./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2794997037
<...>
forked to background, child pid 4645
no interfaces have a carrier
[ 38.736933][ T4646] 8021q: adding VLAN 0 to HW filter on device bond0
[ 38.766020][ T4646] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.80' (ECDSA) to the list of known hosts.
execve("./syz-executor2794997037", ["./syz-executor2794997037"], 0x7ffda018f970 /* 10 vars */) = 0
brk(NULL) = 0x555556e53000
brk(0x555556e53c40) = 0x555556e53c40
arch_prctl(ARCH_SET_FS, 0x555556e53300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x555556e535d0) = 5071
set_robust_list(0x555556e535e0, 24) = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f41587ae950, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f41587af020}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f41587ae9f0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f41587af020}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2794997037", 4096) = 28
brk(0x555556e74c40) = 0x555556e74c40
brk(0x555556e75000) = 0x555556e75000
mprotect(0x7f4158876000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid() = 5071
mkdir("./syzkaller.NUXJFC", 0700) = 0
chmod("./syzkaller.NUXJFC", 0777) = 0
chdir("./syzkaller.NUXJFC") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e535d0) = 5072
./strace-static-x86_64: Process 5072 attached
[pid 5072] set_robust_list(0x555556e535e0, 24) = 0
[pid 5072] chdir("./0") = 0
[pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5072] setpgid(0, 0) = 0
[pid 5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5072] write(3, "1000", 4) = 4
[pid 5072] close(3) = 0
[pid 5072] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5072] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5072] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415877d000
[pid 5072] mprotect(0x7f415877e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5072] clone(child_stack=0x7f415879d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5074], tls=0x7f415879d700, child_tidptr=0x7f415879d9d0) = 5074
[pid 5072] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
./strace-static-x86_64: Process 5074 attached
[pid 5074] set_robust_list(0x7f415879d9e0, 24 <unfinished ...>
[pid 5072] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5074] <... set_robust_list resumed>) = 0
[pid 5074] memfd_create("syzkaller", 0) = 3
[pid 5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415037d000
syzkaller login: [ 62.056247][ T5074] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5074 'syz-executor279'
[pid 5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5074] munmap(0x7f415037d000, 16777216) = 0
[pid 5074] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5074] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5074] close(3) = 0
[pid 5074] mkdir("./file0", 0777) = 0
[ 62.235895][ T5074] loop0: detected capacity change from 0 to 32768
[ 62.249597][ T5074] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor279 (5074)
[ 62.269697][ T5074] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 62.279135][ T5074] BTRFS info (device loop0): force clearing of disk cache
[ 62.286286][ T5074] BTRFS info (device loop0): setting nodatasum
[ 62.292985][ T5074] BTRFS info (device loop0): allowing degraded mounts
[ 62.300667][ T5074] BTRFS info (device loop0): enabling disk space caching
[ 62.307736][ T5074] BTRFS info (device loop0): disk space caching is enabled
[ 62.331281][ T5074] BTRFS info (device loop0): enabling ssd optimizations
[ 62.338651][ T5074] BTRFS info (device loop0): auto enabling async discard
[ 62.347701][ T5074] BTRFS info (device loop0): clearing free space tree
[ 62.355354][ T5074] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 62.365818][ T5074] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid 5074] mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_STRICTATIME, "datacow,clear_cache,nodatasum,rescan_uuid_tree,degraded,space_cache=v1,") = 0
[pid 5074] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5074] chdir("./file0") = 0
[pid 5074] ioctl(4, LOOP_CLR_FD) = 0
[pid 5074] close(4) = 0
[pid 5074] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5072] <... futex resumed>) = 0
[pid 5074] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5072] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5074] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5072] <... futex resumed>) = 0
[pid 5074] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid 5072] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5074] <... openat resumed>) = 4
[pid 5074] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5072] <... futex resumed>) = 0
[pid 5074] ioctl(4, BTRFS_IOC_BALANCE_V2, {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}} <unfinished ...>
[pid 5072] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[ 62.390272][ T5074] BTRFS info (device loop0): checking UUID tree
[ 62.422297][ T5074] BTRFS info (device loop0): balance: start -d -m -s
[pid 5072] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid 5072] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid 5072] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5072] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415135c000
[pid 5072] mprotect(0x7f415135d000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5072] clone(child_stack=0x7f415137c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5093 attached
<unfinished ...>
[pid 5093] set_robust_list(0x7f415137c9e0, 24 <unfinished ...>
[pid 5072] <... clone resumed>, parent_tid=[5093], tls=0x7f415137c700, child_tidptr=0x7f415137c9d0) = 5093
[pid 5093] <... set_robust_list resumed>) = 0
[pid 5072] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5093] open("./file0", O_RDONLY <unfinished ...>
[pid 5072] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5093] <... open resumed>) = 5
[pid 5093] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5072] <... futex resumed>) = 0
[pid 5072] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5072] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5093] <... futex resumed>) = 1
[ 62.434175][ T5074] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[pid 5093] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 6
[pid 5093] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5072] <... futex resumed>) = 0
[pid 5072] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5072] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5093] <... futex resumed>) = 1
[pid 5093] ioctl(5, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5093] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5072] <... futex resumed>) = 0
[pid 5072] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5072] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5093] <... futex resumed>) = 1
[ 62.484606][ T5074] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[ 62.493819][ T27] audit: type=1800 audit(1680092540.890:2): pid=5093 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[pid 5093] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 7
[pid 5093] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5072] <... futex resumed>) = 0
[pid 5072] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5072] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5093] <... futex resumed>) = 1
[ 62.539901][ T27] audit: type=1800 audit(1680092540.940:3): pid=5093 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 62.563894][ T41] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[pid 5093] ioctl(5, BTRFS_IOC_SNAP_CREATE, {fd=6, name="\x42\x99\xc6\x3c\x6a\xca\x4b\xec\x68\x72\xd2\x02\x80\x8d\xda\x69\x34\x9c\x62\x54\x02\x9b\xbc\x4a\x38\xfb\x4e\x91\xbb\xa4\x82\x6c\xd7\x77\xcb\x59\x74\x4a\xdd\x18\x26\x71\x40\x88\x2a\x98\x37\x3f\xbb\xf4\xb5\xb0\x7c"} <unfinished ...>
[pid 5072] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5093] <... ioctl resumed>) = 0
[pid 5093] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[ 62.680025][ T5074] BTRFS info (device loop0): found 7 extents, stage: move data extents
[pid 5093] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5072] exit_group(0 <unfinished ...>
[pid 5093] <... futex resumed>) = ?
[pid 5072] <... exit_group resumed>) = ?
[pid 5093] +++ exited with 0 +++
[ 62.731917][ T5074] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[ 62.755730][ T5074] BTRFS info (device loop0): relocating block group 1048576 flags system
[pid 5074] <... ioctl resumed> <unfinished ...>) = ?
