./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1563639486

<...>
Warning: Permanently added '10.128.1.53' (ED25519) to the list of known hosts.
execve("./syz-executor1563639486", ["./syz-executor1563639486"], 0x7fff1e12edc0 /* 10 vars */) = 0
brk(NULL)                               = 0x555555ea0000
brk(0x555555ea0e00)                     = 0x555555ea0e00
arch_prctl(ARCH_SET_FS, 0x555555ea0480) = 0
set_tid_address(0x555555ea0750)         = 5067
set_robust_list(0x555555ea0760, 24)     = 0
rseq(0x555555ea0da0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1563639486", 4096) = 28
getrandom("\xbc\xea\x57\x72\xc6\x11\x82\x6a", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555555ea0e00
brk(0x555555ec1e00)                     = 0x555555ec1e00
brk(0x555555ec2000)                     = 0x555555ec2000
mprotect(0x7f5814263000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7f58141b9940, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f58141c2450}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7f58141b9940, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f58141c2450}, NULL, 8) = 0
mkdir("./syzkaller.5UTRiu", 0700)       = 0
chmod("./syzkaller.5UTRiu", 0777)       = 0
chdir("./syzkaller.5UTRiu")             = 0
mkdir("./0", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5069 attached
 <unfinished ...>
[pid  5069] set_robust_list(0x555555ea0760, 24) = 0
[pid  5069] chdir("./0")                = 0
[pid  5069] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5069] setpgid(0, 0)               = 0
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5069
[pid  5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5069] write(3, "1000", 4)         = 4
[pid  5069] close(3)                    = 0
[pid  5069] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5069] memfd_create("syzkaller", 0) = 3
[pid  5069] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5069] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5069] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5069] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5069] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5069] close(3)                    = 0
[pid  5069] mkdir("./bus", 0777)        = 0
[pid  5069] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5069] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5069] chdir("./bus")              = 0
[pid  5069] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5069] close(4)                    = 0
[pid  5069] mkdir("./bus", 0777)        = 0
[pid  5069] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5069] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5069] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[   55.269557][ T5069] loop0: detected capacity change from 0 to 512
[   55.291864][ T5069] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.304413][ T5069] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/0/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5069] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5069] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5069] exit_group(0)               = ?
[pid  5069] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5069, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[   55.366220][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./0/bus")                        = 0
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs")                  = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./0")                            = 0
mkdir("./1", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5073 attached
 <unfinished ...>
[pid  5073] set_robust_list(0x555555ea0760, 24) = 0
[pid  5073] chdir("./1")                = 0
[pid  5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5073
[pid  5073] setpgid(0, 0)               = 0
[pid  5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5073] write(3, "1000", 4)         = 4
[pid  5073] close(3)                    = 0
[pid  5073] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5073] memfd_create("syzkaller", 0) = 3
[pid  5073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5073] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5073] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5073] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5073] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5073] close(3)                    = 0
[pid  5073] mkdir("./bus", 0777)        = 0
[   55.542992][ T5073] loop0: detected capacity change from 0 to 512
[   55.570623][ T5073] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5073] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5073] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5073] chdir("./bus")              = 0
[pid  5073] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5073] close(4)                    = 0
[pid  5073] mkdir("./bus", 0777)        = 0
[pid  5073] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5073] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   55.583126][ T5073] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/1/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5073] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5073] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5073] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5073] exit_group(0)               = ?
[pid  5073] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
[   55.664470][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./1/bus")                        = 0
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs")                  = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./1")                            = 0
mkdir("./2", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5076 attached
, child_tidptr=0x555555ea0750) = 5076
[pid  5076] set_robust_list(0x555555ea0760, 24) = 0
[pid  5076] chdir("./2")                = 0
[pid  5076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5076] setpgid(0, 0)               = 0
[pid  5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5076] write(3, "1000", 4)         = 4
[pid  5076] close(3)                    = 0
[pid  5076] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5076] memfd_create("syzkaller", 0) = 3
[pid  5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5076] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5076] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5076] close(3)                    = 0
[pid  5076] mkdir("./bus", 0777)        = 0
[pid  5076] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5076] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5076] chdir("./bus")              = 0
[pid  5076] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5076] close(4)                    = 0
[   55.799225][ T5076] loop0: detected capacity change from 0 to 512
[   55.820382][ T5076] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.832901][ T5076] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/2/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5076] mkdir("./bus", 0777)        = 0
[pid  5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5076] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5076] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5076] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5076] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5076] exit_group(0)               = ?
[pid  5076] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   55.964540][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./2/bus")                        = 0
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs")                  = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./2")                            = 0
mkdir("./3", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5079 attached
 <unfinished ...>
[pid  5079] set_robust_list(0x555555ea0760, 24) = 0
[pid  5079] chdir("./3")                = 0
[pid  5079] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5079
[pid  5079] <... prctl resumed>)        = 0
[pid  5079] setpgid(0, 0)               = 0
[pid  5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5079] write(3, "1000", 4)         = 4
[pid  5079] close(3)                    = 0
[pid  5079] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5079] memfd_create("syzkaller", 0) = 3
[pid  5079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5079] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5079] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5079] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5079] close(3)                    = 0
[pid  5079] mkdir("./bus", 0777)        = 0
[   56.141746][ T5079] loop0: detected capacity change from 0 to 512
[pid  5079] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5079] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5079] chdir("./bus")              = 0
[pid  5079] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5079] close(4)                    = 0
[pid  5079] mkdir("./bus", 0777)        = 0
[pid  5079] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5079] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   56.180800][ T5079] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.193330][ T5079] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/3/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5079] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5079] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5079] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5079] exit_group(0)               = ?
[pid  5079] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
[   56.303121][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
rmdir("./3/bus")                        = 0
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs")                  = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./3")                            = 0
mkdir("./4", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5082 attached
 <unfinished ...>
[pid  5082] set_robust_list(0x555555ea0760, 24) = 0
[pid  5082] chdir("./4")                = 0
[pid  5082] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5082
[pid  5082] <... prctl resumed>)        = 0
[pid  5082] setpgid(0, 0)               = 0
[pid  5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5082] write(3, "1000", 4)         = 4
[pid  5082] close(3)                    = 0
[pid  5082] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5082] memfd_create("syzkaller", 0) = 3
[pid  5082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5082] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5082] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5082] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5082] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5082] close(3)                    = 0
[pid  5082] mkdir("./bus", 0777)        = 0
[pid  5082] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5082] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5082] chdir("./bus")              = 0
[pid  5082] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5082] close(4)                    = 0
[pid  5082] mkdir("./bus", 0777)        = 0
[pid  5082] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[   56.466271][ T5082] loop0: detected capacity change from 0 to 512
[   56.489854][ T5082] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.502413][ T5082] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/4/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5082] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5082] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5082] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5082] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5082] exit_group(0)               = ?
[pid  5082] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
[   56.600701][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./4/bus")                        = 0
umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs")                  = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./4")                            = 0
mkdir("./5", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5085 attached
, child_tidptr=0x555555ea0750) = 5085
[pid  5085] set_robust_list(0x555555ea0760, 24) = 0
[pid  5085] chdir("./5")                = 0
[pid  5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5085] setpgid(0, 0)               = 0
[pid  5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5085] write(3, "1000", 4)         = 4
[pid  5085] close(3)                    = 0
[pid  5085] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5085] memfd_create("syzkaller", 0) = 3
[pid  5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5085] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5085] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5085] close(3)                    = 0
[pid  5085] mkdir("./bus", 0777)        = 0
[   56.782384][ T5085] loop0: detected capacity change from 0 to 512
[   56.819932][ T5085] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5085] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5085] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5085] chdir("./bus")              = 0
[pid  5085] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5085] close(4)                    = 0
[pid  5085] mkdir("./bus", 0777)        = 0
[pid  5085] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5085] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5085] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5085] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[   56.832428][ T5085] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/5/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5085] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5085] exit_group(0)               = ?
[pid  5085] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./5/bus")                        = 0
umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[   56.942424][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
unlink("./5/binderfs")                  = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./5")                            = 0
mkdir("./6", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5088 attached
 <unfinished ...>
[pid  5088] set_robust_list(0x555555ea0760, 24) = 0
[pid  5088] chdir("./6")                = 0
[pid  5088] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5088
[pid  5088] <... prctl resumed>)        = 0
[pid  5088] setpgid(0, 0)               = 0
[pid  5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5088] write(3, "1000", 4)         = 4
[pid  5088] close(3)                    = 0
[pid  5088] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5088] memfd_create("syzkaller", 0) = 3
[pid  5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5088] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5088] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5088] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5088] close(3)                    = 0
[pid  5088] mkdir("./bus", 0777)        = 0
[   57.094567][ T5088] loop0: detected capacity change from 0 to 512
[   57.130254][ T5088] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5088] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5088] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5088] chdir("./bus")              = 0
[pid  5088] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5088] close(4)                    = 0
[pid  5088] mkdir("./bus", 0777)        = 0
[pid  5088] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5088] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   57.142800][ T5088] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/6/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5088] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5088] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5088] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5088] exit_group(0)               = ?
[pid  5088] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./6/bus")                        = 0
umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./6/binderfs")                  = 0
[   57.242207][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./6")                            = 0
mkdir("./7", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached
, child_tidptr=0x555555ea0750) = 5091
[pid  5091] set_robust_list(0x555555ea0760, 24) = 0
[pid  5091] chdir("./7")                = 0
[pid  5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5091] setpgid(0, 0)               = 0
[pid  5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5091] write(3, "1000", 4)         = 4
[pid  5091] close(3)                    = 0
[pid  5091] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5091] memfd_create("syzkaller", 0) = 3
[pid  5091] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5091] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5091] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5091] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5091] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5091] close(3)                    = 0
[pid  5091] mkdir("./bus", 0777)        = 0
[   57.383691][ T5091] loop0: detected capacity change from 0 to 512
[   57.410264][ T5091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5091] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5091] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5091] chdir("./bus")              = 0
[pid  5091] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5091] close(4)                    = 0
[pid  5091] mkdir("./bus", 0777)        = 0
[pid  5091] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5091] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   57.422747][ T5091] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5091] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5091] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5091] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5091] exit_group(0)               = ?
