./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3344029258

<...>
Warning: Permanently added '10.128.1.163' (ED25519) to the list of known hosts.
execve("./syz-executor3344029258", ["./syz-executor3344029258"], 0x7ffc669e0850 /* 10 vars */) = 0
brk(NULL)                               = 0x555579a07000
brk(0x555579a07d40)                     = 0x555579a07d40
arch_prctl(ARCH_SET_FS, 0x555579a073c0) = 0
set_tid_address(0x555579a07690)         = 296
set_robust_list(0x555579a076a0, 24)     = 0
rseq(0x555579a07ce0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3344029258", 4096) = 28
getrandom("\x99\x31\x03\x74\x72\x40\xf1\x57", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555579a07d40
brk(0x555579a28d40)                     = 0x555579a28d40
brk(0x555579a29000)                     = 0x555579a29000
mprotect(0x7faa8fa37000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 297
openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3
write(3, "10000000000", 11)             = 11
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3
write(3, "20", 2)                       = 2
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
write(3, "100", 3)                      = 3
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3
write(3, "7 4 1 3", 7)                  = 7
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3
write(3, "297", 3)                      = 3
close(3)                                = 0
kill(297, SIGKILL)                      = 0
./strace-static-x86_64: Process 297 attached
[pid   297] +++ killed by SIGKILL +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=297, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} ---
mkdir("/syzcgroup", 0777)               = 0
mkdir("/syzcgroup/unified", 0777)       = 0
mount("none", "/syzcgroup/unified", "cgroup2", 0, NULL) = 0
chmod("/syzcgroup/unified", 0777)       = 0
openat(AT_FDCWD, "/syzcgroup/unified/cgroup.subtree_control", O_WRONLY) = 3
write(3, "+cpu", 4)                     = 4
write(3, "+io", 3)                      = 3
write(3, "+pids", 5)                    = 5
close(3)                                = 0
mkdir("/syzcgroup/net", 0777)           = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "net") = -1 EINVAL (Invalid argument)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio") = 0
[   25.251720][   T30] audit: type=1400 audit(1736349527.488:66): avc:  denied  { execmem } for  pid=296 comm="syz-executor334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   25.271115][   T30] audit: type=1400 audit(1736349527.498:67): avc:  denied  { integrity } for  pid=296 comm="syz-executor334" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[   25.287146][  T296] cgroup: Unknown subsys name 'net'
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "devices") = -1 EINVAL (Invalid argument)
[   25.293921][   T30] audit: type=1400 audit(1736349527.518:68): avc:  denied  { mounton } for  pid=296 comm="syz-executor334" path="/syzcgroup/unified" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   25.321442][   T30] audit: type=1400 audit(1736349527.518:69): avc:  denied  { mount } for  pid=296 comm="syz-executor334" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   25.322485][  T296] cgroup: Unknown subsys name 'devices'
mount("none", "/syzcgroup/net", "cgroup", 0, "blkio") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "freezer") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
[   25.343631][   T30] audit: type=1400 audit(1736349527.538:70): avc:  denied  { unmount } for  pid=296 comm="syz-executor334" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,blkio,freezer") = 0
chmod("/syzcgroup/net", 0777)           = 0
mkdir("/syzcgroup/cpu", 0777)           = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "hugetlb") = -1 EINVAL (Invalid argument)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "rlimit") = -1 EINVAL (Invalid argument)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "memory") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,memory") = ? ERESTARTNOINTR (To be restarted)
[   25.494077][  T296] cgroup: Unknown subsys name 'hugetlb'
[   25.499861][  T296] cgroup: Unknown subsys name 'rlimit'
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,memory") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,memory") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,memory") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,memory") = 0
chmod("/syzcgroup/cpu", 0777)           = 0
openat(AT_FDCWD, "/syzcgroup/cpu/cgroup.clone_children", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/syzcgroup/cpu/cpuset.memory_pressure_enabled", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
mkdir("./syzkaller.SI0a4x", 0700)       = 0
chmod("./syzkaller.SI0a4x", 0777)       = 0
chdir("./syzkaller.SI0a4x")             = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 299
./strace-static-x86_64: Process 299 attached
[pid   299] set_robust_list(0x555579a076a0, 24) = 0
[pid   299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   299] getppid()                   = 0
[pid   299] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid   299] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid   299] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid   299] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid   299] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid   299] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid   299] unshare(CLONE_NEWNS)        = 0
[pid   299] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid   299] unshare(CLONE_NEWIPC)       = -1 EINVAL (Invalid argument)
[pid   299] unshare(CLONE_NEWCGROUP)    = 0
[pid   299] unshare(CLONE_NEWUTS)       = 0
[pid   299] unshare(CLONE_SYSVSEM)      = 0
[pid   299] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   299] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   299] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   299] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   299] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   299] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   299] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   299] getpid()                    = 1
[pid   299] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   299] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   299] unshare(CLONE_NEWNET)       = 0
[pid   299] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid   299] write(3, "0 65535", 7)      = 7
[pid   299] close(3)                    = 0
[pid   299] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
[pid   299] write(3, "100000", 6)       = 6
[pid   299] close(3)                    = 0
[pid   299] mkdir("./syz-tmp", 0777)    = 0
[pid   299] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0
[pid   299] mkdir("./syz-tmp/newroot", 0777) = 0
[pid   299] mkdir("./syz-tmp/newroot/dev", 0700) = 0
[pid   299] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   299] mkdir("./syz-tmp/newroot/proc", 0700) = 0
[pid   299] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0
[pid   299] mkdir("./syz-tmp/newroot/selinux", 0700) = 0
[pid   299] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid   299] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   299] mkdir("./syz-tmp/newroot/sys", 0700) = 0
[pid   299] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   299] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   299] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid   299] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   299] mkdir("./syz-tmp/newroot/syzcgroup", 0700) = 0
[pid   299] mkdir("./syz-tmp/newroot/syzcgroup/unified", 0700) = 0
[pid   299] mkdir("./syz-tmp/newroot/syzcgroup/cpu", 0700) = 0
[pid   299] mkdir("./syz-tmp/newroot/syzcgroup/net", 0700) = 0
[pid   299] mount("/syzcgroup/unified", "./syz-tmp/newroot/syzcgroup/unified", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   299] mount("/syzcgroup/cpu", "./syz-tmp/newroot/syzcgroup/cpu", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   299] mount("/syzcgroup/net", "./syz-tmp/newroot/syzcgroup/net", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   299] mkdir("./syz-tmp/pivot", 0777) = 0
[   25.628109][   T30] audit: type=1400 audit(1736349527.868:71): avc:  denied  { mounton } for  pid=299 comm="syz-executor334" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[pid   299] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0
[pid   299] chdir("/")                  = 0
[pid   299] umount2("./pivot", MNT_DETACH) = 0
[pid   299] chroot("./newroot")         = 0
[pid   299] chdir("/")                  = 0
[pid   299] mkdir("/dev/gadgetfs", 0777) = 0
[pid   299] mount("gadgetfs", "/dev/gadgetfs", "gadgetfs", 0, NULL) = -1 ENODEV (No such device)
[pid   299] mkdir("/dev/binderfs", 0777) = 0
[pid   299] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid   299] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid   299] getpid()                    = 1
[pid   299] mkdir("/syzcgroup/unified/syz0", 0777) = 0
[pid   299] openat(AT_FDCWD, "/syzcgroup/unified/syz0/pids.max", O_WRONLY|O_CLOEXEC) = 3
[pid   299] write(3, "32", 2)           = 2
[pid   299] close(3)                    = 0
[pid   299] openat(AT_FDCWD, "/syzcgroup/unified/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[   25.661213][   T30] audit: type=1400 audit(1736349527.898:72): avc:  denied  { mounton } for  pid=299 comm="syz-executor334" path="/root/syzkaller.SI0a4x/syz-tmp" dev="sda1" ino=1931 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   25.685862][   T30] audit: type=1400 audit(1736349527.898:73): avc:  denied  { mount } for  pid=299 comm="syz-executor334" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   25.688223][  T299] request_module fs-gadgetfs succeeded, but still no fs?