[pid 5074] +++ exited with 0 +++
[pid 5072] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5072, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=52 /* 0.52 s */} ---
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556e54620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs") = 0
[ 62.778354][ T5074] BTRFS info (device loop0): found 1 extents, stage: move data extents
[ 62.799625][ T5074] BTRFS info (device loop0): balance: ended with status: 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556e5c660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556e5c660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x555556e54620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e535d0) = 5098
./strace-static-x86_64: Process 5098 attached
[pid 5098] set_robust_list(0x555556e535e0, 24) = 0
[pid 5098] chdir("./1") = 0
[pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5098] setpgid(0, 0) = 0
[pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5098] write(3, "1000", 4) = 4
[pid 5098] close(3) = 0
[pid 5098] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5098] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5098] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415877d000
[pid 5098] mprotect(0x7f415877e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5098] clone(child_stack=0x7f415879d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5099 attached
, parent_tid=[5099], tls=0x7f415879d700, child_tidptr=0x7f415879d9d0) = 5099
[pid 5098] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5098] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5099] set_robust_list(0x7f415879d9e0, 24) = 0
[pid 5099] memfd_create("syzkaller", 0) = 3
[pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415037d000
[pid 5099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5099] munmap(0x7f415037d000, 16777216) = 0
[pid 5099] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5099] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5099] close(3) = 0
[pid 5099] mkdir("./file0", 0777) = 0
[ 63.166354][ T5099] loop0: detected capacity change from 0 to 32768
[ 63.177717][ T5099] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor279 (5099)
[ 63.195214][ T5099] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 63.204517][ T5099] BTRFS info (device loop0): force clearing of disk cache
[ 63.211693][ T5099] BTRFS info (device loop0): setting nodatasum
[ 63.218037][ T5099] BTRFS info (device loop0): allowing degraded mounts
[ 63.224864][ T5099] BTRFS info (device loop0): enabling disk space caching
[ 63.232023][ T5099] BTRFS info (device loop0): disk space caching is enabled
[ 63.253709][ T5099] BTRFS info (device loop0): enabling ssd optimizations
[pid 5099] mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_STRICTATIME, "datacow,clear_cache,nodatasum,rescan_uuid_tree,degraded,space_cache=v1,") = 0
[pid 5099] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5099] chdir("./file0") = 0
[pid 5099] ioctl(4, LOOP_CLR_FD) = 0
[pid 5099] close(4) = 0
[pid 5099] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5098] <... futex resumed>) = 0
[pid 5098] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5098] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5099] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5099] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5098] <... futex resumed>) = 0
[pid 5098] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5098] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[ 63.260727][ T5099] BTRFS info (device loop0): auto enabling async discard
[ 63.269287][ T5099] BTRFS info (device loop0): clearing free space tree
[ 63.276115][ T5099] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 63.285969][ T5099] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 63.300928][ T5099] BTRFS info (device loop0): checking UUID tree
[pid 5099] ioctl(4, BTRFS_IOC_BALANCE_V2, {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}} <unfinished ...>
[pid 5098] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5098] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5098] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415135c000
[pid 5098] mprotect(0x7f415135d000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5098] clone(child_stack=0x7f415137c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5118], tls=0x7f415137c700, child_tidptr=0x7f415137c9d0) = 5118
[pid 5098] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5098] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5118 attached
<unfinished ...>
[pid 5118] set_robust_list(0x7f415137c9e0, 24) = 0
[pid 5118] open("./file0", O_RDONLY) = 5
[pid 5118] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5098] <... futex resumed>) = 0
[ 63.337665][ T5099] BTRFS info (device loop0): balance: start -d -m -s
[ 63.352612][ T5099] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[ 63.373100][ T5099] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[pid 5118] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid 5098] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5098] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5118] <... open resumed>) = 6
[pid 5118] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5098] <... futex resumed>) = 0
[pid 5118] <... futex resumed>) = 1
[pid 5098] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5098] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5118] ioctl(5, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5118] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5098] <... futex resumed>) = 0
[pid 5118] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid 5098] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[ 63.405099][ T27] audit: type=1800 audit(1680092541.810:4): pid=5118 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[pid 5098] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5118] <... open resumed>) = 7
[pid 5118] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5098] <... futex resumed>) = 0
[pid 5098] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5118] ioctl(5, BTRFS_IOC_SNAP_CREATE, {fd=6, name="\x42\x99\xc6\x3c\x6a\xca\x4b\xec\x68\x72\xd2\x02\x80\x8d\xda\x69\x34\x9c\x62\x54\x02\x9b\xbc\x4a\x38\xfb\x4e\x91\xbb\xa4\x82\x6c\xd7\x77\xcb\x59\x74\x4a\xdd\x18\x26\x71\x40\x88\x2a\x98\x37\x3f\xbb\xf4\xb5\xb0\x7c"} <unfinished ...>
[pid 5098] <... futex resumed>) = 0
[ 63.460968][ T41] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 63.483734][ T27] audit: type=1800 audit(1680092541.860:5): pid=5118 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[pid 5098] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5118] <... ioctl resumed>) = 0
[pid 5118] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5098] <... futex resumed>) = 0
[ 63.513625][ T5099] BTRFS info (device loop0): found 9 extents, stage: move data extents
[ 63.557960][ T5099] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[ 63.581090][ T5099] BTRFS info (device loop0): relocating block group 1048576 flags system
[pid 5118] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5099] <... ioctl resumed> => {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, state=0, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}}) = 0
[pid 5099] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5098] exit_group(0) = ?
[pid 5118] <... futex resumed>) = ?
[pid 5099] <... futex resumed>) = ?
[pid 5118] +++ exited with 0 +++
[pid 5099] +++ exited with 0 +++
[pid 5098] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=46 /* 0.46 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556e54620 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./1/binderfs") = 0
[ 63.601111][ T5099] BTRFS info (device loop0): found 1 extents, stage: move data extents
[ 63.619661][ T5099] BTRFS info (device loop0): balance: ended with status: 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556e5c660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556e5c660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x555556e54620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e535d0) = 5122
./strace-static-x86_64: Process 5122 attached
[pid 5122] set_robust_list(0x555556e535e0, 24) = 0
[pid 5122] chdir("./2") = 0
[pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5122] setpgid(0, 0) = 0
[pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5122] write(3, "1000", 4) = 4
[pid 5122] close(3) = 0
[pid 5122] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5122] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5122] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415877d000
[pid 5122] mprotect(0x7f415877e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5122] clone(child_stack=0x7f415879d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5123 attached
, parent_tid=[5123], tls=0x7f415879d700, child_tidptr=0x7f415879d9d0) = 5123
[pid 5122] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5122] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5123] set_robust_list(0x7f415879d9e0, 24) = 0
[pid 5123] memfd_create("syzkaller", 0) = 3
[pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415037d000
[pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5123] munmap(0x7f415037d000, 16777216) = 0
[pid 5123] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5123] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5123] close(3) = 0
[pid 5123] mkdir("./file0", 0777) = 0
[ 63.975368][ T5123] loop0: detected capacity change from 0 to 32768
[ 63.987940][ T5123] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor279 (5123)
[ 64.003437][ T5123] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 64.012778][ T5123] BTRFS info (device loop0): force clearing of disk cache
[ 64.020075][ T5123] BTRFS info (device loop0): setting nodatasum
[ 64.026259][ T5123] BTRFS info (device loop0): allowing degraded mounts
[ 64.033123][ T5123] BTRFS info (device loop0): enabling disk space caching
[ 64.040337][ T5123] BTRFS info (device loop0): disk space caching is enabled
[ 64.063521][ T5123] BTRFS info (device loop0): enabling ssd optimizations
[pid 5123] mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_STRICTATIME, "datacow,clear_cache,nodatasum,rescan_uuid_tree,degraded,space_cache=v1,") = 0
[pid 5123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5123] chdir("./file0") = 0
[pid 5123] ioctl(4, LOOP_CLR_FD) = 0
[pid 5123] close(4) = 0
[pid 5123] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5123] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5122] <... futex resumed>) = 0
[pid 5122] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5123] <... futex resumed>) = 0
[pid 5122] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5123] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5123] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5122] <... futex resumed>) = 0
[pid 5122] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5123] ioctl(4, BTRFS_IOC_BALANCE_V2, {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}} <unfinished ...>
[pid 5122] <... futex resumed>) = 0
[ 64.070537][ T5123] BTRFS info (device loop0): auto enabling async discard
[ 64.078556][ T5123] BTRFS info (device loop0): clearing free space tree
[ 64.085414][ T5123] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 64.095121][ T5123] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 64.109049][ T5123] BTRFS info (device loop0): checking UUID tree
[pid 5122] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid 5122] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5122] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415135c000
[pid 5122] mprotect(0x7f415135d000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5122] clone(child_stack=0x7f415137c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5142 attached
, parent_tid=[5142], tls=0x7f415137c700, child_tidptr=0x7f415137c9d0) = 5142
[pid 5122] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5142] set_robust_list(0x7f415137c9e0, 24 <unfinished ...>
[pid 5122] <... futex resumed>) = 0
[pid 5122] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5142] <... set_robust_list resumed>) = 0
[pid 5142] open("./file0", O_RDONLY) = 5
[pid 5142] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5122] <... futex resumed>) = 0
[pid 5122] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5122] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[ 64.141535][ T5123] BTRFS info (device loop0): balance: start -d -m -s
[ 64.149324][ T5123] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[ 64.176934][ T5123] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[pid 5142] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 6
[pid 5122] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5122] futex(0x7f415887c7cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5122] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5142] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5122] <... mmap resumed>) = 0x7f415133b000
[pid 5142] <... futex resumed>) = 0
[pid 5122] mprotect(0x7f415133c000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid 5142] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5122] <... mprotect resumed>) = 0
[pid 5122] clone(child_stack=0x7f415135b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5143], tls=0x7f415135b700, child_tidptr=0x7f415135b9d0) = 5143
[pid 5122] futex(0x7f415887c7c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5122] futex(0x7f415887c7cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5143 attached
[ 64.223662][ T27] audit: type=1800 audit(1680092542.630:6): pid=5142 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
<unfinished ...>
[pid 5143] set_robust_list(0x7f415135b9e0, 24) = 0
[pid 5143] ioctl(5, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5143] futex(0x7f415887c7cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5143] futex(0x7f415887c7c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5122] <... futex resumed>) = 0
[pid 5122] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5142] <... futex resumed>) = 0
[pid 5122] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5142] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 7
[ 64.264799][ T5123] BTRFS info (device loop0): found 9 extents, stage: move data extents
[ 64.290649][ T27] audit: type=1800 audit(1680092542.700:7): pid=5142 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[pid 5142] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5122] <... futex resumed>) = 0
[pid 5142] ioctl(5, BTRFS_IOC_SNAP_CREATE, {fd=6, name="\x42\x99\xc6\x3c\x6a\xca\x4b\xec\x68\x72\xd2\x02\x80\x8d\xda\x69\x34\x9c\x62\x54\x02\x9b\xbc\x4a\x38\xfb\x4e\x91\xbb\xa4\x82\x6c\xd7\x77\xcb\x59\x74\x4a\xdd\x18\x26\x71\x40\x88\x2a\x98\x37\x3f\xbb\xf4\xb5\xb0\x7c"} <unfinished ...>
[pid 5122] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5122] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5142] <... ioctl resumed>) = 0
[pid 5122] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5142] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[ 64.316594][ T9] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 64.335606][ T5123] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[ 64.414003][ T5123] BTRFS info (device loop0): relocating block group 1048576 flags system
[pid 5142] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5123] <... ioctl resumed> => {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, state=0, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}}) = 0
[pid 5123] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5123] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5122] exit_group(0 <unfinished ...>
[pid 5143] <... futex resumed>) = ?