[pid  5091] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
[   57.523868][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./7/bus")                        = 0
umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./7/binderfs")                  = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./7")                            = 0
mkdir("./8", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5094 attached
 <unfinished ...>
[pid  5094] set_robust_list(0x555555ea0760, 24) = 0
[pid  5094] chdir("./8")                = 0
[pid  5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5094
[pid  5094] setpgid(0, 0)               = 0
[pid  5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "1000", 4)         = 4
[pid  5094] close(3)                    = 0
[pid  5094] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5094] memfd_create("syzkaller", 0) = 3
[pid  5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5094] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5094] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5094] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5094] close(3)                    = 0
[pid  5094] mkdir("./bus", 0777)        = 0
[   57.662014][ T5094] loop0: detected capacity change from 0 to 512
[   57.690622][ T5094] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5094] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5094] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5094] chdir("./bus")              = 0
[pid  5094] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5094] close(4)                    = 0
[pid  5094] mkdir("./bus", 0777)        = 0
[pid  5094] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5094] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   57.703168][ T5094] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/8/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5094] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5094] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5094] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5094] exit_group(0)               = ?
[pid  5094] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./8/bus")                        = 0
umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./8/binderfs")                  = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./8")                            = 0
mkdir("./9", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
[   57.809842][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5098 attached
, child_tidptr=0x555555ea0750) = 5098
[pid  5098] set_robust_list(0x555555ea0760, 24) = 0
[pid  5098] chdir("./9")                = 0
[pid  5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5098] setpgid(0, 0)               = 0
[pid  5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5098] write(3, "1000", 4)         = 4
[pid  5098] close(3)                    = 0
[pid  5098] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5098] memfd_create("syzkaller", 0) = 3
[pid  5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5098] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5098] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5098] close(3)                    = 0
[pid  5098] mkdir("./bus", 0777)        = 0
[pid  5098] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5098] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5098] chdir("./bus")              = 0
[pid  5098] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5098] close(4)                    = 0
[pid  5098] mkdir("./bus", 0777)        = 0
[pid  5098] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5098] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5098] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5098] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[   57.930666][ T5098] loop0: detected capacity change from 0 to 512
[   57.950281][ T5098] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.962964][ T5098] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5098] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5098] exit_group(0)               = ?
[pid  5098] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
[   58.055468][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
close(4)                                = 0
rmdir("./9/bus")                        = 0
umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./9/binderfs")                  = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./9")                            = 0
mkdir("./10", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5101 attached
, child_tidptr=0x555555ea0750) = 5101
[pid  5101] set_robust_list(0x555555ea0760, 24) = 0
[pid  5101] chdir("./10")               = 0
[pid  5101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5101] setpgid(0, 0)               = 0
[pid  5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5101] write(3, "1000", 4)         = 4
[pid  5101] close(3)                    = 0
[pid  5101] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5101] memfd_create("syzkaller", 0) = 3
[pid  5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5101] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5101] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5101] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5101] close(3)                    = 0
[pid  5101] mkdir("./bus", 0777)        = 0
[pid  5101] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5101] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5101] chdir("./bus")              = 0
[pid  5101] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5101] close(4)                    = 0
[   58.225120][ T5101] loop0: detected capacity change from 0 to 512
[   58.249895][ T5101] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.262481][ T5101] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/10/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5101] mkdir("./bus", 0777)        = 0
[pid  5101] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5101] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5101] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5101] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5101] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5101] exit_group(0)               = ?
[pid  5101] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./10/bus")                       = 0
umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   58.353309][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./10/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./10")                           = 0
mkdir("./11", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5104 attached
 <unfinished ...>
[pid  5104] set_robust_list(0x555555ea0760, 24) = 0
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5104
[pid  5104] chdir("./11")               = 0
[pid  5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5104] setpgid(0, 0)               = 0
[pid  5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5104] write(3, "1000", 4)         = 4
[pid  5104] close(3)                    = 0
[pid  5104] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5104] memfd_create("syzkaller", 0) = 3
[pid  5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5104] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5104] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5104] close(3)                    = 0
[pid  5104] mkdir("./bus", 0777)        = 0
[   58.500181][ T5104] loop0: detected capacity change from 0 to 512
[   58.530010][ T5104] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5104] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5104] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5104] chdir("./bus")              = 0
[pid  5104] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5104] close(4)                    = 0
[pid  5104] mkdir("./bus", 0777)        = 0
[   58.542539][ T5104] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5104] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5104] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5104] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5104] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5104] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5104] exit_group(0)               = ?
[pid  5104] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[   58.641129][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./11/bus")                       = 0
umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./11/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./11")                           = 0
mkdir("./12", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5107 attached
, child_tidptr=0x555555ea0750) = 5107
[pid  5107] set_robust_list(0x555555ea0760, 24) = 0
[pid  5107] chdir("./12")               = 0
[pid  5107] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5107] setpgid(0, 0)               = 0
[pid  5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5107] write(3, "1000", 4)         = 4
[pid  5107] close(3)                    = 0
[pid  5107] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5107] memfd_create("syzkaller", 0) = 3
[pid  5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5107] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5107] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5107] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5107] close(3)                    = 0
[pid  5107] mkdir("./bus", 0777)        = 0
[   58.747562][ T5107] loop0: detected capacity change from 0 to 512
[   58.780543][ T5107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5107] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5107] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5107] chdir("./bus")              = 0
[pid  5107] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5107] close(4)                    = 0
[pid  5107] mkdir("./bus", 0777)        = 0
[pid  5107] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5107] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5107] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5107] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5107] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5107] exit_group(0)               = ?
[pid  5107] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
[   58.793044][ T5107] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/12/bus supports timestamps until 2038-01-19 (0x7fffffff)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./12/bus")                       = 0
umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   58.900516][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./12/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./12")                           = 0
mkdir("./13", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5110 attached
, child_tidptr=0x555555ea0750) = 5110
[pid  5110] set_robust_list(0x555555ea0760, 24) = 0
[pid  5110] chdir("./13")               = 0
[pid  5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5110] setpgid(0, 0)               = 0
[pid  5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5110] write(3, "1000", 4)         = 4
[pid  5110] close(3)                    = 0
[pid  5110] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5110] memfd_create("syzkaller", 0) = 3
[pid  5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5110] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5110] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5110] close(3)                    = 0
[pid  5110] mkdir("./bus", 0777)        = 0
[   59.036041][ T5110] loop0: detected capacity change from 0 to 512
[   59.070493][ T5110] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5110] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5110] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5110] chdir("./bus")              = 0
[pid  5110] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5110] close(4)                    = 0
[pid  5110] mkdir("./bus", 0777)        = 0
[pid  5110] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5110] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   59.083023][ T5110] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/13/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5110] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5110] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5110] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5110] exit_group(0)               = ?
[pid  5110] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./13/bus")                       = 0
umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./13/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./13")                           = 0
mkdir("./14", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ea0750) = 5113
./strace-static-x86_64: Process 5113 attached
[pid  5113] set_robust_list(0x555555ea0760, 24) = 0
[pid  5113] chdir("./14")               = 0
[   59.184461][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid  5113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5113] setpgid(0, 0)               = 0
[pid  5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5113] write(3, "1000", 4)         = 4
[pid  5113] close(3)                    = 0
[pid  5113] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5113] memfd_create("syzkaller", 0) = 3
[pid  5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5113] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5113] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5113] close(3)                    = 0
[pid  5113] mkdir("./bus", 0777)        = 0
[pid  5113] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5113] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5113] chdir("./bus")              = 0
[pid  5113] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5113] close(4)                    = 0
[pid  5113] mkdir("./bus", 0777)        = 0
[pid  5113] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5113] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5113] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5113] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5113] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[   59.279152][ T5113] loop0: detected capacity change from 0 to 512
[   59.299853][ T5113] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.312368][ T5113] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5113] exit_group(0)               = ?
[pid  5113] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./14/bus")                       = 0
umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./14/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
[   59.398715][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
rmdir("./14")                           = 0
mkdir("./15", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5116 attached
, child_tidptr=0x555555ea0750) = 5116
[pid  5116] set_robust_list(0x555555ea0760, 24) = 0
[pid  5116] chdir("./15")               = 0
[pid  5116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5116] setpgid(0, 0)               = 0
[pid  5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5116] write(3, "1000", 4)         = 4
[pid  5116] close(3)                    = 0
[pid  5116] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5116] memfd_create("syzkaller", 0) = 3
[pid  5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5116] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5116] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5116] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5116] close(3)                    = 0
[pid  5116] mkdir("./bus", 0777)        = 0
[   59.551263][ T5116] loop0: detected capacity change from 0 to 512
[   59.580241][ T5116] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5116] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5116] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5116] chdir("./bus")              = 0
[pid  5116] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5116] close(4)                    = 0
[pid  5116] mkdir("./bus", 0777)        = 0
[pid  5116] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[   59.592869][ T5116] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/15/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5116] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5116] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5116] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5116] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5116] exit_group(0)               = ?
[pid  5116] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
[   59.707540][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
rmdir("./15/bus")                       = 0
umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./15/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./15")                           = 0
mkdir("./16", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5119 attached
 <unfinished ...>
[pid  5119] set_robust_list(0x555555ea0760, 24) = 0
[pid  5119] chdir("./16" <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5119
[pid  5119] <... chdir resumed>)        = 0
[pid  5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5119] setpgid(0, 0)               = 0
[pid  5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5119] write(3, "1000", 4)         = 4
[pid  5119] close(3)                    = 0
[pid  5119] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5119] memfd_create("syzkaller", 0) = 3
[pid  5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5119] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5119] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5119] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5119] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5119] close(3)                    = 0
[pid  5119] mkdir("./bus", 0777)        = 0
[pid  5119] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5119] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5119] chdir("./bus")              = 0
[pid  5119] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5119] close(4)                    = 0
[pid  5119] mkdir("./bus", 0777)        = 0
[pid  5119] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5119] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   59.847570][ T5119] loop0: detected capacity change from 0 to 512
[   59.870146][ T5119] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.882798][ T5119] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/16/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5119] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5119] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5119] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5119] exit_group(0)               = ?