[pid   299] write(3, "1", 1)            = 1
[pid   299] close(3)                    = 0
[pid   299] mkdir("/syzcgroup/cpu/syz0", 0777) = 0
[pid   299] openat(AT_FDCWD, "/syzcgroup/cpu/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid   299] write(3, "1", 1)            = 1
[pid   299] close(3)                    = 0
[pid   299] openat(AT_FDCWD, "/syzcgroup/cpu/syz0/memory.soft_limit_in_bytes", O_WRONLY|O_CLOEXEC) = 3
[pid   299] write(3, "313524224", 9)    = 9
[pid   299] close(3)                    = 0
[pid   299] openat(AT_FDCWD, "/syzcgroup/cpu/syz0/memory.limit_in_bytes", O_WRONLY|O_CLOEXEC) = 3
[pid   299] write(3, "314572800", 9)    = 9
[pid   299] close(3)                    = 0
[pid   299] mkdir("/syzcgroup/net/syz0", 0777) = 0
[pid   299] openat(AT_FDCWD, "/syzcgroup/net/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid   299] write(3, "1", 1)            = 1
[pid   299] close(3)                    = 0
[pid   299] mkdir("./0", 0777)          = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 2
./strace-static-x86_64: Process 301 attached
[pid   301] set_robust_list(0x555579a076a0, 24) = 0
[pid   301] chdir("./0")                = 0
[pid   301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   301] setpgid(0, 0)               = 0
[pid   301] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   301] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   301] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   301] write(3, "1000", 4)         = 4
[pid   301] close(3)                    = 0
[pid   301] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   301] write(1, "executing program\n", 18) = 18
[pid   301] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   301] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   301] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   301] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   301] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   301] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   301] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[3]}, 88) = 3
[pid   301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   301] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   301] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   301] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   301] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   301] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   301] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[4]}, 88) = 4
[pid   301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   301] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   301] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 302 attached
 <unfinished ...>
[pid   302] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   302] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   302] memfd_create("syzkaller", 0) = 3
[pid   302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
./strace-static-x86_64: Process 303 attached
[pid   302] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   303] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   302] <... write resumed>)        = 262144
[pid   303] <... set_robust_list resumed>) = 0
[pid   302] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   303] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   302] <... munmap resumed>)       = 0
[pid   303] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   302] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   303] creat("./bus", 000 <unfinished ...>
[pid   302] <... openat resumed>)       = 4
[pid   302] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   303] <... creat resumed>)        = 5
[pid   303] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   303] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   302] <... ioctl resumed>)        = 0
[pid   302] close(3)                    = 0
[pid   302] close(4 <unfinished ...>
[pid   301] <... futex resumed>)        = 0
[pid   301] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   303] <... futex resumed>)        = 0
[pid   301] <... futex resumed>)        = 1
[pid   303] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   301] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   303] <... mount resumed>)        = 0
[pid   303] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   301] <... futex resumed>)        = 0
[pid   303] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   301] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   25.708318][   T30] audit: type=1400 audit(1736349527.898:74): avc:  denied  { mounton } for  pid=299 comm="syz-executor334" path="/root/syzkaller.SI0a4x/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   25.740210][   T30] audit: type=1400 audit(1736349527.898:75): avc:  denied  { mount } for  pid=299 comm="syz-executor334" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   25.772097][  T302] loop0: detected capacity change from 0 to 512
[pid   301] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   302] <... close resumed>)        = 0
[pid   303] <... open resumed>)         = 3
[pid   302] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   302] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   302] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   302] ioctl(4, LOOP_CLR_FD)       = 0
[pid   302] close(4)                    = 0
[pid   302] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   302] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   303] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   303] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   301] <... futex resumed>)        = 0
[pid   301] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   301] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   302] <... futex resumed>)        = 0
[pid   302] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0) = 0x20000000
[pid   302] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   301] <... futex resumed>)        = 0
[pid   301] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   301] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   302] <... futex resumed>)        = 1
[pid   302] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 4
[pid   302] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   302] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   301] <... futex resumed>)        = 0
[pid   301] close(3)                    = 0
[pid   301] close(4)                    = 0
[pid   301] close(5)                    = 0
[pid   301] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   301] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   301] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   301] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   301] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   301] exit_group(0)               = ?
[pid   303] <... futex resumed>)        = ?
[pid   303] +++ exited with 0 +++
[pid   302] <... futex resumed>)        = ?
[pid   302] +++ exited with 0 +++
[pid   301] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=21} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./0/bus")           = 0
[pid   299] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./0/binderfs")      = 0
[pid   299] umount2("./0/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./0/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./0/cgroup.net")    = 0
[pid   299] umount2("./0/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./0/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./0/cgroup.cpu")    = 0
[pid   299] umount2("./0/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./0/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./0/cgroup")        = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./0")                = 0
[pid   299] mkdir("./1", 0777)          = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 5
./strace-static-x86_64: Process 304 attached
[pid   304] set_robust_list(0x555579a076a0, 24) = 0
[pid   304] chdir("./1")                = 0
[pid   304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   304] setpgid(0, 0)               = 0
[pid   304] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   304] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   304] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   304] write(3, "1000", 4)         = 4
[pid   304] close(3)                    = 0
executing program
[pid   304] symlink("/dev/binderfs", "./binderfs") = 0
[pid   304] write(1, "executing program\n", 18) = 18
[pid   304] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   304] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   304] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   304] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   304] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   304] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   304] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 305 attached
 <unfinished ...>
[pid   305] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   304] <... clone3 resumed> => {parent_tid=[6]}, 88) = 6
[pid   305] <... set_robust_list resumed>) = 0
[pid   304] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   304] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   304] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   304] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   304] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   304] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   304] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[7]}, 88) = 7
./strace-static-x86_64: Process 306 attached
[pid   305] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   304] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   304] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   304] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   305] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   305] memfd_create("syzkaller", 0 <unfinished ...>
[pid   306] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   305] <... memfd_create resumed>) = 3
[pid   305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   306] <... set_robust_list resumed>) = 0
[pid   306] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   306] creat("./bus", 000)         = 4
[pid   306] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   304] <... futex resumed>)        = 0
[pid   304] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   304] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   306] <... futex resumed>)        = 1
[pid   306] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   306] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   304] <... futex resumed>)        = 0
[pid   304] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   304] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   306] <... futex resumed>)        = 1
[pid   306] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   306] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   304] <... futex resumed>)        = 0
[pid   304] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   304] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   306] <... futex resumed>)        = 1
[pid   306] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0) = 0x20000000
[pid   306] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   304] <... futex resumed>)        = 0
[pid   304] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   304] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   306] <... futex resumed>)        = 1
[pid   306] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   304] <... futex resumed>)        = ?
[pid   305] <... write resumed>)        = ?
[pid   305] +++ killed by SIGBUS (core dumped) +++
[pid   306] +++ killed by SIGBUS (core dumped) +++
[pid   304] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./1/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./1/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./1/core")          = 0
[pid   299] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./1/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./1/bus")           = 0
[pid   299] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./1/binderfs")      = 0
[pid   299] umount2("./1/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./1/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./1/cgroup.net")    = 0
[pid   299] umount2("./1/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./1/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./1/cgroup.cpu")    = 0
[pid   299] umount2("./1/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./1/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./1/cgroup")        = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./1")                = 0
[pid   299] mkdir("./2", 0777)          = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 8
./strace-static-x86_64: Process 307 attached
[pid   307] set_robust_list(0x555579a076a0, 24) = 0
[pid   307] chdir("./2")                = 0
[pid   307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   307] setpgid(0, 0)               = 0
[pid   307] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   307] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   307] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   307] write(3, "1000", 4)         = 4
[pid   307] close(3)                    = 0
[pid   307] symlink("/dev/binderfs", "./binderfs") = 0
[pid   307] write(1, "executing program\n", 18executing program
) = 18
[pid   307] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   307] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   307] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   307] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   307] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   307] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   307] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 308 attached
 <unfinished ...>
[pid   308] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   307] <... clone3 resumed> => {parent_tid=[9]}, 88) = 9
[pid   308] <... set_robust_list resumed>) = 0
[pid   307] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   308] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   307] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   308] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   307] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   308] memfd_create("syzkaller", 0 <unfinished ...>
[pid   307] <... futex resumed>)        = 0
[pid   308] <... memfd_create resumed>) = 3
[pid   307] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   307] <... futex resumed>)        = 0
[pid   308] <... mmap resumed>)         = 0x7faa87550000
[pid   307] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   307] <... mmap resumed>)         = 0x7faa8752f000
[pid   307] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   307] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   307] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 309 attached
 => {parent_tid=[10]}, 88) = 10
[pid   309] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   307] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   307] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   307] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   309] <... set_robust_list resumed>) = 0
[pid   309] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   309] creat("./bus", 000)         = 4
[pid   309] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   308] <... write resumed>)        = 262144
[pid   309] <... futex resumed>)        = 1
[pid   307] <... futex resumed>)        = 0
[pid   307] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   307] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   308] munmap(0x7faa87550000, 138412032) = 0
[pid   308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   308] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   309] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   309] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   309] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   307] <... futex resumed>)        = 0
[pid   307] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   309] <... futex resumed>)        = 0
[pid   307] <... futex resumed>)        = 1
[pid   309] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   307] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   308] <... ioctl resumed>)        = 0
[pid   309] <... open resumed>)         = 6
[pid   308] close(3 <unfinished ...>
[pid   309] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   308] <... close resumed>)        = 0
[pid   309] <... futex resumed>)        = 1
[pid   308] close(5 <unfinished ...>
[pid   307] <... futex resumed>)        = 0
[pid   309] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   307] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   309] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   308] <... close resumed>)        = 0
[pid   307] <... futex resumed>)        = 0
[pid   309] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   308] mkdir(0x20000000, 0777 <unfinished ...>
[pid   309] <... mmap resumed>)         = 0x20000000
[pid   307] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   308] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   308] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   308] ioctl(3, LOOP_CLR_FD)       = 0
[pid   308] close(3)                    = 0
[pid   308] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   308] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   309] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   309] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   307] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   307] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   307] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   308] <... futex resumed>)        = 0
[pid   308] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   308] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   307] <... futex resumed>)        = 0
[pid   307] close(3)                    = 0
[pid   307] close(4 <unfinished ...>
[pid   308] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   307] <... close resumed>)        = 0
[pid   307] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   307] close(6)                    = 0
[pid   307] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   307] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   307] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   307] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   307] exit_group(0)               = ?
