./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2090941481
<...>
Warning: Permanently added '10.128.1.133' (ED25519) to the list of known hosts.
execve("./syz-executor2090941481", ["./syz-executor2090941481"], 0x7fff316b9340 /* 10 vars */) = 0
brk(NULL) = 0x555580e9b000
brk(0x555580e9bd00) = 0x555580e9bd00
arch_prctl(ARCH_SET_FS, 0x555580e9b380) = 0
set_tid_address(0x555580e9b650) = 357
set_robust_list(0x555580e9b660, 24) = 0
rseq(0x555580e9bca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2090941481", 4096) = 28
getrandom("\x72\x86\x51\xcb\x80\x74\x0b\xcd", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555580e9bd00
brk(0x555580ebcd00) = 0x555580ebcd00
brk(0x555580ebd000) = 0x555580ebd000
mprotect(0x7f946f11f000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
mkdir("./syzkaller.P9Fxb0", 0700) = 0
chmod("./syzkaller.P9Fxb0", 0777) = 0
chdir("./syzkaller.P9Fxb0") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 359
./strace-static-x86_64: Process 359 attached
[pid 359] set_robust_list(0x555580e9b660, 24) = 0
[pid 359] chdir("./0") = 0
[pid 359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 359] setpgid(0, 0) = 0
[ 24.148854][ T23] audit: type=1400 audit(1745508810.310:66): avc: denied { execmem } for pid=357 comm="syz-executor209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 24.172971][ T23] audit: type=1400 audit(1745508810.340:67): avc: denied { read write } for pid=357 comm="syz-executor209" name="loop0" dev="devtmpfs" ino=128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid 359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 359] write(3, "1000", 4) = 4
[pid 359] close(3) = 0
[pid 359] symlink("/dev/binderfs", "./binderfs") = 0
[pid 359] write(1, "executing program\n", 18executing program
) = 18
[pid 359] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 359] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 359] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 359] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 359] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 359] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 359] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 359] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 359] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 359] memfd_create("syzkaller", 0) = 5
[pid 359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 359] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[ 24.197936][ T23] audit: type=1400 audit(1745508810.340:68): avc: denied { open } for pid=357 comm="syz-executor209" path="/dev/loop0" dev="devtmpfs" ino=128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 24.222299][ T23] audit: type=1400 audit(1745508810.350:69): avc: denied { ioctl } for pid=357 comm="syz-executor209" path="/dev/loop0" dev="devtmpfs" ino=128 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid 359] munmap(0x7f9466c6c000, 138412032) = 0
[pid 359] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[ 24.248275][ T23] audit: type=1400 audit(1745508810.370:70): avc: denied { read write } for pid=359 comm="syz-executor209" name="vhost-vsock" dev="devtmpfs" ino=316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 24.272440][ T23] audit: type=1400 audit(1745508810.370:71): avc: denied { open } for pid=359 comm="syz-executor209" path="/dev/vhost-vsock" dev="devtmpfs" ino=316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[pid 359] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 359] close(5) = 0
[pid 359] close(6) = 0
[pid 359] mkdir("./file0", 0777) = 0
[ 24.296481][ T23] audit: type=1400 audit(1745508810.370:72): avc: denied { ioctl } for pid=359 comm="syz-executor209" path="/dev/vhost-vsock" dev="devtmpfs" ino=316 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[pid 359] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 359] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 359] chdir("./file0") = 0
[ 24.330169][ T23] audit: type=1400 audit(1745508810.500:73): avc: denied { mounton } for pid=359 comm="syz-executor209" path="/root/syzkaller.P9Fxb0/0/file0" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 24.360971][ T359] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 359] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 359] ioctl(6, LOOP_CLR_FD) = 0
[pid 359] close(6) = 0
[pid 359] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 359] write(6, "#! ./file1\n", 11) = 11
[pid 359] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 359] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 359] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=359, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs") = 0
[ 24.382021][ T23] audit: type=1400 audit(1745508810.550:74): avc: denied { mount } for pid=359 comm="syz-executor209" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 24.410953][ T359] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
[ 24.410971][ T23] audit: type=1400 audit(1745508810.570:75): avc: denied { write } for pid=359 comm="syz-executor209" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 365
./strace-static-x86_64: Process 365 attached
[pid 365] set_robust_list(0x555580e9b660, 24) = 0
[pid 365] chdir("./1") = 0
[pid 365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 365] setpgid(0, 0) = 0
[pid 365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 365] write(3, "1000", 4) = 4
[pid 365] close(3) = 0
[pid 365] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 365] write(1, "executing program\n", 18) = 18
[pid 365] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 365] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 365] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 365] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 365] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 365] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 365] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 365] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 365] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 365] memfd_create("syzkaller", 0) = 5
[pid 365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 365] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 365] munmap(0x7f9466c6c000, 138412032) = 0
[pid 365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 365] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 365] close(5) = 0
[pid 365] close(6) = 0
[pid 365] mkdir("./file0", 0777) = 0
[pid 365] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 365] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 365] chdir("./file0") = 0
[pid 365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 365] ioctl(6, LOOP_CLR_FD) = 0
[pid 365] close(6) = 0
[pid 365] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 365] write(6, "#! ./file1\n", 11) = 11
[pid 365] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 365] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[ 24.570143][ T365] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 24.600818][ T366] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-365: bg 0: block 234: padding at end of block bitmap is not set
[pid 365] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=365, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs") = 0
[ 24.616009][ T366] vhost-365 (366) used greatest stack depth: 21968 bytes left
umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 370
./strace-static-x86_64: Process 370 attached
[pid 370] set_robust_list(0x555580e9b660, 24) = 0
[pid 370] chdir("./2") = 0
[pid 370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 370] setpgid(0, 0) = 0
[pid 370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 370] write(3, "1000", 4) = 4
[pid 370] close(3) = 0
[pid 370] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 370] write(1, "executing program\n", 18) = 18
[pid 370] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 370] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 370] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 370] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 370] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 370] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 370] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 370] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 370] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 370] memfd_create("syzkaller", 0) = 5
[pid 370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 370] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 370] munmap(0x7f9466c6c000, 138412032) = 0
[pid 370] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 370] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 370] close(5) = 0
[pid 370] close(6) = 0
[pid 370] mkdir("./file0", 0777) = 0
[pid 370] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 370] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 370] chdir("./file0") = 0
[pid 370] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 370] ioctl(6, LOOP_CLR_FD) = 0
[pid 370] close(6) = 0
[pid 370] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 370] write(6, "#! ./file1\n", 11) = 11
[pid 370] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 24.800074][ T370] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 370] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 370] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=370, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs") = 0
[ 24.841193][ T371] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-370: bg 0: block 234: padding at end of block bitmap is not set
umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 375
./strace-static-x86_64: Process 375 attached
[pid 375] set_robust_list(0x555580e9b660, 24) = 0
[pid 375] chdir("./3") = 0
[pid 375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 375] setpgid(0, 0) = 0
[pid 375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 375] write(3, "1000", 4) = 4
[pid 375] close(3) = 0
[pid 375] symlink("/dev/binderfs", "./binderfs") = 0
[pid 375] write(1, "executing program\n", 18executing program
) = 18
[pid 375] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 375] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 375] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 375] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 375] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 375] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 375] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 375] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 375] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 375] memfd_create("syzkaller", 0) = 5
[pid 375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 375] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 375] munmap(0x7f9466c6c000, 138412032) = 0
[pid 375] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 375] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 375] close(5) = 0
[pid 375] close(6) = 0
[pid 375] mkdir("./file0", 0777) = 0
[pid 375] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 375] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 375] chdir("./file0") = 0
[pid 375] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 375] ioctl(6, LOOP_CLR_FD) = 0
[pid 375] close(6) = 0
[pid 375] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 375] write(6, "#! ./file1\n", 11) = 11
[pid 375] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 375] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 375] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=375, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs") = 0
[ 25.000157][ T375] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 25.031556][ T376] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-375: bg 0: block 234: padding at end of block bitmap is not set
umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 380
./strace-static-x86_64: Process 380 attached
[pid 380] set_robust_list(0x555580e9b660, 24) = 0
[pid 380] chdir("./4") = 0
[pid 380] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 380] setpgid(0, 0) = 0
[pid 380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 380] write(3, "1000", 4) = 4
[pid 380] close(3) = 0
[pid 380] symlink("/dev/binderfs", "./binderfs") = 0
[pid 380] write(1, "executing program\n", 18executing program
) = 18
[pid 380] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 380] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 380] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 380] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 380] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 380] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 380] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 380] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 380] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 380] memfd_create("syzkaller", 0) = 5
[pid 380] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 380] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 380] munmap(0x7f9466c6c000, 138412032) = 0
[pid 380] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 380] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 380] close(5) = 0
[pid 380] close(6) = 0
[pid 380] mkdir("./file0", 0777) = 0
[pid 380] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 380] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 380] chdir("./file0") = 0
[pid 380] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 380] ioctl(6, LOOP_CLR_FD) = 0
[pid 380] close(6) = 0
[pid 380] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 380] write(6, "#! ./file1\n", 11) = 11
[pid 380] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 380] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 380] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=380, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs") = 0
[ 25.170120][ T380] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 25.198412][ T380] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 386
./strace-static-x86_64: Process 386 attached
[pid 386] set_robust_list(0x555580e9b660, 24) = 0
[pid 386] chdir("./5") = 0
[pid 386] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 386] setpgid(0, 0) = 0
[pid 386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 386] write(3, "1000", 4) = 4
[pid 386] close(3) = 0
[pid 386] symlink("/dev/binderfs", "./binderfs") = 0
[pid 386] write(1, "executing program\n", 18executing program
) = 18
[pid 386] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 386] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 386] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 386] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 386] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 386] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 386] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 386] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 386] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 386] memfd_create("syzkaller", 0) = 5
[pid 386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 386] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 386] munmap(0x7f9466c6c000, 138412032) = 0
[pid 386] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 386] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 386] close(5) = 0
[pid 386] close(6) = 0
[pid 386] mkdir("./file0", 0777) = 0
[pid 386] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 386] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 386] chdir("./file0") = 0
[pid 386] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 386] ioctl(6, LOOP_CLR_FD) = 0
[pid 386] close(6) = 0
[pid 386] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 386] write(6, "#! ./file1\n", 11) = 11
[pid 386] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 386] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[ 25.336480][ T386] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 25.367257][ T387] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-386: bg 0: block 234: padding at end of block bitmap is not set
[pid 386] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=386, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./5/binderfs") = 0
[ 25.382587][ T387] vhost-386 (387) used greatest stack depth: 21576 bytes left
umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 391
./strace-static-x86_64: Process 391 attached
[pid 391] set_robust_list(0x555580e9b660, 24) = 0
[pid 391] chdir("./6") = 0
[pid 391] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 391] setpgid(0, 0) = 0
[pid 391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 391] write(3, "1000", 4) = 4
[pid 391] close(3) = 0
[pid 391] symlink("/dev/binderfs", "./binderfs") = 0
[pid 391] write(1, "executing program\n", 18executing program
) = 18
[pid 391] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 391] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 391] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 391] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 391] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 391] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 391] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 391] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 391] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 391] memfd_create("syzkaller", 0) = 5
[pid 391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 391] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 391] munmap(0x7f9466c6c000, 138412032) = 0
[pid 391] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 391] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 391] close(5) = 0
[pid 391] close(6) = 0
[pid 391] mkdir("./file0", 0777) = 0
[pid 391] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 391] chdir("./file0") = 0
[pid 391] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 391] ioctl(6, LOOP_CLR_FD) = 0
[pid 391] close(6) = 0
[pid 391] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 391] write(6, "#! ./file1\n", 11) = 11
[pid 391] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 391] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 391] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=391, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./6/binderfs") = 0
[ 25.540193][ T391] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 25.569701][ T392] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-391: bg 0: block 234: padding at end of block bitmap is not set
umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 396
./strace-static-x86_64: Process 396 attached
[pid 396] set_robust_list(0x555580e9b660, 24) = 0
[pid 396] chdir("./7") = 0
[pid 396] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 396] setpgid(0, 0) = 0
[pid 396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 396] write(3, "1000", 4) = 4
[pid 396] close(3) = 0
[pid 396] symlink("/dev/binderfs", "./binderfs") = 0
[pid 396] write(1, "executing program\n", 18executing program
) = 18
[pid 396] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 396] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 396] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 396] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 396] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 396] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 396] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 396] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 396] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 396] memfd_create("syzkaller", 0) = 5
[pid 396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 396] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 396] munmap(0x7f9466c6c000, 138412032) = 0
[pid 396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 396] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 396] close(5) = 0
[pid 396] close(6) = 0
[pid 396] mkdir("./file0", 0777) = 0
[pid 396] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 396] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 396] chdir("./file0") = 0
[pid 396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 396] ioctl(6, LOOP_CLR_FD) = 0
[pid 396] close(6) = 0
[pid 396] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 396] write(6, "#! ./file1\n", 11) = 11
[pid 396] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 396] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 396] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=396, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./7/binderfs") = 0
[ 25.667988][ T396] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 25.696995][ T397] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-396: bg 0: block 234: padding at end of block bitmap is not set
umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 401
./strace-static-x86_64: Process 401 attached
[pid 401] set_robust_list(0x555580e9b660, 24) = 0
[pid 401] chdir("./8") = 0
[pid 401] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 401] setpgid(0, 0) = 0
[pid 401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 401] write(3, "1000", 4) = 4
[pid 401] close(3) = 0
[pid 401] symlink("/dev/binderfs", "./binderfs") = 0
[pid 401] write(1, "executing program\n", 18executing program
) = 18
[pid 401] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 401] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 401] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 401] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 401] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 401] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 401] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 401] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 401] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 401] memfd_create("syzkaller", 0) = 5
[pid 401] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 401] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 401] munmap(0x7f9466c6c000, 138412032) = 0
[pid 401] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 401] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 401] close(5) = 0
[pid 401] close(6) = 0
[pid 401] mkdir("./file0", 0777) = 0
[pid 401] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 401] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 401] chdir("./file0") = 0
[pid 401] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 401] ioctl(6, LOOP_CLR_FD) = 0
[pid 401] close(6) = 0
[pid 401] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 401] write(6, "#! ./file1\n", 11) = 11
[pid 401] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 25.800289][ T401] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 401] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 401] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=401, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./8/binderfs") = 0
[ 25.838847][ T402] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-401: bg 0: block 234: padding at end of block bitmap is not set
umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 406
./strace-static-x86_64: Process 406 attached
[pid 406] set_robust_list(0x555580e9b660, 24) = 0
[pid 406] chdir("./9") = 0
[pid 406] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 406] setpgid(0, 0) = 0
[pid 406] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 406] write(3, "1000", 4) = 4
[pid 406] close(3) = 0
[pid 406] symlink("/dev/binderfs", "./binderfs") = 0
[pid 406] write(1, "executing program\n", 18executing program
) = 18
[pid 406] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 406] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 406] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 406] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 406] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 406] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 406] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 406] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 406] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 406] memfd_create("syzkaller", 0) = 5
[pid 406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 406] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 406] munmap(0x7f9466c6c000, 138412032) = 0
[pid 406] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 406] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 406] close(5) = 0
[pid 406] close(6) = 0
[pid 406] mkdir("./file0", 0777) = 0
[pid 406] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 406] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 406] chdir("./file0") = 0
[pid 406] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 406] ioctl(6, LOOP_CLR_FD) = 0
[pid 406] close(6) = 0
[pid 406] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 406] write(6, "#! ./file1\n", 11) = 11
[pid 406] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 406] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 406] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=406, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./9/binderfs") = 0
[ 26.018478][ T406] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 26.046588][ T406] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./9/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./9") = 0
mkdir("./10", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 411
./strace-static-x86_64: Process 411 attached
[pid 411] set_robust_list(0x555580e9b660, 24) = 0
[pid 411] chdir("./10") = 0
[pid 411] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 411] setpgid(0, 0) = 0
[pid 411] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 411] write(3, "1000", 4) = 4
[pid 411] close(3) = 0
[pid 411] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 411] write(1, "executing program\n", 18) = 18
[pid 411] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 411] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 411] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 411] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 411] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 411] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 411] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 411] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 411] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 411] memfd_create("syzkaller", 0) = 5
[pid 411] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 411] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 411] munmap(0x7f9466c6c000, 138412032) = 0
[pid 411] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 411] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 411] close(5) = 0
[pid 411] close(6) = 0
[pid 411] mkdir("./file0", 0777) = 0
[pid 411] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 411] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 411] chdir("./file0") = 0
[pid 411] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 411] ioctl(6, LOOP_CLR_FD) = 0
[pid 411] close(6) = 0
[pid 411] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 411] write(6, "#! ./file1\n", 11) = 11
[pid 411] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 411] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 411] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=411, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./10/binderfs") = 0
[ 26.170078][ T411] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 26.200821][ T412] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-411: bg 0: block 234: padding at end of block bitmap is not set
umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./10/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./10") = 0
mkdir("./11", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 417
./strace-static-x86_64: Process 417 attached
[pid 417] set_robust_list(0x555580e9b660, 24) = 0
[pid 417] chdir("./11") = 0
[pid 417] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 417] setpgid(0, 0) = 0
[pid 417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 417] write(3, "1000", 4) = 4
[pid 417] close(3) = 0
[pid 417] symlink("/dev/binderfs", "./binderfs") = 0
[pid 417] write(1, "executing program\n", 18executing program
) = 18
[pid 417] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 417] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 417] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 417] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 417] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 417] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 417] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 417] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 417] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 417] memfd_create("syzkaller", 0) = 5
[pid 417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 417] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 417] munmap(0x7f9466c6c000, 138412032) = 0
[pid 417] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 417] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 417] close(5) = 0
[pid 417] close(6) = 0
[pid 417] mkdir("./file0", 0777) = 0
[pid 417] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 417] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 417] chdir("./file0") = 0
[pid 417] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 417] ioctl(6, LOOP_CLR_FD) = 0
[pid 417] close(6) = 0
[pid 417] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 417] write(6, "#! ./file1\n", 11) = 11
[pid 417] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 417] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 417] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=417, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./11/binderfs") = 0
[ 26.329085][ T417] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 26.360045][ T418] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-417: bg 0: block 234: padding at end of block bitmap is not set
umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./11/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./11") = 0
mkdir("./12", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 422
./strace-static-x86_64: Process 422 attached
[pid 422] set_robust_list(0x555580e9b660, 24) = 0
[pid 422] chdir("./12") = 0
[pid 422] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 422] setpgid(0, 0) = 0
[pid 422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 422] write(3, "1000", 4) = 4
[pid 422] close(3) = 0
[pid 422] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 422] write(1, "executing program\n", 18) = 18
[pid 422] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 422] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 422] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 422] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 422] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 422] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 422] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 422] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 422] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 422] memfd_create("syzkaller", 0) = 5
[pid 422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 422] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 422] munmap(0x7f9466c6c000, 138412032) = 0
[pid 422] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 422] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 422] close(5) = 0
[pid 422] close(6) = 0
[pid 422] mkdir("./file0", 0777) = 0
[pid 422] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 422] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 422] chdir("./file0") = 0
[pid 422] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 422] ioctl(6, LOOP_CLR_FD) = 0
[pid 422] close(6) = 0
[pid 422] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 422] write(6, "#! ./file1\n", 11) = 11
[pid 422] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 422] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 422] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=422, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./12/binderfs") = 0
[ 26.488875][ T422] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 26.519627][ T423] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-422: bg 0: block 234: padding at end of block bitmap is not set
umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./12/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./12") = 0
mkdir("./13", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 427
./strace-static-x86_64: Process 427 attached
[pid 427] set_robust_list(0x555580e9b660, 24) = 0
[pid 427] chdir("./13") = 0
[pid 427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 427] setpgid(0, 0) = 0
[pid 427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 427] write(3, "1000", 4) = 4
[pid 427] close(3) = 0
[pid 427] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 427] write(1, "executing program\n", 18) = 18
[pid 427] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 427] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 427] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 427] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 427] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 427] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 427] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 427] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 427] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 427] memfd_create("syzkaller", 0) = 5
[pid 427] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 427] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 427] munmap(0x7f9466c6c000, 138412032) = 0
[pid 427] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 427] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 427] close(5) = 0
[pid 427] close(6) = 0
[pid 427] mkdir("./file0", 0777) = 0
[pid 427] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 427] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 427] chdir("./file0") = 0
[pid 427] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 427] ioctl(6, LOOP_CLR_FD) = 0
[pid 427] close(6) = 0
[pid 427] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 427] write(6, "#! ./file1\n", 11) = 11
[pid 427] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 427] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 427] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=427, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./13/binderfs") = 0
[ 26.700178][ T427] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 26.731594][ T428] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-427: bg 0: block 234: padding at end of block bitmap is not set
umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./13/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./13") = 0
mkdir("./14", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 432
./strace-static-x86_64: Process 432 attached
[pid 432] set_robust_list(0x555580e9b660, 24) = 0
[pid 432] chdir("./14") = 0
[pid 432] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 432] setpgid(0, 0) = 0
[pid 432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 432] write(3, "1000", 4) = 4
[pid 432] close(3) = 0
[pid 432] symlink("/dev/binderfs", "./binderfs") = 0
[pid 432] write(1, "executing program\n", 18executing program
) = 18
[pid 432] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 432] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 432] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 432] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 432] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 432] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 432] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 432] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 432] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 432] memfd_create("syzkaller", 0) = 5
