./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2352339162

<...>
Warning: Permanently added '10.128.0.130' (ECDSA) to the list of known hosts.
execve("./syz-executor2352339162", ["./syz-executor2352339162"], 0x7fffbc547ef0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555573a6000
brk(0x5555573a6c40)                     = 0x5555573a6c40
arch_prctl(ARCH_SET_FS, 0x5555573a6300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x5555573a65d0)         = 3631
set_robust_list(0x5555573a65e0, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7fd3e3fc6a50, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fd3e3fc7120}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7fd3e3fc6af0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd3e3fc7120}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2352339162", 4096) = 28
brk(0x5555573c7c40)                     = 0x5555573c7c40
brk(0x5555573c8000)                     = 0x5555573c8000
mprotect(0x7fd3e408e000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid()                                = 3631
mkdir("./syzkaller.Sz1svL", 0700)       = 0
chmod("./syzkaller.Sz1svL", 0777)       = 0
chdir("./syzkaller.Sz1svL")             = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 3632
./strace-static-x86_64: Process 3632 attached
[pid  3632] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3632] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  3632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3632] setsid()                    = 1
[pid  3632] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  3632] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  3632] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  3632] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  3632] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  3632] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  3632] unshare(CLONE_NEWNS)        = 0
[pid  3632] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  3632] unshare(CLONE_NEWIPC)       = 0
[pid  3632] unshare(CLONE_NEWCGROUP)    = 0
[pid  3632] unshare(CLONE_NEWUTS)       = 0
[pid  3632] unshare(CLONE_SYSVSEM)      = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "16777216", 8)     = 8
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "536870912", 9)    = 9
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1024", 4)         = 4
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "8192", 4)         = 4
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1024", 4)         = 4
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1024", 4)         = 4
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1024 1048576 500 1024", 21) = 21
[pid  3632] close(3)                    = 0
[pid  3632] getpid()                    = 1
[pid  3632] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  3632] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  3632] unshare(CLONE_NEWNET)       = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "0 65535", 7)      = 7
[pid  3632] close(3)                    = 0
[pid  3632] mkdir("/dev/binderfs", 0777) = 0
[pid  3632] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  3632] mkdir("./0", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 2
./strace-static-x86_64: Process 3633 attached
[pid  3633] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3633] chdir("./0")                = 0
[pid  3633] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3633] setpgid(0, 0)               = 0
[pid  3633] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3633] write(3, "1000", 4)         = 4
[pid  3633] close(3)                    = 0
[pid  3633] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3633] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3633] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3633] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3633] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 3
[pid  3633] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3633] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 3635 attached
 <unfinished ...>
[pid  3635] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3635] memfd_create("syzkaller", 0) = 3
[pid  3635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3635] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3635] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3635] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3635] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3635] close(3)                    = 0
[pid  3635] mkdir("./file0", 0777)      = 0
[   50.375719][ T3635] loop0: detected capacity change from 0 to 32768
[   50.388066][ T3635] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop0 scanned by syz-executor235 (3635)
[   50.407551][ T3635] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   50.416693][ T3635] BTRFS info (device loop0): force zlib compression, level 3
[   50.424411][ T3635] BTRFS info (device loop0): force clearing of disk cache
[   50.431712][ T3635] BTRFS info (device loop0): using free space tree
[   50.456360][ T3635] BTRFS info (device loop0): enabling ssd optimizations
[   50.464881][ T3635] BTRFS info (device loop0): clearing free space tree
[   50.472249][ T3635] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   50.482315][ T3635] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   50.503128][ T3635] BTRFS info (device loop0): creating free space tree
[   50.511297][ T3635] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[pid  3635] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3635] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3635] chdir("./file0")            = 0
[pid  3635] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3635] close(4)                    = 0
[pid  3635] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3633] <... futex resumed>)        = 0
[pid  3635] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3633] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3635] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3633] <... futex resumed>)        = 0
[pid  3635] creat(NULL, 000 <unfinished ...>
[pid  3633] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3635] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3635] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3633] <... futex resumed>)        = 0
[pid  3635] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3633] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3635] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3633] <... futex resumed>)        = 0
[pid  3635] creat("./bus", 000 <unfinished ...>
[pid  3633] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3635] <... creat resumed>)        = 4
[pid  3635] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3633] <... futex resumed>)        = 0
[pid  3633] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3633] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3635] <... futex resumed>)        = 1
[   50.520979][ T3635] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3635] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3633] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  3633] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3633] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3633] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3633] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[4], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 4
[pid  3633] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3633] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3654 attached
 <unfinished ...>
[pid  3654] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3654] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3654] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3633] <... futex resumed>)        = 0
[pid  3633] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3633] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3654] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3654] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3633] <... futex resumed>)        = 0
[pid  3654] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""} <unfinished ...>
[pid  3633] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3633] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3654] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3654] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3633] <... futex resumed>)        = 0
[pid  3654] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3633] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3654] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3633] <... futex resumed>)        = 0
[pid  3654] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3633] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3654] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3654] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3633] <... futex resumed>)        = 0
[pid  3654] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3633] close(3)                    = 0
[pid  3633] close(4)                    = 0
[pid  3633] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3633] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3633] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3633] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3633] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3633] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3633] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3633] exit_group(0 <unfinished ...>
[pid  3654] <... futex resumed>)        = ?
[pid  3633] <... exit_group resumed>)   = ?
[pid  3654] +++ exited with 0 +++
[pid  3635] <... write resumed>)        = ?
[pid  3635] +++ exited with 0 +++
[pid  3633] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=31} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./0/binderfs")      = 0
[pid  3632] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./0/file0")          = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./0")                = 0
[pid  3632] mkdir("./1", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 5
./strace-static-x86_64: Process 3659 attached
[pid  3659] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3659] chdir("./1")                = 0
[pid  3659] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3659] setpgid(0, 0)               = 0
[pid  3659] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3659] write(3, "1000", 4)         = 4
[pid  3659] close(3)                    = 0
[pid  3659] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3659] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3659] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3659] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3659] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[6], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 6
[pid  3659] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3659] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 3660 attached
 <unfinished ...>
[pid  3660] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3660] memfd_create("syzkaller", 0) = 3
[pid  3660] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3660] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3660] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3660] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3660] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3660] close(3)                    = 0
[pid  3660] mkdir("./file0", 0777)      = 0
[   51.222170][ T3660] loop0: detected capacity change from 0 to 32768
[   51.236693][ T3660] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   51.245656][ T3660] BTRFS info (device loop0): force zlib compression, level 3
[   51.253225][ T3660] BTRFS info (device loop0): force clearing of disk cache
[   51.260496][ T3660] BTRFS info (device loop0): using free space tree
[   51.278810][ T3660] BTRFS info (device loop0): enabling ssd optimizations
[   51.287038][ T3660] BTRFS info (device loop0): clearing free space tree
[   51.293919][ T3660] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   51.303610][ T3660] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   51.318984][ T3660] BTRFS info (device loop0): creating free space tree
[pid  3660] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3660] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3660] chdir("./file0")            = 0
[pid  3660] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3660] close(4)                    = 0
[pid  3660] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3659] <... futex resumed>)        = 0
[pid  3660] creat(NULL, 000 <unfinished ...>
[pid  3659] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3660] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3659] <... futex resumed>)        = 0
[pid  3660] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3659] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3660] <... futex resumed>)        = 0
[pid  3659] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3660] creat("./bus", 000 <unfinished ...>
[pid  3659] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3660] <... creat resumed>)        = 4
[pid  3659] <... futex resumed>)        = 0
[pid  3659] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3660] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3659] <... futex resumed>)        = 0
[pid  3659] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3659] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3660] <... futex resumed>)        = 1
[   51.326717][ T3660] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   51.336476][ T3660] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3660] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3659] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  3659] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3659] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3659] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3659] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[7], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 7
[pid  3659] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3659] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3679 attached
 <unfinished ...>
[pid  3679] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3679] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3679] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3659] <... futex resumed>)        = 0
[pid  3659] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3659] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3679] <... futex resumed>)        = 1
[pid  3679] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3679] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3659] <... futex resumed>)        = 0
[pid  3659] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3659] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3679] <... futex resumed>)        = 1
[pid  3679] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""}) = -1 EBADF (Bad file descriptor)
[pid  3679] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3659] <... futex resumed>)        = 0
[pid  3659] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3659] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3679] <... futex resumed>)        = 1
[pid  3679] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3679] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3659] <... futex resumed>)        = 0
[pid  3679] <... futex resumed>)        = 1
[pid  3679] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3659] close(3)                    = 0
[pid  3659] close(4)                    = 0
[pid  3659] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3659] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3659] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3659] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3659] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3659] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3659] exit_group(0 <unfinished ...>
[pid  3679] <... futex resumed>)        = ?
[pid  3659] <... exit_group resumed>)   = ?
[pid  3679] +++ exited with 0 +++
[pid  3660] <... write resumed>)        = ?
