./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1773573853 <...> Warning: Permanently added '10.128.1.183' (ED25519) to the list of known hosts. execve("./syz-executor1773573853", ["./syz-executor1773573853"], 0x7ffd42000790 /* 10 vars */) = 0 brk(NULL) = 0x555568462000 brk(0x555568462d00) = 0x555568462d00 arch_prctl(ARCH_SET_FS, 0x555568462380) = 0 set_tid_address(0x555568462650) = 5220 set_robust_list(0x555568462660, 24) = 0 rseq(0x555568462ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1773573853", 4096) = 28 getrandom("\x72\x1c\x2a\xe7\x42\x03\xd4\xc1", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555568462d00 brk(0x555568483d00) = 0x555568483d00 brk(0x555568484000) = 0x555568484000 mprotect(0x7fba72f95000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 mkdir("./syzkaller.034ZpT", 0700) = 0 chmod("./syzkaller.034ZpT", 0777) = 0 chdir("./syzkaller.034ZpT") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5221 attached , child_tidptr=0x555568462650) = 5221 [pid 5221] set_robust_list(0x555568462660, 24) = 0 [pid 5221] chdir("./0") = 0 [pid 5221] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5221] setpgid(0, 0) = 0 [pid 5221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5221] write(3, "1000", 4) = 4 [pid 5221] close(3) = 0 [pid 5221] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5221] write(1, "executing program\n", 18) = 18 [pid 5221] memfd_create("syzkaller", 0) = 3 [pid 5221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fba6aa00000 [pid 5221] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5221] munmap(0x7fba6aa00000, 138412032) = 0 [pid 5221] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5221] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5221] close(3) = 0 [pid 5221] close(4) = 0 [pid 5221] mkdir("./file0", 0777) = 0 [ 57.760983][ T5221] loop0: detected capacity change from 0 to 32768 [ 57.842887][ T5221] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 57.866837][ T5221] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 57.875730][ T5221] bcachefs (loop0): Version upgrade required: [ 57.875730][ T5221] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 57.875730][ T5221] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 57.875730][ T5221] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 57.955987][ T5221] bcachefs (loop0): dropping and reconstructing all alloc info [ 57.972688][ T5221] bcachefs (loop0): check_topology... done [ 57.979176][ T5221] bcachefs (loop0): accounting_read... done [ 57.986049][ T5221] bcachefs (loop0): alloc_read... done [pid 5221] mount("/dev/loop0", "./file0", "bcachefs", MS_POSIXACL, "fsck,inline_data,nocow,degraded,str_hash=siphash,norecovery,discard,reconstruct_alloc,erasure_code,a"...) = 0 [pid 5221] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5221] chdir("./file0") = 0 [pid 5221] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 57.991584][ T5221] bcachefs (loop0): stripes_read... done [ 57.997496][ T5221] bcachefs (loop0): snapshots_read... done [ 58.003620][ T5221] bcachefs (loop0): check_allocations... done [ 58.022584][ T5221] bcachefs (loop0): going read-write [ 58.033537][ T5221] bcachefs (loop0): done starting filesystem [pid 5221] ioctl(4, LOOP_CLR_FD) = 0 [pid 5221] close(4) = 0 [pid 5221] truncate("./file1", 1048578) = 0 [pid 5221] truncate("./file1", 2583) = 0 [pid 5221] exit_group(0) = ? [pid 5221] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5221, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=28 /* 0.28 s */} --- umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 58.131032][ T5221] syz-executor177 (5221) used greatest stack depth: 14640 bytes left getdents64(3, 0x5555684636f0 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/binderfs") = 0 [ 58.233618][ T5220] bcachefs (loop0): shutting down [ 58.238868][ T5220] bcachefs (loop0): going read-only [ 58.244881][ T5220] bcachefs (loop0): finished waiting for writes to stop [ 58.253999][ T5220] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [ 58.277016][ T5220] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 15 [ 58.288059][ T5220] bcachefs (loop0): unshutdown complete, journal seq 16 [ 58.296126][ T5220] bcachefs (loop0): done going read-only, filesystem not clean [ 58.315183][ T5220] bcachefs (loop0): shutdown complete umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55556846b730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55556846b730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/file0") = 0 getdents64(3, 0x5555684636f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5233 attached [pid 5233] set_robust_list(0x555568462660, 24 [pid 5220] <... clone resumed>, child_tidptr=0x555568462650) = 5233 [pid 5233] <... set_robust_list resumed>) = 0 [pid 5233] chdir("./1") = 0 [pid 5233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5233] setpgid(0, 0) = 0 [pid 5233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "1000", 4) = 4 [pid 5233] close(3) = 0 [pid 5233] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5233] write(1, "executing program\n", 18executing program ) = 18 [pid 5233] memfd_create("syzkaller", 0) = 3 [pid 5233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fba6aa00000 [pid 5233] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5233] munmap(0x7fba6aa00000, 138412032) = 0 [pid 5233] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5233] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5233] close(3) = 0 [pid 5233] close(4) = 0 [pid 5233] mkdir("./file0", 0777) = 0 [ 59.723350][ T5233] loop0: detected capacity change from 0 to 32768 [ 59.791461][ T5233] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 59.814549][ T5233] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 59.823557][ T5233] bcachefs (loop0): Version upgrade required: [ 59.823557][ T5233] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 59.823557][ T5233] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 59.823557][ T5233] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 59.897801][ T5233] bcachefs (loop0): dropping and reconstructing all alloc info [ 59.912435][ T5233] bcachefs (loop0): check_topology... done [ 59.919403][ T5233] bcachefs (loop0): accounting_read... done [ 59.925620][ T5233] bcachefs (loop0): alloc_read... done [ 59.931141][ T5233] bcachefs (loop0): stripes_read... done [pid 5233] mount("/dev/loop0", "./file0", "bcachefs", MS_POSIXACL, "fsck,inline_data,nocow,degraded,str_hash=siphash,norecovery,discard,reconstruct_alloc,erasure_code,a"...) = 0 [pid 5233] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5233] chdir("./file0") = 0 [pid 5233] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5233] ioctl(4, LOOP_CLR_FD) = 0 [ 59.937029][ T5233] bcachefs (loop0): snapshots_read... done [ 59.943040][ T5233] bcachefs (loop0): check_allocations... done [ 59.960199][ T5233] bcachefs (loop0): going read-write [ 59.969211][ T5233] bcachefs (loop0): done starting filesystem [pid 5233] close(4) = 0 [pid 5233] truncate("./file1", 1048578) = 0 [pid 5233] truncate("./file1", 2583) = 0 [pid 5233] exit_group(0) = ? [pid 5233] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5233, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=25 /* 0.25 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555684636f0 /* 4 entries */, 32768) = 112 umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./1/binderfs") = 0 [ 60.165676][ T5220] bcachefs (loop0): shutting down [ 60.170714][ T5220] bcachefs (loop0): going read-only [ 60.176216][ T5220] bcachefs (loop0): finished waiting for writes to stop [ 60.185282][ T5220] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [ 60.205623][ T5220] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 17 [ 60.216719][ T5220] bcachefs (loop0): unshutdown complete, journal seq 18 [ 60.224454][ T5220] bcachefs (loop0): done going read-only, filesystem not clean [ 60.241193][ T5220] bcachefs (loop0): shutdown complete umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55556846b730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55556846b730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1/file0") = 0 getdents64(3, 0x5555684636f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1") = 0 mkdir("./2", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5244 attached [pid 5244] set_robust_list(0x555568462660, 24) = 0 [pid 5244] chdir("./2" [pid 5220] <... clone resumed>, child_tidptr=0x555568462650) = 5244 [pid 5244] <... chdir resumed>) = 0 [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5244] setpgid(0, 