[pid  5119] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./16/bus")                       = 0
umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./16/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
[   59.960574][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
close(3)                                = 0
rmdir("./16")                           = 0
mkdir("./17", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5122 attached
 <unfinished ...>
[pid  5122] set_robust_list(0x555555ea0760, 24) = 0
[pid  5122] chdir("./17" <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5122
[pid  5122] <... chdir resumed>)        = 0
[pid  5122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5122] setpgid(0, 0)               = 0
[pid  5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5122] write(3, "1000", 4)         = 4
[pid  5122] close(3)                    = 0
[pid  5122] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5122] memfd_create("syzkaller", 0) = 3
[pid  5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5122] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5122] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5122] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5122] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5122] close(3)                    = 0
[pid  5122] mkdir("./bus", 0777)        = 0
[   60.101310][ T5122] loop0: detected capacity change from 0 to 512
[   60.129994][ T5122] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5122] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5122] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5122] chdir("./bus")              = 0
[pid  5122] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5122] close(4)                    = 0
[pid  5122] mkdir("./bus", 0777)        = 0
[pid  5122] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5122] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   60.142531][ T5122] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/17/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5122] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5122] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5122] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5122] exit_group(0)               = ?
[pid  5122] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
[   60.235411][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
close(4)                                = 0
rmdir("./17/bus")                       = 0
umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./17/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./17")                           = 0
mkdir("./18", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5125 attached
 <unfinished ...>
[pid  5125] set_robust_list(0x555555ea0760, 24) = 0
[pid  5125] chdir("./18")               = 0
[pid  5125] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5125
[pid  5125] <... prctl resumed>)        = 0
[pid  5125] setpgid(0, 0)               = 0
[pid  5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5125] write(3, "1000", 4)         = 4
[pid  5125] close(3)                    = 0
[pid  5125] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5125] memfd_create("syzkaller", 0) = 3
[pid  5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5125] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5125] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5125] close(3)                    = 0
[pid  5125] mkdir("./bus", 0777)        = 0
[   60.371831][ T5125] loop0: detected capacity change from 0 to 512
[pid  5125] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5125] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5125] chdir("./bus")              = 0
[pid  5125] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5125] close(4)                    = 0
[pid  5125] mkdir("./bus", 0777)        = 0
[pid  5125] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5125] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   60.410120][ T5125] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.422688][ T5125] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/18/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5125] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5125] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5125] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5125] exit_group(0)               = ?
[pid  5125] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[   60.535986][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./18/bus")                       = 0
umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./18/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./18")                           = 0
mkdir("./19", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5128 attached
 <unfinished ...>
[pid  5128] set_robust_list(0x555555ea0760, 24) = 0
[pid  5128] chdir("./19")               = 0
[pid  5128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5128
[pid  5128] setpgid(0, 0)               = 0
[pid  5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5128] write(3, "1000", 4)         = 4
[pid  5128] close(3)                    = 0
[pid  5128] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5128] memfd_create("syzkaller", 0) = 3
[pid  5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5128] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5128] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5128] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5128] close(3)                    = 0
[pid  5128] mkdir("./bus", 0777)        = 0
[   60.689209][ T5128] loop0: detected capacity change from 0 to 512
[   60.720561][ T5128] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5128] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5128] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5128] chdir("./bus")              = 0
[pid  5128] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5128] close(4)                    = 0
[pid  5128] mkdir("./bus", 0777)        = 0
[pid  5128] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5128] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5128] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5128] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5128] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5128] exit_group(0)               = ?
[   60.733098][ T5128] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/19/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5128] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./19/bus")                       = 0
umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./19/binderfs")                 = 0
[   60.827859][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./19")                           = 0
mkdir("./20", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5131 attached
 <unfinished ...>
[pid  5131] set_robust_list(0x555555ea0760, 24) = 0
[pid  5131] chdir("./20")               = 0
[pid  5131] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5131
[pid  5131] <... prctl resumed>)        = 0
[pid  5131] setpgid(0, 0)               = 0
[pid  5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5131] write(3, "1000", 4)         = 4
[pid  5131] close(3)                    = 0
[pid  5131] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5131] memfd_create("syzkaller", 0) = 3
[pid  5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5131] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5131] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5131] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5131] close(3)                    = 0
[pid  5131] mkdir("./bus", 0777)        = 0
[   60.949357][ T5131] loop0: detected capacity change from 0 to 512
[   60.980181][ T5131] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5131] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5131] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5131] chdir("./bus")              = 0
[pid  5131] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5131] close(4)                    = 0
[pid  5131] mkdir("./bus", 0777)        = 0
[   60.992700][ T5131] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5131] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5131] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5131] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5131] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5131] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5131] exit_group(0)               = ?
[pid  5131] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[   61.088207][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./20/bus")                       = 0
umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./20/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./20")                           = 0
mkdir("./21", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5134 attached
, child_tidptr=0x555555ea0750) = 5134
[pid  5134] set_robust_list(0x555555ea0760, 24) = 0
[pid  5134] chdir("./21")               = 0
[pid  5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5134] setpgid(0, 0)               = 0
[pid  5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5134] write(3, "1000", 4)         = 4
[pid  5134] close(3)                    = 0
[pid  5134] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5134] memfd_create("syzkaller", 0) = 3
[pid  5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5134] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5134] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5134] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5134] close(3)                    = 0
[pid  5134] mkdir("./bus", 0777)        = 0
[pid  5134] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5134] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5134] chdir("./bus")              = 0
[pid  5134] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5134] close(4)                    = 0
[   61.267786][ T5134] loop0: detected capacity change from 0 to 512
[   61.290241][ T5134] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.302777][ T5134] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/21/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5134] mkdir("./bus", 0777)        = 0
[pid  5134] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5134] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5134] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5134] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5134] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5134] exit_group(0)               = ?
[pid  5134] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./21/bus")                       = 0
umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./21/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./21")                           = 0
mkdir("./22", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5137 attached
 <unfinished ...>
[pid  5137] set_robust_list(0x555555ea0760, 24) = 0
[pid  5137] chdir("./22")               = 0
[   61.385801][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid  5137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5137
[pid  5137] setpgid(0, 0)               = 0
[pid  5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5137] write(3, "1000", 4)         = 4
[pid  5137] close(3)                    = 0
[pid  5137] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5137] memfd_create("syzkaller", 0) = 3
[pid  5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5137] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5137] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5137] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5137] close(3)                    = 0
[pid  5137] mkdir("./bus", 0777)        = 0
[pid  5137] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5137] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5137] chdir("./bus")              = 0
[pid  5137] ioctl(4, LOOP_CLR_FD)       = 0
[   61.477748][ T5137] loop0: detected capacity change from 0 to 512
[   61.500353][ T5137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.512975][ T5137] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/22/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5137] close(4)                    = 0
[pid  5137] mkdir("./bus", 0777)        = 0
[pid  5137] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5137] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5137] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5137] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5137] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5137] exit_group(0)               = ?
[pid  5137] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5137, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./22/bus")                       = 0
umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./22/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
[   61.599146][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
close(3)                                = 0
rmdir("./22")                           = 0
mkdir("./23", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5140 attached
 <unfinished ...>
[pid  5140] set_robust_list(0x555555ea0760, 24) = 0
[pid  5140] chdir("./23")               = 0
[pid  5140] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5140
[pid  5140] <... prctl resumed>)        = 0
[pid  5140] setpgid(0, 0)               = 0
[pid  5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5140] write(3, "1000", 4)         = 4
[pid  5140] close(3)                    = 0
[pid  5140] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5140] memfd_create("syzkaller", 0) = 3
[pid  5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5140] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5140] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5140] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5140] close(3)                    = 0
[pid  5140] mkdir("./bus", 0777)        = 0
[   61.700747][ T5140] loop0: detected capacity change from 0 to 512
[   61.730203][ T5140] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5140] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5140] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5140] chdir("./bus")              = 0
[pid  5140] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5140] close(4)                    = 0
[pid  5140] mkdir("./bus", 0777)        = 0
[   61.742808][ T5140] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5140] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5140] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5140] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5140] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5140] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5140] exit_group(0)               = ?
[pid  5140] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./23/bus")                       = 0
umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./23/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./23")                           = 0
mkdir("./24", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
[   61.830172][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5143 attached
, child_tidptr=0x555555ea0750) = 5143
[pid  5143] set_robust_list(0x555555ea0760, 24) = 0
[pid  5143] chdir("./24")               = 0
[pid  5143] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5143] setpgid(0, 0)               = 0
[pid  5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5143] write(3, "1000", 4)         = 4
[pid  5143] close(3)                    = 0
[pid  5143] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5143] memfd_create("syzkaller", 0) = 3
[pid  5143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5143] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5143] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5143] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5143] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5143] close(3)                    = 0
[pid  5143] mkdir("./bus", 0777)        = 0
[   61.952482][ T5143] loop0: detected capacity change from 0 to 512
[   61.980359][ T5143] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5143] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5143] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5143] chdir("./bus")              = 0
[pid  5143] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5143] close(4)                    = 0
[   61.992873][ T5143] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/24/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5143] mkdir("./bus", 0777)        = 0
[pid  5143] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5143] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5143] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5143] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5143] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5143] exit_group(0)               = ?
[pid  5143] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5143, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./24/bus")                       = 0
umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[   62.068802][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
unlink("./24/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./24")                           = 0
mkdir("./25", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5146 attached
 <unfinished ...>
[pid  5146] set_robust_list(0x555555ea0760, 24 <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5146
[pid  5146] <... set_robust_list resumed>) = 0
[pid  5146] chdir("./25")               = 0
[pid  5146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5146] setpgid(0, 0)               = 0
[pid  5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5146] write(3, "1000", 4)         = 4
[pid  5146] close(3)                    = 0
[pid  5146] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5146] memfd_create("syzkaller", 0) = 3
[pid  5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5146] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5146] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5146] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5146] close(3)                    = 0
[pid  5146] mkdir("./bus", 0777)        = 0
[pid  5146] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5146] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5146] chdir("./bus")              = 0
[pid  5146] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5146] close(4)                    = 0
[   62.210316][ T5146] loop0: detected capacity change from 0 to 512
[   62.229918][ T5146] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.242459][ T5146] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/25/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5146] mkdir("./bus", 0777)        = 0
[pid  5146] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5146] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5146] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5146] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5146] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5146] exit_group(0)               = ?
