./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3632365055 <...> Warning: Permanently added '10.128.0.130' (ED25519) to the list of known hosts. execve("./syz-executor3632365055", ["./syz-executor3632365055"], 0x7ffc719d8c90 /* 10 vars */) = 0 brk(NULL) = 0x55556b0ef000 brk(0x55556b0efd00) = 0x55556b0efd00 arch_prctl(ARCH_SET_FS, 0x55556b0ef380) = 0 set_tid_address(0x55556b0ef650) = 5070 set_robust_list(0x55556b0ef660, 24) = 0 rseq(0x55556b0efca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3632365055", 4096) = 28 getrandom("\x60\x40\x1d\x48\xff\x38\x34\x6e", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556b0efd00 brk(0x55556b110d00) = 0x55556b110d00 brk(0x55556b111000) = 0x55556b111000 mprotect(0x7f00ce87b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f00c6200000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 munmap(0x7f00c6200000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 close(4) = 0 mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [ 60.420414][ T5070] loop0: detected capacity change from 0 to 32768 [ 60.448104][ T5070] bcachefs (/dev/loop0): error reading default superblock: Unsupported superblock version 0.0: (unknown version) (min 0.9: (unknown version), max 1.7: mi_btree_bitmap) [ 60.512751][ T5070] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 60.527334][ T5070] invalid journal entry, version=1.7: mi_btree_bitmap type=btree_root in superblock: [ 60.527354][ T5070] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq afc6cc17f332ffe0 written 24 min_key POS_MIN durability: 0 (invalid extent entry 0000000000020040) [ 60.527362][ T5070] invalid extent entry type (got 6, max 6), shutting down [ 60.560782][ T5070] bcachefs (loop0): inconsistency detected - emergency read only at journal seq 0 [ 60.571622][ T5070] ------------[ cut here ]------------ [ 60.577242][ T5070] kernel BUG at arch/x86/mm/physaddr.c:23! [ 60.583154][ T5070] invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 60.589556][ T5070] CPU: 1 PID: 5070 Comm: syz-executor363 Not tainted 6.9.0-rc6-syzkaller-00232-gddb4c3f25b7b #0 [ 60.599961][ T5070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 60.610033][ T5070] RIP: 0010:__phys_addr+0x16a/0x170 [ 60.615282][ T5070] Code: c0 75 1a 8e 4c 89 f6 4c 89 fa e8 21 d6 9d 03 e9 45 ff ff ff e8 77 60 53 00 90 0f 0b e8 6f 60 53 00 90 0f 0b e8 67 60 53 00 90 <0f> 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 60.634895][ T5070] RSP: 0018:ffffc900020ef198 EFLAGS: 00010293 [ 60.641067][ T5070] RAX: ffffffff8142af69 RBX: 000000007ffff75e RCX: ffff88802215da00 [ 60.649031][ T5070] RDX: 0000000000000000 RSI: 000000007ffff75e RDI: 000000001fffffff [ 60.656996][ T5070] RBP: ffffc900020ef5c8 R08: ffffffff8142af05 R09: 0000000000000000 [ 60.664990][ T5070] R10: ffff8880794cafe0 R11: ffffed100f2995ff R12: dffffc0000000000 [ 60.672953][ T5070] R13: fffffffffffff75e R14: 000000007ffff75e R15: ffff888079480000 [ 60.681053][ T5070] FS: 000055556b0ef380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 60.689974][ T5070] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 60.696574][ T5070] CR2: 00007ffc70da4e98 CR3: 0000000075a4c000 CR4: 00000000003506f0 [ 60.704593][ T5070] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 60.712562][ T5070] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 60.720538][ T5070] Call Trace: [ 60.723811][ T5070] [ 60.726739][ T5070] ? __die_body+0x88/0xe0 [ 60.731066][ T5070] ? die+0xcf/0x110 [ 60.734877][ T5070] ? do_trap+0x15a/0x3a0 [ 60.739143][ T5070] ? __phys_addr+0x16a/0x170 [ 60.743762][ T5070] ? do_error_trap+0x1dc/0x2c0 [ 60.748533][ T5070] ? __phys_addr+0x16a/0x170 [ 60.753126][ T5070] ? bch2_fs_recovery+0x307a/0x6390 [ 60.758327][ T5070] ? __pfx_do_error_trap+0x10/0x10 [ 60.763441][ T5070] ? handle_invalid_op+0x34/0x40 [ 60.768387][ T5070] ? __phys_addr+0x16a/0x170 [ 60.773001][ T5070] ? exc_invalid_op+0x38/0x50 [ 60.777691][ T5070] ? asm_exc_invalid_op+0x1a/0x20 [ 60.782800][ T5070] ? __phys_addr+0x105/0x170 [ 60.787497][ T5070] ? __phys_addr+0x169/0x170 [ 60.792103][ T5070] ? __phys_addr+0x16a/0x170 [ 60.796689][ T5070] ? __phys_addr+0x169/0x170 [ 60.801878][ T5070] ? bch2_fs_recovery+0x3166/0x6390 [ 60.807086][ T5070] kfree+0x71/0x3a0 [ 60.810895][ T5070] bch2_fs_recovery+0x3166/0x6390 [ 60.816108][ T5070] ? mark_lock+0x9a/0x350 [ 60.820431][ T5070] ? __lock_acquire+0x1346/0x1fd0 [ 60.825627][ T5070] ? __pfx_bch2_fs_recovery+0x10/0x10 [ 60.831001][ T5070] ? __pfx_lock_acquire+0x10/0x10 [ 60.836016][ T5070] ? bch2_get_next_online_dev+0x48/0x4b0 [ 60.841638][ T5070] ? __pfx_lock_release+0x10/0x10 [ 60.846651][ T5070] ? __mutex_lock+0x2ef/0xd70 [ 60.851351][ T5070] ? bch2_get_next_online_dev+0x48/0x4b0 [ 60.856975][ T5070] ? bch2_get_next_online_dev+0x47f/0x4b0 [ 60.862683][ T5070] ? bch2_get_next_online_dev+0x48/0x4b0 [ 60.868307][ T5070] ? llist_reverse_order+0x72/0x90 [ 60.873425][ T5070] bch2_fs_start+0x356/0x5b0 [ 60.878028][ T5070] bch2_fs_open+0xa8d/0xdf0 [ 60.882536][ T5070] ? __pfx_bch2_fs_open+0x10/0x10 [ 60.887571][ T5070] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 60.893909][ T5070] ? __pfx_bch2_test_super+0x10/0x10 [ 60.899183][ T5070] ? sget+0x2b8/0x620 [ 60.903159][ T5070] ? __pfx_bch2_noset_super+0x10/0x10 [ 60.908522][ T5070] bch2_mount+0x71d/0x1320 [ 60.912937][ T5070] ? __pfx_bch2_mount+0x10/0x10 [ 60.917782][ T5070] ? vfs_parse_fs_string+0x190/0x230 [ 60.923054][ T5070] ? kfree+0x4e/0x3a0 [ 60.927031][ T5070] ? vfs_parse_fs_string+0x190/0x230 [ 60.932304][ T5070] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 60.937926][ T5070] ? cap_capable+0x1b4/0x250 [ 60.942507][ T5070] legacy_get_tree+0xee/0x190 [ 60.947170][ T5070] ? __pfx_bch2_mount+0x10/0x10 [ 60.952026][ T5070] vfs_get_tree+0x90/0x2a0 [ 60.956533][ T5070] do_new_mount+0x2be/0xb40 [ 60.961028][ T5070] ? ns_capable+0x8a/0xf0 [ 60.965349][ T5070] ? __pfx_do_new_mount+0x10/0x10 [ 60.970368][ T5070] __se_sys_mount+0x2d9/0x3c0 [ 60.975042][ T5070] ? __pfx___se_sys_mount+0x10/0x10 [ 60.980230][ T5070] ? do_syscall_64+0x102/0x240 [ 60.985076][ T5070] ? __x64_sys_mount+0x20/0xc0 [ 60.989830][ T5070] do_syscall_64+0xf5/0x240 [ 60.994329][ T5070] ? clear_bhb_loop+0x35/0x90 [ 60.999180][ T5070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.005065][ T5070] RIP: 0033:0x7f00ce7f78fa [ 61.009993][ T5070] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 61.029593][ T5070] RSP: 002b:00007ffcea0cd8d8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 61.038171][ T5070] RAX: ffffffffffffffda RBX: 00007ffcea0cd8f0 RCX: 00007f00ce7f78fa [ 61.046146][ T5070] RDX: 0000000020011a00 RSI: 0000000020000080 RDI: 00007ffcea0cd8f0 [ 61.055243][ T5070] RBP: 0000000000000004 R08: 00007ffcea0cd930 R09: 00000000000119fd [ 61.063466][ T5070] R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000000000 [ 61.071448][ T5070] R13: 00007ffcea0cd930 R14: 0000000000000003 R15: 0000000001000000 [ 61.079416][ T5070] [ 61.082422][ T5070] Modules linked in: [ 61.086793][ T5070] ---[ end trace 0000000000000000 ]--- [ 61.092524][ T5070] RIP: 0010:__phys_addr+0x16a/0x170 [ 61.097821][ T5070] Code: c0 75 1a 8e 4c 89 f6 4c 89 fa e8 21 d6 9d 03 e9 45 ff ff ff e8 77 60 53 00 90 0f 0b e8 6f 60 53 00 90 0f 0b e8 67 60 53 00 90 <0f> 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 61.117602][ T5070] RSP: 0018:ffffc900020ef198 EFLAGS: 00010293 [ 61.123680][ T5070] RAX: ffffffff8142af69 RBX: 000000007ffff75e RCX: ffff88802215da00 [ 61.131892][ T5070] RDX: 0000000000000000 RSI: 000000007ffff75e RDI: 000000001fffffff [ 61.140024][ T5070] RBP: ffffc900020ef5c8 R08: ffffffff8142af05 R09: 0000000000000000 [ 61.148027][ T5070] R10: ffff8880794cafe0 R11: ffffed100f2995ff R12: dffffc0000000000 [ 61.156070][ T5070] R13: fffffffffffff75e R14: 000000007ffff75e R15: ffff888079480000 [ 61.164123][ T5070] FS: 000055556b0ef380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 61.173178][ T5070] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.179930][ T5070] CR2: 00007ffc70da4e98 CR3: 0000000075a4c000 CR4: 00000000003506f0 [ 61.188032][ T5070] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 61.196134][ T5070] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 61.204094][ T5070] Kernel panic - not syncing: Fatal exception [ 61.210440][ T5070] Kernel Offset: disabled [ 61.214862][ T5070] Rebooting in 86400 seconds..