./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor356057674 <...> Warning: Permanently added '10.128.0.149' (ED25519) to the list of known hosts. execve("./syz-executor356057674", ["./syz-executor356057674"], 0x7ffed7409e80 /* 10 vars */) = 0 brk(NULL) = 0x55555e447000 brk(0x55555e447d00) = 0x55555e447d00 arch_prctl(ARCH_SET_FS, 0x55555e447380) = 0 set_tid_address(0x55555e447650) = 5097 set_robust_list(0x55555e447660, 24) = 0 rseq(0x55555e447ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor356057674", 4096) = 27 getrandom("\x65\xa5\x8b\x26\xc1\xca\xda\x87", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555e447d00 brk(0x55555e468d00) = 0x55555e468d00 brk(0x55555e469000) = 0x55555e469000 mprotect(0x7f4ae2731000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4ada200000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 munmap(0x7f4ada200000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 close(4) = 0 mkdir("./file0", 0777) = 0 [ 59.594166][ T5097] loop0: detected capacity change from 0 to 32768 [ 59.672321][ T5097] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,compression=gzip,str_hash=crc32c,nojournal_transaction_names,nocow [ 59.688040][ T5097] bcachefs (loop0): recovering from clean shutdown, journal seq 7 [ 59.704968][ T5097] bcachefs (loop0): alloc_read... done [ 59.711121][ T5097] bcachefs (loop0): stripes_read... done mount("/dev/loop0", "./file0", "bcachefs", MS_NOEXEC|MS_SYNCHRONOUS, "compression=gzip,nocow,str_hash=siphash,compression=gzip,str_hash=crc32c,metadata_checksum=crc32c,me"...) = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 chdir("./file0") = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_CLR_FD) = 0 close(4) = 0 [ 59.716976][ T5097] bcachefs (loop0): snapshots_read... done [ 59.725224][ T5097] bcachefs (loop0): journal_replay... done [ 59.731142][ T5097] bcachefs (loop0): resume_logged_ops... done [ 59.739254][ T5097] bcachefs (loop0): going read-write [ 59.747901][ T5097] bcachefs (loop0): done starting filesystem open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 fallocate(4, 0, 0, 1048820) = 0 [ 59.878734][ T5097] BUG: MAX_LOCK_DEPTH too low! [ 59.883530][ T5097] turning off the locking correctness validator. [ 59.889841][ T5097] depth: 48 max: 48! [ 59.894498][ T5097] 48 locks held by syz-executor356/5097: [ 59.900111][ T5097] #0: ffff888023ae8420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 59.909237][ T5097] #1: ffff888076ab88b8 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: do_truncate+0x20c/0x310 [ 59.919672][ T5097] #2: ffff888077780ab8 (&c->snapshot_create_lock){.+.+}-{3:3}, at: bch2_truncate+0x16c/0x2c0 [ 59.929929][ T5097] #3: ffff888077784258 (&c->btree_trans_barrier){.+.+}-{0:0}, at: bch2_trans_srcu_lock+0xb1/0x220 [ 59.940607][ T5097] #4: ffff888023040870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 59.950672][ T5097] #5: ffff888023040870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 59.960737][ T5097] #6: ffff888023040870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 59.970809][ T5097] #7: ffff888023040870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 59.980880][ T5097] #8: ffff888023040870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 59.990964][ T5097] #9: ffff888023040870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 60.001044][ T5097] #10: ffff888023040870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 60.011210][ T5097] #11: ffff888023040870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 60.021388][ T5097] #12: ffff888023040870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 60.031558][ T5097] #13: ffff888076a78f38 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.041726][ T5097] #14: ffff888076a79090 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.051896][ T5097] #15: ffff888076a791e8 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.062149][ T5097] #16: ffff888076a79340 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.072330][ T5097] #17: ffff888076a79498 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.083975][ T5097] #18: ffff888076a795f0 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.094143][ T5097] #19: ffff888076a79748 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.104577][ T5097] #20: ffff888076a798a0 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.115181][ T5097] #21: ffff888023041070 (&dev->mutex){....}-{3:3}, at: bch2_btree_path_traverse_one+0xa44/0x2930 [ 60.125790][ T5097] #22: ffff888023040070 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.136133][ T5097] #23: ffff88807a4c9870 (&dev->mutex){....}-{3:3}, at: bch2_btree_path_traverse_one+0xa44/0x2930 [ 60.146826][ T5097] #24: ffff88807a4c9870 (&dev->mutex){....}-{3:3}, at: bch2_btree_path_traverse_one+0xa44/0x2930 [ 60.157431][ T5097] #25: ffff88807a4c9070 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.167774][ T5097] #26: ffff88807a4c9070 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 60.177954][ T5097] #27: ffff88807a4c9070 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 60.188144][ T5097] #28: ffff88807a4c9070 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 60.198344][ T5097] #29: ffff88807a4c9070 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 60.208530][ T5097] #30: ffff88807a4c9070 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 60.218714][ T5097] #31: ffff88807a4c9070 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x67c/0x9c0 [ 60.228908][ T5097] #32: ffff88807a4ce070 (&dev->mutex){....}-{3:3}, at: __bch2_btree_node_relock+0x142/0x9c0 [ 60.239088][ T5097] #33: ffff8880777a6858 (&c->gc_lock){.+.+}-{3:3}, at: bch2_btree_update_start+0x68d/0x1500 [ 60.249438][ T5097] #34: ffff888076a0c320 (&dev->mutex){....}-{3:3}, at: bch2_btree_path_traverse_cached+0x48d/0xd50 [ 60.260325][ T5097] #35: ffff888076a0c1c8 (&dev->mutex){....}-{3:3}, at: bch2_btree_path_traverse_cached+0x48d/0xd50 [ 60.271121][ T5097] #36: ffff88807a4c9870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_path_make_mut+0x1ec/0x570 [ 60.281483][ T5097] #37: ffff888076a0c070 (&dev->mutex){....}-{3:3}, at: bch2_btree_path_traverse_cached+0x48d/0xd50 [ 60.292272][ T5097] #38: ffff888076a7be00 (&dev->mutex){....}-{3:3}, at: bch2_btree_path_traverse_cached+0x48d/0xd50 [ 60.303145][ T5097] #39: ffff88807a4c9870 (&dev->mutex){....}-{3:3}, at: __bch2_btree_path_make_mut+0x1ec/0x570 [ 60.313495][ T5097] #40: ffff888076a7bca8 (&dev->mutex){....}-{3:3}, at: bch2_btree_path_traverse_cached+0x48d/0xd50 [ 60.324279][ T5097] #41: ffff888076a7bb50 (&dev->mutex){....}-{3:3}, at: bch2_btree_path_traverse_cached+0x48d/0xd50 [ 60.335240][ T5097] #42: ffff8880769a25d0 (&dev->mutex){....}-{3:3}, at: bch2_btree_path_traverse_cached+0x48d/0xd50 [ 60.346040][ T5097] #43: ffff88802e8a7070 (&dev->mutex){....}-{3:3}, at: bch2_btree_node_alloc+0x114/0xe80 [ 60.356383][ T5097] #44: ffff88802e8a7070 (&dev->mutex){....}-{3:3}, at: btree_split+0x1ba3/0x69e0 [ 60.365713][ T5097] #45: ffffffff8e333de0 (rcu_read_lock){....}-{1:2}, at: __queue_work+0x198/0xef0 [ 60.375034][ T5097] #46: ffff8880b943e378 (&pool->lock){-.-.}-{2:2}, at: __queue_work+0x6ec/0xef0 [ 60.384206][ T5097] #47: ffffffff8ea3ffa0 (fill_pool_map-wait-type-override){+.+.