[pid 432] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 432] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 432] munmap(0x7f9466c6c000, 138412032) = 0
[pid 432] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 432] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 432] close(5) = 0
[pid 432] close(6) = 0
[pid 432] mkdir("./file0", 0777) = 0
[pid 432] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 432] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 432] chdir("./file0") = 0
[pid 432] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 432] ioctl(6, LOOP_CLR_FD) = 0
[pid 432] close(6) = 0
[pid 432] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 432] write(6, "#! ./file1\n", 11) = 11
[pid 432] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 432] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 432] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=432, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./14/binderfs") = 0
[ 26.880172][ T432] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 26.911315][ T433] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-432: bg 0: block 234: padding at end of block bitmap is not set
umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./14/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./14") = 0
mkdir("./15", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 437
./strace-static-x86_64: Process 437 attached
[pid 437] set_robust_list(0x555580e9b660, 24) = 0
[pid 437] chdir("./15") = 0
[pid 437] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 437] setpgid(0, 0) = 0
[pid 437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 437] write(3, "1000", 4) = 4
[pid 437] close(3) = 0
[pid 437] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 437] write(1, "executing program\n", 18) = 18
[pid 437] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 437] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 437] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 437] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 437] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 437] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 437] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 437] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 437] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 437] memfd_create("syzkaller", 0) = 5
[pid 437] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 437] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 437] munmap(0x7f9466c6c000, 138412032) = 0
[pid 437] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 437] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 437] close(5) = 0
[pid 437] close(6) = 0
[pid 437] mkdir("./file0", 0777) = 0
[pid 437] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 437] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 437] chdir("./file0") = 0
[pid 437] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 437] ioctl(6, LOOP_CLR_FD) = 0
[pid 437] close(6) = 0
[pid 437] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 437] write(6, "#! ./file1\n", 11) = 11
[pid 437] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 437] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 437] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=437, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./15/binderfs") = 0
[ 27.090809][ T437] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 27.122159][ T438] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-437: bg 0: block 234: padding at end of block bitmap is not set
umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./15/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./15") = 0
mkdir("./16", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 443 attached
<unfinished ...>
[pid 443] set_robust_list(0x555580e9b660, 24) = 0
[pid 357] <... clone resumed>, child_tidptr=0x555580e9b650) = 443
[pid 443] chdir("./16") = 0
[pid 443] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 443] setpgid(0, 0) = 0
[pid 443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 443] write(3, "1000", 4) = 4
[pid 443] close(3) = 0
[pid 443] symlink("/dev/binderfs", "./binderfs") = 0
[pid 443] write(1, "executing program\n", 18executing program
) = 18
[pid 443] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 443] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 443] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 443] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 443] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 443] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 443] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 443] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 443] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 443] memfd_create("syzkaller", 0) = 5
[pid 443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 443] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 443] munmap(0x7f9466c6c000, 138412032) = 0
[pid 443] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 443] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 443] close(5) = 0
[pid 443] close(6) = 0
[pid 443] mkdir("./file0", 0777) = 0
[pid 443] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 443] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 443] chdir("./file0") = 0
[pid 443] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 443] ioctl(6, LOOP_CLR_FD) = 0
[pid 443] close(6) = 0
[pid 443] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 443] write(6, "#! ./file1\n", 11) = 11
[pid 443] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 443] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 443] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=443, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./16/binderfs") = 0
[ 27.243999][ T443] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 27.275189][ T444] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-443: bg 0: block 234: padding at end of block bitmap is not set
umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./16/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./16") = 0
mkdir("./17", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 448 attached
<unfinished ...>
[pid 448] set_robust_list(0x555580e9b660, 24) = 0
[pid 448] chdir("./17" <unfinished ...>
[pid 357] <... clone resumed>, child_tidptr=0x555580e9b650) = 448
[pid 448] <... chdir resumed>) = 0
[pid 448] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 448] setpgid(0, 0) = 0
[pid 448] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 448] write(3, "1000", 4) = 4
[pid 448] close(3) = 0
[pid 448] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 448] write(1, "executing program\n", 18) = 18
[pid 448] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 448] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 448] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 448] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 448] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 448] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 448] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 448] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 448] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 448] memfd_create("syzkaller", 0) = 5
[pid 448] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 448] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 448] munmap(0x7f9466c6c000, 138412032) = 0
[pid 448] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 448] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 448] close(5) = 0
[pid 448] close(6) = 0
[pid 448] mkdir("./file0", 0777) = 0
[pid 448] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 448] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 448] chdir("./file0") = 0
[pid 448] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 448] ioctl(6, LOOP_CLR_FD) = 0
[pid 448] close(6) = 0
[pid 448] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 448] write(6, "#! ./file1\n", 11) = 11
[pid 448] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 448] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 448] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=448, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./17/binderfs") = 0
[ 27.409654][ T448] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 27.441710][ T449] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-448: bg 0: block 234: padding at end of block bitmap is not set
umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./17/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./17") = 0
mkdir("./18", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 453
./strace-static-x86_64: Process 453 attached
[pid 453] set_robust_list(0x555580e9b660, 24) = 0
[pid 453] chdir("./18") = 0
[pid 453] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 453] setpgid(0, 0) = 0
[pid 453] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 453] write(3, "1000", 4) = 4
[pid 453] close(3) = 0
[pid 453] symlink("/dev/binderfs", "./binderfs") = 0
[pid 453] write(1, "executing program\n", 18executing program
) = 18
[pid 453] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 453] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 453] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 453] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 453] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 453] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 453] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 453] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 453] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 453] memfd_create("syzkaller", 0) = 5
[pid 453] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 453] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 453] munmap(0x7f9466c6c000, 138412032) = 0
[pid 453] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 453] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 453] close(5) = 0
[pid 453] close(6) = 0
[pid 453] mkdir("./file0", 0777) = 0
[pid 453] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 453] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 453] chdir("./file0") = 0
[pid 453] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 453] ioctl(6, LOOP_CLR_FD) = 0
[pid 453] close(6) = 0
[pid 453] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 453] write(6, "#! ./file1\n", 11) = 11
[pid 453] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 27.700196][ T453] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 453] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 453] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=453, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./18/binderfs") = 0
[ 27.741330][ T454] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-453: bg 0: block 234: padding at end of block bitmap is not set
umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./18/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./18") = 0
mkdir("./19", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 458
./strace-static-x86_64: Process 458 attached
[pid 458] set_robust_list(0x555580e9b660, 24) = 0
[pid 458] chdir("./19") = 0
[pid 458] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 458] setpgid(0, 0) = 0
[pid 458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 458] write(3, "1000", 4) = 4
[pid 458] close(3) = 0
[pid 458] symlink("/dev/binderfs", "./binderfs") = 0
[pid 458] write(1, "executing program\n", 18executing program
) = 18
[pid 458] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 458] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 458] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 458] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 458] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 458] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 458] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 458] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 458] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 458] memfd_create("syzkaller", 0) = 5
[pid 458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 458] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 458] munmap(0x7f9466c6c000, 138412032) = 0
[pid 458] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 458] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 458] close(5) = 0
[pid 458] close(6) = 0
[pid 458] mkdir("./file0", 0777) = 0
[pid 458] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 458] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 458] chdir("./file0") = 0
[pid 458] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 458] ioctl(6, LOOP_CLR_FD) = 0
[pid 458] close(6) = 0
[pid 458] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 458] write(6, "#! ./file1\n", 11) = 11
[pid 458] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 458] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 458] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=458, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./19/binderfs") = 0
[ 27.909168][ T458] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 27.940084][ T459] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-458: bg 0: block 234: padding at end of block bitmap is not set
umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./19/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./19") = 0
mkdir("./20", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 463
./strace-static-x86_64: Process 463 attached
[pid 463] set_robust_list(0x555580e9b660, 24) = 0
[pid 463] chdir("./20") = 0
[pid 463] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 463] setpgid(0, 0) = 0
[pid 463] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 463] write(3, "1000", 4) = 4
[pid 463] close(3) = 0
[pid 463] symlink("/dev/binderfs", "./binderfs") = 0
[pid 463] write(1, "executing program\n", 18executing program
) = 18
[pid 463] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 463] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 463] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 463] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 463] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 463] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 463] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 463] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 463] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 463] memfd_create("syzkaller", 0) = 5
[pid 463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 463] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 463] munmap(0x7f9466c6c000, 138412032) = 0
[pid 463] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 463] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 463] close(5) = 0
[pid 463] close(6) = 0
[pid 463] mkdir("./file0", 0777) = 0
[pid 463] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 463] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 463] chdir("./file0") = 0
[pid 463] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 463] ioctl(6, LOOP_CLR_FD) = 0
[pid 463] close(6) = 0
[pid 463] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 463] write(6, "#! ./file1\n", 11) = 11
[pid 463] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 463] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 463] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=463, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./20/binderfs") = 0
[ 28.100138][ T463] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 28.131691][ T464] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-463: bg 0: block 234: padding at end of block bitmap is not set
umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./20/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./20") = 0
mkdir("./21", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 469
./strace-static-x86_64: Process 469 attached
[pid 469] set_robust_list(0x555580e9b660, 24) = 0
[pid 469] chdir("./21") = 0
[pid 469] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 469] setpgid(0, 0) = 0
[pid 469] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 469] write(3, "1000", 4) = 4
[pid 469] close(3) = 0
[pid 469] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 469] write(1, "executing program\n", 18) = 18
[pid 469] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 469] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 469] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 469] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 469] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 469] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 469] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 469] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 469] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 469] memfd_create("syzkaller", 0) = 5
[pid 469] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 469] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 469] munmap(0x7f9466c6c000, 138412032) = 0
[pid 469] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 469] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 469] close(5) = 0
[pid 469] close(6) = 0
[pid 469] mkdir("./file0", 0777) = 0
[pid 469] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 469] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 469] chdir("./file0") = 0
[pid 469] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 469] ioctl(6, LOOP_CLR_FD) = 0
[pid 469] close(6) = 0
[pid 469] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 469] write(6, "#! ./file1\n", 11) = 11
[pid 469] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 469] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 469] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=469, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./21/binderfs") = 0
[ 28.300152][ T469] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 28.330546][ T470] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-469: bg 0: block 234: padding at end of block bitmap is not set
umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./21/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./21") = 0
mkdir("./22", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 474
./strace-static-x86_64: Process 474 attached
[pid 474] set_robust_list(0x555580e9b660, 24) = 0
[pid 474] chdir("./22") = 0
[pid 474] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 474] setpgid(0, 0) = 0
[pid 474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 474] write(3, "1000", 4) = 4
[pid 474] close(3) = 0
[pid 474] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 474] write(1, "executing program\n", 18) = 18
[pid 474] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 474] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 474] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 474] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 474] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 474] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 474] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 474] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 474] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 474] memfd_create("syzkaller", 0) = 5
[pid 474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 474] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 474] munmap(0x7f9466c6c000, 138412032) = 0
[pid 474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 474] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 474] close(5) = 0
[pid 474] close(6) = 0
[pid 474] mkdir("./file0", 0777) = 0
[pid 474] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 474] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 474] chdir("./file0") = 0
[pid 474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 474] ioctl(6, LOOP_CLR_FD) = 0
[pid 474] close(6) = 0
[pid 474] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 474] write(6, "#! ./file1\n", 11) = 11
[pid 474] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 474] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 474] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=474, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./22/binderfs") = 0
[ 28.438973][ T474] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 28.470117][ T475] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-474: bg 0: block 234: padding at end of block bitmap is not set
umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./22/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./22") = 0
mkdir("./23", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 479
./strace-static-x86_64: Process 479 attached
[pid 479] set_robust_list(0x555580e9b660, 24) = 0
[pid 479] chdir("./23") = 0
[pid 479] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 479] setpgid(0, 0) = 0
[pid 479] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 479] write(3, "1000", 4) = 4
[pid 479] close(3) = 0
[pid 479] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 479] write(1, "executing program\n", 18) = 18
[pid 479] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 479] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 479] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 479] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 479] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 479] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 479] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 479] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 479] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 479] memfd_create("syzkaller", 0) = 5
[pid 479] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 479] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 479] munmap(0x7f9466c6c000, 138412032) = 0
[pid 479] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 479] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 479] close(5) = 0
[pid 479] close(6) = 0
[pid 479] mkdir("./file0", 0777) = 0
[pid 479] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 479] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 479] chdir("./file0") = 0
[pid 479] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 479] ioctl(6, LOOP_CLR_FD) = 0
[pid 479] close(6) = 0
[pid 479] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 479] write(6, "#! ./file1\n", 11) = 11
[pid 479] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 479] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 479] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=479, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./23/binderfs") = 0
[ 28.600210][ T479] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 28.631107][ T480] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-479: bg 0: block 234: padding at end of block bitmap is not set
umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./23/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./23") = 0
mkdir("./24", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 484
./strace-static-x86_64: Process 484 attached
[pid 484] set_robust_list(0x555580e9b660, 24) = 0
[pid 484] chdir("./24") = 0
[pid 484] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 484] setpgid(0, 0) = 0
[pid 484] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 484] write(3, "1000", 4) = 4
[pid 484] close(3) = 0
[pid 484] symlink("/dev/binderfs", "./binderfs") = 0
[pid 484] write(1, "executing program\n", 18executing program
) = 18
[pid 484] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 484] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 484] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 484] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 484] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 484] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 484] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 484] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 484] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 484] memfd_create("syzkaller", 0) = 5
[pid 484] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 484] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 484] munmap(0x7f9466c6c000, 138412032) = 0
[pid 484] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 484] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 484] close(5) = 0
[pid 484] close(6) = 0
[pid 484] mkdir("./file0", 0777) = 0
[pid 484] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 484] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 484] chdir("./file0") = 0
[pid 484] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 484] ioctl(6, LOOP_CLR_FD) = 0
[pid 484] close(6) = 0
[pid 484] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 484] write(6, "#! ./file1\n", 11) = 11
[pid 484] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 484] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 484] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=484, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./24/binderfs") = 0
[ 28.756338][ T484] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 28.787230][ T485] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-484: bg 0: block 234: padding at end of block bitmap is not set
umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./24/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./24") = 0
mkdir("./25", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 489
./strace-static-x86_64: Process 489 attached
[pid 489] set_robust_list(0x555580e9b660, 24) = 0
[pid 489] chdir("./25") = 0
[pid 489] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 489] setpgid(0, 0) = 0
[pid 489] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 489] write(3, "1000", 4) = 4
[pid 489] close(3) = 0
[pid 489] symlink("/dev/binderfs", "./binderfs") = 0
[pid 489] write(1, "executing program\n", 18executing program
) = 18
[pid 489] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 489] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 489] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 489] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 489] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 489] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 489] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 489] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 489] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 489] memfd_create("syzkaller", 0) = 5
[pid 489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 489] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 489] munmap(0x7f9466c6c000, 138412032) = 0
[pid 489] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 489] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 489] close(5) = 0
[pid 489] close(6) = 0
[pid 489] mkdir("./file0", 0777) = 0
[pid 489] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 489] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 489] chdir("./file0") = 0
[pid 489] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 489] ioctl(6, LOOP_CLR_FD) = 0
[pid 489] close(6) = 0
[pid 489] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 489] write(6, "#! ./file1\n", 11) = 11
[pid 489] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 28.890171][ T489] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 489] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 489] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=489, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./25/binderfs") = 0
[ 28.929327][ T489] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./25/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./25") = 0
mkdir("./26", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 494
./strace-static-x86_64: Process 494 attached
[pid 494] set_robust_list(0x555580e9b660, 24) = 0
[pid 494] chdir("./26") = 0
[pid 494] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 494] setpgid(0, 0) = 0
[pid 494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 494] write(3, "1000", 4) = 4
[pid 494] close(3) = 0
[pid 494] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 494] write(1, "executing program\n", 18) = 18
[pid 494] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 494] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 494] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 494] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 494] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 494] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 494] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 494] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 494] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 494] memfd_create("syzkaller", 0) = 5
[pid 494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 494] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 494] munmap(0x7f9466c6c000, 138412032) = 0
[pid 494] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 494] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 494] close(5) = 0
[pid 494] close(6) = 0
[pid 494] mkdir("./file0", 0777) = 0
[pid 494] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 494] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 494] chdir("./file0") = 0
[pid 494] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 494] ioctl(6, LOOP_CLR_FD) = 0
[pid 494] close(6) = 0
[pid 494] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 494] write(6, "#! ./file1\n", 11) = 11
[pid 494] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 494] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 494] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=494, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./26/binderfs") = 0
[ 29.060213][ T494] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 29.082855][ T494] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./26/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./26") = 0
mkdir("./27", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 499
./strace-static-x86_64: Process 499 attached
[pid 499] set_robust_list(0x555580e9b660, 24) = 0
[pid 499] chdir("./27") = 0
[pid 499] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 499] setpgid(0, 0) = 0
[pid 499] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 499] write(3, "1000", 4) = 4
[pid 499] close(3) = 0
[pid 499] symlink("/dev/binderfs", "./binderfs") = 0
[pid 499] write(1, "executing program\n", 18executing program
) = 18
[pid 499] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 499] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 499] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 499] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 499] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 499] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 499] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 499] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 499] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 499] memfd_create("syzkaller", 0) = 5
[pid 499] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 499] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 499] munmap(0x7f9466c6c000, 138412032) = 0
[pid 499] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 499] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 499] close(5) = 0
[pid 499] close(6) = 0
[pid 499] mkdir("./file0", 0777) = 0
[pid 499] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 499] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 499] chdir("./file0") = 0
[pid 499] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 499] ioctl(6, LOOP_CLR_FD) = 0
[pid 499] close(6) = 0
[pid 499] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 499] write(6, "#! ./file1\n", 11) = 11
[pid 499] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 29.220257][ T499] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 499] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 499] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=499, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./27/binderfs") = 0
[ 29.263688][ T500] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-499: bg 0: block 234: padding at end of block bitmap is not set
umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./27/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./27") = 0
mkdir("./28", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 505
./strace-static-x86_64: Process 505 attached
[pid 505] set_robust_list(0x555580e9b660, 24) = 0
[pid 505] chdir("./28") = 0
[pid 505] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 505] setpgid(0, 0) = 0
[pid 505] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 505] write(3, "1000", 4) = 4
[pid 505] close(3) = 0
[pid 505] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 505] write(1, "executing program\n", 18) = 18
[pid 505] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 505] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 505] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 505] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 505] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 505] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 505] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 505] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 505] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 505] memfd_create("syzkaller", 0) = 5
[pid 505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 505] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 505] munmap(0x7f9466c6c000, 138412032) = 0
[pid 505] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 505] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 505] close(5) = 0
[pid 505] close(6) = 0
[pid 505] mkdir("./file0", 0777) = 0
[pid 505] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 505] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 505] chdir("./file0") = 0
[pid 505] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 505] ioctl(6, LOOP_CLR_FD) = 0
[pid 505] close(6) = 0
[pid 505] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 505] write(6, "#! ./file1\n", 11) = 11
[ 29.410229][ T505] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 505] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 505] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 505] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=505, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./28/binderfs") = 0
[ 29.450568][ T505] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./28/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./28") = 0
mkdir("./29", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 510
./strace-static-x86_64: Process 510 attached
[pid 510] set_robust_list(0x555580e9b660, 24) = 0
[pid 510] chdir("./29") = 0
[pid 510] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 510] setpgid(0, 0) = 0
[pid 510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 510] write(3, "1000", 4) = 4
[pid 510] close(3) = 0
[pid 510] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 510] write(1, "executing program\n", 18) = 18
[pid 510] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 510] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 510] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 510] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 510] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 510] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 510] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 510] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 510] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 510] memfd_create("syzkaller", 0) = 5
[pid 510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 510] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 510] munmap(0x7f9466c6c000, 138412032) = 0
[pid 510] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 510] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 510] close(5) = 0
[pid 510] close(6) = 0
[pid 510] mkdir("./file0", 0777) = 0
