./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor537267542
<...>
Warning: Permanently added '10.128.0.29' (ED25519) to the list of known hosts.
execve("./syz-executor537267542", ["./syz-executor537267542"], 0x7ffd3222bb70 /* 10 vars */) = 0
brk(NULL) = 0x55557a8f3000
brk(0x55557a8f3d00) = 0x55557a8f3d00
arch_prctl(ARCH_SET_FS, 0x55557a8f3380) = 0
set_tid_address(0x55557a8f3650) = 5091
set_robust_list(0x55557a8f3660, 24) = 0
rseq(0x55557a8f3ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor537267542", 4096) = 27
getrandom("\xb8\xfd\x84\x3f\xd2\xec\xd8\x44", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55557a8f3d00
brk(0x55557a914d00) = 0x55557a914d00
brk(0x55557a915000) = 0x55557a915000
mprotect(0x7f61d2e2e000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./syzkaller.qrBjR8", 0700) = 0
chmod("./syzkaller.qrBjR8", 0777) = 0
chdir("./syzkaller.qrBjR8") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5092 attached
, child_tidptr=0x55557a8f3650) = 5092
[pid 5092] set_robust_list(0x55557a8f3660, 24) = 0
[pid 5092] chdir("./0") = 0
[pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5092] setpgid(0, 0) = 0
[pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5092] write(3, "1000", 4) = 4
[pid 5092] close(3) = 0
[pid 5092] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5092] write(1, "executing program\n", 18executing program
) = 18
[pid 5092] memfd_create("syzkaller", 0) = 3
[pid 5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5092] write(3, "\x60\x1c\x6d\x6b\x64\x6f\x73\x66\xe4\x17\x98\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072
[pid 5092] munmap(0x7f61ca800000, 138412032) = 0
[pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5092] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5092] close(3) = 0
[pid 5092] close(4) = 0
[pid 5092] mkdir("./file1", 0777) = 0
[ 58.649497][ T5092] loop0: detected capacity change from 0 to 256
[ 58.684187][ T5092] =======================================================
[ 58.684187][ T5092] WARNING: The mand mount option has been deprecated and
[pid 5092] mount("/dev/loop0", "./file1", "msdos", MS_MANDLOCK|MS_RELATIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = -1 EINVAL (Invalid argument)
[pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 58.684187][ T5092] and is ignored by this kernel. Remove the mand
[ 58.684187][ T5092] option from the mount to silence this warning.
[ 58.684187][ T5092] =======================================================
[pid 5092] ioctl(3, LOOP_CLR_FD) = 0
[pid 5092] close(3) = 0
[pid 5092] memfd_create("syzkaller", 0) = 3
[pid 5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5092] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5092] munmap(0x7f61ca800000, 138412032) = 0
[pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5092] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5092] close(3) = 0
[pid 5092] close(4) = 0
[pid 5092] mkdir("./bus", 0777) = 0
[ 58.985502][ T5092] loop0: detected capacity change from 0 to 32768
[ 59.024565][ T5092] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78
[ 59.070947][ T5092] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names
[ 59.084121][ T5092] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[ 59.092241][ T5092] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[ 59.092241][ T5092] running recovery passes: check_allocations
[ 59.121832][ T5092] bcachefs (loop0): accounting_read... done
[ 59.128066][ T5092] bcachefs (loop0): alloc_read... done
[ 59.133888][ T5092] bcachefs (loop0): stripes_read... done
[ 59.139610][ T5092] bcachefs (loop0): snapshots_read... done
[ 59.145847][ T5092] bcachefs (loop0): check_allocations...
[ 59.149676][ T5092] btree ptr not marked in member info btree allocated bitmap
[ 59.149696][ T5092] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 59.179572][ T5092] btree ptr not marked in member info btree allocated bitmap
[ 59.179585][ T5092] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 59.203043][ T5092] btree ptr not marked in member info btree allocated bitmap
[ 59.203057][ T5092] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 59.226797][ T5092] btree ptr not marked in member info btree allocated bitmap
[ 59.226813][ T5092] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 59.250311][ T5092] btree ptr not marked in member info btree allocated bitmap
[ 59.250330][ T5092] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 59.273528][ T5092] btree ptr not marked in member info btree allocated bitmap
[ 59.273544][ T5092] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 59.298601][ T5092] done
[ 59.304281][ T5092] bcachefs (loop0): going read-write
[ 59.311872][ T5092] bcachefs (loop0): journal_replay... done
[ 59.340628][ T5092] bcachefs (loop0): resume_logged_ops... done
[ 59.346780][ T5092] bcachefs (loop0): delete_dead_inodes... done
[ 59.354519][ T5092] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 59.363993][ T5092] bcachefs (loop0): resume_logged_ops... done
[ 59.370445][ T5092] bcachefs (loop0): delete_dead_inodes... done
[pid 5092] mount("/dev/loop0", "./bus", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = 0
[pid 5092] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5092] chdir("./bus") = 0
[pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5092] ioctl(4, LOOP_CLR_FD) = 0
[pid 5092] close(4) = 0
[pid 5092] exit_group(0) = ?
[ 59.378935][ T5092] bcachefs (loop0): done starting filesystem
[pid 5092] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=47 /* 0.47 s */} ---
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557a8f46f0 /* 5 entries */, 32768) = 136
[ 59.434453][ T5092] syz-executor537 (5092) used greatest stack depth: 10648 bytes left
[ 59.467715][ T5091] bcachefs (loop0): shutting down
[ 59.473055][ T5091] bcachefs (loop0): going read-only
[ 59.478401][ T5091] bcachefs (loop0): finished waiting for writes to stop
[ 59.487474][ T5091] bcachefs (loop0): flushing journal and stopping allocators, journal seq 15
[ 59.496423][ T5091] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 15
[ 59.507714][ T5091] bcachefs (loop0): shutdown complete, journal seq 16
[ 59.515472][ T5091] bcachefs (loop0): marking filesystem clean
[ 59.521605][ T5091]
[ 59.521611][ T5091] ======================================================
[ 59.521616][ T5091] WARNING: possible circular locking dependency detected
[ 59.521622][ T5091] 6.10.0-rc1-next-20240531-syzkaller #0 Not tainted
[ 59.521630][ T5091] ------------------------------------------------------
[ 59.521635][ T5091] syz-executor537/5091 is trying to acquire lock:
[ 59.521644][ T5091] ffff888077801a60 (&c->btree_root_lock){+.+.}-{3:3}, at: bch2_btree_roots_to_journal_entries+0xbb/0x980
[ 59.521689][ T5091]
[ 59.521689][ T5091] but task is already holding lock:
[ 59.521694][ T5091] ffff888077800918 (&c->sb_lock){+.+.}-{3:3}, at: bch2_fs_mark_clean+0x35/0x9f0
[ 59.521733][ T5091]
[ 59.521733][ T5091] which lock already depends on the new lock.