[pid 5142] <... futex resumed>) = ?
[pid 5123] <... futex resumed>) = ?
[pid 5122] <... exit_group resumed>) = ?
[pid 5143] +++ exited with 0 +++
[pid 5142] +++ exited with 0 +++
[pid 5123] +++ exited with 0 +++
[pid 5122] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=44 /* 0.44 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556e54620 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./2/binderfs") = 0
[ 64.469623][ T5123] BTRFS info (device loop0): found 1 extents, stage: move data extents
[ 64.502001][ T5123] BTRFS info (device loop0): balance: ended with status: 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556e5c660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556e5c660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x555556e54620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e535d0) = 5144
./strace-static-x86_64: Process 5144 attached
[pid 5144] set_robust_list(0x555556e535e0, 24) = 0
[pid 5144] chdir("./3") = 0
[pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5144] setpgid(0, 0) = 0
[pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5144] write(3, "1000", 4) = 4
[pid 5144] close(3) = 0
[pid 5144] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5144] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5144] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415877d000
[pid 5144] mprotect(0x7f415877e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5144] clone(child_stack=0x7f415879d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5145 attached
<unfinished ...>
[pid 5145] set_robust_list(0x7f415879d9e0, 24) = 0
[pid 5145] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5144] <... clone resumed>, parent_tid=[5145], tls=0x7f415879d700, child_tidptr=0x7f415879d9d0) = 5145
[pid 5144] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5145] <... futex resumed>) = 0
[pid 5144] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5145] memfd_create("syzkaller", 0) = 3
[pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415037d000
[pid 5145] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5145] munmap(0x7f415037d000, 16777216) = 0
[pid 5145] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5145] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5145] close(3) = 0
[pid 5145] mkdir("./file0", 0777) = 0
[ 64.875924][ T5145] loop0: detected capacity change from 0 to 32768
[ 64.886136][ T5145] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor279 (5145)
[ 64.903081][ T5145] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 64.912614][ T5145] BTRFS info (device loop0): force clearing of disk cache
[ 64.920085][ T5145] BTRFS info (device loop0): setting nodatasum
[ 64.926284][ T5145] BTRFS info (device loop0): allowing degraded mounts
[ 64.933245][ T5145] BTRFS info (device loop0): enabling disk space caching
[ 64.940564][ T5145] BTRFS info (device loop0): disk space caching is enabled
[ 64.960511][ T5145] BTRFS info (device loop0): enabling ssd optimizations
[ 64.967525][ T5145] BTRFS info (device loop0): auto enabling async discard
[pid 5145] mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_STRICTATIME, "datacow,clear_cache,nodatasum,rescan_uuid_tree,degraded,space_cache=v1,") = 0
[pid 5145] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5145] chdir("./file0") = 0
[pid 5145] ioctl(4, LOOP_CLR_FD) = 0
[pid 5145] close(4) = 0
[pid 5145] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5144] <... futex resumed>) = 0
[pid 5145] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid 5144] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5145] <... openat resumed>) = 4
[pid 5144] <... futex resumed>) = 0
[pid 5144] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5145] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5144] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5145] <... futex resumed>) = 0
[pid 5144] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5145] ioctl(4, BTRFS_IOC_BALANCE_V2, {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}} <unfinished ...>
[pid 5144] <... futex resumed>) = 0
[ 64.975414][ T5145] BTRFS info (device loop0): clearing free space tree
[ 64.982491][ T5145] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 64.992322][ T5145] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 65.006192][ T5145] BTRFS info (device loop0): checking UUID tree
[pid 5144] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid 5144] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5144] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415135c000
[pid 5144] mprotect(0x7f415135d000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5144] clone(child_stack=0x7f415137c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5164], tls=0x7f415137c700, child_tidptr=0x7f415137c9d0) = 5164
[pid 5144] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5144] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5164 attached
<unfinished ...>
[pid 5164] set_robust_list(0x7f415137c9e0, 24) = 0
[pid 5164] open("./file0", O_RDONLY) = 5
[pid 5164] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5164] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5144] <... futex resumed>) = 0
[pid 5144] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5164] <... futex resumed>) = 0
[pid 5144] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[ 65.040281][ T5145] BTRFS info (device loop0): balance: start -d -m -s
[ 65.047858][ T5145] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[ 65.071219][ T5145] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[pid 5164] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 6
[pid 5164] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5144] <... futex resumed>) = 0
[pid 5164] <... futex resumed>) = 1
[pid 5144] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5164] ioctl(5, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE} <unfinished ...>
[pid 5144] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5164] <... ioctl resumed>) = 0
[pid 5164] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5144] <... futex resumed>) = 0
[pid 5164] <... futex resumed>) = 1
[pid 5144] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5164] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid 5144] <... futex resumed>) = 0
[ 65.109930][ T27] audit: type=1800 audit(1680092543.520:8): pid=5164 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[pid 5144] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5164] <... open resumed>) = 7
[pid 5144] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5164] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5164] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5144] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5164] <... futex resumed>) = 0
[pid 5164] ioctl(5, BTRFS_IOC_SNAP_CREATE, {fd=6, name="\x42\x99\xc6\x3c\x6a\xca\x4b\xec\x68\x72\xd2\x02\x80\x8d\xda\x69\x34\x9c\x62\x54\x02\x9b\xbc\x4a\x38\xfb\x4e\x91\xbb\xa4\x82\x6c\xd7\x77\xcb\x59\x74\x4a\xdd\x18\x26\x71\x40\x88\x2a\x98\x37\x3f\xbb\xf4\xb5\xb0\x7c"} <unfinished ...>
[ 65.166984][ T27] audit: type=1800 audit(1680092543.560:9): pid=5164 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 65.199209][ T41] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[pid 5144] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5164] <... ioctl resumed>) = 0
[pid 5164] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5144] <... futex resumed>) = 0
[pid 5164] <... futex resumed>) = 1
[ 65.234102][ T5145] BTRFS info (device loop0): found 9 extents, stage: move data extents
[ 65.270692][ T5145] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[pid 5164] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5145] <... ioctl resumed> => {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, state=0, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}}) = 0
[pid 5145] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5145] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5144] exit_group(0 <unfinished ...>
[pid 5164] <... futex resumed>) = ?
[pid 5145] <... futex resumed>) = ?
[pid 5144] <... exit_group resumed>) = ?