[pid   309] <... futex resumed>)        = ?
[pid   308] <... futex resumed>)        = ?
[pid   308] +++ exited with 0 +++
[pid   309] +++ exited with 0 +++
[pid   307] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./2/bus")           = 0
[pid   299] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./2/binderfs")      = 0
[pid   299] umount2("./2/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./2/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./2/cgroup.net")    = 0
[pid   299] umount2("./2/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./2/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./2/cgroup.cpu")    = 0
[pid   299] umount2("./2/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./2/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./2/cgroup")        = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./2")                = 0
[pid   299] mkdir("./3", 0777)          = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 11
./strace-static-x86_64: Process 310 attached
[pid   310] set_robust_list(0x555579a076a0, 24) = 0
[pid   310] chdir("./3")                = 0
[pid   310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   310] setpgid(0, 0)               = 0
[pid   310] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   310] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   310] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   310] write(3, "1000", 4)         = 4
[pid   310] close(3)                    = 0
[pid   310] symlink("/dev/binderfs", "./binderfs") = 0
[pid   310] write(1, "executing program\n", 18) = 18
[pid   310] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   310] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   310] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   310] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   310] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   310] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   310] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[12]}, 88) = 12
[pid   310] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   310] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   310] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   310] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   310] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   310] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   310] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[13]}, 88) = 13
[pid   310] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   310] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   310] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 311 attached
./strace-static-x86_64: Process 312 attached
executing program
 <unfinished ...>
[pid   311] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   311] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   311] memfd_create("syzkaller", 0) = 3
[pid   311] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   312] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   311] <... mmap resumed>)         = 0x7faa8752f000
[pid   312] <... set_robust_list resumed>) = 0
[pid   312] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   312] creat("./bus", 000)         = 4
[pid   312] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   311] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   312] <... futex resumed>)        = 1
[pid   310] <... futex resumed>)        = 0
[pid   312] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   310] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   310] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   312] <... mount resumed>)        = 0
[pid   312] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   310] <... futex resumed>)        = 0
[pid   310] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   312] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   310] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   311] <... write resumed>)        = 262144
[pid   311] munmap(0x7faa8752f000, 138412032) = 0
[pid   311] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   312] <... open resumed>)         = 5
[pid   311] <... openat resumed>)       = 6
[pid   311] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[   26.183665][  T308] loop0: detected capacity change from 0 to 512
[pid   312] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   311] <... ioctl resumed>)        = 0
[pid   312] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   310] <... futex resumed>)        = 0
[pid   310] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   310] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   311] close(3)                    = 0
[pid   311] close(6)                    = 0
[pid   311] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   311] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   311] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   311] ioctl(3, LOOP_CLR_FD)       = 0
[pid   311] close(3)                    = 0
[pid   311] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   311] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   312] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   312] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0) = 0x20000000
[pid   312] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   310] <... futex resumed>)        = 0
[pid   312] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   310] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   311] <... futex resumed>)        = 0
[pid   310] <... futex resumed>)        = 1
[pid   311] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   310] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   311] <... bpf resumed>)          = 3
[pid   311] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   310] <... futex resumed>)        = 0
[pid   311] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   310] close(3)                    = 0
[pid   310] close(4)                    = 0
[pid   310] close(5)                    = 0
[pid   310] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   310] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   310] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   310] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   310] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   310] exit_group(0 <unfinished ...>
[pid   312] <... futex resumed>)        = ?
[pid   311] <... futex resumed>)        = ?
[pid   310] <... exit_group resumed>)   = ?
[pid   311] +++ exited with 0 +++
[pid   312] +++ exited with 0 +++
[pid   310] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=11, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./3/bus")           = 0
[pid   299] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./3/binderfs")      = 0
[pid   299] umount2("./3/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./3/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./3/cgroup.net")    = 0
[pid   299] umount2("./3/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./3/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./3/cgroup.cpu")    = 0
[pid   299] umount2("./3/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./3/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./3/cgroup")        = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./3")                = 0
[pid   299] mkdir("./4", 0777)          = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 313 attached
 <unfinished ...>
[pid   313] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 14
[pid   313] <... set_robust_list resumed>) = 0
[pid   313] chdir("./4")                = 0
[pid   313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   313] setpgid(0, 0)               = 0
[pid   313] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   313] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   313] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   313] write(3, "1000", 4)         = 4
[pid   313] close(3)                    = 0
[pid   313] symlink("/dev/binderfs", "./binderfs") = 0
[pid   313] write(1, "executing program\n", 18executing program
) = 18
[pid   313] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   313] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   313] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   313] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   313] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   313] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   313] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 314 attached
 <unfinished ...>
[pid   314] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   313] <... clone3 resumed> => {parent_tid=[15]}, 88) = 15
[pid   314] <... set_robust_list resumed>) = 0
[pid   313] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   314] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   313] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   314] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   313] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   314] memfd_create("syzkaller", 0 <unfinished ...>
[pid   313] <... futex resumed>)        = 0
[pid   314] <... memfd_create resumed>) = 3
[pid   313] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   314] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   313] <... futex resumed>)        = 0
[pid   314] <... mmap resumed>)         = 0x7faa87550000
[pid   313] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   314] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   313] <... mmap resumed>)         = 0x7faa8752f000
[pid   314] <... write resumed>)        = 262144
[pid   313] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   314] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   313] <... mprotect resumed>)     = 0
[pid   314] <... munmap resumed>)       = 0
[pid   313] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   314] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   313] <... rt_sigprocmask resumed>[], 8) = 0
[pid   314] <... openat resumed>)       = 4
[pid   313] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[   26.238338][  T311] loop0: detected capacity change from 0 to 512
[pid   314] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 315 attached
 <unfinished ...>
[pid   315] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   313] <... clone3 resumed> => {parent_tid=[16]}, 88) = 16
[pid   315] <... set_robust_list resumed>) = 0
[pid   313] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   315] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   313] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   315] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   313] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   315] creat("./bus", 000 <unfinished ...>
[pid   313] <... futex resumed>)        = 0
[pid   315] <... creat resumed>)        = 5
[pid   315] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   313] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   315] <... futex resumed>)        = 0
[pid   313] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   315] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   313] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   315] <... mount resumed>)        = 0
[pid   315] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   313] <... futex resumed>)        = 0
[pid   315] <... futex resumed>)        = 0
[pid   313] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   315] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   313] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   315] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   313] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   315] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   313] <... futex resumed>)        = 0
[pid   314] <... ioctl resumed>)        = 0
[pid   313] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   314] close(3)                    = 0
[pid   315] <... open resumed>)         = 6
[pid   314] close(4 <unfinished ...>
[pid   315] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   313] <... futex resumed>)        = 0
[pid   315] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   313] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   313] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   315] <... mmap resumed>)         = 0x20000000
[pid   315] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   313] <... futex resumed>)        = 0
[pid   313] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   313] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   315] <... futex resumed>)        = 1
[pid   315] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   315] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   313] <... futex resumed>)        = 0
[pid   315] <... futex resumed>)        = 1
[pid   315] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   314] <... close resumed>)        = 0
[pid   314] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   314] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   314] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   314] ioctl(4, LOOP_CLR_FD)       = 0
[pid   314] close(4)                    = 0
[pid   314] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   314] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   313] close(3)                    = 0
[pid   313] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   313] close(5)                    = 0
[pid   313] close(6)                    = 0
[pid   313] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   313] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   313] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   313] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   313] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   313] exit_group(0 <unfinished ...>
[pid   315] <... futex resumed>)        = ?
[pid   314] <... futex resumed>)        = ?
[pid   313] <... exit_group resumed>)   = ?