[pid  5146] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./25/bus")                       = 0
umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./25/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./25")                           = 0
mkdir("./26", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
[   62.344180][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5149 attached
 <unfinished ...>
[pid  5149] set_robust_list(0x555555ea0760, 24) = 0
[pid  5149] chdir("./26")               = 0
[pid  5149] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5149
[pid  5149] <... prctl resumed>)        = 0
[pid  5149] setpgid(0, 0)               = 0
[pid  5149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5149] write(3, "1000", 4)         = 4
[pid  5149] close(3)                    = 0
[pid  5149] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5149] memfd_create("syzkaller", 0) = 3
[pid  5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5149] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5149] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5149] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5149] close(3)                    = 0
[pid  5149] mkdir("./bus", 0777)        = 0
[pid  5149] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5149] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5149] chdir("./bus")              = 0
[pid  5149] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5149] close(4)                    = 0
[   62.460973][ T5149] loop0: detected capacity change from 0 to 512
[   62.480414][ T5149] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.492922][ T5149] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/26/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5149] mkdir("./bus", 0777)        = 0
[pid  5149] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5149] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5149] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5149] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5149] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5149] exit_group(0)               = ?
[pid  5149] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5149, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./26/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./26/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./26/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./26/bus")                       = 0
umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./26/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./26")                           = 0
mkdir("./27", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ea0750) = 5152
./strace-static-x86_64: Process 5152 attached
[pid  5152] set_robust_list(0x555555ea0760, 24) = 0
[   62.600219][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid  5152] chdir("./27")               = 0
[pid  5152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5152] setpgid(0, 0)               = 0
[pid  5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5152] write(3, "1000", 4)         = 4
[pid  5152] close(3)                    = 0
[pid  5152] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5152] memfd_create("syzkaller", 0) = 3
[pid  5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5152] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5152] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5152] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5152] close(3)                    = 0
[pid  5152] mkdir("./bus", 0777)        = 0
[pid  5152] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5152] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5152] chdir("./bus")              = 0
[pid  5152] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5152] close(4)                    = 0
[pid  5152] mkdir("./bus", 0777)        = 0
[   62.719920][ T5152] loop0: detected capacity change from 0 to 512
[   62.740265][ T5152] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.752805][ T5152] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/27/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5152] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5152] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5152] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5152] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5152] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5152] exit_group(0)               = ?
[pid  5152] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./27/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./27/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./27/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./27/bus")                       = 0
umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[   62.829315][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
unlink("./27/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./27")                           = 0
mkdir("./28", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5155 attached
, child_tidptr=0x555555ea0750) = 5155
[pid  5155] set_robust_list(0x555555ea0760, 24) = 0
[pid  5155] chdir("./28")               = 0
[pid  5155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5155] setpgid(0, 0)               = 0
[pid  5155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5155] write(3, "1000", 4)         = 4
[pid  5155] close(3)                    = 0
[pid  5155] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5155] memfd_create("syzkaller", 0) = 3
[pid  5155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5155] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5155] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5155] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5155] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5155] close(3)                    = 0
[pid  5155] mkdir("./bus", 0777)        = 0
[pid  5155] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5155] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5155] chdir("./bus")              = 0
[pid  5155] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5155] close(4)                    = 0
[pid  5155] mkdir("./bus", 0777)        = 0
[pid  5155] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5155] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   62.970871][ T5155] loop0: detected capacity change from 0 to 512
[   62.990050][ T5155] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.002597][ T5155] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/28/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5155] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5155] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5155] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5155] exit_group(0)               = ?
[pid  5155] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5155, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./28/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./28/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./28/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./28/bus")                       = 0
umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[   63.100537][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
unlink("./28/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./28")                           = 0
mkdir("./29", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5158 attached
, child_tidptr=0x555555ea0750) = 5158
[pid  5158] set_robust_list(0x555555ea0760, 24) = 0
[pid  5158] chdir("./29")               = 0
[pid  5158] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5158] setpgid(0, 0)               = 0
[pid  5158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5158] write(3, "1000", 4)         = 4
[pid  5158] close(3)                    = 0
[pid  5158] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5158] memfd_create("syzkaller", 0) = 3
[pid  5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5158] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5158] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5158] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5158] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5158] close(3)                    = 0
[pid  5158] mkdir("./bus", 0777)        = 0
[   63.249697][ T5158] loop0: detected capacity change from 0 to 512
[   63.280216][ T5158] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5158] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5158] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5158] chdir("./bus")              = 0
[pid  5158] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5158] close(4)                    = 0
[pid  5158] mkdir("./bus", 0777)        = 0
[pid  5158] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5158] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   63.292793][ T5158] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5158] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5158] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5158] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5158] exit_group(0)               = ?
[pid  5158] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5158, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./29/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./29/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./29/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./29/bus")                       = 0
umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[   63.367237][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
unlink("./29/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./29")                           = 0
mkdir("./30", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5161 attached
, child_tidptr=0x555555ea0750) = 5161
[pid  5161] set_robust_list(0x555555ea0760, 24) = 0
[pid  5161] chdir("./30")               = 0
[pid  5161] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5161] setpgid(0, 0)               = 0
[pid  5161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5161] write(3, "1000", 4)         = 4
[pid  5161] close(3)                    = 0
[pid  5161] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5161] memfd_create("syzkaller", 0) = 3
[pid  5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5161] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5161] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5161] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5161] close(3)                    = 0
[pid  5161] mkdir("./bus", 0777)        = 0
[   63.497931][ T5161] loop0: detected capacity change from 0 to 512
[   63.530558][ T5161] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5161] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5161] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5161] chdir("./bus")              = 0
[pid  5161] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5161] close(4)                    = 0
[pid  5161] mkdir("./bus", 0777)        = 0
[pid  5161] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5161] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5161] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5161] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5161] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5161] exit_group(0)               = ?
[   63.543086][ T5161] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/30/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5161] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5161, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./30/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./30/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./30/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
[   63.634844][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
close(4)                                = 0
rmdir("./30/bus")                       = 0
umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./30/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./30")                           = 0
mkdir("./31", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5164 attached
 <unfinished ...>
[pid  5164] set_robust_list(0x555555ea0760, 24) = 0
[pid  5164] chdir("./31")               = 0
[pid  5164] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5164
[pid  5164] setpgid(0, 0)               = 0
[pid  5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5164] write(3, "1000", 4)         = 4
[pid  5164] close(3)                    = 0
[pid  5164] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5164] memfd_create("syzkaller", 0) = 3
[pid  5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5164] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5164] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5164] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5164] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5164] close(3)                    = 0
[pid  5164] mkdir("./bus", 0777)        = 0
[   63.773266][ T5164] loop0: detected capacity change from 0 to 512
[   63.810281][ T5164] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[pid  5164] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5164] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5164] chdir("./bus")              = 0
[pid  5164] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5164] close(4)                    = 0
[pid  5164] mkdir("./bus", 0777)        = 0
[pid  5164] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5164] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   63.822855][ T5164] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/31/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5164] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5164] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5164] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5164] exit_group(0)               = ?
[pid  5164] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./31/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./31/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./31/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./31/bus")                       = 0
umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./31/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./31")                           = 0
mkdir("./32", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5167 attached
, child_tidptr=0x555555ea0750) = 5167
[   63.906281][ T5067] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid  5167] set_robust_list(0x555555ea0760, 24) = 0
[pid  5167] chdir("./32")               = 0
[pid  5167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5167] setpgid(0, 0)               = 0
[pid  5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5167] write(3, "1000", 4)         = 4
[pid  5167] close(3)                    = 0
[pid  5167] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5167] memfd_create("syzkaller", 0) = 3
[pid  5167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5167] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5167] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5167] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5167] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5167] close(3)                    = 0
[pid  5167] mkdir("./bus", 0777)        = 0
[pid  5167] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5167] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5167] chdir("./bus")              = 0
[pid  5167] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5167] close(4)                    = 0
[pid  5167] mkdir("./bus", 0777)        = 0
[   64.002934][ T5167] loop0: detected capacity change from 0 to 512
[   64.040735][ T5167] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5167] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5167] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5167] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5167] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5167] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5167] exit_group(0)               = ?
[pid  5167] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5167, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./32/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./32/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./32/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./32/bus")                       = 0
umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./32/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./32")                           = 0
mkdir("./33", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5170 attached
, child_tidptr=0x555555ea0750) = 5170
[pid  5170] set_robust_list(0x555555ea0760, 24) = 0
[pid  5170] chdir("./33")               = 0
[pid  5170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5170] setpgid(0, 0)               = 0
[pid  5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5170] write(3, "1000", 4)         = 4
[pid  5170] close(3)                    = 0
[pid  5170] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5170] memfd_create("syzkaller", 0) = 3
[pid  5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5170] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5170] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5170] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5170] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5170] close(3)                    = 0
[pid  5170] mkdir("./bus", 0777)        = 0
[pid  5170] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5170] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5170] chdir("./bus")              = 0
[pid  5170] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5170] close(4)                    = 0
[pid  5170] mkdir("./bus", 0777)        = 0
[pid  5170] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[   64.263540][ T5170] loop0: detected capacity change from 0 to 512
[   64.290350][ T5170] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/33/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5170] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5170] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5170] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5170] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5170] exit_group(0)               = ?
[pid  5170] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5170, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./33/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./33/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./33/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./33/bus")                       = 0
umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./33/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./33")                           = 0
mkdir("./34", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5173 attached
 <unfinished ...>
[pid  5173] set_robust_list(0x555555ea0760, 24) = 0
[pid  5173] chdir("./34")               = 0
[pid  5173] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5173
[pid  5173] setpgid(0, 0)               = 0
[pid  5173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5173] write(3, "1000", 4)         = 4
[pid  5173] close(3)                    = 0
[pid  5173] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5173] memfd_create("syzkaller", 0) = 3
[pid  5173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5173] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5173] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5173] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5173] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5173] close(3)                    = 0
[pid  5173] mkdir("./bus", 0777)        = 0
[pid  5173] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5173] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5173] chdir("./bus")              = 0
[pid  5173] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5173] close(4)                    = 0
[pid  5173] mkdir("./bus", 0777)        = 0
[   64.516833][ T5173] loop0: detected capacity change from 0 to 512
[   64.549872][ T5173] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/34/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5173] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5173] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5173] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5173] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5173] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5173] exit_group(0)               = ?