[pid  3660] +++ exited with 0 +++
[pid  3659] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=3, si_stime=23} ---
[pid  3632] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./1/binderfs")      = 0
[pid  3632] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./1/file0")          = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./1")                = 0
[pid  3632] mkdir("./2", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3682 attached
, child_tidptr=0x5555573a65d0) = 8
[pid  3682] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3682] chdir("./2")                = 0
[pid  3682] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3682] setpgid(0, 0)               = 0
[pid  3682] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3682] write(3, "1000", 4)         = 4
[pid  3682] close(3)                    = 0
[pid  3682] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3682] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3682] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3682] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3682] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[9], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 9
[pid  3682] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3682] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 3683 attached
 <unfinished ...>
[pid  3683] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3683] memfd_create("syzkaller", 0) = 3
[pid  3683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3683] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3683] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3683] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3683] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3683] close(3)                    = 0
[pid  3683] mkdir("./file0", 0777)      = 0
[   51.908991][ T3683] loop0: detected capacity change from 0 to 32768
[   51.921700][ T3683] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   51.930475][ T3683] BTRFS info (device loop0): force zlib compression, level 3
[   51.937911][ T3683] BTRFS info (device loop0): force clearing of disk cache
[   51.945113][ T3683] BTRFS info (device loop0): using free space tree
[   51.963477][ T3683] BTRFS info (device loop0): enabling ssd optimizations
[   51.973095][ T3683] BTRFS info (device loop0): clearing free space tree
[   51.979947][ T3683] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   51.989735][ T3683] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   52.003105][ T3683] BTRFS info (device loop0): creating free space tree
[pid  3683] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3683] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3683] chdir("./file0")            = 0
[pid  3683] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3683] close(4)                    = 0
[pid  3683] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3682] <... futex resumed>)        = 0
[pid  3682] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3682] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3683] creat(NULL, 000)            = -1 EFAULT (Bad address)
[pid  3683] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3682] <... futex resumed>)        = 0
[pid  3682] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3682] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3683] creat("./bus", 000)         = 4
[pid  3683] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3682] <... futex resumed>)        = 0
[pid  3683] <... futex resumed>)        = 1
[pid  3683] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3682] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   52.010409][ T3683] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   52.020056][ T3683] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3682] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3682] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3682] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3682] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3682] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[10], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 10
[pid  3682] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3682] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3702 attached
 <unfinished ...>
[pid  3702] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3702] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3702] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3682] <... futex resumed>)        = 0
[pid  3682] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3682] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3702] <... futex resumed>)        = 1
[pid  3702] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3702] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3682] <... futex resumed>)        = 0
[pid  3682] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3682] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3702] <... futex resumed>)        = 1
[pid  3702] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""}) = -1 EBADF (Bad file descriptor)
[pid  3702] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3682] <... futex resumed>)        = 0
[pid  3682] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3682] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3702] <... futex resumed>)        = 1
[pid  3702] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3702] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3682] <... futex resumed>)        = 0
[pid  3702] <... futex resumed>)        = 1
[pid  3702] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3682] close(3)                    = 0
[pid  3682] close(4)                    = 0
[pid  3682] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3682] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3682] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3682] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3682] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3682] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3682] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3682] exit_group(0 <unfinished ...>
[pid  3702] <... futex resumed>)        = ?
[pid  3682] <... exit_group resumed>)   = ?
[pid  3702] +++ exited with 0 +++
[pid  3683] <... write resumed>)        = ?
[pid  3683] +++ exited with 0 +++
[pid  3682] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=1, si_stime=28} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./2/binderfs")      = 0
[pid  3632] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./2/file0")          = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./2")                = 0
[pid  3632] mkdir("./3", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 11
./strace-static-x86_64: Process 3704 attached
[pid  3704] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3704] chdir("./3")                = 0
[pid  3704] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3704] setpgid(0, 0)               = 0
[pid  3704] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3704] write(3, "1000", 4)         = 4
[pid  3704] close(3)                    = 0
[pid  3704] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3704] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3704] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3704] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3704] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3705 attached
, parent_tid=[12], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 12
[pid  3705] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3705] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3704] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3705] <... futex resumed>)        = 0
[pid  3705] memfd_create("syzkaller", 0) = 3
[pid  3705] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3704] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3705] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3705] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3705] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3705] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3705] close(3)                    = 0
[pid  3705] mkdir("./file0", 0777)      = 0
[   52.631869][ T3705] loop0: detected capacity change from 0 to 32768
[   52.644641][ T3705] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   52.653415][ T3705] BTRFS info (device loop0): force zlib compression, level 3
[   52.660859][ T3705] BTRFS info (device loop0): force clearing of disk cache
[   52.667983][ T3705] BTRFS info (device loop0): using free space tree
[   52.687131][ T3705] BTRFS info (device loop0): enabling ssd optimizations
[   52.694944][ T3705] BTRFS info (device loop0): clearing free space tree
[   52.701865][ T3705] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   52.711581][ T3705] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   52.724899][ T3705] BTRFS info (device loop0): creating free space tree
[pid  3705] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3705] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3705] chdir("./file0")            = 0
[pid  3705] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3705] close(4)                    = 0
[pid  3705] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3705] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3704] <... futex resumed>)        = 0
[pid  3704] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3704] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3705] <... futex resumed>)        = 0
[pid  3705] creat(NULL, 000)            = -1 EFAULT (Bad address)
[pid  3705] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3704] <... futex resumed>)        = 0
[pid  3705] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3704] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3705] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3704] <... futex resumed>)        = 0
[pid  3705] creat("./bus", 000 <unfinished ...>
[pid  3704] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3705] <... creat resumed>)        = 4
[pid  3705] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3704] <... futex resumed>)        = 0
[pid  3704] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3705] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[   52.732803][ T3705] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   52.742443][ T3705] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3704] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3704] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3704] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3704] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3704] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 13
[pid  3704] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3704] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3724 attached
 <unfinished ...>
[pid  3724] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3724] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3724] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3704] <... futex resumed>)        = 0
[pid  3704] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3704] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3724] <... futex resumed>)        = 1
[pid  3724] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3724] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3704] <... futex resumed>)        = 0
[pid  3704] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3704] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3724] <... futex resumed>)        = 1
[pid  3724] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""}) = -1 EBADF (Bad file descriptor)
[pid  3724] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3704] <... futex resumed>)        = 0
[pid  3704] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3704] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3724] <... futex resumed>)        = 1
[pid  3724] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3724] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3704] <... futex resumed>)        = 0
[pid  3724] <... futex resumed>)        = 1
[pid  3724] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3704] close(3)                    = 0
[pid  3704] close(4)                    = 0
[pid  3704] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3704] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3704] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3704] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3704] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3704] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3704] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3704] exit_group(0 <unfinished ...>
[pid  3724] <... futex resumed>)        = ?
[pid  3705] <... write resumed>)        = ?
[pid  3704] <... exit_group resumed>)   = ?
[pid  3724] +++ exited with 0 +++
[pid  3705] +++ exited with 0 +++
[pid  3704] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=11, si_uid=0, si_status=0, si_utime=1, si_stime=31} ---
[pid  3632] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./3/binderfs")      = 0
[pid  3632] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./3/file0")          = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./3")                = 0
[pid  3632] mkdir("./4", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 14
./strace-static-x86_64: Process 3725 attached
[pid  3725] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3725] chdir("./4")                = 0
[pid  3725] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3725] setpgid(0, 0)               = 0
[pid  3725] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3725] write(3, "1000", 4)         = 4
[pid  3725] close(3)                    = 0
[pid  3725] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3725] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3725] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3725] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3725] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3726 attached
, parent_tid=[15], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 15
[pid  3725] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3725] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3726] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3726] memfd_create("syzkaller", 0) = 3
[pid  3726] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3726] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3726] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3726] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3726] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3726] close(3)                    = 0
[pid  3726] mkdir("./file0", 0777)      = 0
[   53.321273][ T3726] loop0: detected capacity change from 0 to 32768
[   53.335095][ T3726] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   53.344053][ T3726] BTRFS info (device loop0): force zlib compression, level 3
[   53.351721][ T3726] BTRFS info (device loop0): force clearing of disk cache
[   53.358849][ T3726] BTRFS info (device loop0): using free space tree
[   53.378035][ T3726] BTRFS info (device loop0): enabling ssd optimizations
[   53.385791][ T3726] BTRFS info (device loop0): clearing free space tree
[   53.392756][ T3726] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   53.402455][ T3726] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   53.415774][ T3726] BTRFS info (device loop0): creating free space tree
[pid  3726] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3726] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3726] chdir("./file0")            = 0
[pid  3726] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3726] close(4)                    = 0
[pid  3726] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3725] <... futex resumed>)        = 0
[pid  3726] <... futex resumed>)        = 1
[pid  3725] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3726] creat(NULL, 000 <unfinished ...>
[pid  3725] <... futex resumed>)        = 0
[pid  3726] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3725] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3726] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3725] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3726] <... futex resumed>)        = 0
[pid  3725] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3726] creat("./bus", 000 <unfinished ...>
[pid  3725] <... futex resumed>)        = 0
[pid  3725] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3726] <... creat resumed>)        = 4
[pid  3726] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3725] <... futex resumed>)        = 0
[pid  3726] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3725] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   53.423351][ T3726] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   53.432994][ T3726] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3725] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3725] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3725] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3725] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3725] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[16], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 16
[pid  3725] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 3745 attached
) = 0
[pid  3745] set_robust_list(0x7fd3e3f949e0, 24 <unfinished ...>
[pid  3725] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3745] <... set_robust_list resumed>) = 0
[pid  3745] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3745] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3725] <... futex resumed>)        = 0
[pid  3745] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3725] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3745] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3725] <... futex resumed>)        = 0
[pid  3745] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890} <unfinished ...>
[pid  3725] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3745] <... ioctl resumed>)        = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3745] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3725] <... futex resumed>)        = 0
[pid  3745] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3725] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3745] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3725] <... futex resumed>)        = 0
[pid  3745] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""} <unfinished ...>
[pid  3725] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3745] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3745] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3725] <... futex resumed>)        = 0
[pid  3725] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3745] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3725] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3745] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3725] <... futex resumed>)        = 0
[pid  3745] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3725] close(3)                    = 0
[pid  3725] close(4)                    = 0
[pid  3725] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3725] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3725] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3725] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3725] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3725] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3725] exit_group(0 <unfinished ...>
[pid  3745] <... futex resumed>)        = ?
[pid  3726] <... write resumed>)        = ?
[pid  3725] <... exit_group resumed>)   = ?