[pid   315] +++ exited with 0 +++
[pid   314] +++ exited with 0 +++
[pid   313] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./4/bus")           = 0
[pid   299] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./4/binderfs")      = 0
[pid   299] umount2("./4/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./4/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./4/cgroup.net")    = 0
[pid   299] umount2("./4/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./4/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./4/cgroup.cpu")    = 0
[pid   299] umount2("./4/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./4/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./4/cgroup")        = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./4")                = 0
[pid   299] mkdir("./5", 0777)          = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x555579a07690) = 17
./strace-static-x86_64: Process 316 attached
[pid   316] set_robust_list(0x555579a076a0, 24) = 0
[pid   316] chdir("./5")                = 0
[pid   316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   316] setpgid(0, 0)               = 0
[pid   316] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   316] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   316] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   316] write(3, "1000", 4)         = 4
[pid   316] close(3)                    = 0
[pid   316] symlink("/dev/binderfs", "./binderfs") = 0
[pid   316] write(1, "executing program\n", 18) = 18
[pid   316] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   316] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   316] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   316] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   316] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   316] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[18]}, 88) = 18
[pid   316] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   316] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   316] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   316] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   316] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[19]}, 88) = 19
[pid   316] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   316] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 317 attached
 <unfinished ...>
[pid   317] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   317] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   317] memfd_create("syzkaller", 0) = 3
[pid   317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[   26.285672][  T314] loop0: detected capacity change from 0 to 512
./strace-static-x86_64: Process 318 attached
[pid   317] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid   317] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   318] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   317] <... munmap resumed>)       = 0
[pid   317] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   317] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   318] <... set_robust_list resumed>) = 0
[pid   318] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   318] creat("./bus", 000 <unfinished ...>
[pid   317] <... ioctl resumed>)        = 0
[pid   318] <... creat resumed>)        = 5
[pid   318] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   318] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   317] close(3 <unfinished ...>
[pid   316] <... futex resumed>)        = 0
[pid   316] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   318] <... futex resumed>)        = 0
[pid   316] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   318] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   317] <... close resumed>)        = 0
[pid   318] <... mount resumed>)        = 0
[pid   317] close(4 <unfinished ...>
[pid   318] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   318] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   316] <... futex resumed>)        = 0
[pid   316] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   316] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   318] <... futex resumed>)        = 0
[pid   318] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   317] <... close resumed>)        = 0
[pid   317] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   317] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   317] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   317] ioctl(3, LOOP_CLR_FD)       = 0
[pid   317] close(3)                    = 0
[pid   317] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   317] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   318] <... open resumed>)         = 3
[pid   318] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   316] <... futex resumed>)        = 0
[pid   316] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   316] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   317] <... futex resumed>)        = 0
[pid   318] <... futex resumed>)        = 1
[pid   317] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   318] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   317] <... mmap resumed>)         = 0x20000000
[pid   317] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   316] <... futex resumed>)        = 0
[pid   316] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   317] <... futex resumed>)        = 1
[pid   317] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 4
[pid   317] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   316] <... futex resumed>)        = 0
[pid   317] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   316] close(3)                    = 0
[pid   316] close(4)                    = 0
[pid   316] close(5)                    = 0
[pid   316] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   316] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   316] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   316] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   316] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   316] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   316] exit_group(0)               = ?
[pid   318] <... futex resumed>)        = ?
[pid   317] <... futex resumed>)        = ?
[pid   318] +++ exited with 0 +++
[pid   317] +++ exited with 0 +++
[pid   316] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=17, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[   26.342313][  T317] loop0: detected capacity change from 0 to 512
[pid   299] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./5/bus")           = 0
[pid   299] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./5/binderfs")      = 0
[pid   299] umount2("./5/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./5/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./5/cgroup.net")    = 0
[pid   299] umount2("./5/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./5/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./5/cgroup.cpu")    = 0
[pid   299] umount2("./5/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./5/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./5/cgroup")        = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./5")                = 0
[pid   299] mkdir("./6", 0777)          = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
executing program
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 319 attached
 <unfinished ...>
[pid   319] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 20
[pid   319] <... set_robust_list resumed>) = 0
[pid   319] chdir("./6")                = 0
[pid   319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   319] setpgid(0, 0)               = 0
[pid   319] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   319] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   319] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   319] write(3, "1000", 4)         = 4
[pid   319] close(3)                    = 0
[pid   319] symlink("/dev/binderfs", "./binderfs") = 0
[pid   319] write(1, "executing program\n", 18) = 18
[pid   319] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   319] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   319] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   319] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   319] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   319] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   319] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 320 attached
 <unfinished ...>
[pid   320] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   319] <... clone3 resumed> => {parent_tid=[21]}, 88) = 21
[pid   320] <... set_robust_list resumed>) = 0
[pid   319] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   320] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   319] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   320] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   319] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   320] memfd_create("syzkaller", 0 <unfinished ...>
[pid   319] <... futex resumed>)        = 0
[pid   320] <... memfd_create resumed>) = 3
[pid   319] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   320] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   319] <... futex resumed>)        = 0
[pid   320] <... mmap resumed>)         = 0x7faa87550000
[pid   319] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   319] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   319] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   319] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 321 attached
 <unfinished ...>
[pid   321] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   319] <... clone3 resumed> => {parent_tid=[22]}, 88) = 22
[pid   321] <... set_robust_list resumed>) = 0
[pid   319] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   321] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   319] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   321] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   319] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   321] creat("./bus", 000 <unfinished ...>
[pid   319] <... futex resumed>)        = 0
[pid   321] <... creat resumed>)        = 4
[pid   319] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   321] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   319] <... futex resumed>)        = 0
[pid   321] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   319] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   321] <... mount resumed>)        = 0
[pid   319] <... futex resumed>)        = 0
[pid   320] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   321] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   319] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   321] <... futex resumed>)        = 0
[pid   319] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   321] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   319] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   321] <... open resumed>)         = 5
[pid   319] <... futex resumed>)        = 0
[pid   321] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   319] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   321] <... futex resumed>)        = 0
[pid   319] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   321] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   319] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   321] <... mmap resumed>)         = 0x20000000
[pid   319] <... futex resumed>)        = 0
[pid   321] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   319] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   321] <... futex resumed>)        = 0
[pid   319] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   321] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   319] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   320] <... write resumed>)        = ?
[pid   320] +++ killed by SIGBUS (core dumped) +++
[pid   321] +++ killed by SIGBUS (core dumped) +++
[pid   319] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=20, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./6/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./6/core", {st_mode=S_IFREG|0600, st_size=17084416, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./6/core")          = 0
[pid   299] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./6/bus")           = 0
[pid   299] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./6/binderfs")      = 0
[pid   299] umount2("./6/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./6/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./6/cgroup.net")    = 0
[pid   299] umount2("./6/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./6/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./6/cgroup.cpu")    = 0
[pid   299] umount2("./6/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./6/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./6/cgroup")        = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./6")                = 0
[pid   299] mkdir("./7", 0777)          = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 23
./strace-static-x86_64: Process 322 attached
[pid   322] set_robust_list(0x555579a076a0, 24) = 0
[pid   322] chdir("./7")                = 0
[pid   322] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   322] setpgid(0, 0)               = 0
[pid   322] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   322] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   322] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   322] write(3, "1000", 4)         = 4
[pid   322] close(3)                    = 0
[pid   322] symlink("/dev/binderfs", "./binderfs") = 0
[pid   322] write(1, "executing program\n", 18executing program
) = 18
[pid   322] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   322] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   322] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   322] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   322] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   322] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   322] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 323 attached
 => {parent_tid=[24]}, 88) = 24
[pid   323] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   323] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   323] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   322] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   322] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   323] <... futex resumed>)        = 0
[pid   322] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   323] memfd_create("syzkaller", 0 <unfinished ...>
[pid   322] <... futex resumed>)        = 0
[pid   323] <... memfd_create resumed>) = 3
[pid   323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   322] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   322] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   322] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   322] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 324 attached
 => {parent_tid=[25]}, 88) = 25
[pid   324] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   322] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   324] <... set_robust_list resumed>) = 0
[pid   322] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   324] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   322] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   324] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   322] <... futex resumed>)        = 0
[pid   324] creat("./bus", 000 <unfinished ...>
[pid   322] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   324] <... creat resumed>)        = 4
[pid   324] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   322] <... futex resumed>)        = 0
[pid   322] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   324] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   322] <... futex resumed>)        = 0
[pid   324] <... mount resumed>)        = 0
[pid   322] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   324] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   322] <... futex resumed>)        = 0
[pid   324] <... futex resumed>)        = 1
[pid   322] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   324] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   322] <... futex resumed>)        = 0
[pid   322] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   324] <... open resumed>)         = 5
[pid   324] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   322] <... futex resumed>)        = 0
[pid   324] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   322] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   322] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   324] <... mmap resumed>)         = 0x20000000
[pid   324] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   322] <... futex resumed>)        = 0
[pid   324] <... futex resumed>)        = 1
[pid   322] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   324] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   322] <... futex resumed>)        = 0
[pid   323] <... write resumed>)        = ?