[pid 5164] +++ exited with 0 +++
[pid 5145] +++ exited with 0 +++
[pid 5144] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=0, si_stime=44 /* 0.44 s */} ---
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556e54620 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./3/binderfs") = 0
[ 65.292956][ T5145] BTRFS info (device loop0): relocating block group 1048576 flags system
[ 65.312274][ T5145] BTRFS info (device loop0): found 1 extents, stage: move data extents
[ 65.333392][ T5145] BTRFS info (device loop0): balance: ended with status: 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556e5c660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556e5c660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x555556e54620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e535d0) = 5167
./strace-static-x86_64: Process 5167 attached
[pid 5167] set_robust_list(0x555556e535e0, 24) = 0
[pid 5167] chdir("./4") = 0
[pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5167] setpgid(0, 0) = 0
[pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5167] write(3, "1000", 4) = 4
[pid 5167] close(3) = 0
[pid 5167] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5167] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5167] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415877d000
[pid 5167] mprotect(0x7f415877e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5167] clone(child_stack=0x7f415879d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5168 attached
<unfinished ...>
[pid 5168] set_robust_list(0x7f415879d9e0, 24 <unfinished ...>
[pid 5167] <... clone resumed>, parent_tid=[5168], tls=0x7f415879d700, child_tidptr=0x7f415879d9d0) = 5168
[pid 5168] <... set_robust_list resumed>) = 0
[pid 5168] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5167] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5168] <... futex resumed>) = 0
[pid 5167] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5168] memfd_create("syzkaller", 0) = 3
[pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415037d000
[pid 5168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5168] munmap(0x7f415037d000, 16777216) = 0
[pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5168] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5168] close(3) = 0
[pid 5168] mkdir("./file0", 0777) = 0
[ 65.688377][ T5168] loop0: detected capacity change from 0 to 32768
[ 65.697827][ T5168] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor279 (5168)
[ 65.714808][ T5168] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 65.724166][ T5168] BTRFS info (device loop0): force clearing of disk cache
[ 65.731548][ T5168] BTRFS info (device loop0): setting nodatasum
[ 65.737724][ T5168] BTRFS info (device loop0): allowing degraded mounts
[ 65.744766][ T5168] BTRFS info (device loop0): enabling disk space caching
[ 65.751854][ T5168] BTRFS info (device loop0): disk space caching is enabled
[ 65.772086][ T5168] BTRFS info (device loop0): enabling ssd optimizations
[ 65.779129][ T5168] BTRFS info (device loop0): auto enabling async discard
[pid 5168] mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_STRICTATIME, "datacow,clear_cache,nodatasum,rescan_uuid_tree,degraded,space_cache=v1,") = 0
[pid 5168] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5168] chdir("./file0") = 0
[pid 5168] ioctl(4, LOOP_CLR_FD) = 0
[pid 5168] close(4) = 0
[pid 5168] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5167] <... futex resumed>) = 0
[pid 5168] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5167] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5168] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5167] <... futex resumed>) = 0
[pid 5168] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid 5167] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5168] <... openat resumed>) = 4
[pid 5168] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5167] <... futex resumed>) = 0
[pid 5168] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5167] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5168] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5167] <... futex resumed>) = 0
[ 65.787017][ T5168] BTRFS info (device loop0): clearing free space tree
[ 65.793905][ T5168] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 65.803614][ T5168] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 65.818142][ T5168] BTRFS info (device loop0): checking UUID tree
[pid 5168] ioctl(4, BTRFS_IOC_BALANCE_V2, {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}} <unfinished ...>
[pid 5167] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid 5167] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5167] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415135c000
[pid 5167] mprotect(0x7f415135d000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5167] clone(child_stack=0x7f415137c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5187], tls=0x7f415137c700, child_tidptr=0x7f415137c9d0) = 5187
[pid 5167] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5167] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5187 attached
<unfinished ...>
[pid 5187] set_robust_list(0x7f415137c9e0, 24) = 0
[pid 5187] open("./file0", O_RDONLY) = 5
[pid 5187] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5167] <... futex resumed>) = 0
[pid 5187] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5167] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5187] <... futex resumed>) = 0
[pid 5167] <... futex resumed>) = 1
[ 65.861277][ T5168] BTRFS info (device loop0): balance: start -d -m -s
[ 65.870615][ T5168] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[ 65.897346][ T5168] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[pid 5187] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid 5167] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5187] <... open resumed>) = 6
[pid 5187] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5167] <... futex resumed>) = 0
[pid 5187] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5167] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5187] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5167] <... futex resumed>) = 0
[pid 5187] ioctl(5, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE} <unfinished ...>
[pid 5167] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5187] <... ioctl resumed>) = 0
[pid 5187] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5167] <... futex resumed>) = 0
[pid 5187] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5167] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5187] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid 5167] <... futex resumed>) = 0
[pid 5167] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5187] <... open resumed>) = 7
[pid 5187] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5167] <... futex resumed>) = 0
[pid 5187] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5167] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5187] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5167] <... futex resumed>) = 0
[pid 5187] ioctl(5, BTRFS_IOC_SNAP_CREATE, {fd=6, name="\x42\x99\xc6\x3c\x6a\xca\x4b\xec\x68\x72\xd2\x02\x80\x8d\xda\x69\x34\x9c\x62\x54\x02\x9b\xbc\x4a\x38\xfb\x4e\x91\xbb\xa4\x82\x6c\xd7\x77\xcb\x59\x74\x4a\xdd\x18\x26\x71\x40\x88\x2a\x98\x37\x3f\xbb\xf4\xb5\xb0\x7c"} <unfinished ...>
[ 65.943991][ T27] audit: type=1800 audit(1680092544.350:10): pid=5187 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 65.955821][ T5168] BTRFS info (device loop0): found 9 extents, stage: move data extents
[ 65.994471][ T27] audit: type=1800 audit(1680092544.390:11): pid=5187 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[pid 5167] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5187] <... ioctl resumed>) = 0
[pid 5187] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5167] <... futex resumed>) = 0
[pid 5187] <... futex resumed>) = 1
[pid 5187] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5168] <... ioctl resumed> => {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, state=0, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}}) = 0
[pid 5168] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5168] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5167] exit_group(0) = ?
[pid 5187] <... futex resumed>) = ?
[pid 5168] <... futex resumed>) = ?
[pid 5168] +++ exited with 0 +++
[pid 5187] +++ exited with 0 +++
[pid 5167] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5167, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=45 /* 0.45 s */} ---
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556e54620 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./4/binderfs") = 0
[ 66.105240][ T5168] syz-executor279 (5168) used greatest stack depth: 19896 bytes left
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556e5c660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556e5c660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x555556e54620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e535d0) = 5188
./strace-static-x86_64: Process 5188 attached
[pid 5188] set_robust_list(0x555556e535e0, 24) = 0
[pid 5188] chdir("./5") = 0
[pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5188] setpgid(0, 0) = 0
[pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5188] write(3, "1000", 4) = 4
[pid 5188] close(3) = 0
[pid 5188] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5188] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5188] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415877d000
[pid 5188] mprotect(0x7f415877e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5188] clone(child_stack=0x7f415879d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5189 attached
, parent_tid=[5189], tls=0x7f415879d700, child_tidptr=0x7f415879d9d0) = 5189
[pid 5188] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5189] set_robust_list(0x7f415879d9e0, 24 <unfinished ...>
[pid 5188] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5189] <... set_robust_list resumed>) = 0
[pid 5189] memfd_create("syzkaller", 0) = 3
[pid 5189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415037d000
[pid 5189] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5189] munmap(0x7f415037d000, 16777216) = 0
[pid 5189] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5189] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5189] close(3) = 0
[pid 5189] mkdir("./file0", 0777) = 0
[pid 5189] mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_STRICTATIME, "datacow,clear_cache,nodatasum,rescan_uuid_tree,degraded,space_cache=v1,") = 0
[pid 5189] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5189] chdir("./file0") = 0
[pid 5189] ioctl(4, LOOP_CLR_FD) = 0
[pid 5189] close(4) = 0
[pid 5189] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5188] <... futex resumed>) = 0
[ 66.439172][ T5189] loop0: detected capacity change from 0 to 32768
[ 66.451580][ T5189] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor279 (5189)
[pid 5188] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5188] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5189] <... futex resumed>) = 1
[pid 5189] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5189] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5188] <... futex resumed>) = 0
[pid 5188] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5188] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5189] <... futex resumed>) = 1
[pid 5189] ioctl(4, BTRFS_IOC_BALANCE_V2, {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}} <unfinished ...>
[pid 5188] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5188] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5188] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415135c000
[pid 5188] mprotect(0x7f415135d000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5188] clone(child_stack=0x7f415137c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5208], tls=0x7f415137c700, child_tidptr=0x7f415137c9d0) = 5208
[pid 5188] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5188] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5208 attached
<unfinished ...>
[pid 5208] set_robust_list(0x7f415137c9e0, 24) = 0
[pid 5208] open("./file0", O_RDONLY) = 5
[pid 5208] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5188] <... futex resumed>) = 0
[pid 5208] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5188] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5208] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5188] <... futex resumed>) = 0
[pid 5208] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid 5188] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5208] <... open resumed>) = 6
[pid 5208] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5188] <... futex resumed>) = 0
[pid 5208] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5188] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5208] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5188] <... futex resumed>) = 0
[pid 5208] ioctl(5, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE} <unfinished ...>
[pid 5188] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5208] <... ioctl resumed>) = 0
[pid 5208] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5188] <... futex resumed>) = 0
[pid 5208] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid 5188] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5188] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5208] <... open resumed>) = 7
[pid 5208] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5188] <... futex resumed>) = 0
[pid 5208] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5188] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5208] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5188] <... futex resumed>) = 0
[pid 5208] ioctl(5, BTRFS_IOC_SNAP_CREATE, {fd=6, name="\x42\x99\xc6\x3c\x6a\xca\x4b\xec\x68\x72\xd2\x02\x80\x8d\xda\x69\x34\x9c\x62\x54\x02\x9b\xbc\x4a\x38\xfb\x4e\x91\xbb\xa4\x82\x6c\xd7\x77\xcb\x59\x74\x4a\xdd\x18\x26\x71\x40\x88\x2a\x98\x37\x3f\xbb\xf4\xb5\xb0\x7c"} <unfinished ...>
[pid 5188] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5208] <... ioctl resumed>) = 0
[pid 5208] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5188] <... futex resumed>) = 0
[pid 5208] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5189] <... ioctl resumed> => {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, state=0, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}}) = 0
[pid 5189] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5189] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5188] exit_group(0 <unfinished ...>
[pid 5208] <... futex resumed>) = ?
[pid 5188] <... exit_group resumed>) = ?
[pid 5208] +++ exited with 0 +++
[pid 5189] <... futex resumed>) = ?