[ 59.521733][ T5091]
[ 59.521738][ T5091]
[ 59.521738][ T5091] the existing dependency chain (in reverse order) is:
[ 59.521742][ T5091]
[ 59.521742][ T5091] -> #1 (&c->sb_lock){+.+.}-{3:3}:
[ 59.521760][ T5091] lock_acquire+0x1ed/0x550
[ 59.521775][ T5091] __mutex_lock+0x136/0xd70
[ 59.521795][ T5091] bch2_gc_mark_key+0xb3e/0x1050
[ 59.521814][ T5091] bch2_check_allocations+0xa1db/0xb9d0
[ 59.521833][ T5091] bch2_run_recovery_pass+0xf0/0x1e0
[ 59.521850][ T5091] bch2_run_recovery_passes+0x19e/0x820
[ 59.521867][ T5091] bch2_fs_recovery+0x238b/0x3730
[ 59.521880][ T5091] bch2_fs_start+0x356/0x5b0
[ 59.521891][ T5091] bch2_fs_open+0xa8d/0xdf0
[ 59.521902][ T5091] bch2_fs_get_tree+0x75e/0x14d0
[ 59.521916][ T5091] vfs_get_tree+0x90/0x2a0
[ 59.521934][ T5091] do_new_mount+0x2be/0xb40
[ 59.521950][ T5091] __se_sys_mount+0x2d9/0x3c0
[ 59.521966][ T5091] do_syscall_64+0xf3/0x230
[ 59.521981][ T5091] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 59.521996][ T5091]
[ 59.521996][ T5091] -> #0 (&c->btree_root_lock){+.+.}-{3:3}:
[ 59.522014][ T5091] validate_chain+0x18ef/0x5920
[ 59.522029][ T5091] __lock_acquire+0x1359/0x2000
[ 59.522041][ T5091] lock_acquire+0x1ed/0x550
[ 59.522053][ T5091] __mutex_lock+0x136/0xd70
[ 59.522063][ T5091] bch2_btree_roots_to_journal_entries+0xbb/0x980
[ 59.522077][ T5091] bch2_fs_mark_clean+0x4a9/0x9f0
[ 59.522093][ T5091] bch2_fs_read_only+0x1115/0x1220
[ 59.522111][ T5091] __bch2_fs_stop+0x105/0x540
[ 59.522121][ T5091] generic_shutdown_super+0x136/0x2d0
[ 59.522136][ T5091] bch2_kill_sb+0x41/0x50
[ 59.522148][ T5091] deactivate_locked_super+0xc4/0x130
[ 59.522163][ T5091] cleanup_mnt+0x41f/0x4b0
[ 59.522174][ T5091] task_work_run+0x24f/0x310
[ 59.522190][ T5091] ptrace_notify+0x2d2/0x380
[ 59.522207][ T5091] syscall_exit_work+0xc6/0x190
[ 59.522224][ T5091] syscall_exit_to_user_mode+0x273/0x370
[ 59.522237][ T5091] do_syscall_64+0x100/0x230
[ 59.522251][ T5091] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 59.522265][ T5091]
[ 59.522265][ T5091] other info that might help us debug this:
[ 59.522265][ T5091]
[ 59.522269][ T5091] Possible unsafe locking scenario:
[ 59.522269][ T5091]
[ 59.522273][ T5091] CPU0 CPU1
[ 59.522277][ T5091] ---- ----
[ 59.522280][ T5091] lock(&c->sb_lock);
[ 59.522288][ T5091] lock(&c->btree_root_lock);
[ 59.522297][ T5091] lock(&c->sb_lock);
[ 59.522305][ T5091] lock(&c->btree_root_lock);
[ 59.522313][ T5091]
[ 59.522313][ T5091] *** DEADLOCK ***
[ 59.522313][ T5091]
[ 59.522316][ T5091] 3 locks held by syz-executor537/5091:
[ 59.522324][ T5091] #0: ffff88807fdf00e0 (&type->s_umount_key#44){+.+.}-{3:3}, at: deactivate_super+0xb5/0xf0
[ 59.522359][ T5091] #1: ffff888077800278 (&c->state_lock){+.+.}-{3:3}, at: __bch2_fs_stop+0xfd/0x540
[ 59.522403][ T5091] #2: ffff888077800918 (&c->sb_lock){+.+.}-{3:3}, at: bch2_fs_mark_clean+0x35/0x9f0
[ 59.522437][ T5091]
[ 59.522437][ T5091] stack backtrace:
[ 59.522446][ T5091] CPU: 0 PID: 5091 Comm: syz-executor537 Not tainted 6.10.0-rc1-next-20240531-syzkaller #0
[ 59.522460][ T5091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 59.522473][ T5091] Call Trace:
[ 59.522481][ T5091]
[ 59.522486][ T5091] dump_stack_lvl+0x241/0x360
[ 59.522503][ T5091] ? __pfx_dump_stack_lvl+0x10/0x10
[ 59.522518][ T5091] ? __pfx__printk+0x10/0x10
[ 59.522536][ T5091] print_circular_bug+0x13a/0x1b0
[ 59.522554][ T5091] check_noncircular+0x36a/0x4a0
[ 59.522572][ T5091] ? __pfx_check_noncircular+0x10/0x10
[ 59.522589][ T5091] ? lockdep_lock+0x123/0x2b0
[ 59.522603][ T5091] ? check_path+0x21/0x40
[ 59.522619][ T5091] ? check_noncircular+0x259/0x4a0
[ 59.522638][ T5091] validate_chain+0x18ef/0x5920
[ 59.522654][ T5091] ? __pfx_check_noncircular+0x10/0x10
[ 59.522677][ T5091] ? __pfx_validate_chain+0x10/0x10
[ 59.522701][ T5091] ? this_cpu_in_panic+0x4f/0x80
[ 59.522717][ T5091] ? _prb_read_valid+0xa39/0xac0
[ 59.522732][ T5091] ? __pfx_validate_chain+0x10/0x10
[ 59.522750][ T5091] ? mark_lock+0x9a/0x360
[ 59.522765][ T5091] __lock_acquire+0x1359/0x2000
[ 59.522784][ T5091] lock_acquire+0x1ed/0x550
[ 59.522798][ T5091] ? bch2_btree_roots_to_journal_entries+0xbb/0x980
[ 59.522815][ T5091] ? __pfx_lock_acquire+0x10/0x10
[ 59.522829][ T5091] ? __lock_acquire+0x1359/0x2000
[ 59.522843][ T5091] ? __pfx___might_resched+0x10/0x10
[ 59.522861][ T5091] __mutex_lock+0x136/0xd70
[ 59.522872][ T5091] ? bch2_btree_roots_to_journal_entries+0xbb/0x980
[ 59.522890][ T5091] ? bch2_btree_roots_to_journal_entries+0xbb/0x980
[ 59.522906][ T5091] ? __pfx___mutex_lock+0x10/0x10
[ 59.522919][ T5091] ? __pfx_lock_release+0x10/0x10
[ 59.522932][ T5091] ? bch2_sb_realloc+0x215/0x660
[ 59.522950][ T5091] bch2_btree_roots_to_journal_entries+0xbb/0x980
[ 59.522966][ T5091] ? bch2_get_next_online_dev+0x27/0x760
[ 59.522981][ T5091] ? bch2_get_next_online_dev+0x27/0x760
[ 59.522995][ T5091] ? bch2_sb_field_resize_id+0x56d/0x7c0
[ 59.523010][ T5091] ? __pfx_bch2_btree_roots_to_journal_entries+0x10/0x10
[ 59.523026][ T5091] ? bch2_sb_field_resize_id+0x5e0/0x7c0
[ 59.523043][ T5091] bch2_fs_mark_clean+0x4a9/0x9f0
[ 59.523063][ T5091] bch2_fs_read_only+0x1115/0x1220
[ 59.523087][ T5091] ? __pfx_bch2_fs_read_only+0x10/0x10
[ 59.523107][ T5091] ? __down_write_common+0x162/0x200
[ 59.523125][ T5091] ? __pfx___bch2_print+0x10/0x10
[ 59.523142][ T5091] ? __pfx___down_write_common+0x10/0x10
[ 59.523160][ T5091] ? hook_sb_delete+0xa5e/0xb90
[ 59.523175][ T5091] ? evict+0x577/0x630
[ 59.523191][ T5091] __bch2_fs_stop+0x105/0x540
[ 59.523202][ T5091] ? __pfx_hook_sb_delete+0x10/0x10
[ 59.523217][ T5091] ? __pfx___bch2_fs_stop+0x10/0x10
[ 59.523230][ T5091] ? __pfx_evict_inodes+0x10/0x10
[ 59.523245][ T5091] ? __pfx_bch2_put_super+0x10/0x10
[ 59.523261][ T5091] generic_shutdown_super+0x136/0x2d0