[pid   323] +++ killed by SIGBUS (core dumped) +++
[pid   324] +++ killed by SIGBUS (core dumped) +++
[pid   322] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=23, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./7/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./7/core", {st_mode=S_IFREG|0600, st_size=17084416, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./7/core")          = 0
[pid   299] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./7/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./7/bus")           = 0
[pid   299] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./7/binderfs")      = 0
[pid   299] umount2("./7/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./7/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./7/cgroup.net")    = 0
[pid   299] umount2("./7/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./7/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./7/cgroup.cpu")    = 0
[pid   299] umount2("./7/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./7/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./7/cgroup")        = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./7")                = 0
[pid   299] mkdir("./8", 0777)          = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 326 attached
 <unfinished ...>
[pid   326] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 26
[pid   326] <... set_robust_list resumed>) = 0
[pid   326] chdir("./8")                = 0
[pid   326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   326] setpgid(0, 0)               = 0
[pid   326] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   326] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   326] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   326] write(3, "1000", 4)         = 4
[pid   326] close(3)                    = 0
[pid   326] symlink("/dev/binderfs", "./binderfs") = 0
[pid   326] write(1, "executing program\n", 18executing program
) = 18
[pid   326] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   326] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   326] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   326] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   326] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   326] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   326] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[27]}, 88) = 27
[pid   326] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   326] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   326] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   326] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   326] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   326] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   326] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[28]}, 88) = 28
[pid   326] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   326] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   326] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 327 attached
 <unfinished ...>
[pid   327] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   327] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   327] memfd_create("syzkaller", 0./strace-static-x86_64: Process 328 attached
) = 3
[pid   327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   328] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   328] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   328] creat("./bus", 000)         = 4
[pid   328] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   326] <... futex resumed>)        = 0
[pid   326] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   326] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   328] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   327] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   328] <... mount resumed>)        = 0
[pid   328] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   326] <... futex resumed>)        = 0
[pid   326] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   326] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   328] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   328] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   326] <... futex resumed>)        = 0
[pid   326] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   326] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   327] <... write resumed>)        = 262144
[pid   327] munmap(0x7faa8752f000, 138412032) = 0
[pid   328] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   327] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   328] <... mmap resumed>)         = 0x20000000
[pid   327] <... openat resumed>)       = 6
[pid   327] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   328] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   327] <... ioctl resumed>)        = 0
[pid   328] <... futex resumed>)        = 1
[pid   326] <... futex resumed>)        = 0
[pid   326] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   326] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   327] close(3)                    = 0
[pid   327] close(6 <unfinished ...>
[pid   328] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   327] <... close resumed>)        = 0
[pid   328] <... bpf resumed>)          = 3
[pid   327] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   327] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   327] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   327] ioctl(6, LOOP_CLR_FD)       = 0
[pid   327] close(6)                    = 0
[pid   327] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   327] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   328] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   328] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   326] <... futex resumed>)        = 0
[pid   326] close(3)                    = 0
[pid   326] close(4)                    = 0
[pid   326] close(5)                    = 0
[pid   326] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   326] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   326] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   326] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   326] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   326] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   326] exit_group(0 <unfinished ...>
[pid   328] <... futex resumed>)        = ?
[pid   327] <... futex resumed>)        = ?
[pid   326] <... exit_group resumed>)   = ?
[pid   327] +++ exited with 0 +++
[pid   328] +++ exited with 0 +++
[pid   326] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=26, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   299] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./8/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./8/bus")           = 0
[pid   299] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./8/binderfs")      = 0
[pid   299] umount2("./8/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./8/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./8/cgroup.net")    = 0
[pid   299] umount2("./8/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./8/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./8/cgroup.cpu")    = 0
[pid   299] umount2("./8/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./8/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./8/cgroup")        = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./8")                = 0
[pid   299] mkdir("./9", 0777)          = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 29
./strace-static-x86_64: Process 329 attached
[pid   329] set_robust_list(0x555579a076a0, 24) = 0
[pid   329] chdir("./9")                = 0
[pid   329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   329] setpgid(0, 0)               = 0
[pid   329] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   329] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   329] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   329] write(3, "1000", 4)         = 4
[pid   329] close(3)                    = 0
[pid   329] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   329] write(1, "executing program\n", 18) = 18
[pid   329] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   329] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   329] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   329] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   329] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   329] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   329] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 330 attached
 <unfinished ...>
[pid   330] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   330] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   330] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   329] <... clone3 resumed> => {parent_tid=[30]}, 88) = 30
[pid   329] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   329] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   330] <... futex resumed>)        = 0
[pid   329] <... futex resumed>)        = 1
[pid   330] memfd_create("syzkaller", 0) = 3
[pid   330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   330] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   329] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   329] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   329] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   330] <... write resumed>)        = 262144
[pid   330] munmap(0x7faa87550000, 138412032) = 0
[pid   329] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   330] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   329] <... rt_sigprocmask resumed>[], 8) = 0
[   26.561886][  T327] loop0: detected capacity change from 0 to 512
[pid   330] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   329] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   330] <... ioctl resumed>)        = 0
[pid   330] close(3)                    = 0
[pid   330] close(4./strace-static-x86_64: Process 331 attached
 <unfinished ...>
[pid   331] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   329] <... clone3 resumed> => {parent_tid=[31]}, 88) = 31
[pid   331] <... set_robust_list resumed>) = 0
[pid   329] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   331] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   329] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   331] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   329] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   331] creat("./bus", 000 <unfinished ...>
[pid   329] <... futex resumed>)        = 0
[pid   331] <... creat resumed>)        = 3
[pid   329] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   331] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   329] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   331] <... futex resumed>)        = 0
[pid   329] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   331] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   329] <... futex resumed>)        = 0
[pid   331] <... mount resumed>)        = 0
[pid   329] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   331] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   329] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   331] <... futex resumed>)        = 0
[pid   329] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   331] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   329] <... futex resumed>)        = 0
[pid   329] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   331] <... open resumed>)         = 4
[pid   330] <... close resumed>)        = 0
[pid   331] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   330] mkdir("./bus", 0777 <unfinished ...>
[pid   331] <... futex resumed>)        = 1
[pid   330] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   331] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   330] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   330] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   330] ioctl(5, LOOP_CLR_FD)       = 0
[pid   330] close(5)                    = 0
[pid   330] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   330] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   329] <... futex resumed>)        = 0
[pid   329] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   330] <... futex resumed>)        = 0
[pid   329] <... futex resumed>)        = 1
[pid   330] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   329] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   330] <... mmap resumed>)         = 0x20000000
[pid   330] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   329] <... futex resumed>)        = 0
[pid   330] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   329] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   330] <... bpf resumed>)          = 5
[pid   329] <... futex resumed>)        = 0
[pid   330] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   329] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   330] <... futex resumed>)        = 0
[pid   330] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   329] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   329] close(3)                    = 0
[pid   329] close(4)                    = 0
[pid   329] close(5)                    = 0
[pid   329] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   329] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   329] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   329] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   329] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   329] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   329] exit_group(0 <unfinished ...>
[pid   331] <... futex resumed>)        = ?
[pid   329] <... exit_group resumed>)   = ?
[pid   331] +++ exited with 0 +++
[pid   330] <... futex resumed>)        = ? <unavailable>
[   26.618164][  T330] loop0: detected capacity change from 0 to 512
[pid   330] +++ exited with 0 +++
[pid   329] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=29, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./9/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./9/bus")           = 0
[pid   299] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./9/binderfs")      = 0
[pid   299] umount2("./9/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./9/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./9/cgroup.net")    = 0
[pid   299] umount2("./9/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./9/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./9/cgroup.cpu")    = 0
[pid   299] umount2("./9/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./9/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./9/cgroup")        = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./9")                = 0
[pid   299] mkdir("./10", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 332 attached
 <unfinished ...>
[pid   332] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 32
[pid   332] <... set_robust_list resumed>) = 0
[pid   332] chdir("./10")               = 0
[pid   332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   332] setpgid(0, 0)               = 0
[pid   332] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   332] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   332] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   332] write(3, "1000", 4)         = 4
[pid   332] close(3)                    = 0
executing program
[pid   332] symlink("/dev/binderfs", "./binderfs") = 0
[pid   332] write(1, "executing program\n", 18) = 18
[pid   332] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   332] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   332] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   332] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   332] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   332] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   332] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[33]}, 88) = 33
./strace-static-x86_64: Process 333 attached
[pid   333] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   332] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   332] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   332] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   333] <... set_robust_list resumed>) = 0
[pid   333] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   332] <... futex resumed>)        = 0
[pid   333] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   332] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   333] memfd_create("syzkaller", 0 <unfinished ...>
[pid   332] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   333] <... memfd_create resumed>) = 3
[pid   333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   332] <... mprotect resumed>)     = 0
[pid   333] <... mmap resumed>)         = 0x7faa8752f000
[pid   332] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   332] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 334 attached
 <unfinished ...>
[pid   334] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   332] <... clone3 resumed> => {parent_tid=[34]}, 88) = 34
[pid   334] <... set_robust_list resumed>) = 0
[pid   334] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   332] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   334] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   332] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   334] creat("./bus", 000 <unfinished ...>
[pid   332] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   334] <... creat resumed>)        = 4
[pid   332] <... futex resumed>)        = 0
[pid   334] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   332] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   334] <... futex resumed>)        = 0
[pid   332] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   334] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   332] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   333] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   334] <... mount resumed>)        = 0
[pid   332] <... futex resumed>)        = 0
[pid   334] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   332] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   334] <... futex resumed>)        = 0
[pid   332] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   334] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   332] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   334] <... open resumed>)         = 5
[pid   332] <... futex resumed>)        = 0
[pid   334] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   332] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   334] <... futex resumed>)        = 0
[pid   332] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   334] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   332] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   334] <... mmap resumed>)         = 0x20000000
[pid   333] <... write resumed>)        = 262144
[pid   332] <... futex resumed>)        = 0
[pid   334] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   332] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   334] <... futex resumed>)        = 0
[pid   332] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   334] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   333] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   332] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   333] <... munmap resumed>)       = -1 (errno 18446744073709551414)
[pid   332] <... futex resumed>)        = ?