[pid 510] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 510] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 510] chdir("./file0") = 0
[pid 510] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 510] ioctl(6, LOOP_CLR_FD) = 0
[pid 510] close(6) = 0
[pid 510] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 510] write(6, "#! ./file1\n", 11) = 11
[pid 510] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 510] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 510] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=510, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./29/binderfs") = 0
[ 29.630154][ T510] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 29.661765][ T511] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-510: bg 0: block 234: padding at end of block bitmap is not set
umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./29/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./29") = 0
mkdir("./30", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 515
./strace-static-x86_64: Process 515 attached
[pid 515] set_robust_list(0x555580e9b660, 24) = 0
[pid 515] chdir("./30") = 0
[pid 515] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 515] setpgid(0, 0) = 0
[pid 515] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 515] write(3, "1000", 4) = 4
[pid 515] close(3) = 0
[pid 515] symlink("/dev/binderfs", "./binderfs") = 0
[pid 515] write(1, "executing program\n", 18) = 18
executing program
[pid 515] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 515] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 515] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 515] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 515] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 515] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 515] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 515] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 515] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 515] memfd_create("syzkaller", 0) = 5
[pid 515] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 515] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 515] munmap(0x7f9466c6c000, 138412032) = 0
[pid 515] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 515] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 515] close(5) = 0
[pid 515] close(6) = 0
[pid 515] mkdir("./file0", 0777) = 0
[pid 515] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 515] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 515] chdir("./file0") = 0
[pid 515] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 515] ioctl(6, LOOP_CLR_FD) = 0
[pid 515] close(6) = 0
[pid 515] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 515] write(6, "#! ./file1\n", 11) = 11
[pid 515] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 515] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 515] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=515, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./30/binderfs") = 0
[ 29.800456][ T515] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 29.830957][ T516] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-515: bg 0: block 234: padding at end of block bitmap is not set
umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./30/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./30") = 0
mkdir("./31", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 520
./strace-static-x86_64: Process 520 attached
[pid 520] set_robust_list(0x555580e9b660, 24) = 0
[pid 520] chdir("./31") = 0
[pid 520] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 520] setpgid(0, 0) = 0
[pid 520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 520] write(3, "1000", 4) = 4
[pid 520] close(3) = 0
[pid 520] symlink("/dev/binderfs", "./binderfs") = 0
[pid 520] write(1, "executing program\n", 18executing program
) = 18
[pid 520] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 520] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 520] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 520] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 520] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 520] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 520] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 520] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 520] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 520] memfd_create("syzkaller", 0) = 5
[pid 520] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 520] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 520] munmap(0x7f9466c6c000, 138412032) = 0
[pid 520] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 520] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 520] close(5) = 0
[pid 520] close(6) = 0
[pid 520] mkdir("./file0", 0777) = 0
[pid 520] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 520] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 520] chdir("./file0") = 0
[pid 520] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 520] ioctl(6, LOOP_CLR_FD) = 0
[pid 520] close(6) = 0
[pid 520] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 520] write(6, "#! ./file1\n", 11) = 11
[pid 520] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 520] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 520] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=520, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./31/binderfs") = 0
[ 29.976524][ T520] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 30.008266][ T521] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-520: bg 0: block 234: padding at end of block bitmap is not set
umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./31/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./31") = 0
mkdir("./32", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 525
./strace-static-x86_64: Process 525 attached
[pid 525] set_robust_list(0x555580e9b660, 24) = 0
[pid 525] chdir("./32") = 0
[pid 525] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 525] setpgid(0, 0) = 0
[pid 525] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 525] write(3, "1000", 4) = 4
[pid 525] close(3) = 0
[pid 525] symlink("/dev/binderfs", "./binderfs") = 0
[pid 525] write(1, "executing program\n", 18executing program
) = 18
[pid 525] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 525] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 525] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 525] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 525] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 525] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 525] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 525] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 525] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 525] memfd_create("syzkaller", 0) = 5
[pid 525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 525] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 525] munmap(0x7f9466c6c000, 138412032) = 0
[pid 525] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 525] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 525] close(5) = 0
[pid 525] close(6) = 0
[pid 525] mkdir("./file0", 0777) = 0
[pid 525] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 525] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 525] chdir("./file0") = 0
[pid 525] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 525] ioctl(6, LOOP_CLR_FD) = 0
[pid 525] close(6) = 0
[pid 525] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 525] write(6, "#! ./file1\n", 11) = 11
[pid 525] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 525] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 525] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=525, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./32/binderfs") = 0
[ 30.140238][ T525] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 30.172513][ T526] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-525: bg 0: block 234: padding at end of block bitmap is not set
umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./32/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./32") = 0
mkdir("./33", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 531
./strace-static-x86_64: Process 531 attached
[pid 531] set_robust_list(0x555580e9b660, 24) = 0
[pid 531] chdir("./33") = 0
[pid 531] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 531] setpgid(0, 0) = 0
[pid 531] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 531] write(3, "1000", 4) = 4
[pid 531] close(3) = 0
[pid 531] symlink("/dev/binderfs", "./binderfs") = 0
[pid 531] write(1, "executing program\n", 18executing program
) = 18
[pid 531] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 531] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 531] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 531] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 531] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 531] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 531] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 531] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 531] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 531] memfd_create("syzkaller", 0) = 5
[pid 531] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 531] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 531] munmap(0x7f9466c6c000, 138412032) = 0
[pid 531] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 531] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 531] close(5) = 0
[pid 531] close(6) = 0
[pid 531] mkdir("./file0", 0777) = 0
[pid 531] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 531] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 531] chdir("./file0") = 0
[pid 531] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 531] ioctl(6, LOOP_CLR_FD) = 0
[pid 531] close(6) = 0
[pid 531] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 531] write(6, "#! ./file1\n", 11) = 11
[pid 531] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 531] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 531] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=531, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./33/binderfs") = 0
[ 30.350099][ T531] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 30.381006][ T532] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-531: bg 0: block 234: padding at end of block bitmap is not set
umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./33/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./33") = 0
mkdir("./34", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 536
./strace-static-x86_64: Process 536 attached
[pid 536] set_robust_list(0x555580e9b660, 24) = 0
[pid 536] chdir("./34") = 0
[pid 536] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 536] setpgid(0, 0) = 0
[pid 536] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 536] write(3, "1000", 4) = 4
[pid 536] close(3) = 0
[pid 536] symlink("/dev/binderfs", "./binderfs") = 0
[pid 536] write(1, "executing program\n", 18executing program
) = 18
[pid 536] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 536] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 536] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 536] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 536] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 536] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 536] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 536] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 536] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 536] memfd_create("syzkaller", 0) = 5
[pid 536] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 536] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 536] munmap(0x7f9466c6c000, 138412032) = 0
[pid 536] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 536] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 536] close(5) = 0
[pid 536] close(6) = 0
[pid 536] mkdir("./file0", 0777) = 0
[pid 536] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 536] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 536] chdir("./file0") = 0
[pid 536] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 536] ioctl(6, LOOP_CLR_FD) = 0
[pid 536] close(6) = 0
[pid 536] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 536] write(6, "#! ./file1\n", 11) = 11
[pid 536] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 536] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 536] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=536, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./34/binderfs") = 0
[ 30.540288][ T536] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 30.570774][ T537] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-536: bg 0: block 234: padding at end of block bitmap is not set
umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./34/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./34") = 0
mkdir("./35", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 541
./strace-static-x86_64: Process 541 attached
[pid 541] set_robust_list(0x555580e9b660, 24) = 0
[pid 541] chdir("./35") = 0
[pid 541] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 541] setpgid(0, 0) = 0
[pid 541] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 541] write(3, "1000", 4) = 4
[pid 541] close(3) = 0
[pid 541] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 541] write(1, "executing program\n", 18) = 18
[pid 541] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 541] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 541] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 541] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 541] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 541] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 541] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 541] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 541] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 541] memfd_create("syzkaller", 0) = 5
[pid 541] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 541] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 541] munmap(0x7f9466c6c000, 138412032) = 0
[pid 541] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 541] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 541] close(5) = 0
[pid 541] close(6) = 0
[pid 541] mkdir("./file0", 0777) = 0
[pid 541] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 541] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 541] chdir("./file0") = 0
[pid 541] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 541] ioctl(6, LOOP_CLR_FD) = 0
[pid 541] close(6) = 0
[pid 541] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 541] write(6, "#! ./file1\n", 11) = 11
[pid 541] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 541] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 541] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=541, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./35/binderfs") = 0
[ 30.779824][ T541] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 30.802743][ T541] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./35/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./35") = 0
mkdir("./36", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 546
./strace-static-x86_64: Process 546 attached
[pid 546] set_robust_list(0x555580e9b660, 24) = 0
[pid 546] chdir("./36") = 0
[pid 546] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 546] setpgid(0, 0) = 0
[pid 546] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 546] write(3, "1000", 4) = 4
[pid 546] close(3) = 0
[pid 546] symlink("/dev/binderfs", "./binderfs") = 0
[pid 546] write(1, "executing program\n", 18executing program
) = 18
[pid 546] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 546] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 546] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 546] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 546] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 546] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 546] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 546] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 546] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 546] memfd_create("syzkaller", 0) = 5
[pid 546] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 546] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 546] munmap(0x7f9466c6c000, 138412032) = 0
[pid 546] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 546] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 546] close(5) = 0
[pid 546] close(6) = 0
[pid 546] mkdir("./file0", 0777) = 0
[pid 546] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 546] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 546] chdir("./file0") = 0
[pid 546] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 546] ioctl(6, LOOP_CLR_FD) = 0
[pid 546] close(6) = 0
[pid 546] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 546] write(6, "#! ./file1\n", 11) = 11
[pid 546] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 546] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 546] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=546, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./36/binderfs") = 0
[ 30.990177][ T546] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 31.021058][ T547] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-546: bg 0: block 234: padding at end of block bitmap is not set
umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./36/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./36") = 0
mkdir("./37", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 551
./strace-static-x86_64: Process 551 attached
[pid 551] set_robust_list(0x555580e9b660, 24) = 0
[pid 551] chdir("./37") = 0
[pid 551] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 551] setpgid(0, 0) = 0
[pid 551] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 551] write(3, "1000", 4) = 4
[pid 551] close(3) = 0
[pid 551] symlink("/dev/binderfs", "./binderfs") = 0
[pid 551] write(1, "executing program\n", 18executing program
) = 18
[pid 551] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 551] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 551] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 551] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 551] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 551] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 551] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 551] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 551] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 551] memfd_create("syzkaller", 0) = 5
[pid 551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 551] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 551] munmap(0x7f9466c6c000, 138412032) = 0
[pid 551] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 551] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 551] close(5) = 0
[pid 551] close(6) = 0
[pid 551] mkdir("./file0", 0777) = 0
[pid 551] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 551] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 551] chdir("./file0") = 0
[pid 551] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 551] ioctl(6, LOOP_CLR_FD) = 0
[pid 551] close(6) = 0
[pid 551] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 551] write(6, "#! ./file1\n", 11) = 11
[pid 551] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 551] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 551] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=551, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./37/binderfs") = 0
[ 31.150346][ T551] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 31.176566][ T552] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-551: bg 0: block 234: padding at end of block bitmap is not set
umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./37/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./37") = 0
mkdir("./38", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 557 attached
, child_tidptr=0x555580e9b650) = 557
[pid 557] set_robust_list(0x555580e9b660, 24) = 0
[pid 557] chdir("./38") = 0
[pid 557] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 557] setpgid(0, 0) = 0
[pid 557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 557] write(3, "1000", 4) = 4
[pid 557] close(3) = 0
[pid 557] symlink("/dev/binderfs", "./binderfs") = 0
[pid 557] write(1, "executing program\n", 18executing program
) = 18
[pid 557] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 557] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 557] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 557] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 557] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 557] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 557] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 557] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 557] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 557] memfd_create("syzkaller", 0) = 5
[pid 557] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 557] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 557] munmap(0x7f9466c6c000, 138412032) = 0
[pid 557] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 557] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 557] close(5) = 0
[pid 557] close(6) = 0
[pid 557] mkdir("./file0", 0777) = 0
[pid 557] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 557] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 557] chdir("./file0") = 0
[pid 557] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 557] ioctl(6, LOOP_CLR_FD) = 0
[pid 557] close(6) = 0
[pid 557] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 557] write(6, "#! ./file1\n", 11) = 11
[pid 557] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 557] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 557] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=557, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./38/binderfs") = 0
[ 31.380142][ T557] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 31.405072][ T557] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./38/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./38") = 0
mkdir("./39", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 562
./strace-static-x86_64: Process 562 attached
[pid 562] set_robust_list(0x555580e9b660, 24) = 0
[pid 562] chdir("./39") = 0
[pid 562] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 562] setpgid(0, 0) = 0
[pid 562] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 562] write(3, "1000", 4) = 4
[pid 562] close(3) = 0
[pid 562] symlink("/dev/binderfs", "./binderfs") = 0
[pid 562] write(1, "executing program\n", 18executing program
) = 18
[pid 562] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 562] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 562] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 562] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 562] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 562] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 562] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 562] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 562] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 562] memfd_create("syzkaller", 0) = 5
[pid 562] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 562] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 562] munmap(0x7f9466c6c000, 138412032) = 0
[pid 562] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 562] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 562] close(5) = 0
[pid 562] close(6) = 0
[pid 562] mkdir("./file0", 0777) = 0
[pid 562] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 562] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 562] chdir("./file0") = 0
[pid 562] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 562] ioctl(6, LOOP_CLR_FD) = 0
[pid 562] close(6) = 0
[pid 562] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 562] write(6, "#! ./file1\n", 11) = 11
[pid 562] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 562] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 562] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=562, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./39/binderfs") = 0
[ 31.530223][ T562] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 31.555176][ T562] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./39/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./39") = 0
mkdir("./40", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 567
./strace-static-x86_64: Process 567 attached
[pid 567] set_robust_list(0x555580e9b660, 24) = 0
[pid 567] chdir("./40") = 0
[pid 567] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 567] setpgid(0, 0) = 0
[pid 567] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 567] write(3, "1000", 4) = 4
[pid 567] close(3) = 0
[pid 567] symlink("/dev/binderfs", "./binderfs") = 0
[pid 567] write(1, "executing program\n", 18executing program
) = 18
[pid 567] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 567] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 567] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 567] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 567] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 567] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 567] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 567] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 567] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 567] memfd_create("syzkaller", 0) = 5
[pid 567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 567] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 567] munmap(0x7f9466c6c000, 138412032) = 0
[pid 567] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 567] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 567] close(5) = 0
[pid 567] close(6) = 0
[pid 567] mkdir("./file0", 0777) = 0
[pid 567] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 567] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 567] chdir("./file0") = 0
[pid 567] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 567] ioctl(6, LOOP_CLR_FD) = 0
[pid 567] close(6) = 0
[pid 567] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 567] write(6, "#! ./file1\n", 11) = 11
[pid 567] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 567] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 567] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=567, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./40/binderfs") = 0
[ 31.710486][ T567] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 31.741543][ T568] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-567: bg 0: block 234: padding at end of block bitmap is not set
umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./40/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./40") = 0
mkdir("./41", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 572
./strace-static-x86_64: Process 572 attached
[pid 572] set_robust_list(0x555580e9b660, 24) = 0
[pid 572] chdir("./41") = 0
[pid 572] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 572] setpgid(0, 0) = 0
[pid 572] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 572] write(3, "1000", 4) = 4
[pid 572] close(3) = 0
[pid 572] symlink("/dev/binderfs", "./binderfs") = 0
[pid 572] write(1, "executing program\n", 18executing program
) = 18
[pid 572] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 572] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 572] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 572] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 572] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 572] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 572] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 572] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 572] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 572] memfd_create("syzkaller", 0) = 5
[pid 572] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 572] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 572] munmap(0x7f9466c6c000, 138412032) = 0
[pid 572] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 572] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 572] close(5) = 0
[pid 572] close(6) = 0
[pid 572] mkdir("./file0", 0777) = 0
[pid 572] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 572] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 572] chdir("./file0") = 0
[pid 572] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 572] ioctl(6, LOOP_CLR_FD) = 0
[pid 572] close(6) = 0
[pid 572] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 572] write(6, "#! ./file1\n", 11) = 11
[pid 572] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 32.000381][ T572] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 572] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 572] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=572, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./41/binderfs") = 0
[ 32.041168][ T573] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-572: bg 0: block 234: padding at end of block bitmap is not set
umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./41/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./41") = 0
mkdir("./42", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 577
./strace-static-x86_64: Process 577 attached
[pid 577] set_robust_list(0x555580e9b660, 24) = 0
[pid 577] chdir("./42") = 0
[pid 577] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 577] setpgid(0, 0) = 0
[pid 577] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 577] write(3, "1000", 4) = 4
[pid 577] close(3) = 0
[pid 577] symlink("/dev/binderfs", "./binderfs") = 0
[pid 577] write(1, "executing program\n", 18executing program
) = 18
[pid 577] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 577] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 577] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 577] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 577] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 577] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 577] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 577] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 577] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 577] memfd_create("syzkaller", 0) = 5
[pid 577] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 577] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 577] munmap(0x7f9466c6c000, 138412032) = 0
[pid 577] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 577] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 577] close(5) = 0
[pid 577] close(6) = 0
[pid 577] mkdir("./file0", 0777) = 0
[pid 577] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 577] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 577] chdir("./file0") = 0
[pid 577] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 577] ioctl(6, LOOP_CLR_FD) = 0
[pid 577] close(6) = 0
[pid 577] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 577] write(6, "#! ./file1\n", 11) = 11
[pid 577] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 577] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 577] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=577, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./42/binderfs") = 0
[ 32.160642][ T577] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 32.183121][ T577] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./42/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./42") = 0
mkdir("./43", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 583
./strace-static-x86_64: Process 583 attached
[pid 583] set_robust_list(0x555580e9b660, 24) = 0
[pid 583] chdir("./43") = 0
[pid 583] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 583] setpgid(0, 0) = 0
[pid 583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 583] write(3, "1000", 4) = 4
[pid 583] close(3) = 0
[pid 583] symlink("/dev/binderfs", "./binderfs") = 0
[pid 583] write(1, "executing program\n", 18executing program
) = 18
[pid 583] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 583] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 583] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 583] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 583] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 583] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 583] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 583] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 583] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 583] memfd_create("syzkaller", 0) = 5
[pid 583] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 583] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 583] munmap(0x7f9466c6c000, 138412032) = 0
[pid 583] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 583] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 583] close(5) = 0
[pid 583] close(6) = 0
[pid 583] mkdir("./file0", 0777) = 0
[pid 583] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 583] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 583] chdir("./file0") = 0
[pid 583] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 583] ioctl(6, LOOP_CLR_FD) = 0
[pid 583] close(6) = 0
[pid 583] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 583] write(6, "#! ./file1\n", 11) = 11
[pid 583] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 583] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 583] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=583, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./43/binderfs") = 0
[ 32.310533][ T583] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 32.333587][ T583] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./43/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./43") = 0
mkdir("./44", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 588
./strace-static-x86_64: Process 588 attached
[pid 588] set_robust_list(0x555580e9b660, 24) = 0
[pid 588] chdir("./44") = 0
[pid 588] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 588] setpgid(0, 0) = 0
[pid 588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 588] write(3, "1000", 4) = 4
[pid 588] close(3) = 0
[pid 588] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 588] write(1, "executing program\n", 18) = 18
[pid 588] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 588] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 588] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 588] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 588] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 588] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 588] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 588] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 588] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 588] memfd_create("syzkaller", 0) = 5
[pid 588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 588] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 588] munmap(0x7f9466c6c000, 138412032) = 0
[pid 588] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 588] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 588] close(5) = 0
[pid 588] close(6) = 0
[pid 588] mkdir("./file0", 0777) = 0
[pid 588] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 588] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 588] chdir("./file0") = 0
[pid 588] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 588] ioctl(6, LOOP_CLR_FD) = 0
[pid 588] close(6) = 0
[pid 588] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 588] write(6, "#! ./file1\n", 11) = 11
[pid 588] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 588] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 588] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=588, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./44", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./44/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./44/binderfs") = 0
