./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1421170717 <...> Warning: Permanently added '10.128.1.130' (ED25519) to the list of known hosts. execve("./syz-executor1421170717", ["./syz-executor1421170717"], 0x7ffde76c5210 /* 10 vars */) = 0 brk(NULL) = 0x55557346b000 brk(0x55557346bd00) = 0x55557346bd00 arch_prctl(ARCH_SET_FS, 0x55557346b380) = 0 set_tid_address(0x55557346b650) = 5176 set_robust_list(0x55557346b660, 24) = 0 rseq(0x55557346bca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1421170717", 4096) = 28 getrandom("\x03\x83\x4f\x40\xa7\xec\x16\x18", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55557346bd00 brk(0x55557348cd00) = 0x55557348cd00 brk(0x55557348d000) = 0x55557348d000 mprotect(0x7f45ca0b5000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557346b650) = 5177 ./strace-static-x86_64: Process 5177 attached [pid 5177] set_robust_list(0x55557346b660, 24) = 0 [pid 5177] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5177] setpgid(0, 0) = 0 [pid 5177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5177] write(3, "1000", 4) = 4 [pid 5177] close(3) = 0 executing program [pid 5177] write(1, "executing program\n", 18) = 18 [pid 5177] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=8589934731}, NULL) = 0 [pid 5177] sched_setscheduler(0, SCHED_FIFO, [7]) = 0 [pid 5177] memfd_create("syzkaller", 0) = 3 [pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45c1a00000 [ 164.064111][ C1] sched: RT throttling activated [pid 5177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5177] munmap(0x7f45c1a00000, 138412032) = 0 [pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5177] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5177] close(3) = 0 [pid 5177] close(4) = 0 [pid 5177] mkdir("./file0", 0777) = 0 [ 164.302955][ T5177] loop0: detected capacity change from 0 to 32768 [ 164.423565][ T5177] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 164.438251][ T5177] bcachefs (loop0): recovering from clean shutdown, journal seq 8 [ 164.447015][ T5177] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.11: disk_accounting_inum [ 164.447015][ T5177] running recovery passes: check_allocations [ 164.508476][ T5177] ===================================================== [ 164.515752][ T5177] BUG: KMSAN: uninit-value in bch2_alloc_v4_validate+0x80a/0x1c10 [ 164.523680][ T5177] bch2_alloc_v4_validate+0x80a/0x1c10 [ 164.529364][ T5177] bch2_bkey_val_validate+0x2ac/0x470 [ 164.534995][ T5177] bch2_btree_node_read_done+0x5be1/0x7790 [ 164.540940][ T5177] btree_node_read_work+0x973/0x1960 [ 164.546455][ T5177] bch2_btree_node_read+0x2e6b/0x36e0 [ 164.552027][ T5177] bch2_btree_root_read+0xa81/0x13f0 [ 164.557536][ T5177] read_btree_roots+0x51c/0x1250 [ 164.562665][ T5177] bch2_fs_recovery+0x422c/0x5c60 [ 164.567911][ T5177] bch2_fs_start+0x7b2/0xbd0 [ 164.572681][ T5177] bch2_fs_get_tree+0x13e8/0x22d0 [ 164.578015][ T5177] vfs_get_tree+0xa7/0x570 [ 164.582602][ T5177] do_new_mount+0x71f/0x15e0 [ 164.587433][ T5177] path_mount+0x742/0x1f10 [ 164.591983][ T5177] __se_sys_mount+0x722/0x810 [ 164.596857][ T5177] __x64_sys_mount+0xe4/0x150 [ 164.601679][ T5177] x64_sys_call+0x255a/0x3ba0 [ 164.606591][ T5177] do_syscall_64+0xcd/0x1e0 [ 164.611293][ T5177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.617405][ T5177] [ 164.619796][ T5177] Uninit was created at: [ 164.624332][ T5177] ___kmalloc_large_node+0x22c/0x370 [ 164.629781][ T5177] __kmalloc_large_node_noprof+0x3f/0x1e0 [ 164.635762][ T5177] __kmalloc_node_noprof+0x9d6/0xf50 [ 164.641273][ T5177] __kvmalloc_node_noprof+0xc0/0x2d0 [ 164.646773][ T5177] bch2_btree_node_read_done+0x52a9/0x7790 [ 164.652775][ T5177] btree_node_read_work+0x973/0x1960 [ 164.658320][ T5177] bch2_btree_node_read+0x2e6b/0x36e0 [ 164.663886][ T5177] bch2_btree_root_read+0xa81/0x13f0 [ 164.669472][ T5177] read_btree_roots+0x51c/0x1250 [ 164.674659][ T5177] bch2_fs_recovery+0x422c/0x5c60 [ 164.679825][ T5177] bch2_fs_start+0x7b2/0xbd0 [ 164.684709][ T5177] bch2_fs_get_tree+0x13e8/0x22d0 [ 164.689900][ T5177] vfs_get_tree+0xa7/0x570 [ 164.694584][ T5177] do_new_mount+0x71f/0x15e0 [ 164.699355][ T5177] path_mount+0x742/0x1f10 [ 164.703871][ T5177] __se_sys_mount+0x722/0x810 [ 164.708785][ T5177] __x64_sys_mount+0xe4/0x150 [ 164.713626][ T5177] x64_sys_call+0x255a/0x3ba0 [ 164.718523][ T5177] do_syscall_64+0xcd/0x1e0 [ 164.723194][ T5177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.729300][ T5177] [ 164.731717][ T5177] CPU: 1 UID: 0 PID: 5177 Comm: syz-executor142 Not tainted 6.11.0-rc4-syzkaller-00008-g6e4436539ae1 #0 [ 164.743041][ T5177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 164.753279][ T5177] ===================================================== [ 164.760417][ T5177] Disabling lock debugging due to kernel taint [ 164.766705][ T5177] Kernel panic - not syncing: kmsan.panic set ... [ 164.773196][ T5177] CPU: 1 UID: 0 PID: 5177 Comm: syz-executor142 Tainted: G B 6.11.0-rc4-syzkaller-00008-g6e4436539ae1 #0 [ 164.785911][ T5177] Tainted: [B]=BAD_PAGE [ 164.790182][ T5177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 164.800378][ T5177] Call Trace: [ 164.803776][ T5177] [ 164.806777][ T5177] dump_stack_lvl+0x216/0x2d0 [ 164.811564][ T5177] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 164.817575][ T5177] dump_stack+0x1e/0x30 [ 164.821836][ T5177] panic+0x4e2/0xcd0 [ 164.825838][ T5177] ? kmsan_get_metadata+0x81/0x1c0 [ 164.831083][ T5177] kmsan_report+0x2c7/0x2d0 [ 164.835698][ T5177] ? kmsan_get_metadata+0x13e/0x1c0 [ 164.841019][ T5177] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 164.846951][ T5177] ? __msan_warning+0x95/0x120 [ 164.851834][ T5177] ? bch2_alloc_v4_validate+0x80a/0x1c10 [ 164.857703][ T5177] ? bch2_bkey_val_validate+0x2ac/0x470 [ 164.863440][ T5177] ? bch2_btree_node_read_done+0x5be1/0x7790 [ 164.869569][ T5177] ? btree_node_read_work+0x973/0x1960 [ 164.875155][ T5177] ? bch2_btree_node_read+0x2e6b/0x36e0 [ 164.880827][ T5177] ? bch2_btree_root_read+0xa81/0x13f0 [ 164.886496][ T5177] ? read_btree_roots+0x51c/0x1250 [ 164.891747][ T5177] ? bch2_fs_recovery+0x422c/0x5c60 [ 164.897066][ T5177] ? bch2_fs_start+0x7b2/0xbd0 [ 164.901953][ T5177] ? bch2_fs_get_tree+0x13e8/0x22d0 [ 164.907309][ T5177] ? vfs_get_tree+0xa7/0x570 [ 164.911999][ T5177] ? do_new_mount+0x71f/0x15e0 [ 164.916861][ T5177] ? path_mount+0x742/0x1f10 [ 164.921542][ T5177] ? __se_sys_mount+0x722/0x810 [ 164.926493][ T5177] ? __x64_sys_mount+0xe4/0x150 [ 164.931436][ T5177] ? x64_sys_call+0x255a/0x3ba0 [ 164.936417][ T5177] ? do_syscall_64+0xcd/0x1e0 [ 164.941256][ T5177] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.947464][ T5177] ? kmsan_get_metadata+0x13e/0x1c0 [ 164.952845][ T5177] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 164.958809][ T5177] ? __free_pages_ok+0x5b0/0xc30 [ 164.963954][ T5177] ? kmsan_get_metadata+0x13e/0x1c0 [ 164.969314][ T5177] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 164.975407][ T5177] __msan_warning+0x95/0x120 [ 164.980100][ T5177] bch2_alloc_v4_validate+0x80a/0x1c10 [ 164.985710][ T5177] ? __pfx_bch2_alloc_v4_validate+0x10/0x10 [ 164.991749][ T5177] bch2_bkey_val_validate+0x2ac/0x470 [ 164.997331][ T5177] bch2_btree_node_read_done+0x5be1/0x7790 [ 165.003387][ T5177] btree_node_read_work+0x973/0x1960 [ 165.008876][ T5177] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 165.014861][ T5177] bch2_btree_node_read+0x2e6b/0x36e0 [ 165.020468][ T5177] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 165.026440][ T5177] ? __bch2_btree_node_hash_insert+0x13cb/0x16c0 [ 165.032948][ T5177] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 165.038870][ T5177] ? kmsan_get_metadata+0x13e/0x1c0 [ 165.044211][ T5177] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 165.050657][ T5177] ? kmsan_get_metadata+0x13e/0x1c0 [ 165.055982][ T5177] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 165.061930][ T5177] bch2_btree_root_read+0xa81/0x13f0 [ 165.067368][ T5177] read_btree_roots+0x51c/0x1250 [ 165.072451][ T5177] bch2_fs_recovery+0x422c/0x5c60 [ 165.077602][ T5177] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 165.084075][ T5177] ? __closure_wake_up+0x16a/0x180 [ 165.089347][ T5177] bch2_fs_start+0x7b2/0xbd0 [ 165.094063][ T5177] bch2_fs_get_tree+0x13e8/0x22d0 [ 165.099277][ T5177] ? __pfx_bch2_fs_get_tree+0x10/0x10 [ 165.104771][ T5177] vfs_get_tree+0xa7/0x570 [ 165.112038][ T5177] ? mount_capable+0x97/0x120 [ 165.116808][ T5177] do_new_mount+0x71f/0x15e0 [ 165.121494][ T5177] ? kmsan_get_metadata+0x13e/0x1c0 [ 165.126851][ T5177] path_mount+0x742/0x1f10 [ 165.131422][ T5177] ? user_path_at+0x32f/0x390 [ 165.136192][ T5177] __se_sys_mount+0x722/0x810 [ 165.140986][ T5177] ? ptrace_notify+0x263/0x320 [ 165.145863][ T5177] __x64_sys_mount+0xe4/0x150 [ 165.150646][ T5177] x64_sys_call+0x255a/0x3ba0 [ 165.155439][ T5177] do_syscall_64+0xcd/0x1e0 [ 165.160044][ T5177] ? clear_bhb_loop+0x25/0x80 [ 165.164855][ T5177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.170879][ T5177] RIP: 0033:0x7f45ca03e0aa [ 165.175397][ T5177] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 165.195159][ T5177] RSP: 002b:00007ffe44994cc8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 165.203812][ T5177] RAX: ffffffffffffffda RBX: 00007ffe44994ce0 RCX: 00007f45ca03e0aa [ 165.211876][ T5177] RDX: 0000000020000000 RSI: 0000000020000700 RDI: 00007ffe44994ce0 [ 165.219939][ T5177] RBP: 0000000000000004 R08: 00007ffe44994d20 R09: 0000000000005b82 [ 165.228046][ T5177] R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000000000 [ 165.236165][ T5177] R13: 00007ffe44994d20 R14: 0000000000000003 R15: 0000000001000000 [ 165.244241][ T5177] [ 165.247649][ T5177] Kernel Offset: disabled [ 165.252030][ T5177] Rebooting in 86400 seconds..