[ 59.523278][ T5091] bch2_kill_sb+0x41/0x50
[ 59.523292][ T5091] deactivate_locked_super+0xc4/0x130
[ 59.523309][ T5091] cleanup_mnt+0x41f/0x4b0
[ 59.523322][ T5091] ? lockdep_hardirqs_on+0x99/0x150
[ 59.523336][ T5091] task_work_run+0x24f/0x310
[ 59.523355][ T5091] ? __pfx_task_work_run+0x10/0x10
[ 59.523370][ T5091] ? path_umount+0x284/0xf70
[ 59.523394][ T5091] ptrace_notify+0x2d2/0x380
[ 59.523411][ T5091] ? __pfx_path_umount+0x10/0x10
[ 59.523427][ T5091] ? user_path_at_empty+0x4c/0x60
[ 59.523443][ T5091] ? __pfx_ptrace_notify+0x10/0x10
[ 59.523462][ T5091] ? __x64_sys_umount+0x126/0x170
[ 59.523478][ T5091] ? __pfx___x64_sys_umount+0x10/0x10
[ 59.523496][ T5091] syscall_exit_work+0xc6/0x190
[ 59.523513][ T5091] syscall_exit_to_user_mode+0x273/0x370
[ 59.523529][ T5091] do_syscall_64+0x100/0x230
[ 59.523544][ T5091] ? clear_bhb_loop+0x35/0x90
[ 59.523560][ T5091] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 59.523579][ T5091] RIP: 0033:0x7f61d2db54c7
[ 59.523594][ T5091] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[ 59.523604][ T5091] RSP: 002b:00007ffd384f1498 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[ 59.523617][ T5091] RAX: 0000000000000000 RBX: 000000000000e4de RCX: 00007f61d2db54c7
[ 59.523627][ T5091] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd384f1550
[ 59.523635][ T5091] RBP: 00007ffd384f1550 R08: 0000000000000000 R09: 0000000000000000
[ 59.523643][ T5091] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffd384f25c0
[ 59.523652][ T5091] R13: 000055557a8f46c0 R14: 431bde82d7b634db R15: 00007ffd384f25e0
[ 59.523666][ T5091]
[ 60.352002][ T5091] bcachefs (loop0): shutdown complete
umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/bus") = 0
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs") = 0
umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file1") = 0
getdents64(3, 0x55557a8f46f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5104 attached
, child_tidptr=0x55557a8f3650) = 5104
[pid 5104] set_robust_list(0x55557a8f3660, 24) = 0
[pid 5104] chdir("./1") = 0
[pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5104] setpgid(0, 0) = 0
[pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5104] write(3, "1000", 4) = 4
[pid 5104] close(3) = 0
[pid 5104] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5104] write(1, "executing program\n", 18executing program
) = 18
[pid 5104] memfd_create("syzkaller", 0) = 3
[pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5104] write(3, "\x60\x1c\x6d\x6b\x64\x6f\x73\x66\xe4\x17\x98\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072
[pid 5104] munmap(0x7f61ca800000, 138412032) = 0
[pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5104] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5104] close(3) = 0
[pid 5104] close(4) = 0
[pid 5104] mkdir("./file1", 0777) = 0
[pid 5104] mount("/dev/loop0", "./file1", "msdos", MS_MANDLOCK|MS_RELATIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = -1 EINVAL (Invalid argument)
[pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 60.687489][ T5104] loop0: detected capacity change from 0 to 256
[pid 5104] ioctl(3, LOOP_CLR_FD) = 0
[pid 5104] close(3) = 0
[pid 5104] memfd_create("syzkaller", 0) = 3
[pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5104] munmap(0x7f61ca800000, 138412032) = 0
[pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5104] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5104] close(3) = 0
[pid 5104] close(4) = 0
[pid 5104] mkdir("./bus", 0777) = 0
[ 60.922544][ T5104] loop0: detected capacity change from 0 to 32768
[ 60.953267][ T5104] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78
[ 60.988595][ T5104] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names
[ 61.001548][ T5104] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[ 61.009400][ T5104] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[ 61.009400][ T5104] running recovery passes: check_allocations
[ 61.033648][ T5104] bcachefs (loop0): accounting_read... done
[ 61.039585][ T5104] bcachefs (loop0): alloc_read... done
[ 61.045115][ T5104] bcachefs (loop0): stripes_read... done
[ 61.051014][ T5104] bcachefs (loop0): snapshots_read... done
[ 61.056964][ T5104] bcachefs (loop0): check_allocations...
[ 61.057734][ T5104] btree ptr not marked in member info btree allocated bitmap
[ 61.057744][ T5104] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 61.086348][ T5104] btree ptr not marked in member info btree allocated bitmap
[ 61.086361][ T5104] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 61.108815][ T5104] btree ptr not marked in member info btree allocated bitmap
[ 61.108825][ T5104] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 61.131628][ T5104] btree ptr not marked in member info btree allocated bitmap
[ 61.131639][ T5104] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 61.154206][ T5104] btree ptr not marked in member info btree allocated bitmap
[ 61.154217][ T5104] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 61.177268][ T5104] btree ptr not marked in member info btree allocated bitmap
[ 61.177279][ T5104] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 61.201361][ T5104] done
[ 61.205814][ T5104] bcachefs (loop0): going read-write
[ 61.211935][ T5104] bcachefs (loop0): journal_replay... done
[ 61.226160][ T5104] bcachefs (loop0): resume_logged_ops... done
[ 61.232300][ T5104] bcachefs (loop0): delete_dead_inodes... done
[pid 5104] mount("/dev/loop0", "./bus", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = 0
[pid 5104] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5104] chdir("./bus") = 0
[pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5104] ioctl(4, LOOP_CLR_FD) = 0
[pid 5104] close(4) = 0
[pid 5104] exit_group(0) = ?