[ 32.450358][ T588] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 32.480738][ T588] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./44/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./44") = 0
mkdir("./45", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 593
./strace-static-x86_64: Process 593 attached
[pid 593] set_robust_list(0x555580e9b660, 24) = 0
[pid 593] chdir("./45") = 0
[pid 593] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 593] setpgid(0, 0) = 0
[pid 593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 593] write(3, "1000", 4) = 4
[pid 593] close(3) = 0
[pid 593] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 593] write(1, "executing program\n", 18) = 18
[pid 593] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 593] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 593] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 593] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 593] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 593] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 593] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 593] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 593] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 593] memfd_create("syzkaller", 0) = 5
[pid 593] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 593] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 593] munmap(0x7f9466c6c000, 138412032) = 0
[pid 593] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 593] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 593] close(5) = 0
[pid 593] close(6) = 0
[pid 593] mkdir("./file0", 0777) = 0
[pid 593] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 593] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 593] chdir("./file0") = 0
[pid 593] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 593] ioctl(6, LOOP_CLR_FD) = 0
[pid 593] close(6) = 0
[pid 593] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 593] write(6, "#! ./file1\n", 11) = 11
[pid 593] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 593] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 593] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=593, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./45", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./45/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./45/binderfs") = 0
[ 32.650897][ T593] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 32.679806][ T593] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./45/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./45") = 0
mkdir("./46", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 598 attached
, child_tidptr=0x555580e9b650) = 598
[pid 598] set_robust_list(0x555580e9b660, 24) = 0
[pid 598] chdir("./46") = 0
[pid 598] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 598] setpgid(0, 0) = 0
[pid 598] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 598] write(3, "1000", 4) = 4
[pid 598] close(3) = 0
[pid 598] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 598] write(1, "executing program\n", 18) = 18
[pid 598] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 598] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 598] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 598] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 598] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 598] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 598] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 598] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 598] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 598] memfd_create("syzkaller", 0) = 5
[pid 598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 598] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 598] munmap(0x7f9466c6c000, 138412032) = 0
[pid 598] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 598] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 598] close(5) = 0
[pid 598] close(6) = 0
[pid 598] mkdir("./file0", 0777) = 0
[pid 598] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 598] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 598] chdir("./file0") = 0
[pid 598] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 598] ioctl(6, LOOP_CLR_FD) = 0
[pid 598] close(6) = 0
[pid 598] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 598] write(6, "#! ./file1\n", 11) = 11
[pid 598] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 598] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 598] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=598, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./46", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./46/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./46/binderfs") = 0
[ 32.780154][ T598] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 32.811302][ T599] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-598: bg 0: block 234: padding at end of block bitmap is not set
umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./46/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./46") = 0
mkdir("./47", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 603
./strace-static-x86_64: Process 603 attached
[pid 603] set_robust_list(0x555580e9b660, 24) = 0
[pid 603] chdir("./47") = 0
[pid 603] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 603] setpgid(0, 0) = 0
[pid 603] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 603] write(3, "1000", 4) = 4
[pid 603] close(3) = 0
[pid 603] symlink("/dev/binderfs", "./binderfs") = 0
[pid 603] write(1, "executing program\n", 18executing program
) = 18
[pid 603] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 603] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 603] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 603] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 603] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 603] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 603] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 603] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 603] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 603] memfd_create("syzkaller", 0) = 5
[pid 603] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 603] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 603] munmap(0x7f9466c6c000, 138412032) = 0
[pid 603] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 603] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 603] close(5) = 0
[pid 603] close(6) = 0
[pid 603] mkdir("./file0", 0777) = 0
[pid 603] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 603] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 603] chdir("./file0") = 0
[pid 603] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 603] ioctl(6, LOOP_CLR_FD) = 0
[pid 603] close(6) = 0
[pid 603] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 603] write(6, "#! ./file1\n", 11) = 11
[pid 603] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 603] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 603] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=603, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./47", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./47/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./47/binderfs") = 0
[ 32.986928][ T603] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 33.019831][ T604] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-603: bg 0: block 234: padding at end of block bitmap is not set
umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./47/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./47/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./47") = 0
mkdir("./48", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 608 attached
<unfinished ...>
[pid 608] set_robust_list(0x555580e9b660, 24) = 0
[pid 357] <... clone resumed>, child_tidptr=0x555580e9b650) = 608
[pid 608] chdir("./48") = 0
[pid 608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 608] setpgid(0, 0) = 0
[pid 608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 608] write(3, "1000", 4) = 4
[pid 608] close(3) = 0
[pid 608] symlink("/dev/binderfs", "./binderfs") = 0
[pid 608] write(1, "executing program\n", 18executing program
) = 18
[pid 608] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 608] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 608] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 608] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 608] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 608] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 608] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 608] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 608] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 608] memfd_create("syzkaller", 0) = 5
[pid 608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 608] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 608] munmap(0x7f9466c6c000, 138412032) = 0
[pid 608] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 608] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 608] close(5) = 0
[pid 608] close(6) = 0
[pid 608] mkdir("./file0", 0777) = 0
[pid 608] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 608] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 608] chdir("./file0") = 0
[pid 608] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 608] ioctl(6, LOOP_CLR_FD) = 0
[pid 608] close(6) = 0
[pid 608] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 608] write(6, "#! ./file1\n", 11) = 11
[pid 608] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 33.189522][ T608] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 608] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 608] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=608, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./48", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./48/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./48/binderfs") = 0
[ 33.229813][ T609] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-608: bg 0: block 234: padding at end of block bitmap is not set
umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./48/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./48/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./48") = 0
mkdir("./49", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 614
./strace-static-x86_64: Process 614 attached
[pid 614] set_robust_list(0x555580e9b660, 24) = 0
[pid 614] chdir("./49") = 0
[pid 614] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 614] setpgid(0, 0) = 0
[pid 614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 614] write(3, "1000", 4) = 4
[pid 614] close(3) = 0
[pid 614] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 614] write(1, "executing program\n", 18) = 18
[pid 614] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 614] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 614] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 614] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 614] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 614] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 614] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 614] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 614] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 614] memfd_create("syzkaller", 0) = 5
[pid 614] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 614] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 614] munmap(0x7f9466c6c000, 138412032) = 0
[pid 614] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 614] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 614] close(5) = 0
[pid 614] close(6) = 0
[pid 614] mkdir("./file0", 0777) = 0
[pid 614] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 614] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 614] chdir("./file0") = 0
[pid 614] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 614] ioctl(6, LOOP_CLR_FD) = 0
[pid 614] close(6) = 0
[pid 614] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 614] write(6, "#! ./file1\n", 11) = 11
[pid 614] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 614] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 614] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=614, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./49", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./49/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./49/binderfs") = 0
[ 33.420570][ T614] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 33.445311][ T614] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./49/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./49") = 0
mkdir("./50", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 619 attached
, child_tidptr=0x555580e9b650) = 619
[pid 619] set_robust_list(0x555580e9b660, 24) = 0
[pid 619] chdir("./50") = 0
[pid 619] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 619] setpgid(0, 0) = 0
[pid 619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 619] write(3, "1000", 4) = 4
[pid 619] close(3) = 0
[pid 619] symlink("/dev/binderfs", "./binderfs") = 0
[pid 619] write(1, "executing program\n", 18executing program
) = 18
[pid 619] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 619] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 619] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 619] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 619] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 619] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 619] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 619] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 619] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 619] memfd_create("syzkaller", 0) = 5
[pid 619] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 619] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 619] munmap(0x7f9466c6c000, 138412032) = 0
[pid 619] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 619] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 619] close(5) = 0
[pid 619] close(6) = 0
[pid 619] mkdir("./file0", 0777) = 0
[pid 619] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 619] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 619] chdir("./file0") = 0
[pid 619] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 619] ioctl(6, LOOP_CLR_FD) = 0
[pid 619] close(6) = 0
[pid 619] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 619] write(6, "#! ./file1\n", 11) = 11
[pid 619] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 33.690694][ T619] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 619] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 619] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=619, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./50", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./50/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./50/binderfs") = 0
[ 33.731233][ T620] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-619: bg 0: block 234: padding at end of block bitmap is not set
umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./50/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./50") = 0
mkdir("./51", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 624
./strace-static-x86_64: Process 624 attached
[pid 624] set_robust_list(0x555580e9b660, 24) = 0
[pid 624] chdir("./51") = 0
[pid 624] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 624] setpgid(0, 0) = 0
[pid 624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 624] write(3, "1000", 4) = 4
[pid 624] close(3) = 0
[pid 624] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 624] write(1, "executing program\n", 18) = 18
[pid 624] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 624] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 624] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 624] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 624] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 624] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 624] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 624] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 624] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 624] memfd_create("syzkaller", 0) = 5
[pid 624] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 624] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 624] munmap(0x7f9466c6c000, 138412032) = 0
[pid 624] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 624] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 624] close(5) = 0
[pid 624] close(6) = 0
[pid 624] mkdir("./file0", 0777) = 0
[pid 624] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 624] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 624] chdir("./file0") = 0
[pid 624] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 624] ioctl(6, LOOP_CLR_FD) = 0
[pid 624] close(6) = 0
[pid 624] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 624] write(6, "#! ./file1\n", 11) = 11
[pid 624] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 624] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 624] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=624, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./51", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./51/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./51/binderfs") = 0
[ 33.867848][ T624] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 33.891148][ T624] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./51/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./51") = 0
mkdir("./52", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 629 attached
, child_tidptr=0x555580e9b650) = 629
[pid 629] set_robust_list(0x555580e9b660, 24) = 0
[pid 629] chdir("./52") = 0
[pid 629] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 629] setpgid(0, 0) = 0
[pid 629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 629] write(3, "1000", 4) = 4
[pid 629] close(3) = 0
[pid 629] symlink("/dev/binderfs", "./binderfs") = 0
[pid 629] write(1, "executing program\n", 18executing program
) = 18
[pid 629] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 629] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 629] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 629] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 629] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 629] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 629] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 629] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 629] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 629] memfd_create("syzkaller", 0) = 5
[pid 629] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 629] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 629] munmap(0x7f9466c6c000, 138412032) = 0
[pid 629] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 629] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 629] close(5) = 0
[pid 629] close(6) = 0
[pid 629] mkdir("./file0", 0777) = 0
[pid 629] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 629] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 629] chdir("./file0") = 0
[pid 629] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 629] ioctl(6, LOOP_CLR_FD) = 0
[pid 629] close(6) = 0
[pid 629] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 629] write(6, "#! ./file1\n", 11) = 11
[pid 629] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 629] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 629] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=629, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./52/binderfs") = 0
[ 34.049791][ T629] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 34.084587][ T630] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-629: bg 0: block 234: padding at end of block bitmap is not set
umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./52/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./52/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./52") = 0
mkdir("./53", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 635
./strace-static-x86_64: Process 635 attached
[pid 635] set_robust_list(0x555580e9b660, 24) = 0
[pid 635] chdir("./53") = 0
[pid 635] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 635] setpgid(0, 0) = 0
[pid 635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 635] write(3, "1000", 4) = 4
[pid 635] close(3) = 0
[pid 635] symlink("/dev/binderfs", "./binderfs") = 0
[pid 635] write(1, "executing program\n", 18executing program
) = 18
[pid 635] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 635] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 635] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 635] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 635] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 635] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 635] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 635] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 635] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 635] memfd_create("syzkaller", 0) = 5
[pid 635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 635] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 635] munmap(0x7f9466c6c000, 138412032) = 0
[pid 635] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 635] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 635] close(5) = 0
[pid 635] close(6) = 0
[pid 635] mkdir("./file0", 0777) = 0
[pid 635] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 635] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 635] chdir("./file0") = 0
[pid 635] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 635] ioctl(6, LOOP_CLR_FD) = 0
[pid 635] close(6) = 0
[pid 635] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 635] write(6, "#! ./file1\n", 11) = 11
[pid 635] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 635] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 635] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=635, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./53/binderfs") = 0
[ 34.287238][ T635] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 34.319939][ T636] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-635: bg 0: block 234: padding at end of block bitmap is not set
umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./53/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./53") = 0
mkdir("./54", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 640
./strace-static-x86_64: Process 640 attached
[pid 640] set_robust_list(0x555580e9b660, 24) = 0
[pid 640] chdir("./54") = 0
[pid 640] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 640] setpgid(0, 0) = 0
[pid 640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 640] write(3, "1000", 4) = 4
[pid 640] close(3) = 0
[pid 640] symlink("/dev/binderfs", "./binderfs") = 0
[pid 640] write(1, "executing program\n", 18executing program
) = 18
[pid 640] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 640] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 640] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 640] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 640] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 640] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 640] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 640] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 640] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 640] memfd_create("syzkaller", 0) = 5
[pid 640] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 640] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 640] munmap(0x7f9466c6c000, 138412032) = 0
[pid 640] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 640] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 640] close(5) = 0
[pid 640] close(6) = 0
[pid 640] mkdir("./file0", 0777) = 0
[pid 640] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 640] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 640] chdir("./file0") = 0
[pid 640] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 640] ioctl(6, LOOP_CLR_FD) = 0
[pid 640] close(6) = 0
[pid 640] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 640] write(6, "#! ./file1\n", 11) = 11
[pid 640] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 640] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 640] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=640, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./54/binderfs") = 0
[ 34.500527][ T640] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 34.532680][ T641] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-640: bg 0: block 234: padding at end of block bitmap is not set
umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./54/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./54") = 0
mkdir("./55", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 645 attached
<unfinished ...>
[pid 645] set_robust_list(0x555580e9b660, 24) = 0
[pid 645] chdir("./55" <unfinished ...>
[pid 357] <... clone resumed>, child_tidptr=0x555580e9b650) = 645
[pid 645] <... chdir resumed>) = 0
[pid 645] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 645] setpgid(0, 0) = 0
[pid 645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 645] write(3, "1000", 4) = 4
[pid 645] close(3) = 0
[pid 645] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 645] write(1, "executing program\n", 18) = 18
[pid 645] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 645] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 645] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 645] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 645] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 645] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 645] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 645] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 645] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 645] memfd_create("syzkaller", 0) = 5
[pid 645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 645] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 645] munmap(0x7f9466c6c000, 138412032) = 0
[pid 645] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 645] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 645] close(5) = 0
[pid 645] close(6) = 0
[pid 645] mkdir("./file0", 0777) = 0
[pid 645] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 645] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 645] chdir("./file0") = 0
[pid 645] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 645] ioctl(6, LOOP_CLR_FD) = 0
[pid 645] close(6) = 0
[pid 645] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 645] write(6, "#! ./file1\n", 11) = 11
[pid 645] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 34.730425][ T645] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 645] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 645] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=645, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./55/binderfs") = 0
[ 34.771932][ T646] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-645: bg 0: block 234: padding at end of block bitmap is not set
umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./55/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./55") = 0
mkdir("./56", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 650
./strace-static-x86_64: Process 650 attached
[pid 650] set_robust_list(0x555580e9b660, 24) = 0
[pid 650] chdir("./56") = 0
[pid 650] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 650] setpgid(0, 0) = 0
[pid 650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 650] write(3, "1000", 4) = 4
[pid 650] close(3) = 0
[pid 650] symlink("/dev/binderfs", "./binderfs") = 0
[pid 650] write(1, "executing program\n", 18executing program
) = 18
[pid 650] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 650] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 650] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 650] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 650] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 650] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 650] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 650] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 650] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 650] memfd_create("syzkaller", 0) = 5
[pid 650] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 650] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 650] munmap(0x7f9466c6c000, 138412032) = 0
[pid 650] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 650] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 650] close(5) = 0
[pid 650] close(6) = 0
[pid 650] mkdir("./file0", 0777) = 0
[pid 650] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 650] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 650] chdir("./file0") = 0
[pid 650] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 650] ioctl(6, LOOP_CLR_FD) = 0
[pid 650] close(6) = 0
[pid 650] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 650] write(6, "#! ./file1\n", 11) = 11
[pid 650] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 650] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 650] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=650, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./56/binderfs") = 0
[ 34.944099][ T650] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 34.977239][ T651] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-650: bg 0: block 234: padding at end of block bitmap is not set
umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./56/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./56/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./56") = 0
mkdir("./57", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 655
./strace-static-x86_64: Process 655 attached
[pid 655] set_robust_list(0x555580e9b660, 24) = 0
[pid 655] chdir("./57") = 0
[pid 655] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 655] setpgid(0, 0) = 0
[pid 655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 655] write(3, "1000", 4) = 4
[pid 655] close(3) = 0
[pid 655] symlink("/dev/binderfs", "./binderfs") = 0
[pid 655] write(1, "executing program\n", 18executing program
) = 18
[pid 655] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 655] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 655] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 655] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 655] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 655] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 655] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 655] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 655] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 655] memfd_create("syzkaller", 0) = 5
[pid 655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 655] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 655] munmap(0x7f9466c6c000, 138412032) = 0
[pid 655] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 655] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 655] close(5) = 0
[pid 655] close(6) = 0
[pid 655] mkdir("./file0", 0777) = 0
[pid 655] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 655] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 655] chdir("./file0") = 0
[pid 655] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 655] ioctl(6, LOOP_CLR_FD) = 0
[pid 655] close(6) = 0
[pid 655] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 655] write(6, "#! ./file1\n", 11) = 11
[pid 655] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 655] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 655] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=655, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./57/binderfs") = 0
[ 35.116811][ T655] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 35.149570][ T656] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-655: bg 0: block 234: padding at end of block bitmap is not set
umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./57/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./57/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./57") = 0
mkdir("./58", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 661
./strace-static-x86_64: Process 661 attached
[pid 661] set_robust_list(0x555580e9b660, 24) = 0
[pid 661] chdir("./58") = 0
[pid 661] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 661] setpgid(0, 0) = 0
[pid 661] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 661] write(3, "1000", 4) = 4
[pid 661] close(3) = 0
[pid 661] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 661] write(1, "executing program\n", 18) = 18
[pid 661] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 661] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 661] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 661] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 661] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 661] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 661] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 661] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 661] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 661] memfd_create("syzkaller", 0) = 5
[pid 661] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 661] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 661] munmap(0x7f9466c6c000, 138412032) = 0
[pid 661] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 661] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 661] close(5) = 0
[pid 661] close(6) = 0
[pid 661] mkdir("./file0", 0777) = 0
[pid 661] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 661] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 661] chdir("./file0") = 0
[pid 661] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 661] ioctl(6, LOOP_CLR_FD) = 0
[pid 661] close(6) = 0
[pid 661] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 661] write(6, "#! ./file1\n", 11) = 11
[pid 661] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 661] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 661] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=661, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./58", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./58/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./58/binderfs") = 0
[ 35.270307][ T661] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 35.303793][ T662] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-661: bg 0: block 234: padding at end of block bitmap is not set
umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./58/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./58") = 0
mkdir("./59", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 666
./strace-static-x86_64: Process 666 attached
[pid 666] set_robust_list(0x555580e9b660, 24) = 0
[pid 666] chdir("./59") = 0
[pid 666] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 666] setpgid(0, 0) = 0
[pid 666] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 666] write(3, "1000", 4) = 4
[pid 666] close(3) = 0
[pid 666] symlink("/dev/binderfs", "./binderfs") = 0
[pid 666] write(1, "executing program\n", 18executing program
) = 18
[pid 666] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 666] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 666] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 666] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 666] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 666] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 666] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 666] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 666] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 666] memfd_create("syzkaller", 0) = 5
[pid 666] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 666] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 666] munmap(0x7f9466c6c000, 138412032) = 0