[pid  3745] +++ exited with 0 +++
[pid  3726] +++ exited with 0 +++
[pid  3725] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=0, si_stime=31} ---
[pid  3632] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./4/binderfs")      = 0
[pid  3632] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./4/file0")          = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./4")                = 0
[pid  3632] mkdir("./5", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 17
./strace-static-x86_64: Process 3746 attached
[pid  3746] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3746] chdir("./5")                = 0
[pid  3746] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3746] setpgid(0, 0)               = 0
[pid  3746] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3746] write(3, "1000", 4)         = 4
[pid  3746] close(3)                    = 0
[pid  3746] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3746] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3746] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3746] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3746] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3747 attached
 <unfinished ...>
[pid  3747] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3747] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3746] <... clone resumed>, parent_tid=[18], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 18
[pid  3746] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3747] <... futex resumed>)        = 0
[pid  3746] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3747] memfd_create("syzkaller", 0) = 3
[pid  3747] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3747] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3747] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3747] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3747] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3747] close(3)                    = 0
[pid  3747] mkdir("./file0", 0777)      = 0
[   54.023539][ T3747] loop0: detected capacity change from 0 to 32768
[   54.036264][ T3747] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   54.044976][ T3747] BTRFS info (device loop0): force zlib compression, level 3
[   54.052580][ T3747] BTRFS info (device loop0): force clearing of disk cache
[   54.059792][ T3747] BTRFS info (device loop0): using free space tree
[   54.077970][ T3747] BTRFS info (device loop0): enabling ssd optimizations
[   54.085606][ T3747] BTRFS info (device loop0): clearing free space tree
[   54.092856][ T3747] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   54.102663][ T3747] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   54.116062][ T3747] BTRFS info (device loop0): creating free space tree
[pid  3747] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3747] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3747] chdir("./file0")            = 0
[pid  3747] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3747] close(4)                    = 0
[pid  3747] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3747] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3746] <... futex resumed>)        = 0
[pid  3746] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3747] <... futex resumed>)        = 0
[pid  3746] <... futex resumed>)        = 1
[pid  3747] creat(NULL, 000 <unfinished ...>
[pid  3746] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3747] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3747] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3747] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3746] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3746] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3747] <... futex resumed>)        = 0
[pid  3746] <... futex resumed>)        = 1
[pid  3747] creat("./bus", 000)         = 4
[pid  3746] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3747] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3746] <... futex resumed>)        = 0
[pid  3747] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3746] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   54.123789][ T3747] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   54.133563][ T3747] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3746] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3746] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  3746] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3746] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3746] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3746] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[19], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 19
[pid  3746] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3746] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3766 attached
 <unfinished ...>
[pid  3766] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3766] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3766] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3746] <... futex resumed>)        = 0
[pid  3746] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3746] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3766] <... futex resumed>)        = 1
[pid  3766] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3766] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3746] <... futex resumed>)        = 0
[pid  3746] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3746] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3766] <... futex resumed>)        = 1
[pid  3766] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""}) = -1 EBADF (Bad file descriptor)
[pid  3766] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3746] <... futex resumed>)        = 0
[pid  3746] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3746] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3766] <... futex resumed>)        = 1
[pid  3766] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3766] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3746] <... futex resumed>)        = 0
[pid  3766] <... futex resumed>)        = 1
[pid  3766] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3746] close(3)                    = 0
[pid  3746] close(4)                    = 0
[pid  3746] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3746] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3746] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3746] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3746] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3746] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3746] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3746] exit_group(0 <unfinished ...>
[pid  3766] <... futex resumed>)        = ?
[pid  3747] <... write resumed>)        = ?
[pid  3746] <... exit_group resumed>)   = ?
[pid  3766] +++ exited with 0 +++
[pid  3747] +++ exited with 0 +++
[pid  3746] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=17, si_uid=0, si_status=0, si_utime=1, si_stime=28} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./5/binderfs")      = 0
[pid  3632] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./5/file0")          = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./5")                = 0
[pid  3632] mkdir("./6", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 20
./strace-static-x86_64: Process 3767 attached
[pid  3767] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3767] chdir("./6")                = 0
[pid  3767] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3767] setpgid(0, 0)               = 0
[pid  3767] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3767] write(3, "1000", 4)         = 4
[pid  3767] close(3)                    = 0
[pid  3767] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3767] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3767] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3767] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3767] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[21], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 21
[pid  3767] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3767] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 3768 attached
 <unfinished ...>
[pid  3768] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3768] memfd_create("syzkaller", 0) = 3
[pid  3768] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3768] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3768] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3768] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3768] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3768] close(3)                    = 0
[pid  3768] mkdir("./file0", 0777)      = 0
[   54.704691][ T3768] loop0: detected capacity change from 0 to 32768
[   54.719447][ T3768] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   54.728509][ T3768] BTRFS info (device loop0): force zlib compression, level 3
[   54.736115][ T3768] BTRFS info (device loop0): force clearing of disk cache
[   54.743534][ T3768] BTRFS info (device loop0): using free space tree
[   54.763265][ T3768] BTRFS info (device loop0): enabling ssd optimizations
[   54.771553][ T3768] BTRFS info (device loop0): clearing free space tree
[   54.778365][ T3768] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   54.788101][ T3768] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   54.801868][ T3768] BTRFS info (device loop0): creating free space tree
[pid  3768] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3768] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3768] chdir("./file0")            = 0
[pid  3768] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3768] close(4)                    = 0
[pid  3768] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3767] <... futex resumed>)        = 0
[pid  3767] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3768] creat(NULL, 000 <unfinished ...>
[pid  3767] <... futex resumed>)        = 0
[pid  3768] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3768] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3767] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3768] <... futex resumed>)        = 0
[pid  3768] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3767] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3768] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3767] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3768] creat("./bus", 000 <unfinished ...>
[pid  3767] <... futex resumed>)        = 0
[pid  3767] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3768] <... creat resumed>)        = 4
[pid  3768] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3767] <... futex resumed>)        = 0
[pid  3767] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3768] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3767] <... futex resumed>)        = 0
[   54.809439][ T3768] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   54.819251][ T3768] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3767] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3767] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3767] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3767] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3767] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[22], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 22
[pid  3767] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3767] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3787 attached
 <unfinished ...>
[pid  3787] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3787] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3787] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3767] <... futex resumed>)        = 0
[pid  3787] <... futex resumed>)        = 1
[pid  3767] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3787] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890} <unfinished ...>
[pid  3767] <... futex resumed>)        = 0
[pid  3787] <... ioctl resumed>)        = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3787] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3767] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3767] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3767] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = 0
[pid  3787] <... futex resumed>)        = 1
[pid  3767] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3787] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""}) = -1 EBADF (Bad file descriptor)
[pid  3787] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3767] <... futex resumed>)        = 0
[pid  3787] <... futex resumed>)        = 1
[pid  3767] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3787] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3767] <... futex resumed>)        = 0
[pid  3767] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3787] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3767] <... futex resumed>)        = 0
[pid  3787] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3767] close(3)                    = 0
[pid  3767] close(4)                    = 0
[pid  3767] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3767] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3767] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3767] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3767] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3767] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3767] exit_group(0 <unfinished ...>
[pid  3787] <... futex resumed>)        = ?
[pid  3767] <... exit_group resumed>)   = ?
[pid  3787] +++ exited with 0 +++
[pid  3768] <... write resumed>)        = ?
[pid  3768] +++ exited with 0 +++
[pid  3767] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=0, si_stime=26} ---
[pid  3632] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./6/binderfs")      = 0
[pid  3632] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./6/file0")          = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./6")                = 0
[pid  3632] mkdir("./7", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 23
./strace-static-x86_64: Process 3788 attached
[pid  3788] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3788] chdir("./7")                = 0
[pid  3788] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3788] setpgid(0, 0)               = 0
[pid  3788] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3788] write(3, "1000", 4)         = 4
[pid  3788] close(3)                    = 0
[pid  3788] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3788] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3788] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3788] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3788] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3789 attached
, parent_tid=[24], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 24
[pid  3788] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3789] set_robust_list(0x7fd3e3fb59e0, 24 <unfinished ...>
[pid  3788] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3789] <... set_robust_list resumed>) = 0
[pid  3789] memfd_create("syzkaller", 0) = 3
[pid  3789] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3789] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3789] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3789] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3789] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3789] close(3)                    = 0
[pid  3789] mkdir("./file0", 0777)      = 0
[   55.437984][ T3789] loop0: detected capacity change from 0 to 32768
[   55.452208][ T3789] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   55.460894][ T3789] BTRFS info (device loop0): force zlib compression, level 3
[   55.468255][ T3789] BTRFS info (device loop0): force clearing of disk cache
[   55.475405][ T3789] BTRFS info (device loop0): using free space tree
[   55.492901][ T3789] BTRFS info (device loop0): enabling ssd optimizations
[   55.500693][ T3789] BTRFS info (device loop0): clearing free space tree
[   55.507912][ T3789] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   55.517880][ T3789] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   55.531709][ T3789] BTRFS info (device loop0): creating free space tree
[pid  3789] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3789] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3789] chdir("./file0")            = 0
[pid  3789] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3789] close(4)                    = 0
[pid  3789] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3788] <... futex resumed>)        = 0
[pid  3789] creat(NULL, 000 <unfinished ...>
[pid  3788] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3789] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3788] <... futex resumed>)        = 0
[pid  3789] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3788] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3789] <... futex resumed>)        = 0
[pid  3788] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3789] creat("./bus", 000 <unfinished ...>
[pid  3788] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3789] <... creat resumed>)        = 4
[pid  3788] <... futex resumed>)        = 0
[pid  3788] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3789] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3788] <... futex resumed>)        = 0
[pid  3788] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3788] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3789] <... futex resumed>)        = 1
[   55.539016][ T3789] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   55.549015][ T3789] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3789] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3788] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  3788] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3788] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3788] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3788] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[25], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 25
[pid  3788] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3788] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3808 attached
 <unfinished ...>
[pid  3808] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3808] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3808] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3788] <... futex resumed>)        = 0
[pid  3788] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3808] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3788] <... futex resumed>)        = 0
[pid  3788] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3808] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3788] <... futex resumed>)        = 0
[pid  3788] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3788] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3808] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""}) = -1 EBADF (Bad file descriptor)
[pid  3808] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3788] <... futex resumed>)        = 0
[pid  3788] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3788] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3808] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3808] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3788] <... futex resumed>)        = 0
[pid  3808] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3788] close(3)                    = 0
[pid  3788] close(4)                    = 0
[pid  3788] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3788] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3788] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3788] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3788] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3788] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3788] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3788] exit_group(0 <unfinished ...>
[pid  3808] <... futex resumed>)        = ?