[pid 5104] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=36 /* 0.36 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557a8f46f0 /* 5 entries */, 32768) = 136
[ 61.238978][ T5104] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 61.248357][ T5104] bcachefs (loop0): resume_logged_ops... done
[ 61.254508][ T5104] bcachefs (loop0): delete_dead_inodes... done
[ 61.262167][ T5104] bcachefs (loop0): done starting filesystem
[ 61.300888][ T5091] bcachefs (loop0): shutting down
[ 61.305920][ T5091] bcachefs (loop0): going read-only
[ 61.311533][ T5091] bcachefs (loop0): finished waiting for writes to stop
[ 61.318779][ T5091] bcachefs (loop0): flushing journal and stopping allocators, journal seq 14
[ 61.327624][ T5091] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 14
[ 61.337780][ T5091] bcachefs (loop0): shutdown complete, journal seq 15
[ 61.344988][ T5091] bcachefs (loop0): marking filesystem clean
[ 61.358257][ T5091] bcachefs (loop0): shutdown complete
umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/bus") = 0
umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs") = 0
umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file1") = 0
getdents64(3, 0x55557a8f46f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557a8f3650) = 5115
./strace-static-x86_64: Process 5115 attached
[pid 5115] set_robust_list(0x55557a8f3660, 24) = 0
[pid 5115] chdir("./2") = 0
[pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5115] setpgid(0, 0) = 0
[pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5115] write(3, "1000", 4) = 4
[pid 5115] close(3) = 0
[pid 5115] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5115] write(1, "executing program\n", 18executing program
) = 18
[pid 5115] memfd_create("syzkaller", 0) = 3
[pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5115] write(3, "\x60\x1c\x6d\x6b\x64\x6f\x73\x66\xe4\x17\x98\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072
[pid 5115] munmap(0x7f61ca800000, 138412032) = 0
[pid 5115] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5115] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5115] close(3) = 0
[pid 5115] close(4) = 0
[pid 5115] mkdir("./file1", 0777) = 0
[pid 5115] mount("/dev/loop0", "./file1", "msdos", MS_MANDLOCK|MS_RELATIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = -1 EINVAL (Invalid argument)
[pid 5115] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 61.698589][ T5115] loop0: detected capacity change from 0 to 256
[pid 5115] ioctl(3, LOOP_CLR_FD) = 0
[pid 5115] close(3) = 0
[pid 5115] memfd_create("syzkaller", 0) = 3
[pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5115] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5115] munmap(0x7f61ca800000, 138412032) = 0
[pid 5115] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5115] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5115] close(3) = 0
[pid 5115] close(4) = 0
[pid 5115] mkdir("./bus", 0777) = 0
[ 61.950848][ T5115] loop0: detected capacity change from 0 to 32768
[ 61.979542][ T5115] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78
[ 62.014633][ T5115] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names
[ 62.027517][ T5115] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[ 62.035574][ T5115] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[ 62.035574][ T5115] running recovery passes: check_allocations
[ 62.059521][ T5115] bcachefs (loop0): accounting_read... done
[ 62.065706][ T5115] bcachefs (loop0): alloc_read... done
[ 62.071465][ T5115] bcachefs (loop0): stripes_read... done
[ 62.077131][ T5115] bcachefs (loop0): snapshots_read... done
[ 62.083349][ T5115] bcachefs (loop0): check_allocations...
[ 62.084238][ T5115] btree ptr not marked in member info btree allocated bitmap
[ 62.084249][ T5115] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 62.112502][ T5115] btree ptr not marked in member info btree allocated bitmap
[ 62.112513][ T5115] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 62.135274][ T5115] btree ptr not marked in member info btree allocated bitmap
[ 62.135285][ T5115] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 62.158241][ T5115] btree ptr not marked in member info btree allocated bitmap
[ 62.158252][ T5115] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 62.180855][ T5115] btree ptr not marked in member info btree allocated bitmap
[ 62.180865][ T5115] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 62.203871][ T5115] btree ptr not marked in member info btree allocated bitmap
[ 62.203884][ T5115] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 62.227771][ T5115] done
[ 62.232878][ T5115] bcachefs (loop0): going read-write
[ 62.238981][ T5115] bcachefs (loop0): journal_replay... done
[ 62.253921][ T5115] bcachefs (loop0): resume_logged_ops... done
[ 62.260117][ T5115] bcachefs (loop0): delete_dead_inodes... done
[pid 5115] mount("/dev/loop0", "./bus", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = 0
[pid 5115] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5115] chdir("./bus") = 0
[pid 5115] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5115] ioctl(4, LOOP_CLR_FD) = 0
[pid 5115] close(4) = 0
[pid 5115] exit_group(0) = ?
[pid 5115] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=36 /* 0.36 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557a8f46f0 /* 5 entries */, 32768) = 136
[ 62.266767][ T5115] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 62.276114][ T5115] bcachefs (loop0): resume_logged_ops... done
[ 62.282252][ T5115] bcachefs (loop0): delete_dead_inodes... done
[ 62.290064][ T5115] bcachefs (loop0): done starting filesystem
[ 62.347798][ T5091] bcachefs (loop0): shutting down
[ 62.352893][ T5091] bcachefs (loop0): going read-only
[ 62.358111][ T5091] bcachefs (loop0): finished waiting for writes to stop
[ 62.365715][ T5091] bcachefs (loop0): flushing journal and stopping allocators, journal seq 15
[ 62.374648][ T5091] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 15
[ 62.385086][ T5091] bcachefs (loop0): shutdown complete, journal seq 16
[ 62.392430][ T5091] bcachefs (loop0): marking filesystem clean
[ 62.406316][ T5091] bcachefs (loop0): shutdown complete
umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/bus") = 0
umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs") = 0
umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file1") = 0
getdents64(3, 0x55557a8f46f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557a8f3650) = 5125
./strace-static-x86_64: Process 5125 attached
[pid 5125] set_robust_list(0x55557a8f3660, 24) = 0
[pid 5125] chdir("./3") = 0
[pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5125] setpgid(0, 0) = 0
[pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5125] write(3, "1000", 4) = 4
[pid 5125] close(3) = 0
[pid 5125] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5125] write(1, "executing program\n", 18executing program
) = 18
[pid 5125] memfd_create("syzkaller", 0) = 3
[pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5125] write(3, "\x60\x1c\x6d\x6b\x64\x6f\x73\x66\xe4\x17\x98\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072
[pid 5125] munmap(0x7f61ca800000, 138412032) = 0
[pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5125] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5125] close(3) = 0
[pid 5125] close(4) = 0
[pid 5125] mkdir("./file1", 0777) = 0
[pid 5125] mount("/dev/loop0", "./file1", "msdos", MS_MANDLOCK|MS_RELATIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = -1 EINVAL (Invalid argument)
[pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 62.666994][ T5125] loop0: detected capacity change from 0 to 256
[pid 5125] ioctl(3, LOOP_CLR_FD) = 0
[pid 5125] close(3) = 0
[pid 5125] memfd_create("syzkaller", 0) = 3
[pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5125] munmap(0x7f61ca800000, 138412032) = 0
[pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5125] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5125] close(3) = 0
[pid 5125] close(4) = 0
[pid 5125] mkdir("./bus", 0777) = 0
[ 62.893718][ T5125] loop0: detected capacity change from 0 to 32768
[ 62.918480][ T5125] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78
[ 62.954706][ T5125] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names
[ 62.967627][ T5125] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[ 62.975582][ T5125] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[ 62.975582][ T5125] running recovery passes: check_allocations
[ 62.999407][ T5125] bcachefs (loop0): accounting_read... done
[ 63.005564][ T5125] bcachefs (loop0): alloc_read... done
[ 63.011103][ T5125] bcachefs (loop0): stripes_read... done
[ 63.016818][ T5125] bcachefs (loop0): snapshots_read... done
[ 63.022906][ T5125] bcachefs (loop0): check_allocations...