[pid 666] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 666] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 666] close(5) = 0
[pid 666] close(6) = 0
[pid 666] mkdir("./file0", 0777) = 0
[pid 666] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 666] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 666] chdir("./file0") = 0
[pid 666] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 666] ioctl(6, LOOP_CLR_FD) = 0
[pid 666] close(6) = 0
[pid 666] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 666] write(6, "#! ./file1\n", 11) = 11
[pid 666] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 666] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 666] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=666, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./59", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./59/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./59/binderfs") = 0
[ 35.460431][ T666] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 35.486804][ T667] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-666: bg 0: block 234: padding at end of block bitmap is not set
umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./59/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./59") = 0
mkdir("./60", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 671
./strace-static-x86_64: Process 671 attached
[pid 671] set_robust_list(0x555580e9b660, 24) = 0
[pid 671] chdir("./60") = 0
[pid 671] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 671] setpgid(0, 0) = 0
[pid 671] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 671] write(3, "1000", 4) = 4
[pid 671] close(3) = 0
[pid 671] symlink("/dev/binderfs", "./binderfs") = 0
[pid 671] write(1, "executing program\n", 18executing program
) = 18
[pid 671] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 671] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 671] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 671] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 671] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 671] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 671] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 671] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 671] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 671] memfd_create("syzkaller", 0) = 5
[pid 671] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 671] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 671] munmap(0x7f9466c6c000, 138412032) = 0
[pid 671] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 671] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 671] close(5) = 0
[pid 671] close(6) = 0
[pid 671] mkdir("./file0", 0777) = 0
[pid 671] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 671] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 671] chdir("./file0") = 0
[pid 671] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 671] ioctl(6, LOOP_CLR_FD) = 0
[pid 671] close(6) = 0
[pid 671] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 671] write(6, "#! ./file1\n", 11) = 11
[pid 671] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 671] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 671] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=671, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./60", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./60/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./60/binderfs") = 0
[ 35.660225][ T671] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 35.692400][ T672] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-671: bg 0: block 234: padding at end of block bitmap is not set
umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./60/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./60/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./60") = 0
mkdir("./61", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 676
./strace-static-x86_64: Process 676 attached
[pid 676] set_robust_list(0x555580e9b660, 24) = 0
[pid 676] chdir("./61") = 0
[pid 676] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 676] setpgid(0, 0) = 0
[pid 676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 676] write(3, "1000", 4) = 4
[pid 676] close(3) = 0
[pid 676] symlink("/dev/binderfs", "./binderfs") = 0
[pid 676] write(1, "executing program\n", 18executing program
) = 18
[pid 676] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 676] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 676] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 676] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 676] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 676] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 676] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 676] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 676] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 676] memfd_create("syzkaller", 0) = 5
[pid 676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 676] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 676] munmap(0x7f9466c6c000, 138412032) = 0
[pid 676] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 676] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 676] close(5) = 0
[pid 676] close(6) = 0
[pid 676] mkdir("./file0", 0777) = 0
[pid 676] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 676] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 676] chdir("./file0") = 0
[pid 676] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 676] ioctl(6, LOOP_CLR_FD) = 0
[pid 676] close(6) = 0
[pid 676] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 676] write(6, "#! ./file1\n", 11) = 11
[pid 676] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 676] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 676] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=676, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./61", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./61/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./61/binderfs") = 0
[ 35.839835][ T676] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 35.874277][ T677] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-676: bg 0: block 234: padding at end of block bitmap is not set
umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./61/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./61") = 0
mkdir("./62", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 681
./strace-static-x86_64: Process 681 attached
[pid 681] set_robust_list(0x555580e9b660, 24) = 0
[pid 681] chdir("./62") = 0
[pid 681] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 681] setpgid(0, 0) = 0
[pid 681] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 681] write(3, "1000", 4) = 4
[pid 681] close(3) = 0
[pid 681] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 681] write(1, "executing program\n", 18) = 18
[pid 681] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 681] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 681] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 681] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 681] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 681] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 681] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 681] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 681] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 681] memfd_create("syzkaller", 0) = 5
[pid 681] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 681] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 681] munmap(0x7f9466c6c000, 138412032) = 0
[pid 681] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 681] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 681] close(5) = 0
[pid 681] close(6) = 0
[pid 681] mkdir("./file0", 0777) = 0
[pid 681] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 681] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 681] chdir("./file0") = 0
[pid 681] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 681] ioctl(6, LOOP_CLR_FD) = 0
[pid 681] close(6) = 0
[pid 681] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 681] write(6, "#! ./file1\n", 11) = 11
[pid 681] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 681] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 681] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=681, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./62", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./62/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./62/binderfs") = 0
[ 35.980387][ T681] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 36.011497][ T682] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-681: bg 0: block 234: padding at end of block bitmap is not set
umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./62/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./62") = 0
mkdir("./63", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 686
./strace-static-x86_64: Process 686 attached
[pid 686] set_robust_list(0x555580e9b660, 24) = 0
[pid 686] chdir("./63") = 0
[pid 686] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 686] setpgid(0, 0) = 0
[pid 686] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 686] write(3, "1000", 4) = 4
[pid 686] close(3) = 0
[pid 686] symlink("/dev/binderfs", "./binderfs") = 0
[pid 686] write(1, "executing program\n", 18executing program
) = 18
[pid 686] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 686] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 686] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 686] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 686] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 686] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 686] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 686] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 686] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 686] memfd_create("syzkaller", 0) = 5
[pid 686] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 686] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 686] munmap(0x7f9466c6c000, 138412032) = 0
[pid 686] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 686] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 686] close(5) = 0
[pid 686] close(6) = 0
[pid 686] mkdir("./file0", 0777) = 0
[pid 686] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 686] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 686] chdir("./file0") = 0
[pid 686] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 686] ioctl(6, LOOP_CLR_FD) = 0
[pid 686] close(6) = 0
[pid 686] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 686] write(6, "#! ./file1\n", 11) = 11
[pid 686] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 686] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 686] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=686, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./63", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./63/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./63/binderfs") = 0
[ 36.159976][ T686] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 36.192787][ T687] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-686: bg 0: block 234: padding at end of block bitmap is not set
umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./63/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./63") = 0
mkdir("./64", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 692 attached
, child_tidptr=0x555580e9b650) = 692
[pid 692] set_robust_list(0x555580e9b660, 24) = 0
[pid 692] chdir("./64") = 0
[pid 692] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 692] setpgid(0, 0) = 0
[pid 692] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 692] write(3, "1000", 4) = 4
[pid 692] close(3) = 0
[pid 692] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 692] write(1, "executing program\n", 18) = 18
[pid 692] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 692] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 692] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 692] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 692] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 692] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 692] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 692] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 692] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 692] memfd_create("syzkaller", 0) = 5
[pid 692] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 692] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 692] munmap(0x7f9466c6c000, 138412032) = 0
[pid 692] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 692] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 692] close(5) = 0
[pid 692] close(6) = 0
[pid 692] mkdir("./file0", 0777) = 0
[pid 692] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 692] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 692] chdir("./file0") = 0
[pid 692] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 692] ioctl(6, LOOP_CLR_FD) = 0
[pid 692] close(6) = 0
[pid 692] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 692] write(6, "#! ./file1\n", 11) = 11
[pid 692] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 36.500386][ T692] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 692] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 692] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=692, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./64", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./64/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./64/binderfs") = 0
[ 36.541832][ T693] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-692: bg 0: block 234: padding at end of block bitmap is not set
umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./64/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./64") = 0
mkdir("./65", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 697
./strace-static-x86_64: Process 697 attached
[pid 697] set_robust_list(0x555580e9b660, 24) = 0
[pid 697] chdir("./65") = 0
[pid 697] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 697] setpgid(0, 0) = 0
[pid 697] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 697] write(3, "1000", 4) = 4
[pid 697] close(3) = 0
[pid 697] symlink("/dev/binderfs", "./binderfs") = 0
[pid 697] write(1, "executing program\n", 18executing program
) = 18
[pid 697] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 697] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 697] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 697] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 697] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 697] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 697] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 697] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 697] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 697] memfd_create("syzkaller", 0) = 5
[pid 697] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 697] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 697] munmap(0x7f9466c6c000, 138412032) = 0
[pid 697] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 697] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 697] close(5) = 0
[pid 697] close(6) = 0
[pid 697] mkdir("./file0", 0777) = 0
[pid 697] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 697] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 697] chdir("./file0") = 0
[pid 697] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 697] ioctl(6, LOOP_CLR_FD) = 0
[pid 697] close(6) = 0
[pid 697] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 697] write(6, "#! ./file1\n", 11) = 11
[pid 697] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 697] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 697] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=697, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./65", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./65/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./65/binderfs") = 0
[ 36.710444][ T697] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 36.742850][ T698] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-697: bg 0: block 234: padding at end of block bitmap is not set
umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./65/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./65") = 0
mkdir("./66", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 702
./strace-static-x86_64: Process 702 attached
[pid 702] set_robust_list(0x555580e9b660, 24) = 0
[pid 702] chdir("./66") = 0
[pid 702] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 702] setpgid(0, 0) = 0
[pid 702] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 702] write(3, "1000", 4) = 4
[pid 702] close(3) = 0
[pid 702] symlink("/dev/binderfs", "./binderfs") = 0
[pid 702] write(1, "executing program\n", 18executing program
) = 18
[pid 702] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 702] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 702] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 702] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 702] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 702] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 702] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 702] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 702] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 702] memfd_create("syzkaller", 0) = 5
[pid 702] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 702] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 702] munmap(0x7f9466c6c000, 138412032) = 0
[pid 702] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 702] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 702] close(5) = 0
[pid 702] close(6) = 0
[pid 702] mkdir("./file0", 0777) = 0
[pid 702] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 702] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 702] chdir("./file0") = 0
[pid 702] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 702] ioctl(6, LOOP_CLR_FD) = 0
[pid 702] close(6) = 0
[pid 702] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 702] write(6, "#! ./file1\n", 11) = 11
[pid 702] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 36.870190][ T702] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 702] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 702] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=702, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./66", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./66/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./66/binderfs") = 0
umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[ 36.913444][ T703] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-702: bg 0: block 234: padding at end of block bitmap is not set
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./66/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./66") = 0
mkdir("./67", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 707
./strace-static-x86_64: Process 707 attached
[pid 707] set_robust_list(0x555580e9b660, 24) = 0
[pid 707] chdir("./67") = 0
[pid 707] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 707] setpgid(0, 0) = 0
[pid 707] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 707] write(3, "1000", 4) = 4
[pid 707] close(3) = 0
[pid 707] symlink("/dev/binderfs", "./binderfs") = 0
[pid 707] write(1, "executing program\n", 18executing program
) = 18
[pid 707] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 707] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 707] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 707] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 707] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 707] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 707] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 707] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 707] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 707] memfd_create("syzkaller", 0) = 5
[pid 707] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 707] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 707] munmap(0x7f9466c6c000, 138412032) = 0
[pid 707] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 707] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 707] close(5) = 0
[pid 707] close(6) = 0
[pid 707] mkdir("./file0", 0777) = 0
[pid 707] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 707] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 707] chdir("./file0") = 0
[pid 707] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 707] ioctl(6, LOOP_CLR_FD) = 0
[pid 707] close(6) = 0
[pid 707] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 707] write(6, "#! ./file1\n", 11) = 11
[pid 707] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 37.020147][ T707] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 707] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 707] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=707, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./67/binderfs") = 0
[ 37.059769][ T708] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-707: bg 0: block 234: padding at end of block bitmap is not set
umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./67/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./67") = 0
mkdir("./68", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 712
./strace-static-x86_64: Process 712 attached
[pid 712] set_robust_list(0x555580e9b660, 24) = 0
[pid 712] chdir("./68") = 0
[pid 712] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 712] setpgid(0, 0) = 0
[pid 712] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 712] write(3, "1000", 4) = 4
[pid 712] close(3) = 0
[pid 712] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 712] write(1, "executing program\n", 18) = 18
[pid 712] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 712] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 712] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 712] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 712] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 712] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 712] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 712] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 712] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 712] memfd_create("syzkaller", 0) = 5
[pid 712] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 712] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 712] munmap(0x7f9466c6c000, 138412032) = 0
[pid 712] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 712] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 712] close(5) = 0
[pid 712] close(6) = 0
[pid 712] mkdir("./file0", 0777) = 0
[pid 712] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 712] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 712] chdir("./file0") = 0
[pid 712] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 712] ioctl(6, LOOP_CLR_FD) = 0
[pid 712] close(6) = 0
[pid 712] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 712] write(6, "#! ./file1\n", 11) = 11
[pid 712] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 37.230061][ T712] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 712] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 712] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=712, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./68/binderfs") = 0
umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./68/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./68") = 0
[ 37.274392][ T713] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-712: bg 0: block 234: padding at end of block bitmap is not set
mkdir("./69", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 718
./strace-static-x86_64: Process 718 attached
[pid 718] set_robust_list(0x555580e9b660, 24) = 0
[pid 718] chdir("./69") = 0
[pid 718] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 718] setpgid(0, 0) = 0
[pid 718] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 718] write(3, "1000", 4) = 4
[pid 718] close(3) = 0
[pid 718] symlink("/dev/binderfs", "./binderfs") = 0
[pid 718] write(1, "executing program\n", 18executing program
) = 18
[pid 718] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 718] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 718] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 718] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 718] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 718] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 718] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 718] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 718] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 718] memfd_create("syzkaller", 0) = 5
[pid 718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 718] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 718] munmap(0x7f9466c6c000, 138412032) = 0
[pid 718] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 718] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 718] close(5) = 0
[pid 718] close(6) = 0
[pid 718] mkdir("./file0", 0777) = 0
[pid 718] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 718] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 718] chdir("./file0") = 0
[pid 718] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 718] ioctl(6, LOOP_CLR_FD) = 0
[pid 718] close(6) = 0
[pid 718] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 718] write(6, "#! ./file1\n", 11) = 11
[pid 718] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 37.470409][ T718] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 718] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 718] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=718, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./69/binderfs") = 0
[ 37.511285][ T719] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-718: bg 0: block 234: padding at end of block bitmap is not set
umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./69/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./69") = 0
mkdir("./70", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 723
./strace-static-x86_64: Process 723 attached
[pid 723] set_robust_list(0x555580e9b660, 24) = 0
[pid 723] chdir("./70") = 0
[pid 723] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 723] setpgid(0, 0) = 0
[pid 723] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 723] write(3, "1000", 4) = 4
[pid 723] close(3) = 0
[pid 723] symlink("/dev/binderfs", "./binderfs") = 0
[pid 723] write(1, "executing program\n", 18executing program
) = 18
[pid 723] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 723] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 723] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 723] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 723] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 723] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 723] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 723] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 723] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 723] memfd_create("syzkaller", 0) = 5
[pid 723] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 723] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 723] munmap(0x7f9466c6c000, 138412032) = 0
[pid 723] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 723] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 723] close(5) = 0
[pid 723] close(6) = 0
[pid 723] mkdir("./file0", 0777) = 0
[pid 723] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 723] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 723] chdir("./file0") = 0
[pid 723] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 723] ioctl(6, LOOP_CLR_FD) = 0
[pid 723] close(6) = 0
[pid 723] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 723] write(6, "#! ./file1\n", 11) = 11
[pid 723] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 723] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 723] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=723, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./70/binderfs") = 0
[ 37.760787][ T723] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 37.795621][ T724] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-723: bg 0: block 234: padding at end of block bitmap is not set
umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./70/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./70") = 0
mkdir("./71", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 728
./strace-static-x86_64: Process 728 attached
[pid 728] set_robust_list(0x555580e9b660, 24) = 0
[pid 728] chdir("./71") = 0
[pid 728] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 728] setpgid(0, 0) = 0
[pid 728] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 728] write(3, "1000", 4) = 4
[pid 728] close(3) = 0
[pid 728] symlink("/dev/binderfs", "./binderfs") = 0
[pid 728] write(1, "executing program\n", 18executing program
) = 18
[pid 728] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 728] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 728] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 728] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 728] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 728] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 728] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 728] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 728] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 728] memfd_create("syzkaller", 0) = 5
[pid 728] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 728] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 728] munmap(0x7f9466c6c000, 138412032) = 0
[pid 728] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 728] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 728] close(5) = 0
[pid 728] close(6) = 0
[pid 728] mkdir("./file0", 0777) = 0
[pid 728] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 728] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 728] chdir("./file0") = 0
[pid 728] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 728] ioctl(6, LOOP_CLR_FD) = 0
[pid 728] close(6) = 0
[pid 728] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 728] write(6, "#! ./file1\n", 11) = 11
[pid 728] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 728] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 728] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=728, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./71/binderfs") = 0
[ 37.900258][ T728] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 37.931963][ T729] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-728: bg 0: block 234: padding at end of block bitmap is not set
umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./71/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./71") = 0
mkdir("./72", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 733
./strace-static-x86_64: Process 733 attached
[pid 733] set_robust_list(0x555580e9b660, 24) = 0
[pid 733] chdir("./72") = 0
[pid 733] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 733] setpgid(0, 0) = 0
[pid 733] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 733] write(3, "1000", 4) = 4
[pid 733] close(3) = 0
[pid 733] symlink("/dev/binderfs", "./binderfs") = 0
[pid 733] write(1, "executing program\n", 18executing program
) = 18
[pid 733] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 733] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 733] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 733] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 733] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 733] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 733] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 733] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 733] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 733] memfd_create("syzkaller", 0) = 5
[pid 733] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 733] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 733] munmap(0x7f9466c6c000, 138412032) = 0
[pid 733] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 733] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 733] close(5) = 0
[pid 733] close(6) = 0
[pid 733] mkdir("./file0", 0777) = 0
[pid 733] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 733] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 733] chdir("./file0") = 0
[pid 733] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 733] ioctl(6, LOOP_CLR_FD) = 0
[pid 733] close(6) = 0
[pid 733] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 733] write(6, "#! ./file1\n", 11) = 11
[pid 733] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 733] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 733] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=733, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./72/binderfs") = 0
[ 38.070292][ T733] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 38.096552][ T734] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-733: bg 0: block 234: padding at end of block bitmap is not set
umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./72/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./72") = 0
mkdir("./73", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 738
./strace-static-x86_64: Process 738 attached
[pid 738] set_robust_list(0x555580e9b660, 24) = 0
[pid 738] chdir("./73") = 0
[pid 738] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 738] setpgid(0, 0) = 0
[pid 738] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 738] write(3, "1000", 4) = 4
[pid 738] close(3) = 0
[pid 738] symlink("/dev/binderfs", "./binderfs") = 0
[pid 738] write(1, "executing program\n", 18executing program
) = 18
[pid 738] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 738] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 738] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 738] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 738] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 738] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 738] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 738] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 738] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 738] memfd_create("syzkaller", 0) = 5
[pid 738] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 738] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 738] munmap(0x7f9466c6c000, 138412032) = 0
[pid 738] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 738] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 738] close(5) = 0
[pid 738] close(6) = 0
[pid 738] mkdir("./file0", 0777) = 0
[pid 738] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 738] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 738] chdir("./file0") = 0
[pid 738] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 738] ioctl(6, LOOP_CLR_FD) = 0
[pid 738] close(6) = 0
[pid 738] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 738] write(6, "#! ./file1\n", 11) = 11
[pid 738] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 738] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 738] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=738, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./73/binderfs") = 0
[ 38.200230][ T738] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 38.227389][ T739] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-738: bg 0: block 234: padding at end of block bitmap is not set
umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./73/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./73") = 0
mkdir("./74", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 744
./strace-static-x86_64: Process 744 attached
[pid 744] set_robust_list(0x555580e9b660, 24) = 0
[pid 744] chdir("./74") = 0
[pid 744] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 744] setpgid(0, 0) = 0