0) = 0 [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5244] write(3, "1000", 4) = 4 [pid 5244] close(3) = 0 [pid 5244] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5244] write(1, "executing program\n", 18executing program ) = 18 [pid 5244] memfd_create("syzkaller", 0) = 3 [pid 5244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fba6aa00000 [pid 5244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5244] munmap(0x7fba6aa00000, 138412032) = 0 [pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5244] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5244] close(3) = 0 [pid 5244] close(4) = 0 [pid 5244] mkdir("./file0", 0777) = 0 [ 61.498151][ T5244] loop0: detected capacity change from 0 to 32768 [ 61.584250][ T5244] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 61.606506][ T5244] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 61.614672][ T5244] bcachefs (loop0): Version upgrade required: [ 61.614672][ T5244] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 61.614672][ T5244] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 61.614672][ T5244] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 61.686694][ T5244] bcachefs (loop0): dropping and reconstructing all alloc info [ 61.701991][ T5244] bcachefs (loop0): check_topology... done [ 61.708203][ T5244] bcachefs (loop0): accounting_read... done [ 61.714704][ T5244] bcachefs (loop0): alloc_read... done [ 61.720224][ T5244] bcachefs (loop0): stripes_read... done [ 61.726968][ T5244] bcachefs (loop0): snapshots_read... done [pid 5244] mount("/dev/loop0", "./file0", "bcachefs", MS_POSIXACL, "fsck,inline_data,nocow,degraded,str_hash=siphash,norecovery,discard,reconstruct_alloc,erasure_code,a"...) = 0 [pid 5244] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5244] chdir("./file0") = 0 [pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5244] ioctl(4, LOOP_CLR_FD) = 0 [pid 5244] close(4) = 0 [pid 5244] truncate("./file1", 1048578) = 0 [pid 5244] truncate("./file1", 2583) = 0 [pid 5244] exit_group(0) = ? [pid 5244] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5244, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=27 /* 0.27 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555684636f0 /* 4 entries */, 32768) = 112 umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./2/binderfs") = 0 [ 61.733071][ T5244] bcachefs (loop0): check_allocations... done [ 61.755119][ T5244] bcachefs (loop0): going read-write [ 61.767218][ T5244] bcachefs (loop0): done starting filesystem [ 61.837184][ T5220] bcachefs (loop0): shutting down [ 61.842664][ T5220] bcachefs (loop0): going read-only [ 61.848918][ T5220] bcachefs (loop0): finished waiting for writes to stop [ 61.856681][ T5220] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [ 61.874839][ T5220] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 61.885823][ T5220] bcachefs (loop0): unshutdown complete, journal seq 13 [ 61.893734][ T5220] bcachefs (loop0): done going read-only, filesystem not clean [ 61.911369][ T5220] bcachefs (loop0): shutdown complete [ 62.580556][ T5220] ------------[ cut here ]------------ [ 62.587790][ T5220] kernel BUG at fs/bcachefs/btree_cache.c:594! [ 62.595043][ T5220] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 62.602013][ T5220] CPU: 1 UID: 0 PID: 5220 Comm: syz-executor177 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 62.614983][ T5220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 62.625049][ T5220] RIP: 0010:bch2_fs_btree_cache_exit+0x1124/0x1130 [ 62.631557][ T5220] Code: fd 90 0f 0b e8 2d 4a 84 fd 90 0f 0b e8 25 4a 84 fd 90 0f 0b e8 1d 4a 84 fd 90 0f 0b e8 15 4a 84 fd 90 0f 0b e8 0d 4a 84 fd 90 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 [ 62.651171][ T5220] RSP: 0018:ffffc90003dc7b20 EFLAGS: 00010293 [ 62.657230][ T5220] RAX: ffffffff84108d83 RBX: 0000000000000002 RCX: ffff88802c458000 [ 62.665188][ T5220] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000 [ 62.673185][ T5220] RBP: 1ffff11005affb16 R08: ffffffff84108427 R09: 1ffff1100ead03b6 [ 62.681138][ T5220] R10: dffffc0000000000 R11: ffffed100ead03b7 R12: ffff888075681c78 [ 62.689093][ T5220] R13: ffff888075680000 R14: 0000000000000000 R15: dffffc0000000000 [ 62.697055][ T5220] FS: 