[pid   333] +++ killed by SIGBUS (core dumped) +++
[pid   334] +++ killed by SIGBUS (core dumped) +++
[pid   332] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=32, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./10/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./10/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./10/core")         = 0
[pid   299] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./10/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./10/bus")          = 0
[pid   299] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./10/binderfs")     = 0
[pid   299] umount2("./10/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./10/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./10/cgroup.net")   = 0
[pid   299] umount2("./10/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./10/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./10/cgroup.cpu")   = 0
[pid   299] umount2("./10/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./10/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./10/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./10")               = 0
[pid   299] mkdir("./11", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FDexecuting program
)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 335 attached
 <unfinished ...>
[pid   335] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 35
[pid   335] <... set_robust_list resumed>) = 0
[pid   335] chdir("./11")               = 0
[pid   335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   335] setpgid(0, 0)               = 0
[pid   335] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   335] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   335] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   335] write(3, "1000", 4)         = 4
[pid   335] close(3)                    = 0
[pid   335] symlink("/dev/binderfs", "./binderfs") = 0
[pid   335] write(1, "executing program\n", 18) = 18
[pid   335] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   335] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   335] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   335] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   335] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   335] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   335] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 336 attached
 <unfinished ...>
[pid   336] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   335] <... clone3 resumed> => {parent_tid=[36]}, 88) = 36
[pid   336] <... set_robust_list resumed>) = 0
[pid   335] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   336] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   335] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   336] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   335] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   336] memfd_create("syzkaller", 0 <unfinished ...>
[pid   335] <... futex resumed>)        = 0
[pid   336] <... memfd_create resumed>) = 3
[pid   335] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   336] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   335] <... futex resumed>)        = 0
[pid   336] <... mmap resumed>)         = 0x7faa87550000
[pid   335] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   336] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   335] <... mmap resumed>)         = 0x7faa8752f000
[pid   335] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   335] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   335] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[37]}, 88) = 37
./strace-static-x86_64: Process 337 attached
[pid   335] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   335] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   335] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   337] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   337] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   337] creat("./bus", 000)         = 4
[pid   336] <... write resumed>)        = 262144
[pid   336] munmap(0x7faa87550000, 138412032) = 0
[pid   336] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   336] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   337] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   337] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   335] <... futex resumed>)        = 0
[pid   335] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   337] <... futex resumed>)        = 0
[pid   335] <... futex resumed>)        = 1
[pid   337] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   335] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   337] <... mount resumed>)        = 0
[pid   337] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   335] <... futex resumed>)        = 0
[pid   335] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   335] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   337] <... futex resumed>)        = 1
[pid   337] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   336] <... ioctl resumed>)        = 0
[pid   337] <... open resumed>)         = 6
[pid   336] close(3 <unfinished ...>
[pid   337] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   335] <... futex resumed>)        = 0
[pid   335] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   335] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   337] <... futex resumed>)        = 1
[pid   337] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   336] <... close resumed>)        = 0
[pid   336] close(5)                    = 0
[pid   336] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   336] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   336] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   336] ioctl(3, LOOP_CLR_FD)       = 0
[pid   336] close(3)                    = 0
[pid   337] <... mmap resumed>)         = 0x20000000
[pid   336] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   336] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   337] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   337] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   335] <... futex resumed>)        = 0
[pid   335] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   335] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   336] <... futex resumed>)        = 0
[pid   336] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   336] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   335] <... futex resumed>)        = 0
[pid   335] close(3)                    = 0
[pid   335] close(4)                    = 0
[pid   335] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   335] close(6)                    = 0
[pid   335] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   335] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   335] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   335] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(12 <unfinished ...>
[pid   336] <... futex resumed>)        = 1
[pid   335] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   335] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   335] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   335] exit_group(0)               = ?
[pid   337] <... futex resumed>)        = ?
[pid   336] +++ exited with 0 +++
[pid   337] +++ exited with 0 +++
[pid   335] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=35, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./11/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./11/bus")          = 0
[pid   299] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./11/binderfs")     = 0
[pid   299] umount2("./11/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./11/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./11/cgroup.net")   = 0
[pid   299] umount2("./11/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./11/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./11/cgroup.cpu")   = 0
[pid   299] umount2("./11/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./11/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./11/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./11")               = 0
[pid   299] mkdir("./12", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
./strace-static-x86_64: Process 338 attached
 <unfinished ...>
[pid   338] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 38
[pid   338] <... set_robust_list resumed>) = 0
[pid   338] chdir("./12")               = 0
[pid   338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   338] setpgid(0, 0)               = 0
[pid   338] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   338] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   338] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   338] write(3, "1000", 4)         = 4
[pid   338] close(3)                    = 0
[pid   338] symlink("/dev/binderfs", "./binderfs") = 0
[pid   338] write(1, "executing program\n", 18) = 18
[pid   338] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   338] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   338] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   338] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   338] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   338] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   338] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 339 attached
 <unfinished ...>
[pid   339] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   338] <... clone3 resumed> => {parent_tid=[39]}, 88) = 39
[pid   339] <... set_robust_list resumed>) = 0
[pid   338] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   339] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   338] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   339] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   338] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   339] memfd_create("syzkaller", 0 <unfinished ...>
[pid   338] <... futex resumed>)        = 0
[pid   339] <... memfd_create resumed>) = 3
[pid   338] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   338] <... futex resumed>)        = 0
[pid   339] <... mmap resumed>)         = 0x7faa87550000
[pid   338] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   338] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   338] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   338] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 340 attached
 <unfinished ...>
[pid   340] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   338] <... clone3 resumed> => {parent_tid=[40]}, 88) = 40
[pid   340] <... set_robust_list resumed>) = 0
[pid   339] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   338] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   340] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   338] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   340] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   338] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   340] creat("./bus", 000 <unfinished ...>
[pid   338] <... futex resumed>)        = 0
[   26.774849][  T336] loop0: detected capacity change from 0 to 512
[pid   340] <... creat resumed>)        = 4
[pid   338] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   340] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   338] <... futex resumed>)        = 0
[pid   340] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   338] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   340] <... mount resumed>)        = 0
[pid   338] <... futex resumed>)        = 0
[pid   340] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   338] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   340] <... futex resumed>)        = 0
[pid   338] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   340] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   338] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   339] <... write resumed>)        = 262144
[pid   340] <... open resumed>)         = 5
[pid   338] <... futex resumed>)        = 0
[pid   340] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   338] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   340] <... futex resumed>)        = 0
[pid   338] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   339] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   338] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   338] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   340] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   339] <... munmap resumed>)       = 0
[pid   339] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   340] <... mmap resumed>)         = 0x20000000
[pid   339] <... openat resumed>)       = 6
[pid   339] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   340] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   338] <... futex resumed>)        = 0
[pid   339] <... ioctl resumed>)        = 0
[pid   338] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   339] close(3)                    = 0
[pid   339] close(6 <unfinished ...>
[pid   338] <... futex resumed>)        = 0
[pid   338] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   340] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   340] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   340] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   339] <... close resumed>)        = 0
[pid   339] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   339] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   339] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   339] ioctl(6, LOOP_CLR_FD)       = 0
[pid   339] close(6)                    = 0
[pid   339] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   339] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   338] <... futex resumed>)        = 0
[pid   338] close(3)                    = 0
[pid   338] close(4)                    = 0
[pid   338] close(5)                    = 0
[pid   338] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   338] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   338] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   338] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   338] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   338] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   338] exit_group(0 <unfinished ...>
[pid   340] <... futex resumed>)        = ?
[pid   339] <... futex resumed>)        = ?
[pid   338] <... exit_group resumed>)   = ?
[pid   340] +++ exited with 0 +++
[   26.837786][  T339] loop0: detected capacity change from 0 to 512
[   26.838933][  T340] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[pid   339] +++ exited with 0 +++
[pid   338] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=38, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./12/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./12/bus")          = 0
[pid   299] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./12/binderfs")     = 0
[pid   299] umount2("./12/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./12/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./12/cgroup.net")   = 0
[pid   299] umount2("./12/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./12/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./12/cgroup.cpu")   = 0
[pid   299] umount2("./12/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./12/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./12/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./12")               = 0
[pid   299] mkdir("./13", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 341 attached
 <unfinished ...>
[pid   341] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 41
[pid   341] <... set_robust_list resumed>) = 0
[pid   341] chdir("./13")               = 0
[pid   341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   341] setpgid(0, 0)               = 0
[pid   341] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   341] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   341] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   341] write(3, "1000", 4)         = 4
[pid   341] close(3)                    = 0
[pid   341] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   341] write(1, "executing program\n", 18) = 18
[pid   341] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   341] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   341] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   341] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   341] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   341] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   341] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[42]}, 88) = 42
[pid   341] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   341] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   341] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   341] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   341] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 342 attached
) = 0
[pid   342] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   341] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   341] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 343 attached
 <unfinished ...>
[pid   342] <... set_robust_list resumed>) = 0
[pid   343] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   341] <... clone3 resumed> => {parent_tid=[43]}, 88) = 43
[pid   343] <... set_robust_list resumed>) = 0
[pid   341] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   343] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   341] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   342] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   343] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   341] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   343] creat("./bus", 000 <unfinished ...>
[pid   341] <... futex resumed>)        = 0
[pid   343] <... creat resumed>)        = 3
[pid   341] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   343] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   341] <... futex resumed>)        = 0
[pid   343] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   341] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   343] <... mount resumed>)        = 0
[pid   341] <... futex resumed>)        = 0
[pid   342] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   343] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   341] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   343] <... futex resumed>)        = 0
[pid   341] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   343] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   341] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   343] <... open resumed>)         = 4
[pid   341] <... futex resumed>)        = 0
[pid   343] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   341] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   342] memfd_create("syzkaller", 0 <unfinished ...>
[pid   343] <... futex resumed>)        = 0
[pid   342] <... memfd_create resumed>) = 5
[pid   341] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   343] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   343] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   341] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   343] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   341] <... futex resumed>)        = 0
[pid   343] <... mmap resumed>)         = 0x20000000
[pid   342] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20001173} ---
[pid   341] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = ?