[pid 744] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 744] write(3, "1000", 4) = 4
[pid 744] close(3) = 0
[pid 744] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 744] write(1, "executing program\n", 18) = 18
[pid 744] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 744] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 744] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 744] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 744] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 744] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 744] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 744] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 744] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 744] memfd_create("syzkaller", 0) = 5
[pid 744] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 744] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 744] munmap(0x7f9466c6c000, 138412032) = 0
[pid 744] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 744] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 744] close(5) = 0
[pid 744] close(6) = 0
[pid 744] mkdir("./file0", 0777) = 0
[pid 744] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 744] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 744] chdir("./file0") = 0
[pid 744] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 744] ioctl(6, LOOP_CLR_FD) = 0
[pid 744] close(6) = 0
[pid 744] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 744] write(6, "#! ./file1\n", 11) = 11
[pid 744] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 744] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 744] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=744, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./74/binderfs") = 0
[ 38.431013][ T744] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 38.463107][ T745] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-744: bg 0: block 234: padding at end of block bitmap is not set
umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./74/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./74") = 0
mkdir("./75", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 749
./strace-static-x86_64: Process 749 attached
[pid 749] set_robust_list(0x555580e9b660, 24) = 0
[pid 749] chdir("./75") = 0
[pid 749] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 749] setpgid(0, 0) = 0
[pid 749] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 749] write(3, "1000", 4) = 4
[pid 749] close(3) = 0
[pid 749] symlink("/dev/binderfs", "./binderfs") = 0
[pid 749] write(1, "executing program\n", 18) = 18
executing program
[pid 749] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 749] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 749] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 749] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 749] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 749] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 749] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 749] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 749] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 749] memfd_create("syzkaller", 0) = 5
[pid 749] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 749] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 749] munmap(0x7f9466c6c000, 138412032) = 0
[pid 749] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 749] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 749] close(5) = 0
[pid 749] close(6) = 0
[pid 749] mkdir("./file0", 0777) = 0
[pid 749] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 749] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 749] chdir("./file0") = 0
[pid 749] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 749] ioctl(6, LOOP_CLR_FD) = 0
[pid 749] close(6) = 0
[pid 749] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 749] write(6, "#! ./file1\n", 11) = 11
[pid 749] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 749] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 749] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=749, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./75/binderfs") = 0
[ 38.571838][ T749] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 38.603878][ T750] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-749: bg 0: block 234: padding at end of block bitmap is not set
umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./75/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./75") = 0
mkdir("./76", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 754 attached
<unfinished ...>
[pid 754] set_robust_list(0x555580e9b660, 24) = 0
[pid 357] <... clone resumed>, child_tidptr=0x555580e9b650) = 754
[pid 754] chdir("./76") = 0
[pid 754] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 754] setpgid(0, 0) = 0
[pid 754] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 754] write(3, "1000", 4) = 4
[pid 754] close(3) = 0
[pid 754] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 754] write(1, "executing program\n", 18) = 18
[pid 754] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 754] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 754] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 754] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 754] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 754] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 754] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 754] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 754] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 754] memfd_create("syzkaller", 0) = 5
[pid 754] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 754] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 754] munmap(0x7f9466c6c000, 138412032) = 0
[pid 754] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 754] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 754] close(5) = 0
[pid 754] close(6) = 0
[pid 754] mkdir("./file0", 0777) = 0
[pid 754] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 754] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 754] chdir("./file0") = 0
[pid 754] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 754] ioctl(6, LOOP_CLR_FD) = 0
[pid 754] close(6) = 0
[pid 754] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 754] write(6, "#! ./file1\n", 11) = 11
[pid 754] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 754] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 754] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=754, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./76/binderfs") = 0
[ 38.730245][ T754] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 38.763851][ T755] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-754: bg 0: block 234: padding at end of block bitmap is not set
umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./76/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./76") = 0
mkdir("./77", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 759
./strace-static-x86_64: Process 759 attached
[pid 759] set_robust_list(0x555580e9b660, 24) = 0
[pid 759] chdir("./77") = 0
[pid 759] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 759] setpgid(0, 0) = 0
[pid 759] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 759] write(3, "1000", 4) = 4
[pid 759] close(3) = 0
[pid 759] symlink("/dev/binderfs", "./binderfs") = 0
[pid 759] write(1, "executing program\n", 18executing program
) = 18
[pid 759] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 759] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 759] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 759] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 759] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 759] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 759] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 759] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 759] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 759] memfd_create("syzkaller", 0) = 5
[pid 759] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 759] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 759] munmap(0x7f9466c6c000, 138412032) = 0
[pid 759] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 759] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 759] close(5) = 0
[pid 759] close(6) = 0
[pid 759] mkdir("./file0", 0777) = 0
[pid 759] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 759] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 759] chdir("./file0") = 0
[pid 759] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 759] ioctl(6, LOOP_CLR_FD) = 0
[pid 759] close(6) = 0
[pid 759] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 759] write(6, "#! ./file1\n", 11) = 11
[pid 759] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 759] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 759] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=759, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./77/binderfs") = 0
[ 38.930204][ T759] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 38.963670][ T760] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-759: bg 0: block 234: padding at end of block bitmap is not set
umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./77/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./77") = 0
mkdir("./78", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 764
./strace-static-x86_64: Process 764 attached
[pid 764] set_robust_list(0x555580e9b660, 24) = 0
[pid 764] chdir("./78") = 0
[pid 764] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 764] setpgid(0, 0) = 0
[pid 764] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 764] write(3, "1000", 4) = 4
[pid 764] close(3) = 0
[pid 764] symlink("/dev/binderfs", "./binderfs") = 0
[pid 764] write(1, "executing program\n", 18executing program
) = 18
[pid 764] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 764] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 764] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 764] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 764] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 764] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 764] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 764] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 764] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 764] memfd_create("syzkaller", 0) = 5
[pid 764] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 764] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 764] munmap(0x7f9466c6c000, 138412032) = 0
[pid 764] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 764] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 764] close(5) = 0
[pid 764] close(6) = 0
[pid 764] mkdir("./file0", 0777) = 0
[pid 764] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 764] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 764] chdir("./file0") = 0
[pid 764] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 764] ioctl(6, LOOP_CLR_FD) = 0
[pid 764] close(6) = 0
[pid 764] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 764] write(6, "#! ./file1\n", 11) = 11
[pid 764] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 764] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 764] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=764, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./78/binderfs") = 0
[ 39.070223][ T764] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 39.101561][ T765] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-764: bg 0: block 234: padding at end of block bitmap is not set
umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./78/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./78/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./78") = 0
mkdir("./79", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 770
./strace-static-x86_64: Process 770 attached
[pid 770] set_robust_list(0x555580e9b660, 24) = 0
[pid 770] chdir("./79") = 0
[pid 770] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 770] setpgid(0, 0) = 0
[pid 770] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 770] write(3, "1000", 4) = 4
[pid 770] close(3) = 0
[pid 770] symlink("/dev/binderfs", "./binderfs") = 0
[pid 770] write(1, "executing program\n", 18executing program
) = 18
[pid 770] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 770] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 770] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 770] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 770] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 770] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 770] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 770] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 770] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 770] memfd_create("syzkaller", 0) = 5
[pid 770] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 770] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 770] munmap(0x7f9466c6c000, 138412032) = 0
[pid 770] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 770] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 770] close(5) = 0
[pid 770] close(6) = 0
[pid 770] mkdir("./file0", 0777) = 0
[pid 770] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 770] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 770] chdir("./file0") = 0
[pid 770] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 770] ioctl(6, LOOP_CLR_FD) = 0
[pid 770] close(6) = 0
[pid 770] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 770] write(6, "#! ./file1\n", 11) = 11
[pid 770] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 770] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 770] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=770, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./79/binderfs") = 0
[ 39.308577][ T770] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 39.340199][ T771] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-770: bg 0: block 234: padding at end of block bitmap is not set
umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./79/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./79") = 0
mkdir("./80", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 775
./strace-static-x86_64: Process 775 attached
[pid 775] set_robust_list(0x555580e9b660, 24) = 0
[pid 775] chdir("./80") = 0
[pid 775] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 775] setpgid(0, 0) = 0
[pid 775] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 775] write(3, "1000", 4) = 4
[pid 775] close(3) = 0
[pid 775] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 775] write(1, "executing program\n", 18) = 18
[pid 775] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 775] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 775] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 775] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 775] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 775] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 775] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 775] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 775] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 775] memfd_create("syzkaller", 0) = 5
[pid 775] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 775] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 775] munmap(0x7f9466c6c000, 138412032) = 0
[pid 775] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 775] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 775] close(5) = 0
[pid 775] close(6) = 0
[pid 775] mkdir("./file0", 0777) = 0
[pid 775] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 775] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 775] chdir("./file0") = 0
[pid 775] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 775] ioctl(6, LOOP_CLR_FD) = 0
[pid 775] close(6) = 0
[pid 775] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 775] write(6, "#! ./file1\n", 11) = 11
[pid 775] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 775] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 775] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=775, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./80/binderfs") = 0
[ 39.480169][ T775] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 39.512833][ T776] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-775: bg 0: block 234: padding at end of block bitmap is not set
umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./80/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./80") = 0
mkdir("./81", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 780 attached
<unfinished ...>
[pid 780] set_robust_list(0x555580e9b660, 24) = 0
[pid 357] <... clone resumed>, child_tidptr=0x555580e9b650) = 780
[pid 780] chdir("./81") = 0
[pid 780] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 780] setpgid(0, 0) = 0
[pid 780] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 780] write(3, "1000", 4) = 4
[pid 780] close(3) = 0
[pid 780] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 780] write(1, "executing program\n", 18) = 18
[pid 780] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 780] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 780] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 780] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 780] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 780] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 780] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 780] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 780] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 780] memfd_create("syzkaller", 0) = 5
[pid 780] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 780] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 780] munmap(0x7f9466c6c000, 138412032) = 0
[pid 780] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 780] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 780] close(5) = 0
[pid 780] close(6) = 0
[pid 780] mkdir("./file0", 0777) = 0
[pid 780] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 780] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 780] chdir("./file0") = 0
[pid 780] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 780] ioctl(6, LOOP_CLR_FD) = 0
[pid 780] close(6) = 0
[pid 780] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 780] write(6, "#! ./file1\n", 11) = 11
[pid 780] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 780] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 780] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=780, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./81/binderfs") = 0
[ 39.719759][ T780] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 39.753012][ T781] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-780: bg 0: block 234: padding at end of block bitmap is not set
umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./81/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./81") = 0
mkdir("./82", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 785
./strace-static-x86_64: Process 785 attached
[pid 785] set_robust_list(0x555580e9b660, 24) = 0
[pid 785] chdir("./82") = 0
[pid 785] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 785] setpgid(0, 0) = 0
[pid 785] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 785] write(3, "1000", 4) = 4
[pid 785] close(3) = 0
[pid 785] symlink("/dev/binderfs", "./binderfs") = 0
[pid 785] write(1, "executing program\n", 18executing program
) = 18
[pid 785] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 785] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 785] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 785] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 785] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 785] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 785] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 785] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 785] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 785] memfd_create("syzkaller", 0) = 5
[pid 785] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 785] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 785] munmap(0x7f9466c6c000, 138412032) = 0
[pid 785] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 785] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 785] close(5) = 0
[pid 785] close(6) = 0
[pid 785] mkdir("./file0", 0777) = 0
[pid 785] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 785] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 785] chdir("./file0") = 0
[pid 785] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 785] ioctl(6, LOOP_CLR_FD) = 0
[pid 785] close(6) = 0
[pid 785] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 785] write(6, "#! ./file1\n", 11) = 11
[pid 785] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 40.070188][ T785] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 785] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 785] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=785, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./82/binderfs") = 0
umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./82/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./82") = 0
mkdir("./83", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 40.111608][ T786] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-785: bg 0: block 234: padding at end of block bitmap is not set
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 790
./strace-static-x86_64: Process 790 attached
[pid 790] set_robust_list(0x555580e9b660, 24) = 0
[pid 790] chdir("./83") = 0
[pid 790] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 790] setpgid(0, 0) = 0
[pid 790] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 790] write(3, "1000", 4) = 4
[pid 790] close(3) = 0
[pid 790] symlink("/dev/binderfs", "./binderfs") = 0
[pid 790] write(1, "executing program\n", 18executing program
) = 18
[pid 790] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 790] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 790] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 790] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 790] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 790] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 790] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 790] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 790] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 790] memfd_create("syzkaller", 0) = 5
[pid 790] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 790] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 790] munmap(0x7f9466c6c000, 138412032) = 0
[pid 790] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 790] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 790] close(5) = 0
[pid 790] close(6) = 0
[pid 790] mkdir("./file0", 0777) = 0
[pid 790] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 790] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 790] chdir("./file0") = 0
[pid 790] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 790] ioctl(6, LOOP_CLR_FD) = 0
[pid 790] close(6) = 0
[pid 790] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 790] write(6, "#! ./file1\n", 11) = 11
[pid 790] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 40.209530][ T790] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 790] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 790] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=790, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./83/binderfs") = 0
[ 40.250062][ T791] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-790: bg 0: block 234: padding at end of block bitmap is not set
umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./83/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./83") = 0
mkdir("./84", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 796
./strace-static-x86_64: Process 796 attached
[pid 796] set_robust_list(0x555580e9b660, 24) = 0
[pid 796] chdir("./84") = 0
[pid 796] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 796] setpgid(0, 0) = 0
[pid 796] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 796] write(3, "1000", 4) = 4
[pid 796] close(3) = 0
[pid 796] symlink("/dev/binderfs", "./binderfs") = 0
[pid 796] write(1, "executing program\n", 18executing program
) = 18
[pid 796] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 796] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 796] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 796] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 796] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 796] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 796] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 796] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 796] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 796] memfd_create("syzkaller", 0) = 5
[pid 796] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 796] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 796] munmap(0x7f9466c6c000, 138412032) = 0
[pid 796] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 796] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 796] close(5) = 0
[pid 796] close(6) = 0
[pid 796] mkdir("./file0", 0777) = 0
[pid 796] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 796] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 796] chdir("./file0") = 0
[pid 796] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 796] ioctl(6, LOOP_CLR_FD) = 0
[pid 796] close(6) = 0
[pid 796] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 796] write(6, "#! ./file1\n", 11) = 11
[pid 796] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 796] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 796] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=796, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./84/binderfs") = 0
[ 40.420321][ T796] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 40.453984][ T797] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-796: bg 0: block 234: padding at end of block bitmap is not set
umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./84/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./84") = 0
mkdir("./85", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 801 attached
, child_tidptr=0x555580e9b650) = 801
[pid 801] set_robust_list(0x555580e9b660, 24) = 0
[pid 801] chdir("./85") = 0
[pid 801] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 801] setpgid(0, 0) = 0
[pid 801] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 801] write(3, "1000", 4) = 4
[pid 801] close(3) = 0
[pid 801] symlink("/dev/binderfs", "./binderfs") = 0
[pid 801] write(1, "executing program\n", 18executing program
) = 18
[pid 801] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 801] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 801] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 801] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 801] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 801] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 801] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 801] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 801] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 801] memfd_create("syzkaller", 0) = 5
[pid 801] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 801] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 801] munmap(0x7f9466c6c000, 138412032) = 0
[pid 801] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 801] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 801] close(5) = 0
[pid 801] close(6) = 0
[pid 801] mkdir("./file0", 0777) = 0
[pid 801] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 801] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 801] chdir("./file0") = 0
[pid 801] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 801] ioctl(6, LOOP_CLR_FD) = 0
[pid 801] close(6) = 0
[pid 801] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 801] write(6, "#! ./file1\n", 11) = 11
[pid 801] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 801] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 801] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=801, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./85/binderfs") = 0
[ 40.628990][ T801] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 40.661391][ T802] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-801: bg 0: block 234: padding at end of block bitmap is not set
umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./85/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./85") = 0
mkdir("./86", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 806
./strace-static-x86_64: Process 806 attached
[pid 806] set_robust_list(0x555580e9b660, 24) = 0
[pid 806] chdir("./86") = 0
[pid 806] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 806] setpgid(0, 0) = 0
[pid 806] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 806] write(3, "1000", 4) = 4
[pid 806] close(3) = 0
[pid 806] symlink("/dev/binderfs", "./binderfs") = 0
[pid 806] write(1, "executing program\n", 18executing program
) = 18
[pid 806] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 806] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 806] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 806] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 806] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 806] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 806] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 806] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 806] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 806] memfd_create("syzkaller", 0) = 5
[pid 806] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 806] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 806] munmap(0x7f9466c6c000, 138412032) = 0
[pid 806] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 806] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 806] close(5) = 0
[pid 806] close(6) = 0
[pid 806] mkdir("./file0", 0777) = 0
[pid 806] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 806] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 806] chdir("./file0") = 0
[pid 806] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 806] ioctl(6, LOOP_CLR_FD) = 0
[pid 806] close(6) = 0
[pid 806] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 806] write(6, "#! ./file1\n", 11) = 11
[pid 806] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 806] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 806] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=806, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./86/binderfs") = 0
[ 40.820196][ T806] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 40.851951][ T807] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-806: bg 0: block 234: padding at end of block bitmap is not set
umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./86/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./86") = 0
mkdir("./87", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 811
./strace-static-x86_64: Process 811 attached
[pid 811] set_robust_list(0x555580e9b660, 24) = 0
[pid 811] chdir("./87") = 0
[pid 811] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 811] setpgid(0, 0) = 0
[pid 811] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 811] write(3, "1000", 4) = 4
[pid 811] close(3) = 0
[pid 811] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 811] write(1, "executing program\n", 18) = 18
[pid 811] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 811] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 811] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 811] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 811] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 811] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 811] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 811] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 811] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 811] memfd_create("syzkaller", 0) = 5
[pid 811] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 811] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 811] munmap(0x7f9466c6c000, 138412032) = 0
[pid 811] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 811] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 811] close(5) = 0
[pid 811] close(6) = 0
[pid 811] mkdir("./file0", 0777) = 0
[pid 811] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 811] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 811] chdir("./file0") = 0
[pid 811] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 811] ioctl(6, LOOP_CLR_FD) = 0
[pid 811] close(6) = 0
[pid 811] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 811] write(6, "#! ./file1\n", 11) = 11
[pid 811] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 811] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 811] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=811, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./87/binderfs") = 0
[ 40.971063][ T811] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 41.002694][ T812] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-811: bg 0: block 234: padding at end of block bitmap is not set
umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./87/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./87") = 0
mkdir("./88", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 816
./strace-static-x86_64: Process 816 attached
[pid 816] set_robust_list(0x555580e9b660, 24) = 0
[pid 816] chdir("./88") = 0
[pid 816] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 816] setpgid(0, 0) = 0
[pid 816] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 816] write(3, "1000", 4) = 4
[pid 816] close(3) = 0
[pid 816] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 816] write(1, "executing program\n", 18) = 18
[pid 816] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 816] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 816] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 816] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 816] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 816] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 816] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 816] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 816] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 816] memfd_create("syzkaller", 0) = 5
[pid 816] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 816] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 816] munmap(0x7f9466c6c000, 138412032) = 0
[pid 816] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 816] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 816] close(5) = 0
[pid 816] close(6) = 0
[pid 816] mkdir("./file0", 0777) = 0
[pid 816] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 816] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 816] chdir("./file0") = 0
[pid 816] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 816] ioctl(6, LOOP_CLR_FD) = 0
[pid 816] close(6) = 0
[pid 816] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 816] write(6, "#! ./file1\n", 11) = 11
[pid 816] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 41.200211][ T816] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 816] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 816] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=816, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./88/binderfs") = 0
[ 41.241531][ T817] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-816: bg 0: block 234: padding at end of block bitmap is not set
umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./88/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./88") = 0
mkdir("./89", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 822
./strace-static-x86_64: Process 822 attached
[pid 822] set_robust_list(0x555580e9b660, 24) = 0