[ 63.023661][ T5125] btree ptr not marked in member info btree allocated bitmap
[ 63.023670][ T5125] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 63.051848][ T5125] btree ptr not marked in member info btree allocated bitmap
[ 63.051859][ T5125] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 63.074412][ T5125] btree ptr not marked in member info btree allocated bitmap
[ 63.074423][ T5125] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 63.097232][ T5125] btree ptr not marked in member info btree allocated bitmap
[ 63.097243][ T5125] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 63.120359][ T5125] btree ptr not marked in member info btree allocated bitmap
[ 63.120370][ T5125] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 63.144569][ T5125] btree ptr not marked in member info btree allocated bitmap
[ 63.144580][ T5125] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 63.168306][ T5125] done
[ 63.172876][ T5125] bcachefs (loop0): going read-write
[ 63.178861][ T5125] bcachefs (loop0): journal_replay... done
[ 63.193571][ T5125] bcachefs (loop0): resume_logged_ops... done
[ 63.199672][ T5125] bcachefs (loop0): delete_dead_inodes... done
[pid 5125] mount("/dev/loop0", "./bus", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = 0
[pid 5125] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5125] chdir("./bus") = 0
[pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5125] ioctl(4, LOOP_CLR_FD) = 0
[pid 5125] close(4) = 0
[pid 5125] exit_group(0) = ?
[pid 5125] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=35 /* 0.35 s */} ---
umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557a8f46f0 /* 5 entries */, 32768) = 136
[ 63.206602][ T5125] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 63.216038][ T5125] bcachefs (loop0): resume_logged_ops... done
[ 63.222459][ T5125] bcachefs (loop0): delete_dead_inodes... done
[ 63.230594][ T5125] bcachefs (loop0): done starting filesystem
[ 63.293652][ T5091] bcachefs (loop0): shutting down
[ 63.298700][ T5091] bcachefs (loop0): going read-only
[ 63.303979][ T5091] bcachefs (loop0): finished waiting for writes to stop
[ 63.311462][ T5091] bcachefs (loop0): flushing journal and stopping allocators, journal seq 14
[ 63.320362][ T5091] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 14
[ 63.330791][ T5091] bcachefs (loop0): shutdown complete, journal seq 15
[ 63.337835][ T5091] bcachefs (loop0): marking filesystem clean
[ 63.351428][ T5091] bcachefs (loop0): shutdown complete
umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/bus") = 0
umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs") = 0
umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file1") = 0
getdents64(3, 0x55557a8f46f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5136 attached
[pid 5136] set_robust_list(0x55557a8f3660, 24
[pid 5091] <... clone resumed>, child_tidptr=0x55557a8f3650) = 5136
[pid 5136] <... set_robust_list resumed>) = 0
[pid 5136] chdir("./4") = 0
[pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5136] setpgid(0, 0) = 0
[pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5136] write(3, "1000", 4) = 4
[pid 5136] close(3) = 0
[pid 5136] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5136] write(1, "executing program\n", 18executing program
) = 18
[pid 5136] memfd_create("syzkaller", 0) = 3
[pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5136] write(3, "\x60\x1c\x6d\x6b\x64\x6f\x73\x66\xe4\x17\x98\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072
[pid 5136] munmap(0x7f61ca800000, 138412032) = 0
[pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5136] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5136] close(3) = 0
[pid 5136] close(4) = 0
[pid 5136] mkdir("./file1", 0777) = 0
[pid 5136] mount("/dev/loop0", "./file1", "msdos", MS_MANDLOCK|MS_RELATIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = -1 EINVAL (Invalid argument)
[pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 5136] ioctl(3, LOOP_CLR_FD) = 0
[ 63.810430][ T5136] loop0: detected capacity change from 0 to 256
[pid 5136] close(3) = 0
[pid 5136] memfd_create("syzkaller", 0) = 3
[pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5136] munmap(0x7f61ca800000, 138412032) = 0
[pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5136] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5136] close(3) = 0
[pid 5136] close(4) = 0
[pid 5136] mkdir("./bus", 0777) = 0
[ 64.024830][ T5136] loop0: detected capacity change from 0 to 32768
[ 64.059670][ T5136] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78
[ 64.095601][ T5136] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names
[ 64.108588][ T5136] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[ 64.116546][ T5136] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[ 64.116546][ T5136] running recovery passes: check_allocations
[ 64.140654][ T5136] bcachefs (loop0): accounting_read... done
[ 64.146696][ T5136] bcachefs (loop0): alloc_read... done
[ 64.152257][ T5136] bcachefs (loop0): stripes_read... done
[ 64.158195][ T5136] bcachefs (loop0): snapshots_read... done
[ 64.164645][ T5136] bcachefs (loop0): check_allocations...
[ 64.165630][ T5136] btree ptr not marked in member info btree allocated bitmap
[ 64.165640][ T5136] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 64.194004][ T5136] btree ptr not marked in member info btree allocated bitmap
[ 64.194014][ T5136] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 64.216475][ T5136] btree ptr not marked in member info btree allocated bitmap
[ 64.216486][ T5136] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 64.239279][ T5136] btree ptr not marked in member info btree allocated bitmap
[ 64.239289][ T5136] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 64.261933][ T5136] btree ptr not marked in member info btree allocated bitmap
[ 64.261944][ T5136] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 64.284821][ T5136] btree ptr not marked in member info btree allocated bitmap
[ 64.284832][ T5136] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 64.308642][ T5136] done
[ 64.313191][ T5136] bcachefs (loop0): going read-write
[ 64.319248][ T5136] bcachefs (loop0): journal_replay... done
[ 64.333912][ T5136] bcachefs (loop0): resume_logged_ops... done
[ 64.340057][ T5136] bcachefs (loop0): delete_dead_inodes... done
[pid 5136] mount("/dev/loop0", "./bus", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = 0
[pid 5136] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5136] chdir("./bus") = 0
[pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5136] ioctl(4, LOOP_CLR_FD) = 0
[pid 5136] close(4) = 0
[pid 5136] exit_group(0) = ?
[pid 5136] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=35 /* 0.35 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557a8f46f0 /* 5 entries */, 32768) = 136
[ 64.346779][ T5136] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 64.356150][ T5136] bcachefs (loop0): resume_logged_ops... done
[ 64.362383][ T5136] bcachefs (loop0): delete_dead_inodes... done
[ 64.369915][ T5136] bcachefs (loop0): done starting filesystem
[ 64.413220][ T5091] bcachefs (loop0): shutting down
[ 64.418262][ T5091] bcachefs (loop0): going read-only
[ 64.423561][ T5091] bcachefs (loop0): finished waiting for writes to stop
[ 64.430845][ T5091] bcachefs (loop0): flushing journal and stopping allocators, journal seq 14
[ 64.439624][ T5091] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 14
[ 64.450123][ T5091] bcachefs (loop0): shutdown complete, journal seq 15
[ 64.457193][ T5091] bcachefs (loop0): marking filesystem clean
[ 64.470724][ T5091] bcachefs (loop0): shutdown complete
umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/bus") = 0
umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs") = 0
umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file1") = 0
getdents64(3, 0x55557a8f46f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557a8f3650) = 5147
./strace-static-x86_64: Process 5147 attached
[pid 5147] set_robust_list(0x55557a8f3660, 24) = 0
[pid 5147] chdir("./5") = 0
[pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5147] setpgid(0, 0) = 0
[pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5147] write(3, "1000", 4) = 4
[pid 5147] close(3) = 0
[pid 5147] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 5147] write(1, "executing program\n", 18) = 18
[pid 5147] memfd_create("syzkaller", 0) = 3
[pid 5147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5147] write(3, "\x60\x1c\x6d\x6b\x64\x6f\x73\x66\xe4\x17\x98\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072
[pid 5147] munmap(0x7f61ca800000, 138412032) = 0
[pid 5147] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5147] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5147] close(3) = 0
[pid 5147] close(4) = 0
[pid 5147] mkdir("./file1", 0777) = 0
[pid 5147] mount("/dev/loop0", "./file1", "msdos", MS_MANDLOCK|MS_RELATIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = -1 EINVAL (Invalid argument)
[pid 5147] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 64.785401][ T5147] loop0: detected capacity change from 0 to 256
[pid 5147] ioctl(3, LOOP_CLR_FD) = 0
[pid 5147] close(3) = 0
[pid 5147] memfd_create("syzkaller", 0) = 3
[pid 5147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5147] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5147] munmap(0x7f61ca800000, 138412032) = 0
[pid 5147] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5147] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5147] close(3) = 0
[pid 5147] close(4) = 0
[pid 5147] mkdir("./bus", 0777) = 0
[ 65.010703][ T5147] loop0: detected capacity change from 0 to 32768
[ 65.039502][ T5147] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78
[ 65.076069][ T5147] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names
[ 65.089140][ T5147] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[ 65.097199][ T5147] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[ 65.097199][ T5147] running recovery passes: check_allocations
[ 65.121593][ T5147] bcachefs (loop0): accounting_read... done
[ 65.127564][ T5147] bcachefs (loop0): alloc_read... done
[ 65.133223][ T5147] bcachefs (loop0): stripes_read... done
[ 65.138889][ T5147] bcachefs (loop0): snapshots_read... done
[ 65.144775][ T5147] bcachefs (loop0): check_allocations...