}-{3:3}, at: debug_objects_fill_pool+0x80/0x9b0 [ 60.396032][ T5097] INFO: lockdep is turned off. [ 60.400781][ T5097] CPU: 0 PID: 5097 Comm: syz-executor356 Not tainted 6.9.0-rc6-next-20240503-syzkaller #0 [ 60.410662][ T5097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 60.420903][ T5097] Call Trace: [ 60.424341][ T5097] [ 60.427274][ T5097] dump_stack_lvl+0x241/0x360 [ 60.431980][ T5097] ? __pfx_dump_stack_lvl+0x10/0x10 [ 60.437170][ T5097] ? __pfx__printk+0x10/0x10 [ 60.441752][ T5097] ? lockdep_unlock+0x16a/0x300 [ 60.446618][ T5097] __lock_acquire+0x10c3/0x1fd0 [ 60.451840][ T5097] lock_acquire+0x1ed/0x550 [ 60.456331][ T5097] ? debug_objects_fill_pool+0x80/0x9b0 [ 60.462656][ T5097] ? __pfx_validate_chain+0x10/0x10 [ 60.467870][ T5097] ? __pfx_lock_acquire+0x10/0x10 [ 60.472888][ T5097] ? debug_objects_fill_pool+0x80/0x9b0 [ 60.478444][ T5097] debug_objects_fill_pool+0x9f/0x9b0 [ 60.483838][ T5097] ? debug_objects_fill_pool+0x80/0x9b0 [ 60.489384][ T5097] ? mark_lock+0x9a/0x350 [ 60.493731][ T5097] ? __pfx_debug_objects_fill_pool+0x10/0x10 [ 60.499713][ T5097] debug_object_activate+0x135/0x510 [ 60.504998][ T5097] ? __pfx_lock_acquire+0x10/0x10 [ 60.510014][ T5097] ? __pfx_debug_object_activate+0x10/0x10 [ 60.515827][ T5097] ? pwq_tryinc_nr_active+0x227/0x720 [ 60.521193][ T5097] insert_work+0x36/0x330 [ 60.525513][ T5097] __queue_work+0xc24/0xef0 [ 60.530013][ T5097] ? __queue_work+0x198/0xef0 [ 60.534684][ T5097] queue_work_on+0x1c2/0x380 [ 60.539266][ T5097] ? __pfx_queue_work_on+0x10/0x10 [ 60.544457][ T5097] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 60.550262][ T5097] __bch2_btree_node_write+0x37b3/0x4640 [ 60.555989][ T5097] ? __pfx___bch2_btree_node_write+0x10/0x10 [ 60.562141][ T5097] ? __mutex_unlock_slowpath+0x21d/0x750 [ 60.567768][ T5097] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 60.574093][ T5097] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 60.580095][ T5097] ? bch2_btree_node_unlock_write+0x6c2/0x8e0 [ 60.586158][ T5097] ? bch2_btree_set_root+0x8e9/0xd10 [ 60.591448][ T5097] bch2_btree_node_write+0x63/0x1f0 [ 60.596647][ T5097] btree_split+0x51f9/0x69e0 [ 60.601380][ T5097] ? bch2_btree_reserve_get+0x10ac/0x18d0 [ 60.607196][ T5097] ? six_trylock_ip+0xbb/0xd0 [ 60.611864][ T5097] ? __pfx_lock_release+0x10/0x10 [ 60.617489][ T5097] ? mean_and_variance_weighted_get_mean+0x73/0xc0 [ 60.624242][ T5097] ? __bch2_time_stats_update+0x2c6/0x370 [ 60.630064][ T5097] ? bch2_btree_node_mem_alloc+0x967/0x1210 [ 60.636055][ T5097] ? rcu_is_watching+0x15/0xb0 [ 60.640817][ T5097] ? llist_reverse_order+0x72/0x90 [ 60.646011][ T5097] ? __closure_wake_up+0xa4/0xb0 [ 60.650955][ T5097] ? __pfx_btree_split+0x10/0x10 [ 60.655884][ T5097] ? bch2_btree_reserve_get+0x17f8/0x18d0 [ 60.661599][ T5097] ? bch2_btree_path_verify_locks+0x633/0x720 [ 60.667661][ T5097] ? bch2_trans_verify_locks+0x360/0x400 [ 60.673286][ T5097] ? __bch2_trans_relock+0x38b/0x4e0 [ 60.678562][ T5097] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 60.684543][ T5097] ? bch2_btree_update_start+0x68d/0x1500 [ 60.690280][ T5097] ? __pfx___bch2_trans_relock+0x10/0x10 [ 60.695906][ T5097] ? bch2_btree_update_start+0x1270/0x1500 [ 60.701711][ T5097] ? bch2_btree_split_leaf+0x12c/0x810 [ 60.707161][ T5097] ? __pfx_bch2_btree_update_start+0x10/0x10 [ 60.713139][ T5097] ? bch2_printbuf_exit+0x6d/0xa0 [ 60.718158][ T5097] ? journal_validate_key+0x56a/0xec0 [ 60.723523][ T5097] ? __do_six_trylock+0x833/0x9f0 [ 60.728547][ T5097] bch2_btree_split_leaf+0x158/0x810 [ 60.733831][ T5097] bch2_trans_commit_error+0x200/0x1210 [ 60.739560][ T5097] ? bch2_extent_update+0x4c0/0xbb0 [ 60.744763][ T5097] ? six_unlock_ip+0x2ce/0x3e0 [ 60.749520][ T5097] ? bch2_trans_unlock_write+0x99d/0xeb0 [ 60.755171][ T5097] ? __pfx_bch2_trans_commit_error+0x10/0x10 [ 60.761232][ T5097] ? bch2_trans_verify_locks+0x360/0x400 [ 60.766863][ T5097] __bch2_trans_commit+0x6f6f/0x8a10 [ 60.772325][ T5097] ? __pfx___bch2_trans_commit+0x10/0x10 [ 60.777955][ T5097] ? bch2_trans_iter_exit+0x295/0x3e0 [ 60.783320][ T5097] ? __bch2_btree_iter_traverse+0x142/0x200 [ 60.789205][ T5097] bch2_extent_update+0x4c0/0xbb0 [ 60.794226][ T5097] ? __pfx_bch2_extent_update+0x10/0x10 [ 60.799788][ T5097] ? bch2_btree_path_verify_locks+0x279/0x720 [ 60.805847][ T5097] ? bch2_fpunch_at+0x7b5/0x1020 [ 60.810781][ T5097] bch2_fpunch_at+0x87c/0x1020 [ 60.815650][ T5097] ? __pfx_bch2_fpunch_at+0x10/0x10 [ 60.820868][ T5097] ? __asan_memset+0x23/0x50 [ 60.825454][ T5097] ? bch2_trans_iter_exit+0x295/0x3e0 [ 60.830828][ T5097] ? __bch2_resume_logged_op_truncate+0x630/0xaa0 [ 60.837261][ T5097] __bch2_resume_logged_op_truncate+0x715/0xaa0 [ 60.843495][ T5097] ? __bch2_resume_logged_op_truncate+0x528/0xaa0 [ 60.850010][ T5097] ? __pfx___bch2_resume_logged_op_truncate+0x10/0x10 [ 60.856798][ T5097] ? bch2_inode_peek_nowarn+0x1f5/0x4d0 [ 60.862424][ T5097] ? bch2_logged_op_start+0x16f/0x310 [ 60.867797][ T5097] ? __bch2_resume_logged_op_truncate+0x528/0xaa0 [ 60.874204][ T5097] ? __bch2_trans_get+0x9d2/0xe00 [ 60.879222][ T5097] ? __bch2_trans_get+0x9b7/0xe00 [ 60.884240][ T5097] bch2_truncate+0x1cf/0x2c0 [ 60.888856][ T5097] ? __pfx_bch2_truncate+0x10/0x10 [ 60.893971][ T5097] ? unmap_mapping_range+0xf8/0x290 [ 60.899165][ T5097] ? truncate_setsize+0xcf/0xf0 [ 60.904031][ T5097] bchfs_truncate+0x80f/0xc80 [ 60.908710][ T5097] ? __pfx_bchfs_truncate+0x10/0x10 [ 60.913909][ T5097] ? kfree+0x4e/0x360 [ 60.918061][ T5097] ? setattr_prepare+0x1f5/0xb20 [ 60.922990][ T5097] ? bch2_setattr+0x1b0/0x240 [ 60.929394][ T5097] ? __pfx_bch2_setattr+0x10/0x10 [ 60.934756][ T5097] notify_change+0xb9d/0xe70 [ 60.939600][ T5097] do_truncate+0x220/0x310 [ 60.944008][ T5097] ? __pfx_do_truncate+0x10/0x10 [ 60.948936][ T5097] ? apparmor_file_truncate+0x297/0x350 [ 60.954494][ T5097] path_openat+0x2a3d/0x3280 [ 60.959089][ T5097] ? __pfx_path_openat+0x10/0x10 [ 60.964022][ T5097] do_filp_open+0x235/0x490 [ 60.968528][ T5097] ? __pfx_do_filp_open+0x10/0x10 [ 60.973547][ T5097] ? _raw_spin_unlock+0x28/0x50 [ 60.978390][ T5097] ? alloc_fd+0x59d/0x640 [ 60.982723][ T5097] do_sys_openat2+0x13e/0x1d0 [ 60.987485][ T5097] ? __pfx_do_sys_openat2+0x10/0x10 [ 60.992779][ T5097] ? _raw_spin_unlock_irq+0x2e/0x50 [ 60.997969][ T5097] ? ptrace_notify+0x279/0x380 [ 61.002730][ T5097] __x64_sys_creat+0x123/0x170 [ 61.007494][ T5097] ? __pfx___x64_sys_creat+0x10/0x10 [ 61.012804][ T5097] ? do_syscall_64+0x102/0x240 [ 61.017657][ T5097] do_syscall_64+0xf5/0x240 [ 61.022149][ T5097] ? clear_bhb_loop+0x35/0x90 [ 61.026833][ T5097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.032723][ T5097] RIP: 0033:0x7f4ae26b8a39 [ 61.037130][ T5097] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 61.056730][ T5097] RSP: 002b:00007fff20b52708 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 61.065149][ T5097] RAX: ffffffffffffffda RBX: 00007f4ae270104b RCX: 00007f4ae26b8a39 [ 61.073111][ T5097] RDX: 00007f4ae26b8a39 RSI: 0000000000000000 RDI: 0000000020000000 creat("./bus", 000) = 5 [ 61.081076][ T5097] RBP: 00007f4ae2731610 R08: 00007fff20b528d8 R09: 00007fff20b528d8 [ 61.089063][ T5097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.097042][ T5097] R13: 00007fff20b528c8 R14: 0000000000000001 R15: 0000000000000001 [ 61.105025][ T5097] exit_group(0) = ? +++ exited with 0 +++ [