0000555568462380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 62.705968][ T5220] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 62.712533][ T5220] CR2: 00007fba6b9ff000 CR3: 000000007b3c8000 CR4: 00000000003526f0 [ 62.720509][ T5220] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 62.728465][ T5220] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 62.736418][ T5220] Call Trace: [ 62.739685][ T5220] [ 62.742606][ T5220] ? __die_body+0x5f/0xb0 [ 62.746924][ T5220] ? die+0x9e/0xc0 [ 62.750626][ T5220] ? do_trap+0x15a/0x3a0 [ 62.755148][ T5220] ? bch2_fs_btree_cache_exit+0x1124/0x1130 [ 62.761027][ T5220] ? do_error_trap+0x1dc/0x2c0 [ 62.765776][ T5220] ? bch2_fs_btree_cache_exit+0x1124/0x1130 [ 62.771650][ T5220] ? __pfx_do_error_trap+0x10/0x10 [ 62.776771][ T5220] ? report_bug+0x3e8/0x500 [ 62.781268][ T5220] ? handle_invalid_op+0x34/0x40 [ 62.786192][ T5220] ? bch2_fs_btree_cache_exit+0x1124/0x1130 [ 62.792096][ T5220] ? exc_invalid_op+0x38/0x50 [ 62.796760][ T5220] ? asm_exc_invalid_op+0x1a/0x20 [ 62.801776][ T5220] ? bch2_fs_btree_cache_exit+0x7c7/0x1130 [ 62.807567][ T5220] ? bch2_fs_btree_cache_exit+0x1123/0x1130 [ 62.813446][ T5220] ? bch2_fs_btree_cache_exit+0x1124/0x1130 [ 62.819324][ T5220] bch2_fs_release+0x20e/0x7d0 [ 62.824118][ T5220] ? kobject_put+0x44d/0x480 [ 62.828731][ T5220] kobject_put+0x22f/0x480 [ 62.833138][ T5220] deactivate_locked_super+0xc4/0x130 [ 62.838503][ T5220] cleanup_mnt+0x41f/0x4b0 [ 62.842911][ T5220] ? lockdep_hardirqs_on+0x99/0x150 [ 62.848113][ T5220] task_work_run+0x24f/0x310 [ 62.852716][ T5220] ? __pfx_task_work_run+0x10/0x10 [ 62.857815][ T5220] ? path_umount+0x284/0xf70 [ 62.862412][ T5220] ptrace_notify+0x2d2/0x380 [ 62.866996][ T5220] ? __pfx_path_umount+0x10/0x10 [ 62.871925][ T5220] ? __pfx_ptrace_notify+0x10/0x10 [ 62.877022][ T5220] ? __x64_sys_umount+0x123/0x170 [ 62.882123][ T5220] ? __pfx___x64_sys_umount+0x10/0x10 [ 62.887482][ T5220] syscall_exit_work+0xc6/0x190 [ 62.892319][ T5220] syscall_exit_to_user_mode+0x279/0x370 [ 62.897965][ T5220] do_syscall_64+0x100/0x230 [ 62.902556][ T5220] ? clear_bhb_loop+0x35/0x90 [ 62.907239][ T5220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.913144][ T5220] RIP: 0033:0x7fba72f1d3c7 [ 62.917742][ T5220] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 [ 62.937450][ T5220] RSP: 002b:00007ffc26d035e8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6 [ 62.945855][ T5220] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fba72f1d3c7 [ 62.953812][ T5220] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc26d036a0 [ 62.961770][ T5220] RBP: 00007ffc26d036a0 R08: 0000000000000000 R09: 0000000000000000 [ 62.969723][ T5220] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffc26d04700 [ 62.977681][ T5220] R13: 00005555684636c0 R14: 0000000000000003 R15: 431bde82d7b634db [ 62.985644][ T5220] [ 62.988668][ T5220] Modules linked in: [ 62.992899][ T5220] ---[ end trace 0000000000000000 ]--- [ 62.998945][ T5220] RIP: 0010:bch2_fs_btree_cache_exit+0x1124/0x1130 [ 63.006396][ T5220] Code: fd 90 0f 0b e8 2d 4a 84 fd 90 0f 0b e8 25 4a 84 fd 90 0f 0b e8 1d 4a 84 fd 90 0f 0b e8 15 4a 84 fd 90 0f 0b e8 0d 4a 84 fd 90 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 [ 63.031713][ T5220] RSP: 0018:ffffc90003dc7b20 EFLAGS: 00010293 [ 63.038451][ T5220] RAX: ffffffff84108d83 RBX: 0000000000000002 RCX: ffff88802c458000 [ 63.048091][ T5220] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000 [ 63.059690][ T5220] RBP: 1ffff11005affb16 R08: ffffffff84108427 R09: 1ffff1100ead03b6 [ 63.067729][ T5220] R10: dffffc0000000000 R11: ffffed100ead03b7 R12: ffff888075681c78 [ 63.075774][ T5220] R13: ffff888075680000 R14: 0000000000000000 R15: dffffc0000000000 [ 63.083792][ T5220] FS: 0000555568462380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 63.092731][ T5220] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 63.099433][ T5220] CR2: 00007fba6b9ff000 CR3: 000000007b3c8000 CR4: 00000000003526f0 [ 63.107453][ T5220] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 63.115446][ T5220] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 63.123529][ T5220] Kernel panic - not syncing: Fatal exception [ 63.130008][ T5220] Kernel Offset: disabled [ 63.134352][ T5220] Rebooting in 86400 seconds..