[ 65.145533][ T5147] btree ptr not marked in member info btree allocated bitmap
[ 65.145542][ T5147] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 65.173806][ T5147] btree ptr not marked in member info btree allocated bitmap
[ 65.173817][ T5147] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 65.196310][ T5147] btree ptr not marked in member info btree allocated bitmap
[ 65.196321][ T5147] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 65.218996][ T5147] btree ptr not marked in member info btree allocated bitmap
[ 65.219006][ T5147] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 65.241588][ T5147] btree ptr not marked in member info btree allocated bitmap
[ 65.241599][ T5147] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 65.264982][ T5147] btree ptr not marked in member info btree allocated bitmap
[ 65.264992][ T5147] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 65.288620][ T5147] done
[ 65.293106][ T5147] bcachefs (loop0): going read-write
[ 65.298983][ T5147] bcachefs (loop0): journal_replay... done
[ 65.313623][ T5147] bcachefs (loop0): resume_logged_ops... done
[ 65.319738][ T5147] bcachefs (loop0): delete_dead_inodes... done
[pid 5147] mount("/dev/loop0", "./bus", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = 0
[pid 5147] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5147] chdir("./bus") = 0
[pid 5147] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5147] ioctl(4, LOOP_CLR_FD) = 0
[pid 5147] close(4) = 0
[pid 5147] exit_group(0) = ?
[pid 5147] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5147, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=36 /* 0.36 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557a8f46f0 /* 5 entries */, 32768) = 136
[ 65.326676][ T5147] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 65.336030][ T5147] bcachefs (loop0): resume_logged_ops... done
[ 65.342185][ T5147] bcachefs (loop0): delete_dead_inodes... done
[ 65.349790][ T5147] bcachefs (loop0): done starting filesystem
[ 65.407017][ T5091] bcachefs (loop0): shutting down
[ 65.412109][ T5091] bcachefs (loop0): going read-only
[ 65.417375][ T5091] bcachefs (loop0): finished waiting for writes to stop
[ 65.424754][ T5091] bcachefs (loop0): flushing journal and stopping allocators, journal seq 15
[ 65.433835][ T5091] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 15
[ 65.444019][ T5091] bcachefs (loop0): shutdown complete, journal seq 16
[ 65.451412][ T5091] bcachefs (loop0): marking filesystem clean
[ 65.464659][ T5091] bcachefs (loop0): shutdown complete
umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/bus") = 0
umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./5/binderfs") = 0
umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file1") = 0
getdents64(3, 0x55557a8f46f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5157 attached
[pid 5157] set_robust_list(0x55557a8f3660, 24
[pid 5091] <... clone resumed>, child_tidptr=0x55557a8f3650) = 5157
[pid 5157] <... set_robust_list resumed>) = 0
[pid 5157] chdir("./6") = 0
[pid 5157] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5157] setpgid(0, 0) = 0
[pid 5157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5157] write(3, "1000", 4) = 4
[pid 5157] close(3) = 0
[pid 5157] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5157] write(1, "executing program\n", 18executing program
) = 18
[pid 5157] memfd_create("syzkaller", 0) = 3
[pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5157] write(3, "\x60\x1c\x6d\x6b\x64\x6f\x73\x66\xe4\x17\x98\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072
[pid 5157] munmap(0x7f61ca800000, 138412032) = 0
[pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5157] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5157] close(3) = 0
[pid 5157] close(4) = 0
[pid 5157] mkdir("./file1", 0777) = 0
[pid 5157] mount("/dev/loop0", "./file1", "msdos", MS_MANDLOCK|MS_RELATIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = -1 EINVAL (Invalid argument)
[pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 65.892387][ T5157] loop0: detected capacity change from 0 to 256
[pid 5157] ioctl(3, LOOP_CLR_FD) = 0
[pid 5157] close(3) = 0
[pid 5157] memfd_create("syzkaller", 0) = 3
[pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5157] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5157] munmap(0x7f61ca800000, 138412032) = 0
[pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5157] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5157] close(3) = 0
[pid 5157] close(4) = 0
[pid 5157] mkdir("./bus", 0777) = 0
[ 66.113669][ T5157] loop0: detected capacity change from 0 to 32768
[ 66.133851][ T5157] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78
[ 66.181819][ T5157] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names
[ 66.194704][ T5157] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[ 66.202637][ T5157] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[ 66.202637][ T5157] running recovery passes: check_allocations
[ 66.226396][ T5157] bcachefs (loop0): accounting_read... done
[ 66.232742][ T5157] bcachefs (loop0): alloc_read... done
[ 66.238333][ T5157] bcachefs (loop0): stripes_read... done
[ 66.244092][ T5157] bcachefs (loop0): snapshots_read... done
[ 66.250078][ T5157] bcachefs (loop0): check_allocations...
[ 66.250908][ T5157] btree ptr not marked in member info btree allocated bitmap
[ 66.250918][ T5157] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 66.279412][ T5157] btree ptr not marked in member info btree allocated bitmap
[ 66.279422][ T5157] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 66.302025][ T5157] btree ptr not marked in member info btree allocated bitmap
[ 66.302036][ T5157] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 66.325041][ T5157] btree ptr not marked in member info btree allocated bitmap
[ 66.325051][ T5157] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 66.347757][ T5157] btree ptr not marked in member info btree allocated bitmap
[ 66.347768][ T5157] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 66.370443][ T5157] btree ptr not marked in member info btree allocated bitmap
[ 66.370453][ T5157] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 66.394262][ T5157] done
[ 66.398823][ T5157] bcachefs (loop0): going read-write
[ 66.404890][ T5157] bcachefs (loop0): journal_replay... done
[ 66.419251][ T5157] bcachefs (loop0): resume_logged_ops... done
[ 66.425477][ T5157] bcachefs (loop0): delete_dead_inodes... done
[pid 5157] mount("/dev/loop0", "./bus", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = 0
[pid 5157] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5157] chdir("./bus") = 0
[pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5157] ioctl(4, LOOP_CLR_FD) = 0
[pid 5157] close(4) = 0
[pid 5157] exit_group(0) = ?
