------------[ cut here ]------------
WARNING: CPU: 0 PID: 8097 at fs/bcachefs/fs-io.c:344 __bch2_truncate_folio+0x1e7c/0x2194 fs/bcachefs/fs-io.c:344
Modules linked in:
CPU: 0 UID: 0 PID: 8097 Comm: syz.1.297 Not tainted 6.14.0-syzkaller-gd6b13dbd03b7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __bch2_truncate_folio+0x1e7c/0x2194 fs/bcachefs/fs-io.c:344
lr : __bch2_truncate_folio+0x1e7c/0x2194 fs/bcachefs/fs-io.c:344
sp : ffff80009dfe7180
x29: ffff80009dfe7420 x28: 0000000000000007 x27: ffff80009dfe73e0
x26: ffff700013bfce54 x25: 1fffe0001b9491f0 x24: 1ffff00013bfce7c
x23: dfff800000000000 x22: 0000000000000000 x21: 0000000000000000
x20: ffff0000dca48f80 x19: 0000000000000006 x18: 1fffe000366e6e86
x17: ffff80008fd4d000 x16: ffff80008046b590 x15: 0000000000000001
x14: 1fffffbff875c4a8 x13: 0000000000000000 x12: ffff700013bfce00
x11: 0000000000080000 x10: 0000000000002948 x9 : ffff8000a61cc000
x8 : 0000000000002949 x7 : ffff8000801588a8 x6 : ffff800080158aa4
x5 : ffff0000d7a49e00 x4 : 0000000000000001 x3 : ffff80009dfe73e0
x2 : 0000000020000001 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
__bch2_truncate_folio+0x1e7c/0x2194 fs/bcachefs/fs-io.c:344 (P)
bch2_truncate_folios fs/bcachefs/fs-io.c:383 [inline]
bchfs_fpunch+0x108/0x5f0 fs/bcachefs/fs-io.c:538
bch2_fallocate_dispatch+0x378/0x60c fs/bcachefs/fs-io.c:812
vfs_fallocate+0x578/0x6c0 fs/open.c:338
ioctl_preallocate+0x2f4/0x380 fs/ioctl.c:290
file_ioctl fs/ioctl.c:-1 [inline]
do_vfs_ioctl+0x1be4/0x2724 fs/ioctl.c:885
__do_sys_ioctl fs/ioctl.c:904 [inline]
__se_sys_ioctl fs/ioctl.c:892 [inline]
__arm64_sys_ioctl+0xe4/0x1cc fs/ioctl.c:892
__invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744
el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762
el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 224
hardirqs last enabled at (223): [<ffff80008051441c>] __call_rcu_common kernel/rcu/tree.c:3090 [inline]
hardirqs last enabled at (223): [<ffff80008051441c>] call_rcu+0x6d4/0xb9c kernel/rcu/tree.c:3172
hardirqs last disabled at (224): [<ffff80008b867bd4>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:488
softirqs last enabled at (126): [<ffff8000801295e4>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (124): [<ffff8000801295b0>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
---[ end trace 0000000000000000 ]---
bucket 0:34 gen 0 data type user sector count overflow: 0 + -8 > U32_MAX
while marking u64s 7 type extent 536870913:24:U32_MAX len 24 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0 compress lz4 ptr: 0:34:8 gen 0, shutting down
5 transaction updates for bch2_fpunch journal seq 0
update: btree=extents cached=0 bch2_btree_insert_nonextent fs/bcachefs/btree_update.c:635 [inline]
update: btree=extents cached=0 bch2_trans_update_extent_overwrite+0xd08/0x22c4 fs/bcachefs/btree_update.c:220
old u64s 5 type deleted 536870913:8:U32_MAX len 0 ver 0
new u64s 7 type extent 536870913:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0 compress lz4 ptr: 0:34:8 gen 0
update: btree=extents cached=0 bch2_btree_insert_nonextent fs/bcachefs/btree_update.c:635 [inline]
update: btree=extents cached=0 bch2_trans_update_extent_overwrite+0x14c4/0x22c4 fs/bcachefs/btree_update.c:262
old u64s 7 type extent 536870913:24:U32_MAX len 24 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0 compress lz4 ptr: 0:34:8 gen 0
new u64s 5 type deleted 536870913:24:U32_MAX len 0 ver 0
update: btree=inodes cached=1 bch2_extent_update_i_size_sectors+0x53c/0x7a4 fs/bcachefs/io_write.c:261
old u64s 18 type inode_v3 0:536870913:U32_MAX len 0 ver 0:
mode=100755
flags=(15300000)
journal_seq=11
hash_seed=b68791a594a6d5ae
hash_type=siphash
bi_size=0
bi_sectors=24
bi_version=0
bi_atime=2780562352
bi_ctime=2780562352
bi_mtime=2780562352
bi_otime=2780562352
bi_uid=0
bi_gid=0
bi_nlink=1
bi_generation=0
bi_dev=0
bi_data_checksum=0
bi_compression=0
bi_project=0
bi_background_compression=0
bi_data_replicas=0
bi_promote_target=0
bi_foreground_target=0
bi_background_target=0
bi_erasure_code=0
bi_fields_set=0
bi_dir=4096
bi_dir_offset=1896155912177158345
bi_subvol=0
bi_parent_subvol=0
bi_nocow=0
bi_depth=0
bi_inodes_32bit=0
new u64s 18 type inode_v3 0:536870913:U32_MAX len 0 ver 0:
mode=100755
flags=(15300000)
journal_seq=11
hash_seed=b68791a594a6d5ae
hash_type=siphash
bi_size=0
bi_sectors=8
bi_version=0
bi_atime=2780562352
bi_ctime=2780562352
bi_mtime=2780562352
bi_otime=2780562352
bi_uid=0
bi_gid=0
bi_nlink=1
bi_generation=0
bi_dev=0
bi_data_checksum=0
bi_compression=0
bi_project=0
bi_background_compression=0
bi_data_replicas=0
bi_promote_target=0
bi_foreground_target=0
bi_background_target=0
bi_erasure_code=0
bi_fields_set=0
bi_dir=4096
bi_dir_offset=1896155912177158345
bi_subvol=0
bi_parent_subvol=0
bi_nocow=0
bi_depth=0
bi_inodes_32bit=0
update: btree=alloc cached=0 bch2_trans_start_alloc_update+0x178/0x224 fs/bcachefs/alloc_background.c:486
old u64s 5 type deleted 0:34:0 len 0 ver 0
new u64s 13 type alloc_v4 0:34:0 len 0 ver 0:
gen 0 oldest_gen 0 data_type free
journal_seq_nonempty 0
journal_seq_empty 0
need_discard 0
need_inc_gen 0
dirty_sectors 0
stripe_sectors 0
cached_sectors 0
stripe 0
stripe_redundancy 0
io_time[READ] 0
io_time[WRITE] 0
fragmentation 0
bp_start 8
update: btree=alloc cached=1 bch2_trans_start_alloc_update+0x178/0x224 fs/bcachefs/alloc_background.c:486
old u64s 5 type deleted 0:34:0 len 0 ver 0
new u64s 13 type alloc_v4 0:34:0 len 0 ver 0:
gen 0 oldest_gen 0 data_type free
journal_seq_nonempty 0
journal_seq_empty 0
need_discard 0
need_inc_gen 0
dirty_sectors 0
stripe_sectors 0
cached_sectors 0
stripe 0
stripe_redundancy 0
io_time[READ] 0
io_time[WRITE] 0
fragmentation 0
bp_start 8