[pid 822] chdir("./89") = 0
[pid 822] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 822] setpgid(0, 0) = 0
[pid 822] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 822] write(3, "1000", 4) = 4
[pid 822] close(3) = 0
[pid 822] symlink("/dev/binderfs", "./binderfs") = 0
[pid 822] write(1, "executing program\n", 18executing program
) = 18
[pid 822] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 822] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 822] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 822] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 822] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 822] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 822] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 822] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 822] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 822] memfd_create("syzkaller", 0) = 5
[pid 822] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 822] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 822] munmap(0x7f9466c6c000, 138412032) = 0
[pid 822] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 822] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 822] close(5) = 0
[pid 822] close(6) = 0
[pid 822] mkdir("./file0", 0777) = 0
[pid 822] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 822] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 822] chdir("./file0") = 0
[pid 822] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 822] ioctl(6, LOOP_CLR_FD) = 0
[pid 822] close(6) = 0
[pid 822] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 822] write(6, "#! ./file1\n", 11) = 11
[pid 822] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 822] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 822] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=822, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./89/binderfs") = 0
[ 41.370157][ T822] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 41.399677][ T823] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-822: bg 0: block 234: padding at end of block bitmap is not set
umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./89/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./89") = 0
mkdir("./90", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 827
./strace-static-x86_64: Process 827 attached
[pid 827] set_robust_list(0x555580e9b660, 24) = 0
[pid 827] chdir("./90") = 0
[pid 827] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 827] setpgid(0, 0) = 0
[pid 827] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 827] write(3, "1000", 4) = 4
[pid 827] close(3) = 0
[pid 827] symlink("/dev/binderfs", "./binderfs") = 0
[pid 827] write(1, "executing program\n", 18executing program
) = 18
[pid 827] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 827] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 827] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 827] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 827] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 827] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 827] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 827] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 827] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 827] memfd_create("syzkaller", 0) = 5
[pid 827] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 827] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 827] munmap(0x7f9466c6c000, 138412032) = 0
[pid 827] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 827] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 827] close(5) = 0
[pid 827] close(6) = 0
[pid 827] mkdir("./file0", 0777) = 0
[pid 827] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 827] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 827] chdir("./file0") = 0
[pid 827] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 827] ioctl(6, LOOP_CLR_FD) = 0
[pid 827] close(6) = 0
[pid 827] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 827] write(6, "#! ./file1\n", 11) = 11
[pid 827] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 827] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 827] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=827, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./90/binderfs") = 0
[ 41.540386][ T827] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 41.571301][ T827] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./90/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./90") = 0
mkdir("./91", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 832
./strace-static-x86_64: Process 832 attached
[pid 832] set_robust_list(0x555580e9b660, 24) = 0
[pid 832] chdir("./91") = 0
[pid 832] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 832] setpgid(0, 0) = 0
[pid 832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 832] write(3, "1000", 4) = 4
[pid 832] close(3) = 0
[pid 832] symlink("/dev/binderfs", "./binderfs") = 0
[pid 832] write(1, "executing program\n", 18executing program
) = 18
[pid 832] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 832] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 832] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 832] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 832] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 832] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 832] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 832] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 832] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 832] memfd_create("syzkaller", 0) = 5
[pid 832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 832] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 832] munmap(0x7f9466c6c000, 138412032) = 0
[pid 832] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 832] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 832] close(5) = 0
[pid 832] close(6) = 0
[pid 832] mkdir("./file0", 0777) = 0
[pid 832] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 832] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 832] chdir("./file0") = 0
[pid 832] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 832] ioctl(6, LOOP_CLR_FD) = 0
[pid 832] close(6) = 0
[pid 832] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 832] write(6, "#! ./file1\n", 11) = 11
[pid 832] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 832] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 832] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=832, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./91/binderfs") = 0
[ 41.750357][ T832] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 41.782150][ T833] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-832: bg 0: block 234: padding at end of block bitmap is not set
umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./91/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./91") = 0
mkdir("./92", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 837
./strace-static-x86_64: Process 837 attached
[pid 837] set_robust_list(0x555580e9b660, 24) = 0
[pid 837] chdir("./92") = 0
[pid 837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 837] setpgid(0, 0) = 0
[pid 837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 837] write(3, "1000", 4) = 4
[pid 837] close(3) = 0
[pid 837] symlink("/dev/binderfs", "./binderfs") = 0
[pid 837] write(1, "executing program\n", 18executing program
) = 18
[pid 837] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 837] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 837] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 837] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 837] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 837] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 837] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 837] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 837] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 837] memfd_create("syzkaller", 0) = 5
[pid 837] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 837] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 837] munmap(0x7f9466c6c000, 138412032) = 0
[pid 837] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 837] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 837] close(5) = 0
[pid 837] close(6) = 0
[pid 837] mkdir("./file0", 0777) = 0
[pid 837] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 837] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 837] chdir("./file0") = 0
[pid 837] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 837] ioctl(6, LOOP_CLR_FD) = 0
[pid 837] close(6) = 0
[pid 837] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 837] write(6, "#! ./file1\n", 11) = 11
[pid 837] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 837] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 837] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=837, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./92/binderfs") = 0
[ 41.940189][ T837] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 41.962571][ T837] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./92/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./92") = 0
mkdir("./93", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 842
./strace-static-x86_64: Process 842 attached
[pid 842] set_robust_list(0x555580e9b660, 24) = 0
[pid 842] chdir("./93") = 0
[pid 842] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 842] setpgid(0, 0) = 0
[pid 842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 842] write(3, "1000", 4) = 4
[pid 842] close(3) = 0
[pid 842] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 842] write(1, "executing program\n", 18) = 18
[pid 842] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 842] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 842] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 842] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 842] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 842] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 842] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 842] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 842] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 842] memfd_create("syzkaller", 0) = 5
[pid 842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 842] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 842] munmap(0x7f9466c6c000, 138412032) = 0
[pid 842] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 842] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 842] close(5) = 0
[pid 842] close(6) = 0
[pid 842] mkdir("./file0", 0777) = 0
[pid 842] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 842] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 842] chdir("./file0") = 0
[pid 842] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 842] ioctl(6, LOOP_CLR_FD) = 0
[pid 842] close(6) = 0
[pid 842] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 842] write(6, "#! ./file1\n", 11) = 11
[pid 842] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 842] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 842] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=842, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./93/binderfs") = 0
[ 42.138011][ T842] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 42.169173][ T843] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-842: bg 0: block 234: padding at end of block bitmap is not set
umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./93/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./93") = 0
mkdir("./94", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 848
./strace-static-x86_64: Process 848 attached
[pid 848] set_robust_list(0x555580e9b660, 24) = 0
[pid 848] chdir("./94") = 0
[pid 848] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 848] setpgid(0, 0) = 0
[pid 848] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 848] write(3, "1000", 4) = 4
[pid 848] close(3) = 0
[pid 848] symlink("/dev/binderfs", "./binderfs") = 0
[pid 848] write(1, "executing program\n", 18executing program
) = 18
[pid 848] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 848] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 848] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 848] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 848] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 848] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 848] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 848] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 848] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 848] memfd_create("syzkaller", 0) = 5
[pid 848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 848] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 848] munmap(0x7f9466c6c000, 138412032) = 0
[pid 848] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 848] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 848] close(5) = 0
[pid 848] close(6) = 0
[pid 848] mkdir("./file0", 0777) = 0
[pid 848] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 848] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 848] chdir("./file0") = 0
[pid 848] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 848] ioctl(6, LOOP_CLR_FD) = 0
[pid 848] close(6) = 0
[pid 848] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 848] write(6, "#! ./file1\n", 11) = 11
[pid 848] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 848] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 848] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=848, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./94/binderfs") = 0
[ 42.330154][ T848] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 42.353134][ T848] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./94/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./94") = 0
mkdir("./95", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 853
./strace-static-x86_64: Process 853 attached
[pid 853] set_robust_list(0x555580e9b660, 24) = 0
[pid 853] chdir("./95") = 0
[pid 853] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 853] setpgid(0, 0) = 0
[pid 853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 853] write(3, "1000", 4) = 4
[pid 853] close(3) = 0
[pid 853] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 853] write(1, "executing program\n", 18) = 18
[pid 853] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 853] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 853] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 853] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 853] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 853] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 853] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 853] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 853] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 853] memfd_create("syzkaller", 0) = 5
[pid 853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 853] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 853] munmap(0x7f9466c6c000, 138412032) = 0
[pid 853] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 853] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 853] close(5) = 0
[pid 853] close(6) = 0
[pid 853] mkdir("./file0", 0777) = 0
[pid 853] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 853] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 853] chdir("./file0") = 0
[pid 853] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 853] ioctl(6, LOOP_CLR_FD) = 0
[pid 853] close(6) = 0
[pid 853] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 853] write(6, "#! ./file1\n", 11) = 11
[pid 853] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 42.570113][ T853] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 853] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 853] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=853, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./95/binderfs") = 0
[ 42.612055][ T854] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-853: bg 0: block 234: padding at end of block bitmap is not set
umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./95/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./95") = 0
mkdir("./96", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 858
./strace-static-x86_64: Process 858 attached
[pid 858] set_robust_list(0x555580e9b660, 24) = 0
[pid 858] chdir("./96") = 0
[pid 858] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 858] setpgid(0, 0) = 0
[pid 858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 858] write(3, "1000", 4) = 4
[pid 858] close(3) = 0
[pid 858] symlink("/dev/binderfs", "./binderfs") = 0
[pid 858] write(1, "executing program\n", 18executing program
) = 18
[pid 858] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 858] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 858] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 858] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 858] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 858] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 858] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 858] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 858] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 858] memfd_create("syzkaller", 0) = 5
[pid 858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 858] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 858] munmap(0x7f9466c6c000, 138412032) = 0
[pid 858] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 858] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 858] close(5) = 0
[pid 858] close(6) = 0
[pid 858] mkdir("./file0", 0777) = 0
[pid 858] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 858] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 858] chdir("./file0") = 0
[pid 858] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 858] ioctl(6, LOOP_CLR_FD) = 0
[pid 858] close(6) = 0
[pid 858] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 858] write(6, "#! ./file1\n", 11) = 11
[pid 858] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 858] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 858] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=858, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./96/binderfs") = 0
[ 42.734739][ T858] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 42.766853][ T859] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-858: bg 0: block 234: padding at end of block bitmap is not set
umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./96/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./96") = 0
mkdir("./97", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 863
./strace-static-x86_64: Process 863 attached
[pid 863] set_robust_list(0x555580e9b660, 24) = 0
[pid 863] chdir("./97") = 0
[pid 863] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 863] setpgid(0, 0) = 0
[pid 863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 863] write(3, "1000", 4) = 4
[pid 863] close(3) = 0
[pid 863] symlink("/dev/binderfs", "./binderfs") = 0
[pid 863] write(1, "executing program\n", 18executing program
) = 18
[pid 863] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 863] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 863] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 863] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 863] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 863] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 863] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 863] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 863] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 863] memfd_create("syzkaller", 0) = 5
[pid 863] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 863] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 863] munmap(0x7f9466c6c000, 138412032) = 0
[pid 863] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 863] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 863] close(5) = 0
[pid 863] close(6) = 0
[pid 863] mkdir("./file0", 0777) = 0
[pid 863] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 863] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 863] chdir("./file0") = 0
[pid 863] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 863] ioctl(6, LOOP_CLR_FD) = 0
[pid 863] close(6) = 0
[pid 863] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 863] write(6, "#! ./file1\n", 11) = 11
[pid 863] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 863] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 863] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=863, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./97/binderfs") = 0
[ 42.934532][ T863] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 42.966992][ T864] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-863: bg 0: block 234: padding at end of block bitmap is not set
umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./97/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./97") = 0
mkdir("./98", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 868
./strace-static-x86_64: Process 868 attached
[pid 868] set_robust_list(0x555580e9b660, 24) = 0
[pid 868] chdir("./98") = 0
[pid 868] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 868] setpgid(0, 0) = 0
[pid 868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 868] write(3, "1000", 4) = 4
[pid 868] close(3) = 0
[pid 868] symlink("/dev/binderfs", "./binderfs") = 0
[pid 868] write(1, "executing program\n", 18executing program
) = 18
[pid 868] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 868] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 868] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 868] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 868] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 868] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 868] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 868] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 868] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 868] memfd_create("syzkaller", 0) = 5
[pid 868] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 868] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 868] munmap(0x7f9466c6c000, 138412032) = 0
[pid 868] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 868] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 868] close(5) = 0
[pid 868] close(6) = 0
[pid 868] mkdir("./file0", 0777) = 0
[pid 868] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 868] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 868] chdir("./file0") = 0
[pid 868] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 868] ioctl(6, LOOP_CLR_FD) = 0
[pid 868] close(6) = 0
[pid 868] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 868] write(6, "#! ./file1\n", 11) = 11
[pid 868] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 868] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 868] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=868, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./98/binderfs") = 0
[ 43.095123][ T868] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 43.127812][ T869] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-868: bg 0: block 234: padding at end of block bitmap is not set
umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./98/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./98") = 0
mkdir("./99", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 874
./strace-static-x86_64: Process 874 attached
[pid 874] set_robust_list(0x555580e9b660, 24) = 0
[pid 874] chdir("./99") = 0
[pid 874] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 874] setpgid(0, 0) = 0
[pid 874] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 874] write(3, "1000", 4) = 4
[pid 874] close(3) = 0
[pid 874] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 874] write(1, "executing program\n", 18) = 18
[pid 874] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 874] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 874] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 874] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 874] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 874] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 874] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 874] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 874] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 874] memfd_create("syzkaller", 0) = 5
[pid 874] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 874] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 874] munmap(0x7f9466c6c000, 138412032) = 0
[pid 874] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 874] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 874] close(5) = 0
[pid 874] close(6) = 0
[pid 874] mkdir("./file0", 0777) = 0
[pid 874] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 874] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 874] chdir("./file0") = 0
[pid 874] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 874] ioctl(6, LOOP_CLR_FD) = 0
[pid 874] close(6) = 0
[pid 874] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 874] write(6, "#! ./file1\n", 11) = 11
[pid 874] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 874] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 874] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=874, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./99/binderfs") = 0
[ 43.294832][ T874] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 43.326812][ T875] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-874: bg 0: block 234: padding at end of block bitmap is not set
umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./99/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./99") = 0
mkdir("./100", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 879
./strace-static-x86_64: Process 879 attached
[pid 879] set_robust_list(0x555580e9b660, 24) = 0
[pid 879] chdir("./100") = 0
[pid 879] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 879] setpgid(0, 0) = 0
[pid 879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 879] write(3, "1000", 4) = 4
[pid 879] close(3) = 0
[pid 879] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 879] write(1, "executing program\n", 18) = 18
[pid 879] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 879] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 879] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 879] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 879] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 879] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 879] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 879] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 879] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 879] memfd_create("syzkaller", 0) = 5
[pid 879] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 879] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 879] munmap(0x7f9466c6c000, 138412032) = 0
[pid 879] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 879] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 879] close(5) = 0
[pid 879] close(6) = 0
[pid 879] mkdir("./file0", 0777) = 0
[pid 879] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 879] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 879] chdir("./file0") = 0
[pid 879] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 879] ioctl(6, LOOP_CLR_FD) = 0
[pid 879] close(6) = 0
[pid 879] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 879] write(6, "#! ./file1\n", 11) = 11
[pid 879] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 43.580150][ T879] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 879] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 879] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=879, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./100/binderfs") = 0
[ 43.622985][ T880] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-879: bg 0: block 234: padding at end of block bitmap is not set
umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program
) = 0
umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./100/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./100") = 0
mkdir("./101", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 885
./strace-static-x86_64: Process 885 attached
[pid 885] set_robust_list(0x555580e9b660, 24) = 0
[pid 885] chdir("./101") = 0
[pid 885] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 885] setpgid(0, 0) = 0
[pid 885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 885] write(3, "1000", 4) = 4
[pid 885] close(3) = 0
[pid 885] symlink("/dev/binderfs", "./binderfs") = 0
[pid 885] write(1, "executing program\n", 18) = 18
[pid 885] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 885] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 885] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 885] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 885] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 885] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 885] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 885] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 885] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 885] memfd_create("syzkaller", 0) = 5
[pid 885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 885] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 885] munmap(0x7f9466c6c000, 138412032) = 0
[pid 885] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 885] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 885] close(5) = 0
[pid 885] close(6) = 0
[pid 885] mkdir("./file0", 0777) = 0
[pid 885] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 885] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 885] chdir("./file0") = 0
[pid 885] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 885] ioctl(6, LOOP_CLR_FD) = 0
[pid 885] close(6) = 0
[pid 885] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 885] write(6, "#! ./file1\n", 11) = 11
[pid 885] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 885] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 885] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=885, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./101/binderfs") = 0
[ 43.760095][ T885] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 43.787971][ T885] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./101/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./101") = 0
mkdir("./102", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 890
./strace-static-x86_64: Process 890 attached
[pid 890] set_robust_list(0x555580e9b660, 24) = 0
[pid 890] chdir("./102") = 0
[pid 890] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 890] setpgid(0, 0) = 0
[pid 890] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 890] write(3, "1000", 4) = 4
[pid 890] close(3) = 0
[pid 890] symlink("/dev/binderfs", "./binderfs") = 0
[pid 890] write(1, "executing program\n", 18executing program
) = 18
[pid 890] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 890] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 890] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 890] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 890] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 890] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 890] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 890] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 890] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 890] memfd_create("syzkaller", 0) = 5
[pid 890] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 890] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 890] munmap(0x7f9466c6c000, 138412032) = 0
[pid 890] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 890] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 890] close(5) = 0
[pid 890] close(6) = 0
[pid 890] mkdir("./file0", 0777) = 0
[pid 890] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 890] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 890] chdir("./file0") = 0
[pid 890] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 890] ioctl(6, LOOP_CLR_FD) = 0
[pid 890] close(6) = 0
[pid 890] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 890] write(6, "#! ./file1\n", 11) = 11
[pid 890] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 890] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 890] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=890, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./102/binderfs") = 0
[ 43.980171][ T890] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 44.010746][ T891] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-890: bg 0: block 234: padding at end of block bitmap is not set
umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./102/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./102/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./102") = 0
mkdir("./103", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 895
./strace-static-x86_64: Process 895 attached
[pid 895] set_robust_list(0x555580e9b660, 24) = 0
[pid 895] chdir("./103") = 0
[pid 895] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 895] setpgid(0, 0) = 0
[pid 895] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 895] write(3, "1000", 4) = 4
[pid 895] close(3) = 0
[pid 895] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 895] write(1, "executing program\n", 18) = 18
[pid 895] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 895] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 895] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 895] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 895] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 895] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 895] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 895] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 895] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 895] memfd_create("syzkaller", 0) = 5
[pid 895] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 895] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 895] munmap(0x7f9466c6c000, 138412032) = 0
[pid 895] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 895] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 895] close(5) = 0
[pid 895] close(6) = 0
[pid 895] mkdir("./file0", 0777) = 0
[pid 895] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 895] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 895] chdir("./file0") = 0
[pid 895] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 895] ioctl(6, LOOP_CLR_FD) = 0
[pid 895] close(6) = 0
[pid 895] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 895] write(6, "#! ./file1\n", 11) = 11
[pid 895] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 895] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 895] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=895, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[ 44.180198][ T895] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 44.208624][ T895] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
unlink("./103/binderfs") = 0
umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./103/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./103") = 0
mkdir("./104", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 901 attached
<unfinished ...>
[pid 901] set_robust_list(0x555580e9b660, 24) = 0
[pid 901] chdir("./104" <unfinished ...>
[pid 357] <... clone resumed>, child_tidptr=0x555580e9b650) = 901
[pid 901] <... chdir resumed>) = 0
[pid 901] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 901] setpgid(0, 0) = 0
[pid 901] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 901] write(3, "1000", 4) = 4
[pid 901] close(3) = 0
[pid 901] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 901] write(1, "executing program\n", 18) = 18