[pid 5157] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5157, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=35 /* 0.35 s */} ---
umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557a8f46f0 /* 5 entries */, 32768) = 136
[ 66.432217][ T5157] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 66.441582][ T5157] bcachefs (loop0): resume_logged_ops... done
[ 66.447682][ T5157] bcachefs (loop0): delete_dead_inodes... done
[ 66.455399][ T5157] bcachefs (loop0): done starting filesystem
[ 66.494900][ T5091] bcachefs (loop0): shutting down
[ 66.499940][ T5091] bcachefs (loop0): going read-only
[ 66.505339][ T5091] bcachefs (loop0): finished waiting for writes to stop
[ 66.512634][ T5091] bcachefs (loop0): flushing journal and stopping allocators, journal seq 14
[ 66.521454][ T5091] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 14
[ 66.531604][ T5091] bcachefs (loop0): shutdown complete, journal seq 15
[ 66.538657][ T5091] bcachefs (loop0): marking filesystem clean
[ 66.552703][ T5091] bcachefs (loop0): shutdown complete
umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/bus") = 0
umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./6/binderfs") = 0
umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file1") = 0
getdents64(3, 0x55557a8f46f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5167 attached
, child_tidptr=0x55557a8f3650) = 5167
[pid 5167] set_robust_list(0x55557a8f3660, 24) = 0
[pid 5167] chdir("./7") = 0
[pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5167] setpgid(0, 0) = 0
[pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5167] write(3, "1000", 4) = 4
[pid 5167] close(3) = 0
[pid 5167] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5167] write(1, "executing program\n", 18executing program
) = 18
[pid 5167] memfd_create("syzkaller", 0) = 3
[pid 5167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5167] write(3, "\x60\x1c\x6d\x6b\x64\x6f\x73\x66\xe4\x17\x98\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072
[pid 5167] munmap(0x7f61ca800000, 138412032) = 0
[pid 5167] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5167] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5167] close(3) = 0
[pid 5167] close(4) = 0
[pid 5167] mkdir("./file1", 0777) = 0
[pid 5167] mount("/dev/loop0", "./file1", "msdos", MS_MANDLOCK|MS_RELATIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = -1 EINVAL (Invalid argument)
[pid 5167] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 5167] ioctl(3, LOOP_CLR_FD) = 0
[pid 5167] close(3) = 0
[pid 5167] memfd_create("syzkaller", 0) = 3
[pid 5167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[ 66.904079][ T5167] loop0: detected capacity change from 0 to 256
[pid 5167] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5167] munmap(0x7f61ca800000, 138412032) = 0
[pid 5167] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5167] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5167] close(3) = 0
[pid 5167] close(4) = 0
[pid 5167] mkdir("./bus", 0777) = 0
[ 67.065421][ T5167] loop0: detected capacity change from 0 to 32768
[ 67.092431][ T5167] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78
[ 67.128944][ T5167] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names
[ 67.141852][ T5167] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[ 67.149702][ T5167] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[ 67.149702][ T5167] running recovery passes: check_allocations
[ 67.173461][ T5167] bcachefs (loop0): accounting_read... done
[ 67.179414][ T5167] bcachefs (loop0): alloc_read... done
[ 67.185143][ T5167] bcachefs (loop0): stripes_read... done
[ 67.190887][ T5167] bcachefs (loop0): snapshots_read... done
[ 67.196880][ T5167] bcachefs (loop0): check_allocations...
[ 67.197651][ T5167] btree ptr not marked in member info btree allocated bitmap
[ 67.197661][ T5167] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 67.225908][ T5167] btree ptr not marked in member info btree allocated bitmap
[ 67.225919][ T5167] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 67.248379][ T5167] btree ptr not marked in member info btree allocated bitmap
[ 67.248389][ T5167] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 67.271133][ T5167] btree ptr not marked in member info btree allocated bitmap
[ 67.271144][ T5167] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 67.293646][ T5167] btree ptr not marked in member info btree allocated bitmap
[ 67.293656][ T5167] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 67.316416][ T5167] btree ptr not marked in member info btree allocated bitmap
[ 67.316426][ T5167] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 67.340260][ T5167] done
[ 67.344679][ T5167] bcachefs (loop0): going read-write
[ 67.350744][ T5167] bcachefs (loop0): journal_replay... done
[ 67.365253][ T5167] bcachefs (loop0): resume_logged_ops... done
[ 67.371387][ T5167] bcachefs (loop0): delete_dead_inodes... done
[pid 5167] mount("/dev/loop0", "./bus", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = 0
[pid 5167] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5167] chdir("./bus") = 0
[pid 5167] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5167] ioctl(4, LOOP_CLR_FD) = 0
[ 67.378076][ T5167] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 67.387427][ T5167] bcachefs (loop0): resume_logged_ops... done
[ 67.393564][ T5167] bcachefs (loop0): delete_dead_inodes... done
[ 67.401258][ T5167] bcachefs (loop0): done starting filesystem
[pid 5167] close(4) = 0
[pid 5167] exit_group(0) = ?
[pid 5167] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5167, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=38 /* 0.38 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557a8f46f0 /* 5 entries */, 32768) = 136
[ 67.477748][ T5091] bcachefs (loop0): shutting down
[ 67.482871][ T5091] bcachefs (loop0): going read-only
[ 67.488058][ T5091] bcachefs (loop0): finished waiting for writes to stop
[ 67.495998][ T5091] bcachefs (loop0): flushing journal and stopping allocators, journal seq 15
[ 67.505070][ T5091] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 15
[ 67.515360][ T5091] bcachefs (loop0): shutdown complete, journal seq 16
[ 67.522449][ T5091] bcachefs (loop0): marking filesystem clean
[ 67.536462][ T5091] bcachefs (loop0): shutdown complete
umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/bus") = 0
umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./7/binderfs") = 0
umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file1") = 0
getdents64(3, 0x55557a8f46f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5177 attached
[pid 5177] set_robust_list(0x55557a8f3660, 24
[pid 5091] <... clone resumed>, child_tidptr=0x55557a8f3650) = 5177
[pid 5177] <... set_robust_list resumed>) = 0
[pid 5177] chdir("./8") = 0
[pid 5177] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5177] setpgid(0, 0) = 0
[pid 5177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5177] write(3, "1000", 4) = 4
[pid 5177] close(3) = 0
[pid 5177] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5177] write(1, "executing program\n", 18executing program
) = 18
[pid 5177] memfd_create("syzkaller", 0) = 3
[pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5177] write(3, "\x60\x1c\x6d\x6b\x64\x6f\x73\x66\xe4\x17\x98\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072
[pid 5177] munmap(0x7f61ca800000, 138412032) = 0
[pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5177] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5177] close(3) = 0
[pid 5177] close(4) = 0
[pid 5177] mkdir("./file1", 0777) = 0
[pid 5177] mount("/dev/loop0", "./file1", "msdos", MS_MANDLOCK|MS_RELATIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = -1 EINVAL (Invalid argument)
[pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 67.867442][ T5177] loop0: detected capacity change from 0 to 256
[pid 5177] ioctl(3, LOOP_CLR_FD) = 0
[pid 5177] close(3) = 0
[pid 5177] memfd_create("syzkaller", 0) = 3
[pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5177] munmap(0x7f61ca800000, 138412032) = 0
[pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5177] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5177] close(3) = 0
[pid 5177] close(4) = 0
[pid 5177] mkdir("./bus", 0777) = 0
[ 68.085007][ T5177] loop0: detected capacity change from 0 to 32768
[ 68.109952][ T5177] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78
[ 68.149025][ T5177] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names
[ 68.162050][ T5177] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[ 68.169910][ T5177] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[ 68.169910][ T5177] running recovery passes: check_allocations
[ 68.194097][ T5177] bcachefs (loop0): accounting_read... done
[ 68.200311][ T5177] bcachefs (loop0): alloc_read... done
[ 68.205785][ T5177] bcachefs (loop0): stripes_read... done
[ 68.211479][ T5177] bcachefs (loop0): snapshots_read... done
[ 68.217477][ T5177] bcachefs (loop0): check_allocations...