[pid  5173] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5173, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./34/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./34/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./34/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./34/bus")                       = 0
umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./34/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./34")                           = 0
mkdir("./35", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5176 attached
, child_tidptr=0x555555ea0750) = 5176
[pid  5176] set_robust_list(0x555555ea0760, 24) = 0
[pid  5176] chdir("./35")               = 0
[pid  5176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5176] setpgid(0, 0)               = 0
[pid  5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5176] write(3, "1000", 4)         = 4
[pid  5176] close(3)                    = 0
[pid  5176] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5176] memfd_create("syzkaller", 0) = 3
[pid  5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5176] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5176] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5176] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5176] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5176] close(3)                    = 0
[pid  5176] mkdir("./bus", 0777)        = 0
[pid  5176] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5176] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5176] chdir("./bus")              = 0
[   64.744585][ T5176] loop0: detected capacity change from 0 to 512
[   64.780532][ T5176] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/35/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5176] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5176] close(4)                    = 0
[pid  5176] mkdir("./bus", 0777)        = 0
[pid  5176] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5176] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5176] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5176] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5176] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5176] exit_group(0)               = ?
[pid  5176] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./35/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./35/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./35/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./35/bus")                       = 0
umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./35/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./35")                           = 0
mkdir("./36", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5179 attached
, child_tidptr=0x555555ea0750) = 5179
[pid  5179] set_robust_list(0x555555ea0760, 24) = 0
[pid  5179] chdir("./36")               = 0
[pid  5179] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5179] setpgid(0, 0)               = 0
[pid  5179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5179] write(3, "1000", 4)         = 4
[pid  5179] close(3)                    = 0
[pid  5179] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5179] memfd_create("syzkaller", 0) = 3
[pid  5179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5179] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5179] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5179] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5179] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5179] close(3)                    = 0
[pid  5179] mkdir("./bus", 0777)        = 0
[pid  5179] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5179] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5179] chdir("./bus")              = 0
[pid  5179] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5179] close(4)                    = 0
[   64.973951][ T5179] loop0: detected capacity change from 0 to 512
[   65.010477][ T5179] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/36/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5179] mkdir("./bus", 0777)        = 0
[pid  5179] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5179] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5179] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5179] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5179] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5179] exit_group(0)               = ?
[pid  5179] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5179, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./36/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./36/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./36/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./36/bus")                       = 0
umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./36/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./36")                           = 0
mkdir("./37", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5182 attached
 <unfinished ...>
[pid  5182] set_robust_list(0x555555ea0760, 24) = 0
[pid  5182] chdir("./37" <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5182
[pid  5182] <... chdir resumed>)        = 0
[pid  5182] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5182] setpgid(0, 0)               = 0
[pid  5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5182] write(3, "1000", 4)         = 4
[pid  5182] close(3)                    = 0
[pid  5182] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5182] memfd_create("syzkaller", 0) = 3
[pid  5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5182] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5182] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5182] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5182] close(3)                    = 0
[pid  5182] mkdir("./bus", 0777)        = 0
[pid  5182] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5182] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5182] chdir("./bus")              = 0
[pid  5182] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5182] close(4)                    = 0
[pid  5182] mkdir("./bus", 0777)        = 0
[pid  5182] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5182] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   65.230942][ T5182] loop0: detected capacity change from 0 to 512
[   65.260085][ T5182] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/37/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5182] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5182] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5182] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5182] exit_group(0)               = ?
[pid  5182] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5182, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./37/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./37/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./37/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./37/bus")                       = 0
umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./37/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./37")                           = 0
mkdir("./38", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5185 attached
, child_tidptr=0x555555ea0750) = 5185
[pid  5185] set_robust_list(0x555555ea0760, 24) = 0
[pid  5185] chdir("./38")               = 0
[pid  5185] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5185] setpgid(0, 0)               = 0
[pid  5185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5185] write(3, "1000", 4)         = 4
[pid  5185] close(3)                    = 0
[pid  5185] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5185] memfd_create("syzkaller", 0) = 3
[pid  5185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5185] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5185] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5185] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5185] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5185] close(3)                    = 0
[pid  5185] mkdir("./bus", 0777)        = 0
[pid  5185] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5185] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[   65.452463][ T5185] loop0: detected capacity change from 0 to 512
[   65.480575][ T5185] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/38/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5185] chdir("./bus")              = 0
[pid  5185] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5185] close(4)                    = 0
[pid  5185] mkdir("./bus", 0777)        = 0
[pid  5185] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5185] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5185] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5185] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5185] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5185] exit_group(0)               = ?
[pid  5185] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5185, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./38/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./38/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./38/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./38/bus")                       = 0
umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./38/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./38")                           = 0
mkdir("./39", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5188 attached
, child_tidptr=0x555555ea0750) = 5188
[pid  5188] set_robust_list(0x555555ea0760, 24) = 0
[pid  5188] chdir("./39")               = 0
[pid  5188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5188] setpgid(0, 0)               = 0
[pid  5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5188] write(3, "1000", 4)         = 4
[pid  5188] close(3)                    = 0
[pid  5188] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5188] memfd_create("syzkaller", 0) = 3
[pid  5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5188] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5188] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5188] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5188] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5188] close(3)                    = 0
[pid  5188] mkdir("./bus", 0777)        = 0
[pid  5188] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5188] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5188] chdir("./bus")              = 0
[pid  5188] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5188] close(4)                    = 0
[pid  5188] mkdir("./bus", 0777)        = 0
[pid  5188] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5188] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   65.655550][ T5188] loop0: detected capacity change from 0 to 512
[   65.680253][ T5188] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/39/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5188] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5188] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5188] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5188] exit_group(0)               = ?
[pid  5188] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5188, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./39/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./39/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./39/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./39/bus")                       = 0
umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./39/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./39")                           = 0
mkdir("./40", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5191 attached
, child_tidptr=0x555555ea0750) = 5191
[pid  5191] set_robust_list(0x555555ea0760, 24) = 0
[pid  5191] chdir("./40")               = 0
[pid  5191] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5191] setpgid(0, 0)               = 0
[pid  5191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5191] write(3, "1000", 4)         = 4
[pid  5191] close(3)                    = 0
[pid  5191] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5191] memfd_create("syzkaller", 0) = 3
[pid  5191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5191] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5191] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5191] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5191] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5191] close(3)                    = 0
[pid  5191] mkdir("./bus", 0777)        = 0
[pid  5191] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5191] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5191] chdir("./bus")              = 0
[pid  5191] ioctl(4, LOOP_CLR_FD)       = 0
[   65.888778][ T5191] loop0: detected capacity change from 0 to 512
[   65.920009][ T5191] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/40/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5191] close(4)                    = 0
[pid  5191] mkdir("./bus", 0777)        = 0
[pid  5191] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5191] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5191] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5191] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5191] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5191] exit_group(0)               = ?
[pid  5191] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5191, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./40/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./40/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./40/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./40/bus")                       = 0
umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./40/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./40")                           = 0
mkdir("./41", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5194 attached
, child_tidptr=0x555555ea0750) = 5194
[pid  5194] set_robust_list(0x555555ea0760, 24) = 0
[pid  5194] chdir("./41")               = 0
[pid  5194] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5194] setpgid(0, 0)               = 0
[pid  5194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5194] write(3, "1000", 4)         = 4
[pid  5194] close(3)                    = 0
[pid  5194] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5194] memfd_create("syzkaller", 0) = 3
[pid  5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5194] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5194] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5194] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5194] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5194] close(3)                    = 0
[pid  5194] mkdir("./bus", 0777)        = 0
[   66.115053][ T5194] loop0: detected capacity change from 0 to 512
[pid  5194] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5194] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5194] chdir("./bus")              = 0
[pid  5194] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5194] close(4)                    = 0
[   66.160278][ T5194] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5194] mkdir("./bus", 0777)        = 0
[pid  5194] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5194] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5194] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5194] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5194] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5194] exit_group(0)               = ?
[pid  5194] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5194, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./41/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./41/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./41/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./41/bus")                       = 0
umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./41/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./41")                           = 0
mkdir("./42", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5197 attached
, child_tidptr=0x555555ea0750) = 5197
[pid  5197] set_robust_list(0x555555ea0760, 24) = 0
[pid  5197] chdir("./42")               = 0
[pid  5197] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5197] setpgid(0, 0)               = 0
[pid  5197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5197] write(3, "1000", 4)         = 4
[pid  5197] close(3)                    = 0
[pid  5197] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5197] memfd_create("syzkaller", 0) = 3
[pid  5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5197] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5197] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5197] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5197] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5197] close(3)                    = 0
[pid  5197] mkdir("./bus", 0777)        = 0
[pid  5197] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5197] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5197] chdir("./bus")              = 0
[pid  5197] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5197] close(4)                    = 0
[pid  5197] mkdir("./bus", 0777)        = 0
[pid  5197] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5197] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5197] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5197] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5197] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5197] exit_group(0)               = ?
[   66.352162][ T5197] loop0: detected capacity change from 0 to 512
[   66.370056][ T5197] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/42/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5197] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5197, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./42/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./42/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./42/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./42/bus")                       = 0
umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./42/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./42")                           = 0
mkdir("./43", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5200 attached
, child_tidptr=0x555555ea0750) = 5200
[pid  5200] set_robust_list(0x555555ea0760, 24) = 0
[pid  5200] chdir("./43")               = 0
[pid  5200] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5200] setpgid(0, 0)               = 0
[pid  5200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5200] write(3, "1000", 4)         = 4
[pid  5200] close(3)                    = 0
[pid  5200] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5200] memfd_create("syzkaller", 0) = 3
[pid  5200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5200] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5200] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5200] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5200] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5200] close(3)                    = 0
[pid  5200] mkdir("./bus", 0777)        = 0
[pid  5200] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5200] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5200] chdir("./bus")              = 0
[pid  5200] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5200] close(4)                    = 0
[pid  5200] mkdir("./bus", 0777)        = 0
[pid  5200] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5200] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5200] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5200] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5200] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5200] exit_group(0)               = ?
[pid  5200] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5200, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
[   66.561061][ T5200] loop0: detected capacity change from 0 to 512
[   66.579941][ T5200] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/43/bus supports timestamps until 2038-01-19 (0x7fffffff)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./43/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./43/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./43/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./43/bus")                       = 0
umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./43/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./43")                           = 0
mkdir("./44", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5203 attached
, child_tidptr=0x555555ea0750) = 5203
[pid  5203] set_robust_list(0x555555ea0760, 24) = 0
[pid  5203] chdir("./44")               = 0
[pid  5203] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5203] setpgid(0, 0)               = 0
[pid  5203] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5203] write(3, "1000", 4)         = 4
[pid  5203] close(3)                    = 0
[pid  5203] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5203] memfd_create("syzkaller", 0) = 3
[pid  5203] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5203] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5203] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5203] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5203] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5203] close(3)                    = 0
[pid  5203] mkdir("./bus", 0777)        = 0
[pid  5203] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5203] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5203] chdir("./bus")              = 0
[pid  5203] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5203] close(4)                    = 0
[pid  5203] mkdir("./bus", 0777)        = 0
[pid  5203] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5203] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   66.764069][ T5203] loop0: detected capacity change from 0 to 512
[   66.790198][ T5203] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/44/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5203] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5203] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5203] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5203] exit_group(0)               = ?