[pid  3789] <... write resumed>)        = ?
[pid  3788] <... exit_group resumed>)   = ?
[pid  3808] +++ exited with 0 +++
[pid  3789] +++ exited with 0 +++
[pid  3788] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=23, si_uid=0, si_status=0, si_utime=2, si_stime=23} ---
[pid  3632] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./7/binderfs")      = 0
[pid  3632] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./7/file0")          = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./7")                = 0
[pid  3632] mkdir("./8", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 26
./strace-static-x86_64: Process 3809 attached
[pid  3809] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3809] chdir("./8")                = 0
[pid  3809] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3809] setpgid(0, 0)               = 0
[pid  3809] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3809] write(3, "1000", 4)         = 4
[pid  3809] close(3)                    = 0
[pid  3809] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3809] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3809] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3809] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3809] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3810 attached
 <unfinished ...>
[pid  3810] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3810] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3809] <... clone resumed>, parent_tid=[27], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 27
[pid  3809] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3810] <... futex resumed>)        = 0
[pid  3809] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3810] memfd_create("syzkaller", 0) = 3
[pid  3810] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3810] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3810] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3810] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3810] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3810] close(3)                    = 0
[pid  3810] mkdir("./file0", 0777)      = 0
[   56.179139][ T3810] loop0: detected capacity change from 0 to 32768
[   56.192542][ T3810] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   56.201247][ T3810] BTRFS info (device loop0): force zlib compression, level 3
[   56.208713][ T3810] BTRFS info (device loop0): force clearing of disk cache
[   56.215898][ T3810] BTRFS info (device loop0): using free space tree
[   56.234413][ T3810] BTRFS info (device loop0): enabling ssd optimizations
[   56.242231][ T3810] BTRFS info (device loop0): clearing free space tree
[   56.249289][ T3810] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   56.259515][ T3810] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   56.274314][ T3810] BTRFS info (device loop0): creating free space tree
[pid  3810] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3810] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3810] chdir("./file0")            = 0
[pid  3810] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3810] close(4)                    = 0
[pid  3810] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3809] <... futex resumed>)        = 0
[pid  3810] <... futex resumed>)        = 1
[pid  3809] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3809] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3810] creat(NULL, 000)            = -1 EFAULT (Bad address)
[pid  3810] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3809] <... futex resumed>)        = 0
[pid  3810] <... futex resumed>)        = 1
[pid  3809] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3809] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3810] creat("./bus", 000)         = 4
[pid  3810] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3809] <... futex resumed>)        = 0
[pid  3810] <... futex resumed>)        = 1
[pid  3809] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3809] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   56.281971][ T3810] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   56.291978][ T3810] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3810] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3809] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  3809] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3809] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3809] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3809] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[28], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 28
[pid  3809] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3809] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3829 attached
 <unfinished ...>
[pid  3829] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3829] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3829] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3809] <... futex resumed>)        = 0
[pid  3829] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890} <unfinished ...>
[pid  3809] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3829] <... ioctl resumed>)        = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3809] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3829] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3809] <... futex resumed>)        = 0
[pid  3809] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3829] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""}) = -1 EBADF (Bad file descriptor)
[pid  3809] <... futex resumed>)        = 0
[pid  3829] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3809] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3829] <... futex resumed>)        = 0
[pid  3809] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3829] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3809] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3829] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3809] <... futex resumed>)        = 0
[pid  3809] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3829] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3809] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3829] <... futex resumed>)        = 0
[pid  3829] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3809] close(3)                    = 0
[pid  3809] close(4)                    = 0
[pid  3809] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3809] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3809] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3809] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3809] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3809] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3809] exit_group(0 <unfinished ...>
[pid  3829] <... futex resumed>)        = ?
[pid  3809] <... exit_group resumed>)   = ?
[pid  3829] +++ exited with 0 +++
[pid  3810] <... write resumed>)        = ?
[pid  3810] +++ exited with 0 +++
[pid  3809] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=26, si_uid=0, si_status=0, si_utime=1, si_stime=30} ---
[pid  3632] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./8/binderfs")      = 0
[pid  3632] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./8/file0")          = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./8")                = 0
[pid  3632] mkdir("./9", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 29
./strace-static-x86_64: Process 3830 attached
[pid  3830] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3830] chdir("./9")                = 0
[pid  3830] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3830] setpgid(0, 0)               = 0
[pid  3830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3830] write(3, "1000", 4)         = 4
[pid  3830] close(3)                    = 0
[pid  3830] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3830] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3830] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3830] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3830] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[30], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 30
./strace-static-x86_64: Process 3831 attached
[pid  3830] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3830] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3831] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3831] memfd_create("syzkaller", 0) = 3
[pid  3831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3831] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3831] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3831] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3831] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3831] close(3)                    = 0
[pid  3831] mkdir("./file0", 0777)      = 0
[   56.874124][ T3831] loop0: detected capacity change from 0 to 32768
[   56.888288][ T3831] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   56.896995][ T3831] BTRFS info (device loop0): force zlib compression, level 3
[   56.904776][ T3831] BTRFS info (device loop0): force clearing of disk cache
[   56.912083][ T3831] BTRFS info (device loop0): using free space tree
[   56.932099][ T3831] BTRFS info (device loop0): enabling ssd optimizations
[   56.939701][ T3831] BTRFS info (device loop0): clearing free space tree
[   56.946869][ T3831] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   56.956689][ T3831] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   56.970143][ T3831] BTRFS info (device loop0): creating free space tree
[pid  3831] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3831] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3831] chdir("./file0")            = 0
[pid  3831] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3831] close(4)                    = 0
[pid  3831] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3830] <... futex resumed>)        = 0
[pid  3831] creat(NULL, 000 <unfinished ...>
[pid  3830] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3830] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3831] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3831] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3830] <... futex resumed>)        = 0
[pid  3831] creat("./bus", 000 <unfinished ...>
[pid  3830] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3831] <... creat resumed>)        = 4
[pid  3830] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3831] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3830] <... futex resumed>)        = 0
[pid  3830] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3830] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   56.977519][ T3831] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   56.987131][ T3831] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3831] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3830] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  3830] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3830] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3830] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3830] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[31], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 31
[pid  3830] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3830] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3850 attached
 <unfinished ...>
[pid  3850] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3850] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3850] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3830] <... futex resumed>)        = 0
[pid  3830] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3830] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3850] <... futex resumed>)        = 1
[pid  3850] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3850] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3830] <... futex resumed>)        = 0
[pid  3830] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3830] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3850] <... futex resumed>)        = 1
[pid  3850] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""}) = -1 EBADF (Bad file descriptor)
[pid  3850] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3830] <... futex resumed>)        = 0
[pid  3830] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3830] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3850] <... futex resumed>)        = 1
[pid  3850] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3850] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3830] <... futex resumed>)        = 0
[pid  3850] <... futex resumed>)        = 1
[pid  3850] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3830] close(3)                    = 0
[pid  3830] close(4)                    = 0
[pid  3830] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3830] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3830] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3830] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3830] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3830] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3830] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3830] exit_group(0 <unfinished ...>
[pid  3850] <... futex resumed>)        = ?
[pid  3831] <... write resumed>)        = ?
[pid  3830] <... exit_group resumed>)   = ?
[pid  3850] +++ exited with 0 +++
[pid  3831] +++ exited with 0 +++
[pid  3830] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=29, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
[pid  3632] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./9/binderfs")      = 0
[pid  3632] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./9/file0")          = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./9")                = 0
[pid  3632] mkdir("./10", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 32
./strace-static-x86_64: Process 3851 attached
[pid  3851] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3851] chdir("./10")               = 0
[pid  3851] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3851] setpgid(0, 0)               = 0
[pid  3851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3851] write(3, "1000", 4)         = 4
[pid  3851] close(3)                    = 0
[pid  3851] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3851] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3851] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3851] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3851] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3852 attached
, parent_tid=[33], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 33
[pid  3852] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3852] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3851] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3852] <... futex resumed>)        = 0
[pid  3852] memfd_create("syzkaller", 0 <unfinished ...>
[pid  3851] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3852] <... memfd_create resumed>) = 3
[pid  3852] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3852] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3852] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3852] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3852] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3852] close(3)                    = 0
[pid  3852] mkdir("./file0", 0777)      = 0
[   57.594592][ T3852] loop0: detected capacity change from 0 to 32768
[   57.608897][ T3852] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   57.617622][ T3852] BTRFS info (device loop0): force zlib compression, level 3
[   57.625211][ T3852] BTRFS info (device loop0): force clearing of disk cache
[   57.632596][ T3852] BTRFS info (device loop0): using free space tree
[   57.651544][ T3852] BTRFS info (device loop0): enabling ssd optimizations
[   57.659153][ T3852] BTRFS info (device loop0): clearing free space tree
[   57.666126][ T3852] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   57.675797][ T3852] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   57.689178][ T3852] BTRFS info (device loop0): creating free space tree
[pid  3852] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3852] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3852] chdir("./file0")            = 0
[pid  3852] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3852] close(4)                    = 0
[pid  3852] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3851] <... futex resumed>)        = 0
[pid  3852] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3851] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3852] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3851] <... futex resumed>)        = 0
[pid  3852] creat(NULL, 000 <unfinished ...>
[pid  3851] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3852] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3852] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3851] <... futex resumed>)        = 0
[pid  3852] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3851] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3852] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3851] <... futex resumed>)        = 0
[pid  3852] creat("./bus", 000 <unfinished ...>
[pid  3851] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3852] <... creat resumed>)        = 4
[pid  3852] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3851] <... futex resumed>)        = 0
[pid  3852] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3851] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   57.696616][ T3852] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   57.706251][ T3852] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3851] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3851] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3851] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3851] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3851] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[34], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 34
[pid  3851] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3851] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3871 attached
 <unfinished ...>
[pid  3871] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3871] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3871] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3851] <... futex resumed>)        = 0
[pid  3871] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3851] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3871] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3871] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890} <unfinished ...>
[pid  3851] <... futex resumed>)        = 0
[pid  3871] <... ioctl resumed>)        = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3851] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3871] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3851] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3871] <... futex resumed>)        = 0
[pid  3851] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3871] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""} <unfinished ...>
[pid  3851] <... futex resumed>)        = 0
[pid  3871] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3851] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3871] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3851] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3871] <... futex resumed>)        = 0
[pid  3851] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3871] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3851] <... futex resumed>)        = 0
[pid  3871] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3851] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3871] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3851] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3871] <... futex resumed>)        = 0
[pid  3871] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3851] close(3)                    = 0
[pid  3851] close(4)                    = 0
[pid  3851] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3851] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3851] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3851] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3851] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3851] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3851] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3851] exit_group(0 <unfinished ...>
[pid  3871] <... futex resumed>)        = ?