[pid 5189] +++ exited with 0 +++
[pid 5188] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5188, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=31 /* 0.31 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556e54620 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./5/binderfs") = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556e5c660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556e5c660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x555556e54620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e535d0) = 5209
./strace-static-x86_64: Process 5209 attached
[pid 5209] set_robust_list(0x555556e535e0, 24) = 0
[pid 5209] chdir("./6") = 0
[pid 5209] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5209] setpgid(0, 0) = 0
[pid 5209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5209] write(3, "1000", 4) = 4
[pid 5209] close(3) = 0
[pid 5209] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5209] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415877d000
[pid 5209] mprotect(0x7f415877e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5209] clone(child_stack=0x7f415879d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5210], tls=0x7f415879d700, child_tidptr=0x7f415879d9d0) = 5210
[pid 5209] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5210 attached
<unfinished ...>
[pid 5210] set_robust_list(0x7f415879d9e0, 24) = 0
[pid 5210] memfd_create("syzkaller", 0) = 3
[pid 5210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415037d000
[pid 5210] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5210] munmap(0x7f415037d000, 16777216) = 0
[pid 5210] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5210] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5210] close(3) = 0
[pid 5210] mkdir("./file0", 0777) = 0
[pid 5210] mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_STRICTATIME, "datacow,clear_cache,nodatasum,rescan_uuid_tree,degraded,space_cache=v1,") = 0
[pid 5210] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5210] chdir("./file0") = 0
[pid 5210] ioctl(4, LOOP_CLR_FD) = 0
[pid 5210] close(4) = 0
[pid 5210] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5209] <... futex resumed>) = 0
[pid 5209] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5210] <... futex resumed>) = 1
[pid 5210] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5210] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5209] <... futex resumed>) = 0
[pid 5209] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5210] <... futex resumed>) = 1
[ 67.047858][ T5210] loop0: detected capacity change from 0 to 32768
[ 67.058710][ T5210] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor279 (5210)
[pid 5210] ioctl(4, BTRFS_IOC_BALANCE_V2, {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}} <unfinished ...>
[pid 5209] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5209] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid 5209] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid 5209] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415135c000
[pid 5209] mprotect(0x7f415135d000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5209] clone(child_stack=0x7f415137c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5229], tls=0x7f415137c700, child_tidptr=0x7f415137c9d0) = 5229
[pid 5209] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5229 attached
<unfinished ...>
[pid 5229] set_robust_list(0x7f415137c9e0, 24) = 0
[pid 5229] open("./file0", O_RDONLY) = 5
[pid 5229] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5209] <... futex resumed>) = 0
[pid 5209] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5229] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid 5209] <... futex resumed>) = 0
[pid 5209] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5229] <... open resumed>) = 6
[pid 5229] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5209] <... futex resumed>) = 0
[pid 5229] <... futex resumed>) = 1
[pid 5209] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5229] ioctl(5, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5229] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5209] <... futex resumed>) = 0
[pid 5229] <... futex resumed>) = 1
[pid 5209] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5229] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid 5209] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5229] <... open resumed>) = 7
[pid 5229] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5209] <... futex resumed>) = 0
[pid 5209] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5229] ioctl(5, BTRFS_IOC_SNAP_CREATE, {fd=6, name="\x42\x99\xc6\x3c\x6a\xca\x4b\xec\x68\x72\xd2\x02\x80\x8d\xda\x69\x34\x9c\x62\x54\x02\x9b\xbc\x4a\x38\xfb\x4e\x91\xbb\xa4\x82\x6c\xd7\x77\xcb\x59\x74\x4a\xdd\x18\x26\x71\x40\x88\x2a\x98\x37\x3f\xbb\xf4\xb5\xb0\x7c"}) = 0
[pid 5229] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5209] <... futex resumed>) = 0
[pid 5229] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5210] <... ioctl resumed> => {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, state=0, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}}) = 0
[pid 5210] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5210] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5209] exit_group(0 <unfinished ...>
[pid 5229] <... futex resumed>) = ?
[pid 5210] <... futex resumed>) = ?
[pid 5209] <... exit_group resumed>) = ?
[pid 5210] +++ exited with 0 +++
[pid 5229] +++ exited with 0 +++
[pid 5209] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5209, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556e54620 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./6/binderfs") = 0
[ 67.283926][ T5210] _btrfs_printk: 45 callbacks suppressed
[ 67.283942][ T5210] BTRFS info (device loop0): found 1 extents, stage: move data extents
[ 67.316426][ T5210] BTRFS info (device loop0): balance: ended with status: 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556e5c660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556e5c660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x555556e54620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e535d0) = 5230
./strace-static-x86_64: Process 5230 attached
[pid 5230] set_robust_list(0x555556e535e0, 24) = 0
[pid 5230] chdir("./7") = 0
[pid 5230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5230] setpgid(0, 0) = 0
[pid 5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5230] write(3, "1000", 4) = 4
[pid 5230] close(3) = 0
[pid 5230] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5230] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5230] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415877d000
[pid 5230] mprotect(0x7f415877e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5230] clone(child_stack=0x7f415879d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5231 attached
<unfinished ...>
[pid 5231] set_robust_list(0x7f415879d9e0, 24) = 0
[pid 5231] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5230] <... clone resumed>, parent_tid=[5231], tls=0x7f415879d700, child_tidptr=0x7f415879d9d0) = 5231
[pid 5230] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5231] <... futex resumed>) = 0
[pid 5231] memfd_create("syzkaller", 0) = 3
[pid 5231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415037d000
[pid 5230] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5231] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5231] munmap(0x7f415037d000, 16777216) = 0
[pid 5231] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5231] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5231] close(3) = 0
[pid 5231] mkdir("./file0", 0777) = 0
[ 67.686008][ T5231] loop0: detected capacity change from 0 to 32768
[ 67.703413][ T5231] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor279 (5231)
[ 67.721473][ T5231] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 67.730803][ T5231] BTRFS info (device loop0): force clearing of disk cache
[ 67.737944][ T5231] BTRFS info (device loop0): setting nodatasum
[ 67.744195][ T5231] BTRFS info (device loop0): allowing degraded mounts
[ 67.751048][ T5231] BTRFS info (device loop0): enabling disk space caching
[ 67.758156][ T5231] BTRFS info (device loop0): disk space caching is enabled
[ 67.779480][ T5231] BTRFS info (device loop0): enabling ssd optimizations
[pid 5231] mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_STRICTATIME, "datacow,clear_cache,nodatasum,rescan_uuid_tree,degraded,space_cache=v1,") = 0
[pid 5231] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5231] chdir("./file0") = 0
[pid 5231] ioctl(4, LOOP_CLR_FD) = 0
[pid 5231] close(4) = 0
[pid 5231] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5230] <... futex resumed>) = 0
[pid 5230] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5230] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5231] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5231] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5230] <... futex resumed>) = 0
[pid 5231] <... futex resumed>) = 1
[pid 5230] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5230] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[ 67.786471][ T5231] BTRFS info (device loop0): auto enabling async discard
[ 67.795209][ T5231] BTRFS info (device loop0): clearing free space tree
[ 67.802183][ T5231] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 67.811915][ T5231] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 67.825952][ T5231] BTRFS info (device loop0): checking UUID tree
[pid 5231] ioctl(4, BTRFS_IOC_BALANCE_V2, {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}} <unfinished ...>
[pid 5230] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5230] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid 5230] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5230] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415135c000
[pid 5230] mprotect(0x7f415135d000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5230] clone(child_stack=0x7f415137c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5250], tls=0x7f415137c700, child_tidptr=0x7f415137c9d0) = 5250
[pid 5230] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5230] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5250 attached
<unfinished ...>
[pid 5250] set_robust_list(0x7f415137c9e0, 24) = 0
[pid 5250] open("./file0", O_RDONLY) = 5
[pid 5250] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5250] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5230] <... futex resumed>) = 0
[pid 5230] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5230] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5250] <... futex resumed>) = 0
[ 67.864307][ T5231] BTRFS info (device loop0): balance: start -d -m -s
[ 67.872426][ T5231] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[ 67.894624][ T5231] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[pid 5250] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 6
[pid 5250] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5230] <... futex resumed>) = 0
[pid 5250] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5230] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5250] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5230] <... futex resumed>) = 0
[pid 5250] ioctl(5, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE} <unfinished ...>
[pid 5230] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5250] <... ioctl resumed>) = 0
[pid 5250] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5230] <... futex resumed>) = 0
[pid 5250] <... futex resumed>) = 1
[pid 5230] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5230] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[ 67.930931][ T27] kauditd_printk_skb: 4 callbacks suppressed
[ 67.930947][ T27] audit: type=1800 audit(1680092546.340:16): pid=5250 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 67.949111][ T5231] BTRFS info (device loop0): found 9 extents, stage: move data extents
[pid 5250] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 7
[pid 5250] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5230] <... futex resumed>) = 0
[pid 5250] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5230] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5250] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5230] <... futex resumed>) = 0
[pid 5250] ioctl(5, BTRFS_IOC_SNAP_CREATE, {fd=6, name="\x42\x99\xc6\x3c\x6a\xca\x4b\xec\x68\x72\xd2\x02\x80\x8d\xda\x69\x34\x9c\x62\x54\x02\x9b\xbc\x4a\x38\xfb\x4e\x91\xbb\xa4\x82\x6c\xd7\x77\xcb\x59\x74\x4a\xdd\x18\x26\x71\x40\x88\x2a\x98\x37\x3f\xbb\xf4\xb5\xb0\x7c"} <unfinished ...>
[pid 5230] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[ 67.984567][ T27] audit: type=1800 audit(1680092546.390:17): pid=5250 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 68.015542][ T11] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[pid 5250] <... ioctl resumed>) = 0
[pid 5250] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[ 68.085805][ T5231] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[ 68.109998][ T5231] BTRFS info (device loop0): relocating block group 1048576 flags system
[pid 5250] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5231] <... ioctl resumed> => {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, state=0, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}}) = 0
[pid 5231] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5230] exit_group(0 <unfinished ...>
[pid 5231] <... futex resumed>) = 0
[pid 5250] <... futex resumed>) = ?