[pid  5203] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5203, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./44/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./44/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./44/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./44/bus")                       = 0
umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./44/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./44")                           = 0
mkdir("./45", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5206 attached
, child_tidptr=0x555555ea0750) = 5206
[pid  5206] set_robust_list(0x555555ea0760, 24) = 0
[pid  5206] chdir("./45")               = 0
[pid  5206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5206] setpgid(0, 0)               = 0
[pid  5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5206] write(3, "1000", 4)         = 4
[pid  5206] close(3)                    = 0
[pid  5206] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5206] memfd_create("syzkaller", 0) = 3
[pid  5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5206] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5206] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5206] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5206] close(3)                    = 0
[pid  5206] mkdir("./bus", 0777)        = 0
[pid  5206] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5206] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5206] chdir("./bus")              = 0
[pid  5206] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5206] close(4)                    = 0
[pid  5206] mkdir("./bus", 0777)        = 0
[pid  5206] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5206] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   67.025616][ T5206] loop0: detected capacity change from 0 to 512
[   67.040169][ T5206] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/45/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5206] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5206] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5206] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5206] exit_group(0)               = ?
[pid  5206] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5206, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./45/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./45/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./45/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./45/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./45/bus")                       = 0
umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./45/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./45")                           = 0
mkdir("./46", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5209 attached
, child_tidptr=0x555555ea0750) = 5209
[pid  5209] set_robust_list(0x555555ea0760, 24) = 0
[pid  5209] chdir("./46")               = 0
[pid  5209] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5209] setpgid(0, 0)               = 0
[pid  5209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5209] write(3, "1000", 4)         = 4
[pid  5209] close(3)                    = 0
[pid  5209] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5209] memfd_create("syzkaller", 0) = 3
[pid  5209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5209] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5209] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5209] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5209] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5209] close(3)                    = 0
[pid  5209] mkdir("./bus", 0777)        = 0
[pid  5209] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5209] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5209] chdir("./bus")              = 0
[pid  5209] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5209] close(4)                    = 0
[pid  5209] mkdir("./bus", 0777)        = 0
[pid  5209] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5209] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   67.282872][ T5209] loop0: detected capacity change from 0 to 512
[   67.309898][ T5209] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/46/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5209] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5209] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5209] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5209] exit_group(0)               = ?
[pid  5209] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5209, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./46/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./46/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./46/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./46/bus")                       = 0
umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./46/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./46")                           = 0
mkdir("./47", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5212 attached
 <unfinished ...>
[pid  5212] set_robust_list(0x555555ea0760, 24 <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5212
[pid  5212] <... set_robust_list resumed>) = 0
[pid  5212] chdir("./47")               = 0
[pid  5212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5212] setpgid(0, 0)               = 0
[pid  5212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5212] write(3, "1000", 4)         = 4
[pid  5212] close(3)                    = 0
[pid  5212] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5212] memfd_create("syzkaller", 0) = 3
[pid  5212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5212] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5212] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5212] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5212] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5212] close(3)                    = 0
[pid  5212] mkdir("./bus", 0777)        = 0
[pid  5212] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5212] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5212] chdir("./bus")              = 0
[pid  5212] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5212] close(4)                    = 0
[pid  5212] mkdir("./bus", 0777)        = 0
[pid  5212] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5212] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   67.529704][ T5212] loop0: detected capacity change from 0 to 512
[   67.560223][ T5212] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/47/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5212] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5212] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5212] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5212] exit_group(0)               = ?
[pid  5212] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5212, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./47/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./47/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./47/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./47/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./47/bus")                       = 0
umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./47/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./47")                           = 0
mkdir("./48", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5215 attached
, child_tidptr=0x555555ea0750) = 5215
[pid  5215] set_robust_list(0x555555ea0760, 24) = 0
[pid  5215] chdir("./48")               = 0
[pid  5215] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5215] setpgid(0, 0)               = 0
[pid  5215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5215] write(3, "1000", 4)         = 4
[pid  5215] close(3)                    = 0
[pid  5215] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5215] memfd_create("syzkaller", 0) = 3
[pid  5215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5215] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5215] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5215] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5215] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5215] close(3)                    = 0
[pid  5215] mkdir("./bus", 0777)        = 0
[pid  5215] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5215] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5215] chdir("./bus")              = 0
[pid  5215] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5215] close(4)                    = 0
[pid  5215] mkdir("./bus", 0777)        = 0
[pid  5215] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5215] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   67.804699][ T5215] loop0: detected capacity change from 0 to 512
[   67.840494][ T5215] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/48/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5215] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5215] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5215] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5215] exit_group(0)               = ?
[pid  5215] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5215, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./48/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./48/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./48/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./48/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./48/bus")                       = 0
umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./48/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./48")                           = 0
mkdir("./49", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5218 attached
 <unfinished ...>
[pid  5218] set_robust_list(0x555555ea0760, 24) = 0
[pid  5218] chdir("./49")               = 0
[pid  5218] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5218
[pid  5218] <... prctl resumed>)        = 0
[pid  5218] setpgid(0, 0)               = 0
[pid  5218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5218] write(3, "1000", 4)         = 4
[pid  5218] close(3)                    = 0
[pid  5218] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5218] memfd_create("syzkaller", 0) = 3
[pid  5218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5218] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5218] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5218] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5218] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5218] close(3)                    = 0
[pid  5218] mkdir("./bus", 0777)        = 0
[pid  5218] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5218] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5218] chdir("./bus")              = 0
[pid  5218] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5218] close(4)                    = 0
[pid  5218] mkdir("./bus", 0777)        = 0
[pid  5218] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5218] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5218] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[   68.040374][ T5218] loop0: detected capacity change from 0 to 512
[   68.059951][ T5218] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5218] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5218] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5218] exit_group(0)               = ?
[pid  5218] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5218, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./49/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./49/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./49/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./49/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./49/bus")                       = 0
umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./49/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./49")                           = 0
mkdir("./50", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ea0750) = 5221
./strace-static-x86_64: Process 5221 attached
[pid  5221] set_robust_list(0x555555ea0760, 24) = 0
[pid  5221] chdir("./50")               = 0
[pid  5221] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5221] setpgid(0, 0)               = 0
[pid  5221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5221] write(3, "1000", 4)         = 4
[pid  5221] close(3)                    = 0
[pid  5221] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5221] memfd_create("syzkaller", 0) = 3
[pid  5221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5221] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5221] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5221] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5221] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5221] close(3)                    = 0
[pid  5221] mkdir("./bus", 0777)        = 0
[pid  5221] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5221] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5221] chdir("./bus")              = 0
[pid  5221] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5221] close(4)                    = 0
[pid  5221] mkdir("./bus", 0777)        = 0
[pid  5221] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5221] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[   68.328933][ T5221] loop0: detected capacity change from 0 to 512
[   68.350111][ T5221] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/50/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5221] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5221] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5221] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5221] exit_group(0)               = ?
[pid  5221] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5221, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./50/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./50/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./50/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./50/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./50/bus")                       = 0
umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./50/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./50")                           = 0
mkdir("./51", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5224 attached
, child_tidptr=0x555555ea0750) = 5224
[pid  5224] set_robust_list(0x555555ea0760, 24) = 0
[pid  5224] chdir("./51")               = 0
[pid  5224] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5224] setpgid(0, 0)               = 0
[pid  5224] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5224] write(3, "1000", 4)         = 4
[pid  5224] close(3)                    = 0
[pid  5224] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5224] memfd_create("syzkaller", 0) = 3
[pid  5224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5224] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5224] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5224] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5224] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5224] close(3)                    = 0
[pid  5224] mkdir("./bus", 0777)        = 0
[pid  5224] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5224] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5224] chdir("./bus")              = 0
[pid  5224] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5224] close(4)                    = 0
[pid  5224] mkdir("./bus", 0777)        = 0
[pid  5224] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[   68.558666][ T5224] loop0: detected capacity change from 0 to 512
[   68.590117][ T5224] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/51/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5224] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5224] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5224] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5224] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5224] exit_group(0)               = ?
[pid  5224] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5224, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./51/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./51/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./51/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./51/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./51/bus")                       = 0
umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./51/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./51")                           = 0
mkdir("./52", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5227 attached
 <unfinished ...>
[pid  5227] set_robust_list(0x555555ea0760, 24) = 0
[pid  5227] chdir("./52")               = 0
[pid  5227] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5227
[pid  5227] <... prctl resumed>)        = 0
[pid  5227] setpgid(0, 0)               = 0
[pid  5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5227] write(3, "1000", 4)         = 4
[pid  5227] close(3)                    = 0
[pid  5227] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5227] memfd_create("syzkaller", 0) = 3
[pid  5227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5227] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5227] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5227] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5227] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5227] close(3)                    = 0
[pid  5227] mkdir("./bus", 0777)        = 0
[pid  5227] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5227] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5227] chdir("./bus")              = 0
[pid  5227] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5227] close(4)                    = 0
[   68.775946][ T5227] loop0: detected capacity change from 0 to 512
[   68.809855][ T5227] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/52/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5227] mkdir("./bus", 0777)        = 0
[pid  5227] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5227] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5227] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5227] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5227] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5227] exit_group(0)               = ?
[pid  5227] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5227, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./52/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./52/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./52/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./52/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./52/bus")                       = 0
umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./52/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./52")                           = 0
mkdir("./53", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5230 attached
, child_tidptr=0x555555ea0750) = 5230
[pid  5230] set_robust_list(0x555555ea0760, 24) = 0
[pid  5230] chdir("./53")               = 0
[pid  5230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5230] setpgid(0, 0)               = 0
[pid  5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5230] write(3, "1000", 4)         = 4
[pid  5230] close(3)                    = 0
[pid  5230] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5230] memfd_create("syzkaller", 0) = 3
[pid  5230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5230] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5230] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5230] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5230] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5230] close(3)                    = 0
[pid  5230] mkdir("./bus", 0777)        = 0
[pid  5230] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5230] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5230] chdir("./bus")              = 0
[pid  5230] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5230] close(4)                    = 0
[pid  5230] mkdir("./bus", 0777)        = 0
[pid  5230] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5230] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5230] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5230] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5230] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5230] exit_group(0)               = ?