[pid 901] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 901] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 901] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 901] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 901] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 901] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 901] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 901] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 901] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 901] memfd_create("syzkaller", 0) = 5
[pid 901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 901] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 901] munmap(0x7f9466c6c000, 138412032) = 0
[pid 901] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 901] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 901] close(5) = 0
[pid 901] close(6) = 0
[pid 901] mkdir("./file0", 0777) = 0
[pid 901] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 901] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 901] chdir("./file0") = 0
[pid 901] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 901] ioctl(6, LOOP_CLR_FD) = 0
[pid 901] close(6) = 0
[pid 901] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 901] write(6, "#! ./file1\n", 11) = 11
[pid 901] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 901] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 901] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=901, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./104/binderfs") = 0
[ 44.370307][ T901] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 44.397140][ T901] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./104/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./104/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./104") = 0
mkdir("./105", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 906
./strace-static-x86_64: Process 906 attached
[pid 906] set_robust_list(0x555580e9b660, 24) = 0
[pid 906] chdir("./105") = 0
[pid 906] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 906] setpgid(0, 0) = 0
[pid 906] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 906] write(3, "1000", 4) = 4
[pid 906] close(3) = 0
[pid 906] symlink("/dev/binderfs", "./binderfs") = 0
[pid 906] write(1, "executing program\n", 18executing program
) = 18
[pid 906] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 906] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 906] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 906] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 906] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 906] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 906] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 906] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 906] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 906] memfd_create("syzkaller", 0) = 5
[pid 906] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 906] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 906] munmap(0x7f9466c6c000, 138412032) = 0
[pid 906] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 906] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 906] close(5) = 0
[pid 906] close(6) = 0
[pid 906] mkdir("./file0", 0777) = 0
[pid 906] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 906] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 906] chdir("./file0") = 0
[pid 906] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 906] ioctl(6, LOOP_CLR_FD) = 0
[pid 906] close(6) = 0
[pid 906] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 906] write(6, "#! ./file1\n", 11) = 11
[pid 906] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 906] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 906] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=906, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./105/binderfs") = 0
[ 44.520378][ T906] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 44.542869][ T906] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./105/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./105/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./105") = 0
mkdir("./106", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 911 attached
, child_tidptr=0x555580e9b650) = 911
[pid 911] set_robust_list(0x555580e9b660, 24) = 0
[pid 911] chdir("./106") = 0
[pid 911] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 911] setpgid(0, 0) = 0
[pid 911] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 911] write(3, "1000", 4) = 4
[pid 911] close(3) = 0
[pid 911] symlink("/dev/binderfs", "./binderfs") = 0
[pid 911] write(1, "executing program\n", 18executing program
) = 18
[pid 911] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 911] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 911] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 911] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 911] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 911] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 911] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 911] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 911] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 911] memfd_create("syzkaller", 0) = 5
[pid 911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 911] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 911] munmap(0x7f9466c6c000, 138412032) = 0
[pid 911] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 911] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 911] close(5) = 0
[pid 911] close(6) = 0
[pid 911] mkdir("./file0", 0777) = 0
[pid 911] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 911] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 911] chdir("./file0") = 0
[pid 911] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 911] ioctl(6, LOOP_CLR_FD) = 0
[pid 911] close(6) = 0
[pid 911] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 911] write(6, "#! ./file1\n", 11) = 11
[pid 911] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 911] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 911] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=911, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./106/binderfs") = 0
[ 44.650298][ T911] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 44.677778][ T911] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./106/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./106") = 0
mkdir("./107", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 916
./strace-static-x86_64: Process 916 attached
[pid 916] set_robust_list(0x555580e9b660, 24) = 0
[pid 916] chdir("./107") = 0
[pid 916] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 916] setpgid(0, 0) = 0
[pid 916] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 916] write(3, "1000", 4) = 4
[pid 916] close(3) = 0
[pid 916] symlink("/dev/binderfs", "./binderfs") = 0
[pid 916] write(1, "executing program\n", 18executing program
) = 18
[pid 916] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 916] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 916] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 916] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 916] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 916] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 916] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 916] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 916] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 916] memfd_create("syzkaller", 0) = 5
[pid 916] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 916] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 916] munmap(0x7f9466c6c000, 138412032) = 0
[pid 916] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 916] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 916] close(5) = 0
[pid 916] close(6) = 0
[pid 916] mkdir("./file0", 0777) = 0
[pid 916] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 916] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 916] chdir("./file0") = 0
[pid 916] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 916] ioctl(6, LOOP_CLR_FD) = 0
[pid 916] close(6) = 0
[pid 916] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 916] write(6, "#! ./file1\n", 11) = 11
[pid 916] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 916] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 916] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=916, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./107/binderfs") = 0
[ 44.860133][ T916] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 44.891830][ T917] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-916: bg 0: block 234: padding at end of block bitmap is not set
umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./107/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./107") = 0
mkdir("./108", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 921
./strace-static-x86_64: Process 921 attached
[pid 921] set_robust_list(0x555580e9b660, 24) = 0
[pid 921] chdir("./108") = 0
[pid 921] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 921] setpgid(0, 0) = 0
[pid 921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 921] write(3, "1000", 4) = 4
[pid 921] close(3) = 0
[pid 921] symlink("/dev/binderfs", "./binderfs") = 0
[pid 921] write(1, "executing program\n", 18executing program
) = 18
[pid 921] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 921] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 921] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 921] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 921] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 921] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 921] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 921] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 921] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 921] memfd_create("syzkaller", 0) = 5
[pid 921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 921] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 921] munmap(0x7f9466c6c000, 138412032) = 0
[pid 921] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 921] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 921] close(5) = 0
[pid 921] close(6) = 0
[pid 921] mkdir("./file0", 0777) = 0
[pid 921] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 921] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 921] chdir("./file0") = 0
[pid 921] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 921] ioctl(6, LOOP_CLR_FD) = 0
[pid 921] close(6) = 0
[pid 921] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 921] write(6, "#! ./file1\n", 11) = 11
[pid 921] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 921] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 921] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=921, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./108/binderfs") = 0
[ 45.020191][ T921] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 45.052250][ T922] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-921: bg 0: block 234: padding at end of block bitmap is not set
umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./108/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./108") = 0
mkdir("./109", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 926 attached
, child_tidptr=0x555580e9b650) = 926
[pid 926] set_robust_list(0x555580e9b660, 24) = 0
[pid 926] chdir("./109") = 0
[pid 926] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 926] setpgid(0, 0) = 0
[pid 926] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 926] write(3, "1000", 4) = 4
[pid 926] close(3) = 0
[pid 926] symlink("/dev/binderfs", "./binderfs") = 0
[pid 926] write(1, "executing program\n", 18executing program
) = 18
[pid 926] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 926] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 926] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 926] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 926] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 926] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 926] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 926] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 926] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 926] memfd_create("syzkaller", 0) = 5
[pid 926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 926] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 926] munmap(0x7f9466c6c000, 138412032) = 0
[pid 926] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 926] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 926] close(5) = 0
[pid 926] close(6) = 0
[pid 926] mkdir("./file0", 0777) = 0
[pid 926] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 926] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 926] chdir("./file0") = 0
[pid 926] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 926] ioctl(6, LOOP_CLR_FD) = 0
[pid 926] close(6) = 0
[pid 926] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 926] write(6, "#! ./file1\n", 11) = 11
[pid 926] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 926] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 926] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=926, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./109/binderfs") = 0
[ 45.190102][ T926] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 45.221990][ T927] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-926: bg 0: block 234: padding at end of block bitmap is not set
umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./109/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./109") = 0
mkdir("./110", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 932
./strace-static-x86_64: Process 932 attached
[pid 932] set_robust_list(0x555580e9b660, 24) = 0
[pid 932] chdir("./110") = 0
[pid 932] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 932] setpgid(0, 0) = 0
[pid 932] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 932] write(3, "1000", 4) = 4
[pid 932] close(3) = 0
[pid 932] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 932] write(1, "executing program\n", 18) = 18
[pid 932] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 932] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 932] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 932] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 932] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 932] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 932] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 932] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 932] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 932] memfd_create("syzkaller", 0) = 5
[pid 932] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 932] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 932] munmap(0x7f9466c6c000, 138412032) = 0
[pid 932] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 932] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 932] close(5) = 0
[pid 932] close(6) = 0
[pid 932] mkdir("./file0", 0777) = 0
[pid 932] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 932] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 932] chdir("./file0") = 0
[pid 932] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 932] ioctl(6, LOOP_CLR_FD) = 0
[pid 932] close(6) = 0
[pid 932] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 932] write(6, "#! ./file1\n", 11) = 11
[pid 932] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 932] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 932] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=932, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./110/binderfs") = 0
[ 45.340183][ T932] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 45.371968][ T933] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-932: bg 0: block 234: padding at end of block bitmap is not set
umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./110/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./110") = 0
mkdir("./111", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 937
./strace-static-x86_64: Process 937 attached
[pid 937] set_robust_list(0x555580e9b660, 24) = 0
[pid 937] chdir("./111") = 0
[pid 937] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 937] setpgid(0, 0) = 0
[pid 937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 937] write(3, "1000", 4) = 4
[pid 937] close(3) = 0
[pid 937] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 937] write(1, "executing program\n", 18) = 18
[pid 937] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 937] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 937] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 937] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 937] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 937] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 937] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 937] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 937] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 937] memfd_create("syzkaller", 0) = 5
[pid 937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 937] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 937] munmap(0x7f9466c6c000, 138412032) = 0
[pid 937] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 937] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 937] close(5) = 0
[pid 937] close(6) = 0
[pid 937] mkdir("./file0", 0777) = 0
[pid 937] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 937] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 937] chdir("./file0") = 0
[pid 937] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 937] ioctl(6, LOOP_CLR_FD) = 0
[pid 937] close(6) = 0
[pid 937] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 937] write(6, "#! ./file1\n", 11) = 11
[pid 937] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 45.620194][ T937] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 937] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 937] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=937, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./111/binderfs") = 0
[ 45.663089][ T938] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-937: bg 0: block 234: padding at end of block bitmap is not set
umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./111/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./111") = 0
mkdir("./112", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 942
./strace-static-x86_64: Process 942 attached
[pid 942] set_robust_list(0x555580e9b660, 24) = 0
[pid 942] chdir("./112") = 0
[pid 942] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 942] setpgid(0, 0) = 0
[pid 942] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 942] write(3, "1000", 4) = 4
[pid 942] close(3) = 0
[pid 942] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 942] write(1, "executing program\n", 18) = 18
[pid 942] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 942] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 942] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 942] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 942] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 942] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 942] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 942] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 942] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 942] memfd_create("syzkaller", 0) = 5
[pid 942] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 942] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 942] munmap(0x7f9466c6c000, 138412032) = 0
[pid 942] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 942] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 942] close(5) = 0
[pid 942] close(6) = 0
[pid 942] mkdir("./file0", 0777) = 0
[pid 942] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 942] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 942] chdir("./file0") = 0
[pid 942] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 942] ioctl(6, LOOP_CLR_FD) = 0
[pid 942] close(6) = 0
[pid 942] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 942] write(6, "#! ./file1\n", 11) = 11
[pid 942] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 942] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 942] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=942, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./112/binderfs") = 0
[ 45.820307][ T942] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[ 45.852708][ T943] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-942: bg 0: block 234: padding at end of block bitmap is not set
umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./112/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./112/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./112") = 0
mkdir("./113", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 947
./strace-static-x86_64: Process 947 attached
[pid 947] set_robust_list(0x555580e9b660, 24) = 0
[pid 947] chdir("./113") = 0
[pid 947] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 947] setpgid(0, 0) = 0
[pid 947] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 947] write(3, "1000", 4) = 4
[pid 947] close(3) = 0
[pid 947] symlink("/dev/binderfs", "./binderfs") = 0
[pid 947] write(1, "executing program\n", 18executing program
) = 18
[pid 947] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 947] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 947] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 947] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 947] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 947] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 947] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 947] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 947] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 947] memfd_create("syzkaller", 0) = 5
[pid 947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 947] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 947] munmap(0x7f9466c6c000, 138412032) = 0
[pid 947] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 947] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 947] close(5) = 0
[pid 947] close(6) = 0
[pid 947] mkdir("./file0", 0777) = 0
[pid 947] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 947] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 947] chdir("./file0") = 0
[pid 947] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 947] ioctl(6, LOOP_CLR_FD) = 0
[pid 947] close(6) = 0
[pid 947] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 947] write(6, "#! ./file1\n", 11) = 11
[pid 947] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[ 46.029373][ T947] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue
[pid 947] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 947] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=947, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./113/binderfs") = 0
[ 46.069821][ T948] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-947: bg 0: block 234: padding at end of block bitmap is not set
umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./113/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./113") = 0
mkdir("./114", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 952
./strace-static-x86_64: Process 952 attached
[pid 952] set_robust_list(0x555580e9b660, 24) = 0
[pid 952] chdir("./114") = 0
[pid 952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 952] setpgid(0, 0) = 0
[pid 952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 952] write(3, "1000", 4) = 4
[pid 952] close(3) = 0
[pid 952] symlink("/dev/binderfs", "./binderfs") = 0
[pid 952] write(1, "executing program\n", 18executing program
) = 18
[pid 952] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 952] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 952] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 952] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 952] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 952] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 952] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 952] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 952] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 952] memfd_create("syzkaller", 0) = 5
[pid 952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 952] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 952] munmap(0x7f9466c6c000, 138412032) = 0
[pid 952] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 952] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 952] close(5) = 0
[pid 952] close(6) = 0
[pid 952] mkdir("./file0", 0777) = 0
[pid 952] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 952] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 952] chdir("./file0") = 0
[pid 952] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 952] ioctl(6, LOOP_CLR_FD) = 0
[pid 952] close(6) = 0
[pid 952] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 952] write(6, "#! ./file1\n", 11) = 11
[pid 952] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 952] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 952] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=952, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./114/binderfs") = 0
[ 46.229422][ T952] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor209: bg 0: block 234: padding at end of block bitmap is not set
umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./114/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./114") = 0
mkdir("./115", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 958
./strace-static-x86_64: Process 958 attached
[pid 958] set_robust_list(0x555580e9b660, 24) = 0
[pid 958] chdir("./115") = 0
[pid 958] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 958] setpgid(0, 0) = 0
[pid 958] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 958] write(3, "1000", 4) = 4
[pid 958] close(3) = 0
[pid 958] symlink("/dev/binderfs", "./binderfs") = 0
[pid 958] write(1, "executing program\n", 18executing program
) = 18
[pid 958] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 958] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 958] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 958] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 958] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 958] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 958] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 958] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 958] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 958] memfd_create("syzkaller", 0) = 5
[pid 958] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 958] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 958] munmap(0x7f9466c6c000, 138412032) = 0
[pid 958] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 958] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 958] close(5) = 0
[pid 958] close(6) = 0
[pid 958] mkdir("./file0", 0777) = 0
[pid 958] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 958] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 958] chdir("./file0") = 0
[pid 958] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 958] ioctl(6, LOOP_CLR_FD) = 0
[pid 958] close(6) = 0
[pid 958] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 958] write(6, "#! ./file1\n", 11) = 11
[pid 958] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 958] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000000005c0} ---
[pid 958] +++ killed by SIGBUS +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=958, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./115/binderfs") = 0
[ 46.377351][ T959] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-958: bg 0: block 234: padding at end of block bitmap is not set
umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555580ea4730 /* 2 entries */, 32768) = 48
getdents64(4, 0x555580ea4730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./115/file0") = 0
getdents64(3, 0x555580e9c6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./115") = 0
mkdir("./116", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580e9b650) = 963
./strace-static-x86_64: Process 963 attached
[pid 963] set_robust_list(0x555580e9b660, 24) = 0
[pid 963] chdir("./116") = 0
[pid 963] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 963] setpgid(0, 0) = 0
[pid 963] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 963] write(3, "1000", 4) = 4
[pid 963] close(3) = 0
[pid 963] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 963] write(1, "executing program\n", 18) = 18
[pid 963] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3
[pid 963] ioctl(3, VHOST_SET_OWNER, 0) = 0
[pid 963] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0
[pid 963] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0
[pid 963] eventfd2(118, EFD_SEMAPHORE) = 4
[pid 963] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0
[pid 963] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0
[pid 963] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0
[pid 963] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0
[pid 963] memfd_create("syzkaller", 0) = 5
[pid 963] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9466c6c000
[pid 963] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid 963] munmap(0x7f9466c6c000, 138412032) = 0
[pid 963] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 963] ioctl(6, LOOP_SET_FD, 5) = 0
[pid 963] close(5) = 0
[pid 963] close(6) = 0
[pid 963] mkdir("./file0", 0777) = 0
[pid 963] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0
[pid 963] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid 963] chdir("./file0") = 0
[pid 963] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid 963] ioctl(6, LOOP_CLR_FD) = 0
[pid 963] close(6) = 0
[pid 963] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6
[pid 963] write(6, "#! ./file1\n", 11) = 11
[pid 963] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000
[pid 963] exit_group(0) = ?
[pid 963] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=963, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555580e9c6f0 /* 4 entries */, 32768) = 112
umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./116/binderfs") = 0
[ 46.522046][ T964] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm vhost-963: bg 0: block 234: padding at end of block bitmap is not set
[ 46.549717][ T7] ------------[ cut here ]------------
[ 46.555103][ T7] kernel BUG at fs/ext4/inode.c:2844!
[ 46.560623][ T7] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 46.566498][ T7] CPU: 1 PID: 7 Comm: kworker/u4:0 Not tainted 5.4.290-syzkaller-00001-g986c38813dff #0
[ 46.576043][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 46.586046][ T7] Workqueue: writeback wb_workfn (flush-7:0)
[ 46.591844][ T7] RIP: 0010:ext4_writepages+0x3c96/0x3cc0
[ 46.597488][ T7] Code: 82 9a ff 31 ff 89 de e8 48 82 9a ff 45 84 f6 75 2e e8 fe 7f 9a ff 49 bf 00 00 00 00 00 fc ff df e9 1d f9 ff ff e8 ea 7f 9a ff <0f> 0b e8 e3 7f 9a ff 0f 0b e8 dc 7f 9a ff e8 c7 39 35 ff eb 99 e8
[ 46.617005][ T7] RSP: 0018:ffff8881f5db70c0 EFLAGS: 00010293
[ 46.622921][ T7] RAX: ffffffff81cb1ae6 RBX: 0000010000000000 RCX: ffff8881f5d6af40
[ 46.630804][ T7] RDX: 0000000000000000 RSI: 0000010000000000 RDI: 0000000000000000
[ 46.638719][ T7] RBP: ffff8881f5db74b0 R08: ffffffff81cae736 R09: ffffed103b19bdd8
[ 46.646513][ T7] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881d8cdef68
[ 46.654328][ T7] R13: 0000000000000001 R14: 0000010410000000 R15: dffffc0000000000
[ 46.662331][ T7] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 46.671083][ T7] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 46.677597][ T7] CR2: 00007ffc43105ff8 CR3: 00000001da405000 CR4: 00000000003406a0
[ 46.685408][ T7] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 46.693301][ T7] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 46.701197][ T7] Call Trace:
[ 46.704418][ T7] ? __die+0xbc/0x100
[ 46.708233][ T7] ? die+0x2a/0x50
[ 46.711793][ T7] ? do_trap+0x1a4/0x310
[ 46.716060][ T7] ? do_invalid_op+0x105/0x120
[ 46.720646][ T7] ? ext4_writepages+0x3c96/0x3cc0
[ 46.725593][ T7] ? ext4_writepages+0x3c96/0x3cc0
[ 46.730540][ T7] ? invalid_op+0x1e/0x30
[ 46.734706][ T7] ? ext4_writepages+0x8e6/0x3cc0
[ 46.739564][ T7] ? ext4_writepages+0x3c96/0x3cc0
[ 46.744633][ T7] ? ext4_writepages+0x3c96/0x3cc0
[ 46.749697][ T7] ? debug_smp_processor_id+0x20/0x20
[ 46.755034][ T7] ? check_preemption_disabled+0x9f/0x320
[ 46.760555][ T7] ? __kasan_check_read+0x11/0x20
[ 46.765421][ T7] ? mark_page_accessed+0x280/0x670
[ 46.770458][ T7] ? write_boundary_block+0x150/0x150
[ 46.775666][ T7] ? check_preemption_disabled+0x9f/0x320
[ 46.781232][ T7] ? ext4_readpage+0x2d0/0x2d0
[ 46.785811][ T7] ? __getblk_gfp+0x3d/0x770
[ 46.790335][ T7] ? update_load_avg+0xc23/0x1250
[ 46.795200][ T7] ? check_preemption_disabled+0x9f/0x320
[ 46.800851][ T7] ? update_load_avg+0x43f/0x1250
[ 46.805709][ T7] ? check_preemption_disabled+0x9f/0x320
[ 46.811275][ T7] ? ext4_readpage+0x2d0/0x2d0
[ 46.816019][ T7] do_writepages+0x12b/0x270
[ 46.820450][ T7] ? __writepage+0x110/0x110
[ 46.825160][ T7] ? __kasan_check_write+0x14/0x20
[ 46.830097][ T7] ? _raw_spin_lock+0xa4/0x1b0
[ 46.834694][ T7] ? _raw_spin_trylock_bh+0x190/0x190
[ 46.840063][ T7] __writeback_single_inode+0xdb/0xc80
[ 46.845575][ T7] writeback_sb_inodes+0x9e0/0x1800
[ 46.850586][ T7] ? _raw_spin_lock+0xa4/0x1b0
[ 46.855184][ T7] ? queue_io+0x5b0/0x5b0
[ 46.859348][ T7] ? writeback_sb_inodes+0x1800/0x1800
[ 46.864656][ T7] ? queue_io+0x3f8/0x5b0
[ 46.868820][ T7] wb_writeback+0x403/0xd70
[ 46.873371][ T7] ? wb_io_lists_depopulated+0x170/0x170
[ 46.878907][ T7] ? check_preemption_disabled+0x9f/0x320
[ 46.884889][ T7] ? debug_smp_processor_id+0x20/0x20
[ 46.890058][ T7] ? __kasan_check_write+0x14/0x20
[ 46.895012][ T7] ? check_preemption_disabled+0x9f/0x320
[ 46.900560][ T7] wb_workfn+0x3b6/0x1230
[ 46.904928][ T7] ? inode_wait_for_writeback+0x280/0x280
[ 46.910472][ T7] ? __kasan_check_read+0x11/0x20
[ 46.915354][ T7] ? switch_mm_irqs_off+0x35a/0xab0
[ 46.920521][ T7] ? _raw_spin_unlock_irq+0x4e/0x70
[ 46.925564][ T7] ? finish_task_switch+0x130/0x590
[ 46.930772][ T7] ? __schedule+0xb0d/0x1320
[ 46.935370][ T7] ? __kasan_check_read+0x11/0x20
[ 46.940235][ T7] ? strscpy+0x9c/0x260
[ 46.944212][ T7] process_one_work+0x781/0xd50
[ 46.948899][ T7] worker_thread+0xa27/0x1360
[ 46.953428][ T7] kthread+0x321/0x3a0
[ 46.957318][ T7] ? worker_clr_flags+0x180/0x180
[ 46.962176][ T7] ? kthread_blkcg+0xd0/0xd0
[ 46.966631][ T7] ret_from_fork+0x1f/0x30
[ 46.970849][ T7] Modules linked in:
[ 46.974710][ T7] ---[ end trace 87c0a048b6aac791 ]---
[ 46.980116][ T7] RIP: 0010:ext4_writepages+0x3c96/0x3cc0
[ 46.985635][ T7] Code: 82 9a ff 31 ff 89 de e8 48 82 9a ff 45 84 f6 75 2e e8 fe 7f 9a ff 49 bf 00 00 00 00 00 fc ff df e9 1d f9 ff ff e8 ea 7f 9a ff <0f> 0b e8 e3 7f 9a ff 0f 0b e8 dc 7f 9a ff e8 c7 39 35 ff eb 99 e8
[ 47.005214][ T7] RSP: 0018:ffff8881f5db70c0 EFLAGS: 00010293
[ 47.011124][ T7] RAX: ffffffff81cb1ae6 RBX: 0000010000000000 RCX: ffff8881f5d6af40
[ 47.018917][ T7] RDX: 0000000000000000 RSI: 0000010000000000 RDI: 0000000000000000
[ 47.026704][ T7] RBP: ffff8881f5db74b0 R08: ffffffff81cae736 R09: ffffed103b19bdd8
[ 47.034585][ T7] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881d8cdef68
[ 47.042360][ T7] R13: 0000000000000001 R14: 0000010410000000 R15: dffffc0000000000
[ 47.050480][ T7] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 47.059237][ T7] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 47.065966][ T7] CR2: 00007ffc43105ff8 CR3: 00000001da405000 CR4: 00000000003406a0
[ 47.074181][ T7] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 47.082148][ T7] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 47.089958][ T7] Kernel panic - not syncing: Fatal exception
[ 47.096109][ T7] Kernel Offset: disabled
[ 47.100239][ T7] Rebooting in 86400 seconds..