[pid 5230] <... exit_group resumed>) = ?
[pid 5250] +++ exited with 0 +++
[pid 5231] +++ exited with 0 +++
[pid 5230] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=40 /* 0.40 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556e54620 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./7/binderfs") = 0
[ 68.130105][ T5231] BTRFS info (device loop0): found 1 extents, stage: move data extents
[ 68.150940][ T5231] BTRFS info (device loop0): balance: ended with status: 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556e5c660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556e5c660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x555556e54620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e535d0) = 5251
./strace-static-x86_64: Process 5251 attached
[pid 5251] set_robust_list(0x555556e535e0, 24) = 0
[pid 5251] chdir("./8") = 0
[pid 5251] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5251] setpgid(0, 0) = 0
[pid 5251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5251] write(3, "1000", 4) = 4
[pid 5251] close(3) = 0
[pid 5251] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5251] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5251] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415877d000
[pid 5251] mprotect(0x7f415877e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5251] clone(child_stack=0x7f415879d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5252], tls=0x7f415879d700, child_tidptr=0x7f415879d9d0) = 5252
[pid 5251] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5251] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5252 attached
<unfinished ...>
[pid 5252] set_robust_list(0x7f415879d9e0, 24) = 0
[pid 5252] memfd_create("syzkaller", 0) = 3
[pid 5252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415037d000
[pid 5252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5252] munmap(0x7f415037d000, 16777216) = 0
[pid 5252] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5252] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5252] close(3) = 0
[pid 5252] mkdir("./file0", 0777) = 0
[ 68.515780][ T5252] loop0: detected capacity change from 0 to 32768
[ 68.527135][ T5252] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor279 (5252)
[ 68.542462][ T5252] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 68.551818][ T5252] BTRFS info (device loop0): force clearing of disk cache
[ 68.559438][ T5252] BTRFS info (device loop0): setting nodatasum
[ 68.565628][ T5252] BTRFS info (device loop0): allowing degraded mounts
[ 68.572505][ T5252] BTRFS info (device loop0): enabling disk space caching
[ 68.579936][ T5252] BTRFS info (device loop0): disk space caching is enabled
[ 68.603331][ T5252] BTRFS info (device loop0): enabling ssd optimizations
[pid 5252] mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_STRICTATIME, "datacow,clear_cache,nodatasum,rescan_uuid_tree,degraded,space_cache=v1,") = 0
[pid 5252] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5252] chdir("./file0") = 0
[pid 5252] ioctl(4, LOOP_CLR_FD) = 0
[pid 5252] close(4) = 0
[pid 5252] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5251] <... futex resumed>) = 0
[pid 5251] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5251] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5252] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5252] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5251] <... futex resumed>) = 0
[pid 5251] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5251] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[ 68.610385][ T5252] BTRFS info (device loop0): auto enabling async discard
[ 68.619187][ T5252] BTRFS info (device loop0): clearing free space tree
[ 68.626129][ T5252] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 68.635893][ T5252] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 68.650570][ T5252] BTRFS info (device loop0): checking UUID tree
[pid 5252] ioctl(4, BTRFS_IOC_BALANCE_V2, {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}} <unfinished ...>
[pid 5251] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5251] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5251] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415135c000
[pid 5251] mprotect(0x7f415135d000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5251] clone(child_stack=0x7f415137c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5271], tls=0x7f415137c700, child_tidptr=0x7f415137c9d0) = 5271
[pid 5251] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5251] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5271 attached
<unfinished ...>
[pid 5271] set_robust_list(0x7f415137c9e0, 24) = 0
[pid 5271] open("./file0", O_RDONLY) = 5
[pid 5271] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5251] <... futex resumed>) = 0
[pid 5251] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5251] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5271] <... futex resumed>) = 1
[ 68.683596][ T5252] BTRFS info (device loop0): balance: start -d -m -s
[ 68.691090][ T5252] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[ 68.711618][ T5252] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[pid 5271] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 6
[pid 5271] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5251] <... futex resumed>) = 0
[pid 5251] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5251] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5271] <... futex resumed>) = 1
[pid 5271] ioctl(5, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5271] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5251] <... futex resumed>) = 0
[pid 5251] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5251] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5271] <... futex resumed>) = 1
[pid 5271] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 7
[pid 5271] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5251] <... futex resumed>) = 0
[pid 5251] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5251] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5271] <... futex resumed>) = 1
[ 68.746780][ T27] audit: type=1800 audit(1680092547.150:18): pid=5271 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 68.786126][ T5252] BTRFS info (device loop0): found 9 extents, stage: move data extents
[pid 5271] ioctl(5, BTRFS_IOC_SNAP_CREATE, {fd=6, name="\x42\x99\xc6\x3c\x6a\xca\x4b\xec\x68\x72\xd2\x02\x80\x8d\xda\x69\x34\x9c\x62\x54\x02\x9b\xbc\x4a\x38\xfb\x4e\x91\xbb\xa4\x82\x6c\xd7\x77\xcb\x59\x74\x4a\xdd\x18\x26\x71\x40\x88\x2a\x98\x37\x3f\xbb\xf4\xb5\xb0\x7c"} <unfinished ...>
[pid 5251] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5251] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid 5271] <... ioctl resumed>) = 0
[pid 5271] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[ 68.825682][ T27] audit: type=1800 audit(1680092547.210:19): pid=5271 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 68.877952][ T9] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[ 68.901130][ T5252] BTRFS info (device loop0): found 1 extents, stage: update data pointers
[ 68.928618][ T5252] BTRFS info (device loop0): relocating block group 1048576 flags system
[ 68.952393][ T5252] BTRFS info (device loop0): found 1 extents, stage: move data extents
[pid 5271] futex(0x7f415887c7b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5252] <... ioctl resumed> => {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, state=0, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}}) = 0
[pid 5252] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5252] futex(0x7f415887c7a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5251] exit_group(0 <unfinished ...>
[pid 5271] <... futex resumed>) = ?
[pid 5251] <... exit_group resumed>) = ?
[pid 5252] <... futex resumed>) = ?