[ 68.218348][ T5177] btree ptr not marked in member info btree allocated bitmap
[ 68.218359][ T5177] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 68.246969][ T5177] btree ptr not marked in member info btree allocated bitmap
[ 68.246980][ T5177] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 68.269476][ T5177] btree ptr not marked in member info btree allocated bitmap
[ 68.269487][ T5177] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 68.292176][ T5177] btree ptr not marked in member info btree allocated bitmap
[ 68.292187][ T5177] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 68.314746][ T5177] btree ptr not marked in member info btree allocated bitmap
[ 68.314756][ T5177] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 68.337362][ T5177] btree ptr not marked in member info btree allocated bitmap
[ 68.337373][ T5177] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 68.361505][ T5177] done
[ 68.365966][ T5177] bcachefs (loop0): going read-write
[ 68.372086][ T5177] bcachefs (loop0): journal_replay... done
[ 68.386800][ T5177] bcachefs (loop0): resume_logged_ops... done
[ 68.392963][ T5177] bcachefs (loop0): delete_dead_inodes... done
[pid 5177] mount("/dev/loop0", "./bus", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = 0
[pid 5177] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5177] chdir("./bus") = 0
[pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5177] ioctl(4, LOOP_CLR_FD) = 0
[pid 5177] close(4) = 0
[pid 5177] exit_group(0) = ?
[pid 5177] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5177, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=35 /* 0.35 s */} ---
umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[ 68.399670][ T5177] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 68.409105][ T5177] bcachefs (loop0): resume_logged_ops... done
[ 68.415232][ T5177] bcachefs (loop0): delete_dead_inodes... done
[ 68.422948][ T5177] bcachefs (loop0): done starting filesystem
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557a8f46f0 /* 5 entries */, 32768) = 136
[ 68.503430][ T5091] bcachefs (loop0): shutting down
[ 68.508602][ T5091] bcachefs (loop0): going read-only
[ 68.514076][ T5091] bcachefs (loop0): finished waiting for writes to stop
[ 68.521374][ T5091] bcachefs (loop0): flushing journal and stopping allocators, journal seq 15
[ 68.530233][ T5091] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 15
[ 68.540383][ T5091] bcachefs (loop0): shutdown complete, journal seq 16
[ 68.547432][ T5091] bcachefs (loop0): marking filesystem clean
[ 68.561314][ T5091] bcachefs (loop0): shutdown complete
umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/bus") = 0
umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./8/binderfs") = 0
umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557a8fc730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557a8fc730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file1") = 0
getdents64(3, 0x55557a8f46f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5187 attached
[pid 5187] set_robust_list(0x55557a8f3660, 24
[pid 5091] <... clone resumed>, child_tidptr=0x55557a8f3650) = 5187
[pid 5187] <... set_robust_list resumed>) = 0
[pid 5187] chdir("./9") = 0
[pid 5187] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5187] setpgid(0, 0) = 0
[pid 5187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5187] write(3, "1000", 4) = 4
[pid 5187] close(3) = 0
[pid 5187] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5187] write(1, "executing program\n", 18executing program
) = 18
[pid 5187] memfd_create("syzkaller", 0) = 3
[pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[pid 5187] write(3, "\x60\x1c\x6d\x6b\x64\x6f\x73\x66\xe4\x17\x98\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072
[pid 5187] munmap(0x7f61ca800000, 138412032) = 0
[pid 5187] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5187] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5187] close(3) = 0
[pid 5187] close(4) = 0
[pid 5187] mkdir("./file1", 0777) = 0
[pid 5187] mount("/dev/loop0", "./file1", "msdos", MS_MANDLOCK|MS_RELATIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = -1 EINVAL (Invalid argument)
[pid 5187] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 5187] ioctl(3, LOOP_CLR_FD) = 0
[pid 5187] close(3) = 0
[pid 5187] memfd_create("syzkaller", 0) = 3
[pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61ca800000
[ 68.969080][ T5187] loop0: detected capacity change from 0 to 256
[pid 5187] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5187] munmap(0x7f61ca800000, 138412032) = 0
[pid 5187] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5187] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5187] close(3) = 0
[pid 5187] close(4) = 0
[pid 5187] mkdir("./bus", 0777) = 0
[ 69.122102][ T5187] loop0: detected capacity change from 0 to 32768
[ 69.166453][ T5187] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78
[ 69.203624][ T5187] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names
[ 69.218207][ T5187] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[ 69.226121][ T5187] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[ 69.226121][ T5187] running recovery passes: check_allocations
[ 69.250214][ T5187] bcachefs (loop0): accounting_read... done
[ 69.256155][ T5187] bcachefs (loop0): alloc_read... done
[ 69.261683][ T5187] bcachefs (loop0): stripes_read... done
[ 69.267326][ T5187] bcachefs (loop0): snapshots_read... done
[ 69.273239][ T5187] bcachefs (loop0): check_allocations...
[ 69.274156][ T5187] btree ptr not marked in member info btree allocated bitmap
[ 69.274166][ T5187] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 69.302366][ T5187] btree ptr not marked in member info btree allocated bitmap
[ 69.302376][ T5187] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 69.324900][ T5187] btree ptr not marked in member info btree allocated bitmap
[ 69.324917][ T5187] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 69.347608][ T5187] btree ptr not marked in member info btree allocated bitmap
[ 69.347619][ T5187] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 69.370449][ T5187] btree ptr not marked in member info btree allocated bitmap
[ 69.370461][ T5187] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 69.393182][ T5187] btree ptr not marked in member info btree allocated bitmap
[ 69.393193][ T5187] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 69.416905][ T5187] done
[ 69.421499][ T5187] bcachefs (loop0): going read-write
[ 69.427481][ T5187] bcachefs (loop0): journal_replay... done
[ 69.442366][ T5187] bcachefs (loop0): resume_logged_ops... done
[ 69.448490][ T5187] bcachefs (loop0): delete_dead_inodes... done
[ 69.455480][ T5187] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[pid 5187] mount("/dev/loop0", "./bus", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,d"...) = 0
[pid 5187] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 5187] chdir("./bus") = 0
[pid 5187] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5187] ioctl(4, LOOP_CLR_FD) = 0
[pid 5187] close(4) = 0
[pid 5187] exit_group(0) = ?
[pid 5187] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5187, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=37 /* 0.37 s */} ---
umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557a8f46f0 /* 5 entries */, 32768) = 136
[ 69.464846][ T5187] bcachefs (loop0): resume_logged_ops... done
[ 69.471301][ T5187] bcachefs (loop0): delete_dead_inodes... done
[ 69.478892][ T5187] bcachefs (loop0): done starting filesystem
[ 69.528254][ T5091] bcachefs (loop0): shutting down
[ 69.533405][ T5091] bcachefs (loop0): going read-only
[ 69.538609][ T5091] bcachefs (loop0): finished waiting for writes to stop
[ 69.546244][ T5091] bcachefs (loop0): flushing journal and stopping allocators, journal seq 14
[ 69.555326][ T5091] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 14
[ 69.565682][ T5091] bcachefs (loop0): shutdown complete, journal seq 15