[pid  5230] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[   69.046287][ T5230] loop0: detected capacity change from 0 to 512
[   69.060177][ T5230] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/53/bus supports timestamps until 2038-01-19 (0x7fffffff)
umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./53/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./53/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./53/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./53/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./53/bus")                       = 0
umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./53/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./53")                           = 0
mkdir("./54", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ea0750) = 5233
./strace-static-x86_64: Process 5233 attached
[pid  5233] set_robust_list(0x555555ea0760, 24) = 0
[pid  5233] chdir("./54")               = 0
[pid  5233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5233] setpgid(0, 0)               = 0
[pid  5233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5233] write(3, "1000", 4)         = 4
[pid  5233] close(3)                    = 0
[pid  5233] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5233] memfd_create("syzkaller", 0) = 3
[pid  5233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5233] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5233] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5233] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5233] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5233] close(3)                    = 0
[pid  5233] mkdir("./bus", 0777)        = 0
[pid  5233] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5233] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5233] chdir("./bus")              = 0
[pid  5233] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5233] close(4)                    = 0
[pid  5233] mkdir("./bus", 0777)        = 0
[pid  5233] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[   69.271903][ T5233] loop0: detected capacity change from 0 to 512
[   69.299855][ T5233] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/54/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5233] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5233] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5233] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5233] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5233] exit_group(0)               = ?
[pid  5233] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5233, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./54/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./54/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./54/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./54/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./54/bus")                       = 0
umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./54/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./54")                           = 0
mkdir("./55", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5236 attached
 <unfinished ...>
[pid  5236] set_robust_list(0x555555ea0760, 24) = 0
[pid  5236] chdir("./55")               = 0
[pid  5236] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5236
[pid  5236] <... prctl resumed>)        = 0
[pid  5236] setpgid(0, 0)               = 0
[pid  5236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5236] write(3, "1000", 4)         = 4
[pid  5236] close(3)                    = 0
[pid  5236] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5236] memfd_create("syzkaller", 0) = 3
[pid  5236] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5236] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5236] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5236] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5236] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5236] close(3)                    = 0
[pid  5236] mkdir("./bus", 0777)        = 0
[pid  5236] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5236] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5236] chdir("./bus")              = 0
[pid  5236] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5236] close(4)                    = 0
[pid  5236] mkdir("./bus", 0777)        = 0
[pid  5236] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[   69.526371][ T5236] loop0: detected capacity change from 0 to 512
[   69.550075][ T5236] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/55/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5236] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5236] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5236] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5236] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5236] exit_group(0)               = ?
[pid  5236] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5236, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./55/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./55/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./55/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./55/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./55/bus")                       = 0
umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./55/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./55")                           = 0
mkdir("./56", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5239 attached
 <unfinished ...>
[pid  5239] set_robust_list(0x555555ea0760, 24) = 0
[pid  5239] chdir("./56")               = 0
[pid  5239] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5239
[pid  5239] setpgid(0, 0)               = 0
[pid  5239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5239] write(3, "1000", 4)         = 4
[pid  5239] close(3)                    = 0
[pid  5239] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5239] memfd_create("syzkaller", 0) = 3
[pid  5239] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5239] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5239] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5239] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5239] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5239] close(3)                    = 0
[pid  5239] mkdir("./bus", 0777)        = 0
[pid  5239] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5239] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5239] chdir("./bus")              = 0
[pid  5239] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5239] close(4)                    = 0
[pid  5239] mkdir("./bus", 0777)        = 0
[pid  5239] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5239] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5239] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5239] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[   69.762740][ T5239] loop0: detected capacity change from 0 to 512
[   69.800343][ T5239] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/56/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5239] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5239] exit_group(0)               = ?
[pid  5239] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5239, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./56/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./56/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./56/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./56/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./56/bus")                       = 0
umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./56/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./56")                           = 0
mkdir("./57", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5242 attached
 <unfinished ...>
[pid  5242] set_robust_list(0x555555ea0760, 24) = 0
[pid  5242] chdir("./57")               = 0
[pid  5242] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555555ea0750) = 5242
[pid  5242] <... prctl resumed>)        = 0
[pid  5242] setpgid(0, 0)               = 0
[pid  5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5242] write(3, "1000", 4)         = 4
[pid  5242] close(3)                    = 0
[pid  5242] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5242] memfd_create("syzkaller", 0) = 3
[pid  5242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5242] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5242] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5242] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5242] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5242] close(3)                    = 0
[pid  5242] mkdir("./bus", 0777)        = 0
[pid  5242] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5242] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5242] chdir("./bus")              = 0
[pid  5242] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5242] close(4)                    = 0
[pid  5242] mkdir("./bus", 0777)        = 0
[   70.023317][ T5242] loop0: detected capacity change from 0 to 512
[   70.050094][ T5242] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/57/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5242] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5242] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5242] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5242] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid  5242] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5242] exit_group(0)               = ?
[pid  5242] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5242, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./57/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./57/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./57/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./57/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./57/bus")                       = 0
umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./57/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./57")                           = 0
mkdir("./58", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5245 attached
, child_tidptr=0x555555ea0750) = 5245
[pid  5245] set_robust_list(0x555555ea0760, 24) = 0
[pid  5245] chdir("./58")               = 0
[pid  5245] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5245] setpgid(0, 0)               = 0
[pid  5245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5245] write(3, "1000", 4)         = 4
[pid  5245] close(3)                    = 0
[pid  5245] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5245] memfd_create("syzkaller", 0) = 3
[pid  5245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5245] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5245] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5245] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5245] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5245] close(3)                    = 0
[pid  5245] mkdir("./bus", 0777)        = 0
[pid  5245] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5245] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5245] chdir("./bus")              = 0
[pid  5245] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5245] close(4)                    = 0
[pid  5245] mkdir("./bus", 0777)        = 0
[pid  5245] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5245] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5245] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5245] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[   70.273750][ T5245] loop0: detected capacity change from 0 to 512
[   70.309954][ T5245] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/58/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5245] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0
[pid  5245] exit_group(0)               = ?
[pid  5245] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5245, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555555ea17f0 /* 4 entries */, 32768) = 104