[pid 5271] +++ exited with 0 +++
[pid 5252] +++ exited with 0 +++
[pid 5251] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5251, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=39 /* 0.39 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556e54620 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./8/binderfs") = 0
[ 68.972673][ T5252] BTRFS info (device loop0): balance: ended with status: 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556e5c660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556e5c660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x555556e54620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e535d0) = 5272
./strace-static-x86_64: Process 5272 attached
[pid 5272] set_robust_list(0x555556e535e0, 24) = 0
[pid 5272] chdir("./9") = 0
[pid 5272] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5272] setpgid(0, 0) = 0
[pid 5272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5272] write(3, "1000", 4) = 4
[pid 5272] close(3) = 0
[pid 5272] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5272] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415877d000
[pid 5272] mprotect(0x7f415877e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5272] clone(child_stack=0x7f415879d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5273], tls=0x7f415879d700, child_tidptr=0x7f415879d9d0) = 5273
[pid 5272] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5273 attached
<unfinished ...>
[pid 5273] set_robust_list(0x7f415879d9e0, 24) = 0
[pid 5273] memfd_create("syzkaller", 0) = 3
[pid 5273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415037d000
[pid 5273] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5273] munmap(0x7f415037d000, 16777216) = 0
[pid 5273] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5273] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5273] close(3) = 0
[pid 5273] mkdir("./file0", 0777) = 0
[ 69.302077][ T5273] loop0: detected capacity change from 0 to 32768
[ 69.313524][ T5273] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz-executor279 (5273)
[ 69.328727][ T5273] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 69.338147][ T5273] BTRFS info (device loop0): force clearing of disk cache
[ 69.345299][ T5273] BTRFS info (device loop0): setting nodatasum
[ 69.351839][ T5273] BTRFS info (device loop0): allowing degraded mounts
[ 69.358928][ T5273] BTRFS info (device loop0): enabling disk space caching
[ 69.365983][ T5273] BTRFS info (device loop0): disk space caching is enabled
[ 69.386970][ T5273] BTRFS info (device loop0): enabling ssd optimizations
[ 69.394073][ T5273] BTRFS info (device loop0): auto enabling async discard
[pid 5273] mount("/dev/loop0", "./file0", "btrfs", MS_NOEXEC|MS_STRICTATIME, "datacow,clear_cache,nodatasum,rescan_uuid_tree,degraded,space_cache=v1,") = 0
[pid 5273] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5273] chdir("./file0") = 0
[pid 5273] ioctl(4, LOOP_CLR_FD) = 0
[pid 5273] close(4) = 0
[pid 5273] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5272] <... futex resumed>) = 0
[pid 5272] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5273] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5273] futex(0x7f415887c7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5272] <... futex resumed>) = 0
[pid 5272] futex(0x7f415887c7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] futex(0x7f415887c7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[ 69.402226][ T5273] BTRFS info (device loop0): clearing free space tree
[ 69.409288][ T5273] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 69.421825][ T5273] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 69.435695][ T5273] BTRFS info (device loop0): checking UUID tree
[pid 5273] ioctl(4, BTRFS_IOC_BALANCE_V2, {flags=BTRFS_BALANCE_DATA|BTRFS_BALANCE_SYSTEM|BTRFS_BALANCE_METADATA, data={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, meta={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}, sys={profiles=0, usage=0, devid=makedev(0, 0), pstart=0, pend=0, vstart=0, vend=0, target=0, flags=0}} <unfinished ...>
[pid 5272] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[pid 5272] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f415135c000
[pid 5272] mprotect(0x7f415135d000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5272] clone(child_stack=0x7f415137c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5292 attached
, parent_tid=[5292], tls=0x7f415137c700, child_tidptr=0x7f415137c9d0) = 5292
[pid 5272] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5292] set_robust_list(0x7f415137c9e0, 24) = 0
[pid 5292] open("./file0", O_RDONLY) = 5
[pid 5292] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5272] <... futex resumed>) = 0
[pid 5272] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[ 69.469334][ T5273] BTRFS info (device loop0): balance: start -d -m -s
[ 69.477994][ T5273] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata
[ 69.498481][ T5273] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata
[pid 5292] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 6
[pid 5292] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5272] <... futex resumed>) = 0
[pid 5272] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5292] <... futex resumed>) = 1
[pid 5292] ioctl(5, BTRFS_IOC_QUOTA_CTL, {cmd=BTRFS_QUOTA_CTL_ENABLE}) = 0
[pid 5292] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5272] <... futex resumed>) = 0
[pid 5272] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5292] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid 5272] <... futex resumed>) = 0
[pid 5292] <... open resumed>) = 7
[pid 5272] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5292] futex(0x7f415887c7bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5272] <... futex resumed>) = 0
[pid 5272] futex(0x7f415887c7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] futex(0x7f415887c7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5292] <... futex resumed>) = 1
[ 69.542116][ T27] audit: type=1800 audit(1680092547.950:20): pid=5292 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 69.564558][ T5273] BTRFS info (device loop0): found 9 extents, stage: move data extents
[ 69.582335][ T27] audit: type=1800 audit(1680092547.980:21): pid=5292 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor279" name="bus" dev="loop0" ino=263 res=0 errno=0
[ 69.606332][ T5292] ------------[ cut here ]------------
[ 69.612158][ T5292] WARNING: CPU: 1 PID: 5292 at fs/btrfs/extent-tree.c:871 lookup_inline_extent_backref+0x8e8/0x1470
[ 69.623051][ T5292] Modules linked in:
[ 69.626996][ T5292] CPU: 1 PID: 5292 Comm: syz-executor279 Not tainted 6.3.0-rc4-syzkaller-00034-gfcd476ea6a88 #0
[ 69.637562][ T5292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/17/2023
[ 69.647690][ T5292] RIP: 0010:lookup_inline_extent_backref+0x8e8/0x1470
[ 69.654556][ T5292] Code: de e8 fc 80 0a fe 49 39 df 0f 87 4b 0b 00 00 e8 de 7e 0a fe eb 30 83 7d 28 00 4c 8b 6c 24 30 0f 84 11 05 00 00 e8 c8 7e 0a fe <0f> 0b 41 bc fb ff ff ff e9 52 06 00 00 e8 b6 7e 0a fe e9 29 06 00
[ 69.674240][ T5292] RSP: 0018:ffffc9000461ede0 EFLAGS: 00010293
[ 69.680406][ T5292] RAX: ffffffff837fd428 RBX: 0000000000000000 RCX: ffff8880273857c0
[pid 5292] ioctl(5, BTRFS_IOC_SNAP_CREATE, {fd=6, name="\x42\x99\xc6\x3c\x6a\xca\x4b\xec\x68\x72\xd2\x02\x80\x8d\xda\x69\x34\x9c\x62\x54\x02\x9b\xbc\x4a\x38\xfb\x4e\x91\xbb\xa4\x82\x6c\xd7\x77\xcb\x59\x74\x4a\xdd\x18\x26\x71\x40\x88\x2a\x98\x37\x3f\xbb\xf4\xb5\xb0\x7c"} <unfinished ...>
[pid 5272] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out)
[ 69.688473][ T5292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 69.696568][ T5292] RBP: ffffc9000461ef90 R08: ffffffff837fcf93 R09: ffffc9000461eb40
[ 69.704633][ T5292] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[ 69.712659][ T5292] R13: ffff888028429000 R14: ffffc9000461ef00 R15: ffff888027df0000
[ 69.720699][ T5292] FS: 00007f415137c700(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[ 69.729705][ T5292] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 69.736332][ T5292] CR2: 0000000020001000 CR3: 0000000027760000 CR4: 00000000003506e0
[ 69.744507][ T5292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 69.752547][ T5292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 69.760584][ T5292] Call Trace:
[ 69.763884][ T5292] <TASK>
[ 69.766828][ T5292] ? create_pending_snapshot+0x107b/0x28c0
[ 69.772710][ T5292] ? create_pending_snapshots+0x195/0x1d0
[ 69.778500][ T5292] ? btrfs_commit_transaction+0x1304/0x3440
[ 69.784447][ T5292] ? insert_extent_data_ref+0xa30/0xa30
[ 69.790079][ T5292] insert_inline_extent_backref+0xe6/0x250
[ 69.795928][ T5292] ? __kasan_slab_alloc+0x66/0x70
[ 69.801022][ T5292] ? alloc_reserved_extent+0x2a0/0x2a0
[ 69.806522][ T5292] ? kmem_cache_alloc+0x14e/0x2e0
[ 69.811642][ T5292] __btrfs_inc_extent_ref+0x123/0x5f0
[ 69.817068][ T5292] ? btrfs_put_delayed_ref+0x240/0x240
[ 69.822620][ T5292] ? do_raw_spin_unlock+0x13b/0x8b0
[ 69.827976][ T5292] __btrfs_run_delayed_refs+0x11bc/0x4100
[ 69.833861][ T5292] ? trace_contention_end+0x3c/0xf0
[pid 5272] exit_group(0) = ?