[pid   343] +++ killed by SIGBUS (core dumped) +++
[pid   342] +++ killed by SIGBUS (core dumped) +++
[pid   341] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=41, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./13/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./13/core", {st_mode=S_IFREG|0600, st_size=16941056, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./13/core")         = 0
[pid   299] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./13/bus")          = 0
[pid   299] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./13/binderfs")     = 0
[pid   299] umount2("./13/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./13/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./13/cgroup.net")   = 0
[pid   299] umount2("./13/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./13/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./13/cgroup.cpu")   = 0
[pid   299] umount2("./13/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./13/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./13/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./13")               = 0
[pid   299] mkdir("./14", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 44
./strace-static-x86_64: Process 344 attached
[pid   344] set_robust_list(0x555579a076a0, 24) = 0
[pid   344] chdir("./14")               = 0
[pid   344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   344] setpgid(0, 0)               = 0
[pid   344] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   344] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   344] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   344] write(3, "1000", 4)         = 4
[pid   344] close(3)                    = 0
[pid   344] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   344] write(1, "executing program\n", 18) = 18
[pid   344] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   344] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   344] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   344] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   344] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   344] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   344] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[45]}, 88) = 45
[pid   344] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   344] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   344] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   344] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   344] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   344] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   344] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[46]}, 88) = 46
[pid   344] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   344] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   344] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 345 attached
 <unfinished ...>
[pid   345] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   345] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   345] memfd_create("syzkaller", 0) = 3
[pid   345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
./strace-static-x86_64: Process 346 attached
[pid   346] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   346] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   346] creat("./bus", 000)         = 4
[pid   345] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   346] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   344] <... futex resumed>)        = 0
[pid   344] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   344] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   346] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   345] <... write resumed>)        = 262144
[pid   346] <... mount resumed>)        = 0
[pid   345] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   346] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   345] <... munmap resumed>)       = 0
[pid   344] <... futex resumed>)        = 0
[pid   344] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   344] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   346] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   345] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   346] <... open resumed>)         = 5
[pid   345] <... openat resumed>)       = 6
[pid   346] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   345] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   346] <... futex resumed>)        = 1
[pid   344] <... futex resumed>)        = 0
[pid   344] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   344] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   346] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   345] <... ioctl resumed>)        = 0
[pid   345] close(3)                    = 0
[pid   345] close(6)                    = 0
[pid   345] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   345] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   345] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   345] ioctl(3, LOOP_CLR_FD)       = 0
[pid   345] close(3)                    = 0
[pid   345] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   345] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   346] <... mmap resumed>)         = 0x20000000
[pid   346] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   344] <... futex resumed>)        = 0
[pid   344] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   344] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   345] <... futex resumed>)        = 0
[pid   345] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   346] <... futex resumed>)        = 1
[pid   345] <... bpf resumed>)          = 3
[pid   346] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   345] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   344] <... futex resumed>)        = 0
[pid   345] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   344] close(3)                    = 0
[pid   344] close(4)                    = 0
[pid   344] close(5)                    = 0
[pid   344] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   344] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   344] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   344] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   344] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   344] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   344] exit_group(0 <unfinished ...>
[pid   346] <... futex resumed>)        = 231
[pid   344] <... exit_group resumed>)   = ?
[pid   346] +++ exited with 0 +++
[pid   345] <... futex resumed>)        = ?
[pid   345] +++ exited with 0 +++
[   26.997019][  T345] loop0: detected capacity change from 0 to 512
[pid   344] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=44, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./14/bus")          = 0
[pid   299] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./14/binderfs")     = 0
[pid   299] umount2("./14/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./14/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./14/cgroup.net")   = 0
[pid   299] umount2("./14/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./14/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./14/cgroup.cpu")   = 0
[pid   299] umount2("./14/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./14/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./14/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./14")               = 0
[pid   299] mkdir("./15", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 347 attached
, child_tidptr=0x555579a07690) = 47
[pid   347] set_robust_list(0x555579a076a0, 24) = 0
[pid   347] chdir("./15")               = 0
[pid   347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   347] setpgid(0, 0)               = 0
[pid   347] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   347] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   347] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   347] write(3, "1000", 4)         = 4
[pid   347] close(3)                    = 0
[pid   347] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   347] write(1, "executing program\n", 18) = 18
[pid   347] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   347] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   347] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   347] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   347] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   347] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   347] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 348 attached
 <unfinished ...>
[pid   348] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   348] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   348] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   347] <... clone3 resumed> => {parent_tid=[48]}, 88) = 48
[pid   347] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   347] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   348] <... futex resumed>)        = 0
[pid   347] <... futex resumed>)        = 1
[pid   348] memfd_create("syzkaller", 0 <unfinished ...>
[pid   347] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   348] <... memfd_create resumed>) = 3
[pid   347] <... futex resumed>)        = 0
[pid   348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   347] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   348] <... mmap resumed>)         = 0x7faa8752f000
[pid   347] <... mmap resumed>)         = 0x7faa8f92f000
[pid   348] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   347] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   347] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   347] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[49]}, 88) = 49
[pid   347] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   348] <... write resumed>)        = 262144
./strace-static-x86_64: Process 349 attached
[pid   347] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   349] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   348] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   347] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   349] <... set_robust_list resumed>) = 0
[pid   349] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   348] <... munmap resumed>)       = 0
[pid   349] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   348] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   349] creat("./bus", 000 <unfinished ...>
[pid   348] <... openat resumed>)       = 4
[pid   348] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   349] <... creat resumed>)        = 5
[pid   348] <... ioctl resumed>)        = 0
[pid   349] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   347] <... futex resumed>)        = 0
[pid   349] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   347] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   349] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   347] <... futex resumed>)        = 0
[pid   349] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   347] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   349] <... mount resumed>)        = 0
[pid   349] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   347] <... futex resumed>)        = 0
[pid   349] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   347] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   349] <... open resumed>)         = 6
[pid   347] <... futex resumed>)        = 0
[pid   349] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   347] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   349] <... futex resumed>)        = 0
[pid   347] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   349] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   347] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   348] close(3 <unfinished ...>
[pid   347] <... futex resumed>)        = 0
[pid   348] <... close resumed>)        = 0
[pid   347] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   349] <... mmap resumed>)         = 0x20000000
[pid   348] close(4 <unfinished ...>
[pid   349] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   347] <... futex resumed>)        = 0
[pid   349] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   347] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   349] <... bpf resumed>)          = 3
[pid   347] <... futex resumed>)        = 0
[pid   349] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   347] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   349] <... futex resumed>)        = 0
[pid   347] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   349] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   348] <... close resumed>)        = 0
[pid   348] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   348] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   348] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   348] ioctl(4, LOOP_CLR_FD)       = 0
[pid   348] close(4)                    = 0
[pid   348] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   348] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   347] close(3)                    = 0
[pid   347] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   347] close(5)                    = 0
[pid   347] close(6)                    = 0
[pid   347] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   347] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   347] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   347] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   347] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   347] exit_group(0 <unfinished ...>
[pid   349] <... futex resumed>)        = ?
[pid   348] <... futex resumed>)        = ?
[pid   347] <... exit_group resumed>)   = ?