umount2("./58/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./58/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./58/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./58/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555555ea9830 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555ea9830 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./58/bus")                       = 0
umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./58/binderfs")                 = 0
getdents64(3, 0x555555ea17f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./58")                           = 0
mkdir("./59", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5248 attached
, child_tidptr=0x555555ea0750) = 5248
[pid  5248] set_robust_list(0x555555ea0760, 24) = 0
[pid  5248] chdir("./59")               = 0
[pid  5248] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5248] setpgid(0, 0)               = 0
[pid  5248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5248] write(3, "1000", 4)         = 4
[pid  5248] close(3)                    = 0
[pid  5248] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5248] memfd_create("syzkaller", 0) = 3
[pid  5248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f580bdb0000
[pid  5248] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid  5248] munmap(0x7f580bdb0000, 138412032) = 0
[pid  5248] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5248] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5248] close(3)                    = 0
[pid  5248] mkdir("./bus", 0777)        = 0
[pid  5248] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0
[pid  5248] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5248] chdir("./bus")              = 0
[pid  5248] ioctl(4, LOOP_CLR_FD)       = 0
[   70.527554][ T5248] loop0: detected capacity change from 0 to 512
[   70.549884][ T5248] ext4 filesystem being mounted at /root/syzkaller.5UTRiu/59/bus supports timestamps until 2038-01-19 (0x7fffffff)
[pid  5248] close(4)                    = 0
[pid  5248] mkdir("./bus", 0777)        = 0
[pid  5248] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5248] mkdirat(AT_FDCWD, "./bus/file0", 000) = 0
[pid  5248] setxattr("./bus/file0", "security.apparmor", "\x6f\x76\x65\x72\x6c\x61\x79\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x61\x70\x70\x61\x72\x6d\x6f\x72\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 58375, 0) = 0
[pid  5248] openat(AT_FDCWD, "cgroup.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[   70.631502][ T5248] ------------[ cut here ]------------
[   70.636973][ T5248] Looking for class "&ei->i_data_sem" with key __key.0, but found a different class "&ei->i_data_sem" with the same key
[   70.649604][ T5248] WARNING: CPU: 1 PID: 5248 at kernel/locking/lockdep.c:932 look_up_lock_class+0x127/0x130
[   70.659564][ T5248] Modules linked in:
[   70.663433][ T5248] CPU: 1 PID: 5248 Comm: syz-executor156 Not tainted 6.7.0-rc6-syzkaller-00303-g3f82f1c3a036 #0
[   70.673818][ T5248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   70.683849][ T5248] RIP: 0010:look_up_lock_class+0x127/0x130
[   70.689634][ T5248] Code: c7 c7 a0 ad cc 8a e8 88 d5 cd f6 90 0f 0b 90 90 90 31 db eb c2 c6 05 25 76 83 04 01 90 48 c7 c7 c0 b0 cc 8a e8 6a d5 cd f6 90 <0f> 0b 90 90 e9 6a ff ff ff 53 48 39 77 10 48 89 fb 74 51 66 83 7f
[   70.709217][ T5248] RSP: 0018:ffffc900045078d0 EFLAGS: 00010082
[   70.715266][ T5248] RAX: 0000000000000000 RBX: ffffffff91f6ec90 RCX: ffffffff814db519
[   70.723215][ T5248] RDX: ffff888025440000 RSI: ffffffff814db526 RDI: 0000000000000001
[   70.731170][ T5248] RBP: ffffffff928d22a1 R08: 0000000000000001 R09: 0000000000000000
[   70.739119][ T5248] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888075e83488
[   70.747092][ T5248] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff9280a5e0
[   70.755042][ T5248] FS:  0000555555ea0480(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   70.763969][ T5248] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   70.770705][ T5248] CR2: 00007f58142670f8 CR3: 000000007b7ff000 CR4: 0000000000350ef0
[   70.778656][ T5248] Call Trace:
[   70.781921][ T5248]  <TASK>
[   70.784830][ T5248]  ? show_regs+0x8f/0xa0
[   70.789055][ T5248]  ? __warn+0xe6/0x390
[   70.793113][ T5248]  ? __wake_up_klogd.part.0+0x99/0xf0
[   70.798500][ T5248]  ? look_up_lock_class+0x127/0x130
[   70.803671][ T5248]  ? report_bug+0x3bc/0x580
[   70.808154][ T5248]  ? handle_bug+0x3d/0x70
[   70.812461][ T5248]  ? exc_invalid_op+0x17/0x40
[   70.817118][ T5248]  ? asm_exc_invalid_op+0x1a/0x20
[   70.822118][ T5248]  ? __warn_printk+0x199/0x350
[   70.826863][ T5248]  ? __warn_printk+0x1a6/0x350
[   70.831609][ T5248]  ? look_up_lock_class+0x127/0x130
[   70.836780][ T5248]  ? print_usage_bug.part.0+0x550/0x550
[   70.842306][ T5248]  register_lock_class+0xb1/0x1220
[   70.847399][ T5248]  ? register_lock_class+0xb1/0x1220
[   70.852662][ T5248]  ? print_usage_bug.part.0+0x550/0x550
[   70.858188][ T5248]  ? register_lock_class+0xb1/0x1220
[   70.863453][ T5248]  ? is_dynamic_key+0x200/0x200
[   70.868304][ T5248]  ? is_dynamic_key+0x200/0x200
[   70.873142][ T5248]  ? is_dynamic_key+0x200/0x200
[   70.877978][ T5248]  ? is_dynamic_key+0x200/0x200
[   70.882813][ T5248]  __lock_acquire+0x112/0x3b20
[   70.887564][ T5248]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[   70.893523][ T5248]  ? __down_write_common+0x17a/0x1400
[   70.898874][ T5248]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[   70.904856][ T5248]  lock_acquire+0x1ae/0x520
[   70.909378][ T5248]  ? ext4_double_down_write_data_sem+0x42/0x80
[   70.915541][ T5248]  ? lock_sync+0x190/0x190
[   70.919947][ T5248]  ? preempt_count_sub+0x160/0x160
[   70.925039][ T5248]  ? preempt_count_sub+0x160/0x160
[   70.930143][ T5248]  down_write_nested+0x3d/0x50
[   70.934913][ T5248]  ? ext4_double_down_write_data_sem+0x42/0x80
[   70.941086][ T5248]  ext4_double_down_write_data_sem+0x42/0x80
[   70.947067][ T5248]  __ext4_ioctl+0x163e/0x4570
[   70.951748][ T5248]  ? tomoyo_execute_permission+0x4a0/0x4a0
[   70.957543][ T5248]  ? ext4_force_shutdown+0x5d0/0x5d0
[   70.962817][ T5248]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   70.968691][ T5248]  ? do_vfs_ioctl+0x379/0x1920
[   70.973444][ T5248]  ? vfs_fileattr_set+0xbf0/0xbf0
[   70.978461][ T5248]  ? ptrace_notify+0xf4/0x130
[   70.983123][ T5248]  ? bpf_lsm_file_ioctl+0x9/0x10
[   70.988041][ T5248]  ? ext4_fileattr_set+0x17a0/0x17a0
[   70.993311][ T5248]  __x64_sys_ioctl+0x18f/0x210
[   70.998061][ T5248]  do_syscall_64+0x40/0x110
[   71.002546][ T5248]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   71.008420][ T5248] RIP: 0033:0x7f58141ef869
[   71.012811][ T5248] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   71.032400][ T5248] RSP: 002b:00007fffc7fb2cf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   71.040794][ T5248] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f58141ef869
[   71.048750][ T5248] RDX: 0000000000000000 RSI: 0000000000006611 RDI: 0000000000000004
[   71.056699][ T5248] RBP: 0000000000000000 R08: 00007fffc7fb2d2c R09: 00007fffc7fb2d2c
[   71.064650][ T5248] R10: 00007fffc7fb2d2c R11: 0000000000000246 R12: 00007fffc7fb2d2c
[   71.072598][ T5248] R13: 000000000000003b R14: 431bde82d7b634db R15: 00007fffc7fb2d60
[   71.080555][ T5248]  </TASK>
[   71.083553][ T5248] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   71.090806][ T5248] CPU: 1 PID: 5248 Comm: syz-executor156 Not tainted 6.7.0-rc6-syzkaller-00303-g3f82f1c3a036 #0
[   71.101194][ T5248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   71.111228][ T5248] Call Trace:
[   71.114485][ T5248]  <TASK>
[   71.117395][ T5248]  dump_stack_lvl+0xd9/0x1b0
[   71.121974][ T5248]  panic+0x6dc/0x790
[   71.125853][ T5248]  ? panic_smp_self_stop+0xa0/0xa0
[   71.130947][ T5248]  ? show_trace_log_lvl+0x363/0x4f0
[   71.136132][ T5248]  ? check_panic_on_warn+0x1f/0xb0
[   71.141226][ T5248]  ? look_up_lock_class+0x127/0x130
[   71.146407][ T5248]  check_panic_on_warn+0xab/0xb0
[   71.151330][ T5248]  __warn+0xf2/0x390
[   71.155208][ T5248]  ? __wake_up_klogd.part.0+0x99/0xf0
[   71.160563][ T5248]  ? look_up_lock_class+0x127/0x130
[   71.165760][ T5248]  report_bug+0x3bc/0x580
[   71.170075][ T5248]  handle_bug+0x3d/0x70
[   71.174210][ T5248]  exc_invalid_op+0x17/0x40
[   71.178695][ T5248]  asm_exc_invalid_op+0x1a/0x20
[   71.183525][ T5248] RIP: 0010:look_up_lock_class+0x127/0x130
[   71.189313][ T5248] Code: c7 c7 a0 ad cc 8a e8 88 d5 cd f6 90 0f 0b 90 90 90 31 db eb c2 c6 05 25 76 83 04 01 90 48 c7 c7 c0 b0 cc 8a e8 6a d5 cd f6 90 <0f> 0b 90 90 e9 6a ff ff ff 53 48 39 77 10 48 89 fb 74 51 66 83 7f
[   71.208929][ T5248] RSP: 0018:ffffc900045078d0 EFLAGS: 00010082
[   71.214979][ T5248] RAX: 0000000000000000 RBX: ffffffff91f6ec90 RCX: ffffffff814db519
[   71.222933][ T5248] RDX: ffff888025440000 RSI: ffffffff814db526 RDI: 0000000000000001
[   71.230886][ T5248] RBP: ffffffff928d22a1 R08: 0000000000000001 R09: 0000000000000000
[   71.238837][ T5248] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888075e83488
[   71.246788][ T5248] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff9280a5e0
[   71.254745][ T5248]  ? __warn_printk+0x199/0x350
[   71.259496][ T5248]  ? __warn_printk+0x1a6/0x350
[   71.264269][ T5248]  ? print_usage_bug.part.0+0x550/0x550
[   71.269801][ T5248]  register_lock_class+0xb1/0x1220
[   71.274901][ T5248]  ? register_lock_class+0xb1/0x1220
[   71.280170][ T5248]  ? print_usage_bug.part.0+0x550/0x550
[   71.285703][ T5248]  ? register_lock_class+0xb1/0x1220
[   71.290973][ T5248]  ? is_dynamic_key+0x200/0x200
[   71.295808][ T5248]  ? is_dynamic_key+0x200/0x200
[   71.300642][ T5248]  ? is_dynamic_key+0x200/0x200
[   71.305478][ T5248]  ? is_dynamic_key+0x200/0x200
[   71.310313][ T5248]  __lock_acquire+0x112/0x3b20
[   71.315125][ T5248]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[   71.321158][ T5248]  ? __down_write_common+0x17a/0x1400
[   71.326511][ T5248]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[   71.332474][ T5248]  lock_acquire+0x1ae/0x520
[   71.336961][ T5248]  ? ext4_double_down_write_data_sem+0x42/0x80
[   71.343107][ T5248]  ? lock_sync+0x190/0x190
[   71.347512][ T5248]  ? preempt_count_sub+0x160/0x160
[   71.352603][ T5248]  ? preempt_count_sub+0x160/0x160
[   71.357695][ T5248]  down_write_nested+0x3d/0x50
[   71.362450][ T5248]  ? ext4_double_down_write_data_sem+0x42/0x80
[   71.368602][ T5248]  ext4_double_down_write_data_sem+0x42/0x80
[   71.374570][ T5248]  __ext4_ioctl+0x163e/0x4570
[   71.379232][ T5248]  ? tomoyo_execute_permission+0x4a0/0x4a0
[   71.385024][ T5248]  ? ext4_force_shutdown+0x5d0/0x5d0
[   71.390316][ T5248]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   71.396194][ T5248]  ? do_vfs_ioctl+0x379/0x1920
[   71.400947][ T5248]  ? vfs_fileattr_set+0xbf0/0xbf0
[   71.405956][ T5248]  ? ptrace_notify+0xf4/0x130
[   71.410617][ T5248]  ? bpf_lsm_file_ioctl+0x9/0x10
[   71.415533][ T5248]  ? ext4_fileattr_set+0x17a0/0x17a0
[   71.420809][ T5248]  __x64_sys_ioctl+0x18f/0x210
[   71.425590][ T5248]  do_syscall_64+0x40/0x110
[   71.430084][ T5248]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   71.435963][ T5248] RIP: 0033:0x7f58141ef869
[   71.440358][ T5248] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   71.459949][ T5248] RSP: 002b:00007fffc7fb2cf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   71.468353][ T5248] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f58141ef869
[   71.476322][ T5248] RDX: 0000000000000000 RSI: 0000000000006611 RDI: 0000000000000004
[   71.484274][ T5248] RBP: 0000000000000000 R08: 00007fffc7fb2d2c R09: 00007fffc7fb2d2c
[   71.492227][ T5248] R10: 00007fffc7fb2d2c R11: 0000000000000246 R12: 00007fffc7fb2d2c
[   71.500177][ T5248] R13: 000000000000003b R14: 431bde82d7b634db R15: 00007fffc7fb2d60
[   71.508136][ T5248]  </TASK>
[   71.511403][ T5248] Kernel Offset: disabled
[   71.515706][ T5248] Rebooting in 86400 seconds..