[ 69.839149][ T5292] ? btrfs_run_delayed_refs+0x480/0x480
[ 69.844757][ T5292] ? btrfs_run_delayed_refs+0x24d/0x480
[ 69.850380][ T5292] ? btrfs_run_delayed_refs+0x23c/0x480
[ 69.855979][ T5292] ? __might_sleep+0xc0/0xc0
[ 69.860637][ T5292] ? do_raw_spin_unlock+0x13b/0x8b0
[ 69.865908][ T5292] btrfs_run_delayed_refs+0x2f9/0x480
[ 69.871371][ T5292] qgroup_account_snapshot+0xce/0x360
[ 69.876793][ T5292] create_pending_snapshot+0x107b/0x28c0
[ 69.882522][ T5292] ? trace_btrfs_space_reservation+0x210/0x210
[ 69.888754][ T5292] ? rcu_is_watching+0x15/0xb0
[ 69.893550][ T5292] ? trace_contention_end+0x3c/0xf0
[ 69.898814][ T5292] ? __mutex_lock_common+0x42d/0x2530
[ 69.904254][ T5292] create_pending_snapshots+0x195/0x1d0
[ 69.909899][ T5292] btrfs_commit_transaction+0x1304/0x3440
[ 69.915694][ T5292] ? __lock_acquire+0x1f80/0x1f80
[ 69.920808][ T5292] ? btrfs_commit_transaction_async+0x450/0x450
[ 69.927091][ T5292] ? do_raw_spin_unlock+0x13b/0x8b0
[ 69.933933][ T5292] ? wake_bit_function+0x220/0x220
[ 69.940344][ T5292] ? join_transaction+0xc52/0xe80
[ 69.945401][ T5292] ? join_transaction+0xc28/0xe80
[ 69.950486][ T5292] ? btrfs_record_root_in_trans+0x12d/0x180
[ 69.956412][ T5292] ? start_transaction+0x3de/0x1050
[ 69.961710][ T5292] create_snapshot+0x4a5/0x7e0
[ 69.966557][ T5292] btrfs_mksubvol+0x5d0/0x750
[ 69.971341][ T5292] ? __btrfs_ioctl_snap_create+0x450/0x450
[ 69.977195][ T5292] btrfs_mksnapshot+0xb5/0xf0
[ 69.981955][ T5292] __btrfs_ioctl_snap_create+0x338/0x450
[ 69.987653][ T5292] btrfs_ioctl_snap_create+0x136/0x190
[ 69.993283][ T5292] btrfs_ioctl+0xbbc/0xd40
[ 69.997753][ T5292] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 70.004235][ T5292] __se_sys_ioctl+0xf1/0x160
[ 70.008901][ T5292] do_syscall_64+0x41/0xc0
[ 70.013340][ T5292] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 70.019309][ T5292] RIP: 0033:0x7f41587f19f9
[ 70.023753][ T5292] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 70.043414][ T5292] RSP: 002b:00007f415137c2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 70.051911][ T5292] RAX: ffffffffffffffda RBX: 00007f415887c7b0 RCX: 00007f41587f19f9
[ 70.060054][ T5292] RDX: 00000000200000c0 RSI: 0000000050009401 RDI: 0000000000000005
[ 70.068121][ T5292] RBP: 00007f415884926c R08: 0000000000000000 R09: 0000000000000000
[ 70.076133][ T5292] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e
[ 70.084183][ T5292] R13: 00007f4158848270 R14: 61635f7261656c63 R15: 00007f415887c7b8
[ 70.092261][ T5292] </TASK>
[ 70.095299][ T5292] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 70.102629][ T5292] CPU: 1 PID: 5292 Comm: syz-executor279 Not tainted 6.3.0-rc4-syzkaller-00034-gfcd476ea6a88 #0
[ 70.113079][ T5292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/17/2023
[ 70.123151][ T5292] Call Trace:
[ 70.126444][ T5292] <TASK>
[ 70.129395][ T5292] dump_stack_lvl+0x1e7/0x2d0
[ 70.134091][ T5292] ? nf_tcp_handle_invalid+0x650/0x650
[ 70.139576][ T5292] ? panic+0x770/0x770
[ 70.143673][ T5292] ? vscnprintf+0x5d/0x80
[ 70.148025][ T5292] panic+0x31c/0x770
[ 70.151959][ T5292] ? __warn+0x171/0x4a0
[ 70.156138][ T5292] ? memcpy_page_flushcache+0x100/0x100
[ 70.161716][ T5292] __warn+0x314/0x4a0
[ 70.165713][ T5292] ? lookup_inline_extent_backref+0x8e8/0x1470
[ 70.171896][ T5292] report_bug+0x2b3/0x500
[ 70.176228][ T5292] ? lookup_inline_extent_backref+0x8e8/0x1470
[ 70.182417][ T5292] handle_bug+0x3d/0x70
[ 70.186587][ T5292] exc_invalid_op+0x1a/0x50
[ 70.191135][ T5292] asm_exc_invalid_op+0x1a/0x20
[ 70.196001][ T5292] RIP: 0010:lookup_inline_extent_backref+0x8e8/0x1470
[ 70.202777][ T5292] Code: de e8 fc 80 0a fe 49 39 df 0f 87 4b 0b 00 00 e8 de 7e 0a fe eb 30 83 7d 28 00 4c 8b 6c 24 30 0f 84 11 05 00 00 e8 c8 7e 0a fe <0f> 0b 41 bc fb ff ff ff e9 52 06 00 00 e8 b6 7e 0a fe e9 29 06 00
[ 70.222391][ T5292] RSP: 0018:ffffc9000461ede0 EFLAGS: 00010293
[ 70.228463][ T5292] RAX: ffffffff837fd428 RBX: 0000000000000000 RCX: ffff8880273857c0
[ 70.236442][ T5292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 70.244423][ T5292] RBP: ffffc9000461ef90 R08: ffffffff837fcf93 R09: ffffc9000461eb40
[ 70.252401][ T5292] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[ 70.260379][ T5292] R13: ffff888028429000 R14: ffffc9000461ef00 R15: ffff888027df0000
[ 70.268368][ T5292] ? lookup_inline_extent_backref+0x453/0x1470
[ 70.274536][ T5292] ? lookup_inline_extent_backref+0x8e8/0x1470
[ 70.280712][ T5292] ? create_pending_snapshot+0x107b/0x28c0
[ 70.286526][ T5292] ? create_pending_snapshots+0x195/0x1d0
[ 70.292251][ T5292] ? btrfs_commit_transaction+0x1304/0x3440
[ 70.298172][ T5292] ? insert_extent_data_ref+0xa30/0xa30
[ 70.303757][ T5292] insert_inline_extent_backref+0xe6/0x250
[ 70.309582][ T5292] ? __kasan_slab_alloc+0x66/0x70
[ 70.314640][ T5292] ? alloc_reserved_extent+0x2a0/0x2a0
[ 70.320117][ T5292] ? kmem_cache_alloc+0x14e/0x2e0
[ 70.325158][ T5292] __btrfs_inc_extent_ref+0x123/0x5f0
[ 70.330550][ T5292] ? btrfs_put_delayed_ref+0x240/0x240
[ 70.336033][ T5292] ? do_raw_spin_unlock+0x13b/0x8b0
[ 70.341258][ T5292] __btrfs_run_delayed_refs+0x11bc/0x4100
[ 70.347028][ T5292] ? trace_contention_end+0x3c/0xf0
[ 70.352688][ T5292] ? btrfs_run_delayed_refs+0x480/0x480
[ 70.358256][ T5292] ? btrfs_run_delayed_refs+0x24d/0x480
[ 70.363814][ T5292] ? btrfs_run_delayed_refs+0x23c/0x480
[ 70.369377][ T5292] ? __might_sleep+0xc0/0xc0
[ 70.374078][ T5292] ? do_raw_spin_unlock+0x13b/0x8b0
[ 70.379300][ T5292] btrfs_run_delayed_refs+0x2f9/0x480
[ 70.384694][ T5292] qgroup_account_snapshot+0xce/0x360
[ 70.390092][ T5292] create_pending_snapshot+0x107b/0x28c0
[ 70.395772][ T5292] ? trace_btrfs_space_reservation+0x210/0x210
[ 70.401939][ T5292] ? rcu_is_watching+0x15/0xb0
[ 70.406719][ T5292] ? trace_contention_end+0x3c/0xf0
[ 70.411989][ T5292] ? __mutex_lock_common+0x42d/0x2530
[ 70.417428][ T5292] create_pending_snapshots+0x195/0x1d0
[ 70.423019][ T5292] btrfs_commit_transaction+0x1304/0x3440
[ 70.428901][ T5292] ? __lock_acquire+0x1f80/0x1f80
[ 70.433952][ T5292] ? btrfs_commit_transaction_async+0x450/0x450
[ 70.440216][ T5292] ? do_raw_spin_unlock+0x13b/0x8b0
[ 70.445429][ T5292] ? wake_bit_function+0x220/0x220
[ 70.450551][ T5292] ? join_transaction+0xc52/0xe80
[ 70.455597][ T5292] ? join_transaction+0xc28/0xe80
[ 70.460638][ T5292] ? btrfs_record_root_in_trans+0x12d/0x180
[ 70.466547][ T5292] ? start_transaction+0x3de/0x1050
[ 70.471771][ T5292] create_snapshot+0x4a5/0x7e0
[ 70.476567][ T5292] btrfs_mksubvol+0x5d0/0x750
[ 70.481267][ T5292] ? __btrfs_ioctl_snap_create+0x450/0x450
[ 70.487101][ T5292] btrfs_mksnapshot+0xb5/0xf0
[ 70.491803][ T5292] __btrfs_ioctl_snap_create+0x338/0x450
[ 70.497461][ T5292] btrfs_ioctl_snap_create+0x136/0x190
[ 70.502939][ T5292] btrfs_ioctl+0xbbc/0xd40
[ 70.507392][ T5292] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 70.513833][ T5292] __se_sys_ioctl+0xf1/0x160
[ 70.518458][ T5292] do_syscall_64+0x41/0xc0
[ 70.522921][ T5292] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 70.528854][ T5292] RIP: 0033:0x7f41587f19f9
[ 70.533284][ T5292] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 70.552934][ T5292] RSP: 002b:00007f415137c2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 70.561376][ T5292] RAX: ffffffffffffffda RBX: 00007f415887c7b0 RCX: 00007f41587f19f9
[ 70.569358][ T5292] RDX: 00000000200000c0 RSI: 0000000050009401 RDI: 0000000000000005
[ 70.577330][ T5292] RBP: 00007f415884926c R08: 0000000000000000 R09: 0000000000000000
[ 70.585307][ T5292] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e
[ 70.593283][ T5292] R13: 00007f4158848270 R14: 61635f7261656c63 R15: 00007f415887c7b8
[ 70.601285][ T5292] </TASK>
[ 70.604575][ T5292] Kernel Offset: disabled
[ 70.609049][ T5292] Rebooting in 86400 seconds..