[pid  3852] <... write resumed>)        = ?
[pid  3851] <... exit_group resumed>)   = ?
[pid  3871] +++ exited with 0 +++
[pid  3852] +++ exited with 0 +++
[pid  3851] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=32, si_uid=0, si_status=0, si_utime=0, si_stime=30} ---
[pid  3632] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./10/binderfs")     = 0
[pid  3632] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./10/file0")         = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./10")               = 0
[pid  3632] mkdir("./11", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 35
./strace-static-x86_64: Process 3872 attached
[pid  3872] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3872] chdir("./11")               = 0
[pid  3872] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3872] setpgid(0, 0)               = 0
[pid  3872] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3872] write(3, "1000", 4)         = 4
[pid  3872] close(3)                    = 0
[pid  3872] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3872] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3872] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3872] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3872] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[36], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 36
[pid  3872] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3872] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 3873 attached
 <unfinished ...>
[pid  3873] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3873] memfd_create("syzkaller", 0) = 3
[pid  3873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3873] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3873] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3873] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3873] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3873] close(3)                    = 0
[pid  3873] mkdir("./file0", 0777)      = 0
[   58.307543][ T3873] loop0: detected capacity change from 0 to 32768
[   58.318971][ T3873] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   58.328280][ T3873] BTRFS info (device loop0): force zlib compression, level 3
[   58.335788][ T3873] BTRFS info (device loop0): force clearing of disk cache
[   58.343060][ T3873] BTRFS info (device loop0): using free space tree
[   58.361118][ T3873] BTRFS info (device loop0): enabling ssd optimizations
[   58.368664][ T3873] BTRFS info (device loop0): clearing free space tree
[   58.375562][ T3873] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   58.385256][ T3873] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   58.398611][ T3873] BTRFS info (device loop0): creating free space tree
[pid  3873] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3873] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3873] chdir("./file0")            = 0
[pid  3873] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3873] close(4)                    = 0
[pid  3873] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3872] <... futex resumed>)        = 0
[pid  3873] <... futex resumed>)        = 1
[pid  3872] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3873] creat(NULL, 000 <unfinished ...>
[pid  3872] <... futex resumed>)        = 0
[pid  3873] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3872] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3873] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3872] <... futex resumed>)        = 0
[pid  3873] creat("./bus", 000 <unfinished ...>
[pid  3872] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3873] <... creat resumed>)        = 4
[pid  3872] <... futex resumed>)        = 0
[pid  3872] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3873] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3872] <... futex resumed>)        = 0
[pid  3872] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3873] <... futex resumed>)        = 1
[pid  3872] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   58.406192][ T3873] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   58.415797][ T3873] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3873] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3872] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  3872] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3872] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3872] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3872] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[37], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 37
[pid  3872] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3872] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3892 attached
 <unfinished ...>
[pid  3892] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3892] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3892] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3872] <... futex resumed>)        = 0
[pid  3892] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3872] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3892] <... futex resumed>)        = 0
[pid  3872] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3892] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3892] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3872] <... futex resumed>)        = 0
[pid  3892] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3872] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3892] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3872] <... futex resumed>)        = 0
[pid  3892] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""} <unfinished ...>
[pid  3872] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3892] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3892] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3872] <... futex resumed>)        = 0
[pid  3892] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3872] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3892] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3872] <... futex resumed>)        = 0
[pid  3892] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3872] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3892] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3892] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3892] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3872] <... futex resumed>)        = 0
[pid  3872] close(3)                    = 0
[pid  3872] close(4)                    = 0
[pid  3872] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3872] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3872] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3872] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3872] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3872] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3872] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3872] exit_group(0 <unfinished ...>
[pid  3892] <... futex resumed>)        = ?
[pid  3873] <... write resumed>)        = ?
[pid  3872] <... exit_group resumed>)   = ?
[pid  3892] +++ exited with 0 +++
[pid  3873] +++ exited with 0 +++
[pid  3872] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=35, si_uid=0, si_status=0, si_utime=1, si_stime=27} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./11/binderfs")     = 0
[pid  3632] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./11/file0")         = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./11")               = 0
[pid  3632] mkdir("./12", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 38
./strace-static-x86_64: Process 3893 attached
[pid  3893] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3893] chdir("./12")               = 0
[pid  3893] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3893] setpgid(0, 0)               = 0
[pid  3893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3893] write(3, "1000", 4)         = 4
[pid  3893] close(3)                    = 0
[pid  3893] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3893] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3893] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3893] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3893] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3894 attached
 <unfinished ...>
[pid  3894] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3894] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3893] <... clone resumed>, parent_tid=[39], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 39
[pid  3893] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3893] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3894] <... futex resumed>)        = 0
[pid  3894] memfd_create("syzkaller", 0) = 3
[pid  3894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3894] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3894] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3894] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3894] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3894] close(3)                    = 0
[pid  3894] mkdir("./file0", 0777)      = 0
[   59.012174][ T3894] loop0: detected capacity change from 0 to 32768
[   59.026873][ T3894] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   59.035677][ T3894] BTRFS info (device loop0): force zlib compression, level 3
[   59.043213][ T3894] BTRFS info (device loop0): force clearing of disk cache
[   59.050340][ T3894] BTRFS info (device loop0): using free space tree
[   59.068376][ T3894] BTRFS info (device loop0): enabling ssd optimizations
[   59.076244][ T3894] BTRFS info (device loop0): clearing free space tree
[   59.083610][ T3894] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   59.093710][ T3894] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   59.107540][ T3894] BTRFS info (device loop0): creating free space tree
[pid  3894] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3894] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3894] chdir("./file0")            = 0
[pid  3894] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3894] close(4)                    = 0
[pid  3894] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3893] <... futex resumed>)        = 0
[pid  3894] creat(NULL, 000 <unfinished ...>
[pid  3893] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3893] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3894] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3894] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3893] <... futex resumed>)        = 0
[pid  3893] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3893] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3894] creat("./bus", 000)         = 4
[pid  3894] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3893] <... futex resumed>)        = 0
[pid  3893] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3893] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   59.114921][ T3894] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   59.126567][ T3894] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3894] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3893] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  3893] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  3893] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3893] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3893] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3893] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[40], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 40
[pid  3893] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3893] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3913 attached
 <unfinished ...>
[pid  3913] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3913] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3913] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3893] <... futex resumed>)        = 0
[pid  3893] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3893] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3913] <... futex resumed>)        = 1
[pid  3913] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3913] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3893] <... futex resumed>)        = 0
[pid  3893] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3893] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3913] <... futex resumed>)        = 1
[pid  3913] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""}) = -1 EBADF (Bad file descriptor)
[pid  3913] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3893] <... futex resumed>)        = 0
[pid  3893] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3893] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3913] <... futex resumed>)        = 1
[pid  3913] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3913] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3893] <... futex resumed>)        = 0
[pid  3913] <... futex resumed>)        = 1
[pid  3913] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3893] close(3)                    = 0
[pid  3893] close(4)                    = 0
[pid  3893] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3893] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3893] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3893] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3893] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3893] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3893] exit_group(0 <unfinished ...>
[pid  3913] <... futex resumed>)        = ?
[pid  3894] <... write resumed>)        = ?
[pid  3893] <... exit_group resumed>)   = ?
[pid  3913] +++ exited with 0 +++
[pid  3894] +++ exited with 0 +++
[pid  3893] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=38, si_uid=0, si_status=0, si_utime=1, si_stime=30} ---
[pid  3632] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./12/binderfs")     = 0
[pid  3632] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./12/file0")         = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./12")               = 0
[pid  3632] mkdir("./13", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 41
./strace-static-x86_64: Process 3914 attached
[pid  3914] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3914] chdir("./13")               = 0
[pid  3914] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3914] setpgid(0, 0)               = 0
[pid  3914] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3914] write(3, "1000", 4)         = 4
[pid  3914] close(3)                    = 0
[pid  3914] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3914] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3914] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3914] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3914] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3915 attached
, parent_tid=[42], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 42
[pid  3914] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3914] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3915] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3915] memfd_create("syzkaller", 0) = 3
[pid  3915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3915] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3915] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3915] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3915] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3915] close(3)                    = 0
[pid  3915] mkdir("./file0", 0777)      = 0
[   59.691618][ T3915] loop0: detected capacity change from 0 to 32768
[   59.705938][ T3915] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   59.714631][ T3915] BTRFS info (device loop0): force zlib compression, level 3
[   59.722374][ T3915] BTRFS info (device loop0): force clearing of disk cache
[   59.729498][ T3915] BTRFS info (device loop0): using free space tree
[   59.748525][ T3915] BTRFS info (device loop0): enabling ssd optimizations
[   59.756204][ T3915] BTRFS info (device loop0): clearing free space tree
[   59.763348][ T3915] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   59.773251][ T3915] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   59.786476][ T3915] BTRFS info (device loop0): creating free space tree
[pid  3915] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3915] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3915] chdir("./file0")            = 0
[pid  3915] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3915] close(4)                    = 0
[pid  3915] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3914] <... futex resumed>)        = 0
[pid  3915] creat(NULL, 000 <unfinished ...>
[pid  3914] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3915] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3914] <... futex resumed>)        = 0
[pid  3915] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3914] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3915] <... futex resumed>)        = 0
[pid  3914] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3915] creat("./bus", 000 <unfinished ...>
[pid  3914] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3915] <... creat resumed>)        = 4
[pid  3914] <... futex resumed>)        = 0
[pid  3914] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3915] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3914] <... futex resumed>)        = 0
[pid  3914] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3914] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3915] <... futex resumed>)        = 1
[   59.794570][ T3915] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   59.804801][ T3915] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3915] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3914] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  3914] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3914] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3914] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3914] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[43], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 43
[pid  3914] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3914] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3934 attached
 <unfinished ...>
[pid  3934] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3934] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3934] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3914] <... futex resumed>)        = 0
[pid  3914] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3914] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3934] <... futex resumed>)        = 1
[pid  3934] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3934] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3914] <... futex resumed>)        = 0
[pid  3914] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3914] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3934] <... futex resumed>)        = 1
[pid  3934] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""}) = -1 EBADF (Bad file descriptor)
[pid  3934] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3914] <... futex resumed>)        = 0
[pid  3914] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3914] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3934] <... futex resumed>)        = 1
[pid  3934] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3934] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3914] <... futex resumed>)        = 0
[pid  3934] <... futex resumed>)        = 1
[pid  3934] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3914] close(3)                    = 0
[pid  3914] close(4)                    = 0
[pid  3914] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3914] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3914] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3914] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3914] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3914] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3914] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3914] exit_group(0 <unfinished ...>
[pid  3934] <... futex resumed>)        = ?
