Syzkaller Found a Bug
syzkaller had found a way to create filesystem corruption through one of the “expected” damage paths, but the test case was a little obfuscated. Further complicating the matter was that syzkaller didn’t know that pwrite is one of the magic syscalls that takes a padding argument before off_t. In the end, it was just coincidence that syzkaller found a new way to corrupt its filesystem a few days after a filesystem commit.
Source: flak.tedunangst.com