9a 94 b3 07 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 193.326123][ T8057] RSP: 0018:ffffc900035a6620 EFLAGS: 00010293 [pid 8059] close(3 [pid 8060] <... ioctl resumed>) = 0 [pid 8058] <... openat resumed>) = 3 [pid 8058] ioctl(3, LOOP_CLR_FD [pid 8060] close(3 [pid 8058] <... ioctl resumed>) = 0 [ 193.337205][ T8057] RAX: ffffffff844cf87e RBX: 0000000000000039 RCX: ffff888025481e00 [ 193.345233][ T8057] RDX: 0000000000000000 RSI: 0000000000000039 RDI: ffffffffffffffff [ 193.353582][ T61] bucket incorrectly unset in freespace btree [ 193.353603][ T61] u64s 5 type deleted 0:28:0 len 0 ver 0, , continuing [ 193.354974][ T8057] RBP: ffffc900035a67e0 R08: ffffffff844ce375 R09: 0000000000000000 [ 193.435912][ T8057] R10: 00000001ffffffff R11: 2000000000000000 R12: dffffc0000000000 [ 193.450689][ T8057] R13: ffff88805ef00000 R14: ffffffffffffffff R15: ffffc900035a7018 [ 193.465882][ T8057] FS: 00005555819eb480(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [pid 8058] close(3 [pid 8060] <... close resumed>) = 0 [pid 8060] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 8059] <... close resumed>) = 0 [ 193.486154][ T8057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.515490][ T8057] CR2: 0000000000000000 CR3: 000000002d984000 CR4: 00000000003526f0 [pid 8060] <... quotactl resumed>) = 0 [pid 8059] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 8060] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512) = 3 [pid 8059] <... quotactl resumed>) = 0 [pid 8060] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL [pid 8059] openat(AT_FDCWD, "./file1", O_WRONLY|O_CREAT|O_APPEND, 0512 [pid 8058] <... close resumed>) = 0 [pid 8060] <... mount resumed>) = -1 EFAULT (Bad address) [pid 8060] quotactl(QCMD(Q_SYNC, GRPQUOTA), NULL [pid 8059] <... openat resumed>) = 3 [pid 8058] quotactl(QCMD(Q_SYNC, USRQUOTA), NULL [pid 8059] mount(NULL, NULL, 0x400000000040, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_MANDLOCK|MS_I_VERSION|MS_STRICTATIME, NULL) = -1 EFAULT (Bad address) [ 193.536113][ T8057] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 193.546751][ T8057] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 193.558116][ T8057] Kernel panic - not syncing: Fatal exception [ 193.564578][ T8057] Kernel Offset: disabled [ 193.568934][ T8057] Rebooting in 86400 seconds..