[pid  3915] <... write resumed>)        = ?
[pid  3914] <... exit_group resumed>)   = ?
[pid  3934] +++ exited with 0 +++
[pid  3915] +++ exited with 0 +++
[pid  3914] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=41, si_uid=0, si_status=0, si_utime=1, si_stime=28} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./13/binderfs")     = 0
[pid  3632] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./13/file0")         = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./13")               = 0
[pid  3632] mkdir("./14", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 44
./strace-static-x86_64: Process 3935 attached
[pid  3935] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3935] chdir("./14")               = 0
[pid  3935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3935] setpgid(0, 0)               = 0
[pid  3935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3935] write(3, "1000", 4)         = 4
[pid  3935] close(3)                    = 0
[pid  3935] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3935] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3935] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3935] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3935] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[45], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 45
./strace-static-x86_64: Process 3936 attached
[pid  3936] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3936] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3935] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3936] <... futex resumed>)        = 0
[pid  3935] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3936] memfd_create("syzkaller", 0) = 3
[pid  3936] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3936] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3936] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3936] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3936] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3936] close(3)                    = 0
[pid  3936] mkdir("./file0", 0777)      = 0
[   60.373063][ T3936] loop0: detected capacity change from 0 to 32768
[   60.387211][ T3936] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   60.396154][ T3936] BTRFS info (device loop0): force zlib compression, level 3
[   60.403979][ T3936] BTRFS info (device loop0): force clearing of disk cache
[   60.411307][ T3936] BTRFS info (device loop0): using free space tree
[   60.429619][ T3936] BTRFS info (device loop0): enabling ssd optimizations
[   60.437267][ T3936] BTRFS info (device loop0): clearing free space tree
[   60.444356][ T3936] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   60.454231][ T3936] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   60.467526][ T3936] BTRFS info (device loop0): creating free space tree
[pid  3936] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3936] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3936] chdir("./file0")            = 0
[pid  3936] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3936] close(4)                    = 0
[pid  3936] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3935] <... futex resumed>)        = 0
[pid  3936] creat(NULL, 000 <unfinished ...>
[pid  3935] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3936] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3935] <... futex resumed>)        = 0
[pid  3936] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3935] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3936] <... futex resumed>)        = 0
[pid  3935] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3936] creat("./bus", 000 <unfinished ...>
[pid  3935] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3936] <... creat resumed>)        = 4
[pid  3935] <... futex resumed>)        = 0
[pid  3935] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3936] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3935] <... futex resumed>)        = 0
[pid  3936] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3935] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   60.475302][ T3936] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   60.485310][ T3936] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3935] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3935] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3935] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3935] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3935] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[46], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 46
[pid  3935] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3935] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3955 attached
 <unfinished ...>
[pid  3955] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3955] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3955] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3935] <... futex resumed>)        = 0
[pid  3935] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3955] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3935] <... futex resumed>)        = 0
[pid  3935] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3955] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3935] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3955] <... futex resumed>)        = 0
[pid  3935] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3955] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""} <unfinished ...>
[pid  3935] <... futex resumed>)        = 0
[pid  3935] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3955] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3955] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3935] <... futex resumed>)        = 0
[pid  3935] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3935] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3955] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552) = -1 EBADF (Bad file descriptor)
[pid  3955] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3935] <... futex resumed>)        = 0
[pid  3955] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3935] close(3)                    = 0
[pid  3935] close(4)                    = 0
[pid  3935] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3935] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3935] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3935] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3935] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3935] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3935] exit_group(0 <unfinished ...>
[pid  3936] <... write resumed>)        = ?
[pid  3955] <... futex resumed>)        = ?
[pid  3935] <... exit_group resumed>)   = ?
[pid  3936] +++ exited with 0 +++
[pid  3955] +++ exited with 0 +++
[pid  3935] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=44, si_uid=0, si_status=0, si_utime=0, si_stime=28} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./14/binderfs")     = 0
[pid  3632] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./14/file0")         = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./14")               = 0
[pid  3632] mkdir("./15", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 47
./strace-static-x86_64: Process 3956 attached
[pid  3956] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3956] chdir("./15")               = 0
[pid  3956] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3956] setpgid(0, 0)               = 0
[pid  3956] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3956] write(3, "1000", 4)         = 4
[pid  3956] close(3)                    = 0
[pid  3956] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3956] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3956] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3956] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3956] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3957 attached
, parent_tid=[48], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 48
[pid  3957] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3957] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3956] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3957] <... futex resumed>)        = 0
[pid  3957] memfd_create("syzkaller", 0 <unfinished ...>
[pid  3956] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3957] <... memfd_create resumed>) = 3
[pid  3957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3957] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3957] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3957] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3957] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3957] close(3)                    = 0
[pid  3957] mkdir("./file0", 0777)      = 0
[   61.097057][ T3957] loop0: detected capacity change from 0 to 32768
[   61.110572][ T3957] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   61.119803][ T3957] BTRFS info (device loop0): force zlib compression, level 3
[   61.127552][ T3957] BTRFS info (device loop0): force clearing of disk cache
[   61.134768][ T3957] BTRFS info (device loop0): using free space tree
[   61.153310][ T3957] BTRFS info (device loop0): enabling ssd optimizations
[   61.161258][ T3957] BTRFS info (device loop0): clearing free space tree
[   61.168049][ T3957] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   61.177779][ T3957] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   61.191333][ T3957] BTRFS info (device loop0): creating free space tree
[pid  3957] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3957] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3957] chdir("./file0")            = 0
[pid  3957] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3957] close(4)                    = 0
[pid  3957] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3956] <... futex resumed>)        = 0
[pid  3957] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3956] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3957] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3956] <... futex resumed>)        = 0
[pid  3957] creat(NULL, 000 <unfinished ...>
[pid  3956] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3957] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3957] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3956] <... futex resumed>)        = 0
[pid  3957] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3956] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3957] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3956] <... futex resumed>)        = 0
[pid  3957] creat("./bus", 000 <unfinished ...>
[pid  3956] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3957] <... creat resumed>)        = 4
[pid  3957] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3956] <... futex resumed>)        = 0
[pid  3957] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3956] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   61.198640][ T3957] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   61.208536][ T3957] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3956] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3956] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3956] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3956] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3956] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[49], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 49
[pid  3956] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3956] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3976 attached
 <unfinished ...>
[pid  3976] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3976] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3976] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3956] <... futex resumed>)        = 0
[pid  3956] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3976] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890} <unfinished ...>
[pid  3956] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3976] <... ioctl resumed>)        = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3976] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3956] <... futex resumed>)        = 0
[pid  3976] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3956] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3976] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3956] <... futex resumed>)        = 0
[pid  3976] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""} <unfinished ...>
[pid  3956] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3976] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3976] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3956] <... futex resumed>)        = 0
[pid  3976] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3956] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3976] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3956] <... futex resumed>)        = 0
[pid  3976] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3956] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3976] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3976] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3956] <... futex resumed>)        = 0
[pid  3976] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3956] close(3)                    = 0
[pid  3956] close(4)                    = 0
[pid  3956] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3956] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3956] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3956] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3956] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3956] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3956] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3956] exit_group(0 <unfinished ...>
[pid  3976] <... futex resumed>)        = ?
[pid  3956] <... exit_group resumed>)   = ?
[pid  3976] +++ exited with 0 +++
[pid  3957] <... write resumed>)        = ?
[pid  3957] +++ exited with 0 +++
[pid  3956] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=47, si_uid=0, si_status=0, si_utime=2, si_stime=29} ---
[pid  3632] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./15/binderfs")     = 0
[pid  3632] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./15/file0")         = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./15")               = 0
[pid  3632] mkdir("./16", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 50
./strace-static-x86_64: Process 3977 attached
[pid  3977] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3977] chdir("./16")               = 0
[pid  3977] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3977] setpgid(0, 0)               = 0
[pid  3977] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3977] write(3, "1000", 4)         = 4
[pid  3977] close(3)                    = 0
[pid  3977] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3977] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3977] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3977] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3977] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3978 attached
 <unfinished ...>
[pid  3978] set_robust_list(0x7fd3e3fb59e0, 24 <unfinished ...>
[pid  3977] <... clone resumed>, parent_tid=[51], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 51
[pid  3977] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3978] <... set_robust_list resumed>) = 0
[pid  3977] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3978] memfd_create("syzkaller", 0) = 3
[pid  3978] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3978] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3978] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3978] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3978] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3978] close(3)                    = 0
[pid  3978] mkdir("./file0", 0777)      = 0
[   61.801555][ T3978] loop0: detected capacity change from 0 to 32768
[   61.813988][ T3978] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   61.822707][ T3978] BTRFS info (device loop0): force zlib compression, level 3
[   61.830079][ T3978] BTRFS info (device loop0): force clearing of disk cache
[   61.837477][ T3978] BTRFS info (device loop0): using free space tree
[   61.856157][ T3978] BTRFS info (device loop0): enabling ssd optimizations
[   61.864048][ T3978] BTRFS info (device loop0): clearing free space tree
[   61.871202][ T3978] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   61.880919][ T3978] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   61.894206][ T3978] BTRFS info (device loop0): creating free space tree
[pid  3978] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3978] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3978] chdir("./file0")            = 0
[pid  3978] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3978] close(4)                    = 0
[pid  3978] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3977] <... futex resumed>)        = 0
[pid  3978] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3977] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3978] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3977] <... futex resumed>)        = 0
[pid  3978] creat(NULL, 000 <unfinished ...>
[pid  3977] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3978] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3978] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3977] <... futex resumed>)        = 0
[pid  3978] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3977] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3978] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3977] <... futex resumed>)        = 0
[pid  3978] creat("./bus", 000 <unfinished ...>
[pid  3977] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3978] <... creat resumed>)        = 4
[pid  3978] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3977] <... futex resumed>)        = 0
[pid  3978] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3977] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   61.901965][ T3978] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   61.911587][ T3978] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3977] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3977] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3977] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3977] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3977] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[52], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 52
[pid  3977] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3977] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3997 attached
 <unfinished ...>
[pid  3997] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  3997] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  3997] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3977] <... futex resumed>)        = 0
[pid  3997] <... futex resumed>)        = 1
[pid  3977] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3977] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3997] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890}) = -1 ENOTTY (Inappropriate ioctl for device)
[pid  3997] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3977] <... futex resumed>)        = 0
[pid  3997] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3977] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3997] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3977] <... futex resumed>)        = 0
[pid  3997] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""} <unfinished ...>
[pid  3977] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3997] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3997] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3977] <... futex resumed>)        = 0
[pid  3997] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3977] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3997] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3977] <... futex resumed>)        = 0
[pid  3997] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3977] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3997] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid  3997] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3977] <... futex resumed>)        = 0
[pid  3997] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3977] close(3)                    = 0
[pid  3977] close(4)                    = 0
[pid  3977] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3977] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3977] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3977] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3977] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3977] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3977] exit_group(0 <unfinished ...>
[pid  3997] <... futex resumed>)        = ?
[pid  3978] <... write resumed>)        = ?
[pid  3977] <... exit_group resumed>)   = ?
[pid  3997] +++ exited with 0 +++
[pid  3978] +++ exited with 0 +++
[pid  3977] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=50, si_uid=0, si_status=0, si_utime=1, si_stime=28} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./16/binderfs")     = 0
[pid  3632] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./16/file0")         = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./16")               = 0
[pid  3632] mkdir("./17", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 53
./strace-static-x86_64: Process 3998 attached
[pid  3998] set_robust_list(0x5555573a65e0, 24) = 0
[pid  3998] chdir("./17")               = 0
[pid  3998] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3998] setpgid(0, 0)               = 0
[pid  3998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3998] write(3, "1000", 4)         = 4
[pid  3998] close(3)                    = 0
[pid  3998] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3998] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3998] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  3998] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3998] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3999 attached
, parent_tid=[54], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 54
[pid  3998] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3998] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  3999] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  3999] memfd_create("syzkaller", 0) = 3
[pid  3999] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  3999] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  3999] munmap(0x7fd3dba00000, 16777216) = 0
[pid  3999] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3999] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3999] close(3)                    = 0
[pid  3999] mkdir("./file0", 0777)      = 0
[   62.512278][ T3999] loop0: detected capacity change from 0 to 32768
[   62.524617][ T3999] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   62.533327][ T3999] BTRFS info (device loop0): force zlib compression, level 3
[   62.540707][ T3999] BTRFS info (device loop0): force clearing of disk cache
[   62.547902][ T3999] BTRFS info (device loop0): using free space tree
[   62.566562][ T3999] BTRFS info (device loop0): enabling ssd optimizations
[   62.574350][ T3999] BTRFS info (device loop0): clearing free space tree
[   62.581439][ T3999] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   62.591311][ T3999] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   62.604706][ T3999] BTRFS info (device loop0): creating free space tree
[pid  3999] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  3999] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3999] chdir("./file0")            = 0
[pid  3999] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3999] close(4)                    = 0
[pid  3999] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3998] <... futex resumed>)        = 0
[pid  3999] creat(NULL, 000 <unfinished ...>
[pid  3998] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3999] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  3998] <... futex resumed>)        = 0
[pid  3999] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3998] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3999] <... futex resumed>)        = 0
[pid  3998] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3999] creat("./bus", 000 <unfinished ...>
[pid  3998] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3999] <... creat resumed>)        = 4
[pid  3998] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3999] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3998] <... futex resumed>)        = 0
[pid  3999] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3998] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   62.612281][ T3999] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   62.622009][ T3999] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  3998] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3998] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  3998] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3998] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  3998] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3998] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[55], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 55
[pid  3998] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3998] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 4018 attached
 <unfinished ...>
[pid  4018] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  4018] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  4018] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3998] <... futex resumed>)        = 0
[pid  3998] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  4018] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890} <unfinished ...>
[pid  3998] <... futex resumed>)        = 0
[pid  3998] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  4018] <... ioctl resumed>)        = -1 ENOTTY (Inappropriate ioctl for device)
[pid  4018] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3998] <... futex resumed>)        = 0
[pid  3998] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  4018] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""} <unfinished ...>
[pid  3998] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  4018] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid  4018] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3998] <... futex resumed>)        = 0
[pid  4018] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3998] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  4018] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  3998] <... futex resumed>)        = 0
[pid  4018] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  3998] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  4018] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid  4018] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3998] <... futex resumed>)        = 0
[pid  4018] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3998] close(3)                    = 0
[pid  3998] close(4)                    = 0
[pid  3998] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  3998] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  3998] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3998] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3998] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3998] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3998] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3998] exit_group(0 <unfinished ...>
[pid  4018] <... futex resumed>)        = ?
[pid  3998] <... exit_group resumed>)   = ?
[pid  3999] <... write resumed>)        = ?
[pid  4018] +++ exited with 0 +++
[pid  3999] +++ exited with 0 +++
[pid  3998] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=53, si_uid=0, si_status=0, si_utime=1, si_stime=29} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./17/binderfs")     = 0
[pid  3632] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573af660 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573af660 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./17/file0")         = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./17")               = 0
[pid  3632] mkdir("./18", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573a65d0) = 56
./strace-static-x86_64: Process 4021 attached
[pid  4021] set_robust_list(0x5555573a65e0, 24) = 0
[pid  4021] chdir("./18")               = 0
[pid  4021] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  4021] setpgid(0, 0)               = 0
[pid  4021] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  4021] write(3, "1000", 4)         = 4
[pid  4021] close(3)                    = 0
[pid  4021] symlink("/dev/binderfs", "./binderfs") = 0
[pid  4021] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  4021] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f95000
[pid  4021] mprotect(0x7fd3e3f96000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  4021] clone(child_stack=0x7fd3e3fb53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[57], tls=0x7fd3e3fb5700, child_tidptr=0x7fd3e3fb59d0) = 57
[pid  4021] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  4021] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 4022 attached
 <unfinished ...>
[pid  4022] set_robust_list(0x7fd3e3fb59e0, 24) = 0
[pid  4022] memfd_create("syzkaller", 0) = 3
[pid  4022] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3dba00000
[pid  4022] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  4022] munmap(0x7fd3dba00000, 16777216) = 0
[pid  4022] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  4022] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  4022] close(3)                    = 0
[pid  4022] mkdir("./file0", 0777)      = 0
[   63.205397][ T4022] loop0: detected capacity change from 0 to 32768
[   63.219043][ T4022] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   63.227974][ T4022] BTRFS info (device loop0): force zlib compression, level 3
[   63.235649][ T4022] BTRFS info (device loop0): force clearing of disk cache
[   63.242985][ T4022] BTRFS info (device loop0): using free space tree
[   63.261535][ T4022] BTRFS info (device loop0): enabling ssd optimizations
[   63.269388][ T4022] BTRFS info (device loop0): clearing free space tree
[   63.276326][ T4022] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   63.286045][ T4022] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   63.299425][ T4022] BTRFS info (device loop0): creating free space tree
[pid  4022] mount("/dev/loop0", "./file0", "btrfs", MS_NOSUID, "compress-force,clear_cache,space_cache=v2,enospc_debug,clear_cache,") = 0
[pid  4022] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  4022] chdir("./file0")            = 0
[pid  4022] ioctl(4, LOOP_CLR_FD)       = 0
[pid  4022] close(4)                    = 0
[pid  4022] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  4021] <... futex resumed>)        = 0
[pid  4022] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  4021] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  4022] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  4021] <... futex resumed>)        = 0
[pid  4022] creat(NULL, 000 <unfinished ...>
[pid  4021] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  4022] <... creat resumed>)        = -1 EFAULT (Bad address)
[pid  4022] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  4021] <... futex resumed>)        = 0
[pid  4022] futex(0x7fd3e40947e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  4021] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  4022] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  4021] <... futex resumed>)        = 0
[pid  4022] creat("./bus", 000 <unfinished ...>
[pid  4021] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  4022] <... creat resumed>)        = 4
[pid  4022] futex(0x7fd3e40947ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  4021] <... futex resumed>)        = 0
[pid  4022] write(4, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  4021] futex(0x7fd3e40947e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   63.307013][ T4022] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   63.317325][ T4022] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[pid  4021] futex(0x7fd3e40947ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  4021] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  4021] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd3e3f74000
[pid  4021] mprotect(0x7fd3e3f75000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  4021] clone(child_stack=0x7fd3e3f943f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[58], tls=0x7fd3e3f94700, child_tidptr=0x7fd3e3f949d0) = 58
[pid  4021] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  4021] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 4041 attached
 <unfinished ...>
[pid  4041] set_robust_list(0x7fd3e3f949e0, 24) = 0
[pid  4041] ftruncate(-1, 8)            = -1 EBADF (Bad file descriptor)
[pid  4041] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  4021] <... futex resumed>)        = 0
[pid  4041] ioctl(0, BTRFS_IOC_DEV_INFO, {devid=makedev(0, 0), uuid=b09d1a32-2cbe-2366-67c9-93043db6a890} <unfinished ...>
[pid  4021] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  4041] <... ioctl resumed>)        = -1 ENOTTY (Inappropriate ioctl for device)
[pid  4021] <... futex resumed>)        = 0
[pid  4041] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  4021] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  4041] <... futex resumed>)        = 0
[pid  4021] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  4041] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  4021] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  4041] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  4021] <... futex resumed>)        = 0
[pid  4041] ioctl(-1, BTRFS_IOC_SUBVOL_CREATE_V2, {fd=-1, flags=BTRFS_SUBVOL_QGROUP_INHERIT|0x10, size=136, qgroup_inherit={flags=0, num_qgroups=8, num_ref_copies=6, num_excl_copies=129, lim={flags=BTRFS_QGROUP_LIMIT_MAX_RFER|BTRFS_QGROUP_LIMIT_MAX_EXCL|BTRFS_QGROUP_LIMIT_RFER_CMPR, max_rfer=512, max_excl=6, rsv_rfer=4, rsv_excl=4294967295}, ...}, name=""} <unfinished ...>
[pid  4021] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  4041] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid  4041] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  4021] <... futex resumed>)        = 0
[pid  4041] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  4021] futex(0x7fd3e40947f8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  4041] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  4021] <... futex resumed>)        = 0
[pid  4041] write(-1, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x30\x0a\xfe\xdf\x6d\x93\xae\x33\x1c\x95\x39\xae\x4c\x64\xc7\x54\xa2\x18\xce\xe9\xe3\x53\xa7\x66\x09\x8f\x20\x28\x61\xdc\x79\x2e\x18\x32\x12\x16\xdd\xc7\xb5\x3d\x0e\x8d\x0e\xfa\xcb\x58\x18\xb2\xeb\x9d\x77\xc6\xd1\x19\x79\x44\xd3\xfe\x45\xd1\xa0\x4a\x5e\xb7\xd1\x76\xd2\x6f\x54\xba\xb1\xe2\xe1\xa0\x45\xa2\xa7\x8a\xf0\x71\x76\x43\x4c\x86\xff\xf6\xd0\xf5\x9e\xe1\x24"..., 2147479552 <unfinished ...>
[pid  4021] futex(0x7fd3e40947fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  4041] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid  4041] futex(0x7fd3e40947fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  4021] <... futex resumed>)        = 0
[pid  4041] futex(0x7fd3e40947f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  4021] close(3)                    = 0
[pid  4021] close(4)                    = 0
[pid  4021] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  4021] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  4021] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  4021] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  4021] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  4021] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  4021] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  4021] exit_group(0 <unfinished ...>
[pid  4041] <... futex resumed>)        = ?
[pid  4022] <... write resumed>)        = ?
[pid  4021] <... exit_group resumed>)   = ?
[pid  4041] +++ exited with 0 +++
[pid  4022] +++ exited with 0 +++
[pid  4021] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=56, si_uid=0, si_status=0, si_utime=2, si_stime=26} ---
[pid  3632] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573a7620 /* 4 entries */, 32768) = 112
[pid  3632] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./18/binderfs")     = 0
[   63.633491][ T3632] assertion failed: list_empty(&fs_info->delayed_iputs), in fs/btrfs/disk-io.c:4664
[   63.643243][ T3632] ------------[ cut here ]------------
[   63.648696][ T3632] kernel BUG at fs/btrfs/ctree.h:3713!
[   63.654460][ T3632] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   63.661468][ T3632] CPU: 1 PID: 3632 Comm: syz-executor235 Not tainted 6.1.0-rc6-syzkaller-00015-gc3eb11fbb826 #0
[   63.671853][ T3632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   63.681886][ T3632] RIP: 0010:assertfail+0x1a/0x1c
[   63.686819][ T3632] Code: 48 c7 c2 80 aa 38 8b 31 c0 e8 ef e3 ff ff 0f 0b 89 f1 48 89 fe 48 c7 c7 60 d9 38 8b 48 c7 c2 50 0a 39 8b 31 c0 e8 d3 e3 ff ff <0f> 0b 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec
[   63.706407][ T3632] RSP: 0018:ffffc90003d7fa58 EFLAGS: 00010246
[   63.712461][ T3632] RAX: 0000000000000051 RBX: ffff88807c960d58 RCX: 83509907ab950400
[   63.720851][ T3632] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[   63.728802][ T3632] RBP: ffffc90003d7fbe8 R08: ffffffff816e568d R09: fffff520007aff05
[   63.736755][ T3632] R10: fffff520007aff05 R11: 1ffff920007aff04 R12: 0000000000000000
[   63.744710][ T3632] R13: ffff88807c960000 R14: dffffc0000000000 R15: dffffc0000000000
[   63.752660][ T3632] FS:  00005555573a6300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   63.761567][ T3632] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   63.768128][ T3632] CR2: 00007ffcab996e28 CR3: 0000000078318000 CR4: 00000000003506e0
[   63.776109][ T3632] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   63.784073][ T3632] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   63.792055][ T3632] Call Trace:
[   63.795336][ T3632]  <TASK>
[   63.798253][ T3632]  close_ctree+0x818/0xbde
[   63.802659][ T3632]  ? hook_sb_delete+0x988/0xab0
[   63.807520][ T3632]  ? init_tree_roots+0x1ed0/0x1ed0
[   63.812618][ T3632]  ? hook_inode_free_security+0xa0/0xa0
[   63.818234][ T3632]  ? __fsnotify_vfsmount_delete+0x20/0x20
[   63.823940][ T3632]  ? clear_inode+0x150/0x150
[   63.828510][ T3632]  ? btrfs_sync_fs+0x11d/0x4a0
[   63.833256][ T3632]  ? fscrypt_destroy_keyring+0x2a5/0x2c0
[   63.838873][ T3632]  ? btrfs_fill_super+0x2d0/0x2d0
[   63.843902][ T3632]  generic_shutdown_super+0x130/0x310
[   63.849256][ T3632]  kill_anon_super+0x36/0x60
[   63.853829][ T3632]  btrfs_kill_super+0x3d/0x50
[   63.858486][ T3632]  deactivate_locked_super+0xa7/0xf0
[   63.863838][ T3632]  cleanup_mnt+0x494/0x520
[   63.868234][ T3632]  ? lockdep_hardirqs_on+0x8d/0x130
[   63.873417][ T3632]  task_work_run+0x243/0x300
[   63.878005][ T3632]  ? task_work_cancel+0x290/0x290
[   63.883010][ T3632]  ? path_umount+0x1e0/0xf90
[   63.887577][ T3632]  ptrace_notify+0x29a/0x340
[   63.892146][ T3632]  ? do_notify_parent+0xe00/0xe00
[   63.897160][ T3632]  ? user_path_at_empty+0x149/0x1a0
[   63.902338][ T3632]  ? __x64_sys_umount+0x113/0x150
[   63.907345][ T3632]  syscall_exit_work+0x8c/0xe0
[   63.912094][ T3632]  syscall_exit_to_user_mode_prepare+0x63/0xc0
[   63.918230][ T3632]  syscall_exit_to_user_mode+0xa/0x60
[   63.923582][ T3632]  do_syscall_64+0x49/0xb0
[   63.927975][ T3632]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   63.933851][ T3632] RIP: 0033:0x7fd3e400af67
[   63.938244][ T3632] Code: ff d0 48 89 c7 b8 3c 00 00 00 0f 05 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   63.957828][ T3632] RSP: 002b:00007ffcab997568 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[   63.966221][ T3632] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fd3e400af67
[   63.974174][ T3632] RDX: 00007ffcab99762a RSI: 000000000000000a RDI: 00007ffcab997620
[   63.982143][ T3632] RBP: 00007ffcab997620 R08: 00000000ffffffff R09: 00007ffcab997400
[   63.990094][ T3632] R10: 00005555573a7653 R11: 0000000000000202 R12: 00007ffcab9986e0
[   63.998044][ T3632] R13: 00005555573a75f0 R14: 00007ffcab997590 R15: 00007ffcab998700
[   64.006000][ T3632]  </TASK>
[   64.009002][ T3632] Modules linked in:
[   64.013082][ T3632] ---[ end trace 0000000000000000 ]---
[   64.018652][ T3632] RIP: 0010:assertfail+0x1a/0x1c
[   64.023632][ T3632] Code: 48 c7 c2 80 aa 38 8b 31 c0 e8 ef e3 ff ff 0f 0b 89 f1 48 89 fe 48 c7 c7 60 d9 38 8b 48 c7 c2 50 0a 39 8b 31 c0 e8 d3 e3 ff ff <0f> 0b 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec
[   64.043280][ T3632] RSP: 0018:ffffc90003d7fa58 EFLAGS: 00010246
[   64.049330][ T3632] RAX: 0000000000000051 RBX: ffff88807c960d58 RCX: 83509907ab950400
[   64.057318][ T3632] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[   64.065316][ T3632] RBP: ffffc90003d7fbe8 R08: ffffffff816e568d R09: fffff520007aff05
[   64.073298][ T3632] R10: fffff520007aff05 R11: 1ffff920007aff04 R12: 0000000000000000
[   64.081300][ T3632] R13: ffff88807c960000 R14: dffffc0000000000 R15: dffffc0000000000
[   64.089255][ T3632] FS:  00005555573a6300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   64.098200][ T3632] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   64.104809][ T3632] CR2: 00007fd3e405ad48 CR3: 0000000078318000 CR4: 00000000003506f0
[   64.112792][ T3632] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   64.120851][ T3632] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   64.128839][ T3632] Kernel panic - not syncing: Fatal exception
[   64.135051][ T3632] Kernel Offset: disabled
[   64.139386][ T3632] Rebooting in 86400 seconds..