[pid   349] +++ exited with 0 +++
[pid   348] +++ exited with 0 +++
[pid   347] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=47, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[   27.089648][  T348] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./15/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./15/bus")          = 0
[pid   299] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./15/binderfs")     = 0
[pid   299] umount2("./15/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./15/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./15/cgroup.net")   = 0
[pid   299] umount2("./15/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./15/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./15/cgroup.cpu")   = 0
[pid   299] umount2("./15/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./15/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./15/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./15")               = 0
[pid   299] mkdir("./16", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 350 attached
 <unfinished ...>
[pid   350] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 50
[pid   350] <... set_robust_list resumed>) = 0
[pid   350] chdir("./16")               = 0
[pid   350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   350] setpgid(0, 0)               = 0
[pid   350] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   350] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   350] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   350] write(3, "1000", 4)         = 4
[pid   350] close(3)                    = 0
[pid   350] symlink("/dev/binderfs", "./binderfs") = 0
[pid   350] write(1, "executing program\n", 18executing program
) = 18
[pid   350] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   350] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   350] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   350] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   350] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   350] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   350] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 351 attached
 <unfinished ...>
[pid   351] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   351] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   351] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   350] <... clone3 resumed> => {parent_tid=[51]}, 88) = 51
[pid   350] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   350] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   351] <... futex resumed>)        = 0
[pid   350] <... futex resumed>)        = 1
[pid   351] memfd_create("syzkaller", 0 <unfinished ...>
[pid   350] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   351] <... memfd_create resumed>) = 3
[pid   350] <... futex resumed>)        = 0
[pid   351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   350] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   351] <... mmap resumed>)         = 0x7faa87550000
[pid   350] <... mmap resumed>)         = 0x7faa8752f000
[pid   351] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   350] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   351] <... write resumed>)        = 262144
[pid   350] <... mprotect resumed>)     = 0
[pid   351] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   350] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   351] <... munmap resumed>)       = 0
[pid   350] <... rt_sigprocmask resumed>[], 8) = 0
[pid   351] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   350] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   351] <... openat resumed>)       = 4
[pid   351] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   350] <... clone3 resumed> => {parent_tid=[52]}, 88) = 52
./strace-static-x86_64: Process 352 attached
[pid   351] <... ioctl resumed>)        = 0
[pid   350] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   352] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   351] close(3 <unfinished ...>
[pid   350] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   350] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   352] <... set_robust_list resumed>) = 0
[pid   351] <... close resumed>)        = 0
[pid   352] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   351] close(4 <unfinished ...>
[pid   352] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   352] creat("./bus", 000)         = 3
[pid   352] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   350] <... futex resumed>)        = 0
[pid   350] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   350] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   352] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   352] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   350] <... futex resumed>)        = 0
[pid   350] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   350] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   352] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 4
[pid   351] <... close resumed>)        = 0
[pid   352] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   351] mkdir("./bus", 0777 <unfinished ...>
[pid   352] <... futex resumed>)        = 1
[pid   351] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   352] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   351] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   351] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   351] ioctl(5, LOOP_CLR_FD)       = 0
[pid   351] close(5)                    = 0
[pid   351] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   351] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   350] <... futex resumed>)        = 0
[pid   350] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   351] <... futex resumed>)        = 0
[pid   350] <... futex resumed>)        = 1
[pid   351] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   350] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   351] <... mmap resumed>)         = 0x20000000
[pid   351] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   350] <... futex resumed>)        = 0
[pid   350] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   350] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   351] <... futex resumed>)        = 1
[pid   351] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 5
[pid   351] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   350] <... futex resumed>)        = 0
[pid   350] close(3)                    = 0
[pid   350] close(4)                    = 0
[pid   350] close(5)                    = 0
[pid   350] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   350] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   350] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   350] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   350] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   351] <... futex resumed>)        = 1
[pid   350] close(27 <unfinished ...>
[pid   351] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   350] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   350] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   350] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   350] exit_group(0 <unfinished ...>
[pid   352] <... futex resumed>)        = ?
[pid   350] <... exit_group resumed>)   = ?
[pid   351] <... futex resumed>)        = ?
[pid   352] +++ exited with 0 +++
[   27.171505][  T351] loop0: detected capacity change from 0 to 512
[pid   351] +++ exited with 0 +++
[pid   350] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=50, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./16/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./16/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./16/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./16/bus")          = 0
[pid   299] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./16/binderfs")     = 0
[pid   299] umount2("./16/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./16/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./16/cgroup.net")   = 0
[pid   299] umount2("./16/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./16/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./16/cgroup.cpu")   = 0
[pid   299] umount2("./16/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./16/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./16/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./16")               = 0
[pid   299] mkdir("./17", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 353 attached
 <unfinished ...>
[pid   353] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 53
[pid   353] <... set_robust_list resumed>) = 0
[pid   353] chdir("./17")               = 0
[pid   353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   353] setpgid(0, 0)               = 0
[pid   353] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   353] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   353] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   353] write(3, "1000", 4)         = 4
[pid   353] close(3)                    = 0
[pid   353] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   353] write(1, "executing program\n", 18) = 18
[pid   353] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   353] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   353] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   353] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   353] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   353] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   353] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 354 attached
 <unfinished ...>
[pid   354] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   353] <... clone3 resumed> => {parent_tid=[54]}, 88) = 54
[pid   354] <... set_robust_list resumed>) = 0
[pid   353] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   354] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   353] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   354] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   353] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   354] memfd_create("syzkaller", 0 <unfinished ...>
[pid   353] <... futex resumed>)        = 0
[pid   354] <... memfd_create resumed>) = 3
[pid   353] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   353] <... futex resumed>)        = 0
[pid   354] <... mmap resumed>)         = 0x7faa87550000
[pid   353] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   353] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   353] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   353] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 355 attached
 <unfinished ...>
[pid   354] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   355] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   353] <... clone3 resumed> => {parent_tid=[55]}, 88) = 55
[pid   355] <... set_robust_list resumed>) = 0
[pid   353] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   355] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   353] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   355] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   353] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   355] creat("./bus", 000 <unfinished ...>
[pid   353] <... futex resumed>)        = 0
[pid   355] <... creat resumed>)        = 4
[pid   353] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   355] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   353] <... futex resumed>)        = 0
[pid   355] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   353] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   355] <... mount resumed>)        = 0
[pid   353] <... futex resumed>)        = 0
[pid   355] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   353] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   355] <... futex resumed>)        = 0
[pid   353] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   355] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   353] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   355] <... open resumed>)         = 5
[pid   353] <... futex resumed>)        = 0
[pid   355] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   353] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   355] <... futex resumed>)        = 0
[pid   353] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   355] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   353] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   355] <... mmap resumed>)         = 0x20000000
[pid   353] <... futex resumed>)        = 0
[pid   355] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   353] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   355] <... futex resumed>)        = 0
[pid   353] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   355] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   353] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   354] <... write resumed>)        = ?
[pid   353] <... futex resumed>)        = ?
[pid   354] +++ killed by SIGBUS (core dumped) +++
[pid   355] +++ killed by SIGBUS (core dumped) +++
[pid   353] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=53, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./17/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./17/core", {st_mode=S_IFREG|0600, st_size=17084416, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./17/core")         = 0
[pid   299] umount2("./17/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./17/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./17/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./17/bus")          = 0
[pid   299] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./17/binderfs")     = 0
[pid   299] umount2("./17/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./17/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./17/cgroup.net")   = 0
[pid   299] umount2("./17/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./17/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./17/cgroup.cpu")   = 0
[pid   299] umount2("./17/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./17/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./17/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./17")               = 0
[pid   299] mkdir("./18", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 356 attached
 <unfinished ...>
[pid   356] set_robust_list(0x555579a076a0, 24) = 0
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 56
[pid   356] chdir("./18")               = 0
[pid   356] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   356] setpgid(0, 0)               = 0
[pid   356] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   356] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   356] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   356] write(3, "1000", 4)         = 4
[pid   356] close(3)                    = 0
[pid   356] symlink("/dev/binderfs", "./binderfs") = 0
[pid   356] write(1, "executing program\n", 18executing program
) = 18
[pid   356] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   356] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   356] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   356] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   356] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   356] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   356] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 357 attached
 <unfinished ...>
[pid   357] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   356] <... clone3 resumed> => {parent_tid=[57]}, 88) = 57
[pid   357] <... set_robust_list resumed>) = 0
[pid   356] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   357] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   356] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   357] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   356] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   357] memfd_create("syzkaller", 0 <unfinished ...>
[pid   356] <... futex resumed>)        = 0
[pid   357] <... memfd_create resumed>) = 3
[pid   356] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   356] <... futex resumed>)        = 0
[pid   357] <... mmap resumed>)         = 0x7faa87550000
[pid   356] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   356] <... mmap resumed>)         = 0x7faa8752f000
[pid   357] <... write resumed>)        = 262144
[pid   356] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   357] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   356] <... mprotect resumed>)     = 0
[pid   357] <... munmap resumed>)       = 0
[pid   356] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   357] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   356] <... rt_sigprocmask resumed>[], 8) = 0
[pid   357] <... openat resumed>)       = 4
[pid   356] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   357] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 358 attached
 <unfinished ...>
[pid   356] <... clone3 resumed> => {parent_tid=[58]}, 88) = 58
[pid   358] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   358] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   358] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   356] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   356] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   358] <... futex resumed>)        = 0
[pid   356] <... futex resumed>)        = 1
[pid   358] creat("./bus", 000 <unfinished ...>
[pid   357] <... ioctl resumed>)        = 0
[pid   356] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   357] close(3)                    = 0
[pid   357] close(4 <unfinished ...>
[pid   358] <... creat resumed>)        = 3
[pid   358] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   356] <... futex resumed>)        = 0
[pid   356] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   356] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   358] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   358] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   356] <... futex resumed>)        = 0
[pid   356] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   356] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   358] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   357] <... close resumed>)        = 0
[pid   357] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   357] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   357] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   356] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   356] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   356] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   356] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   356] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   356] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   356] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   356] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 359 attached
 <unfinished ...>
[pid   359] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   359] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   27.352629][  T357] loop0: detected capacity change from 0 to 512
[pid   359] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   356] <... clone3 resumed> => {parent_tid=[59]}, 88) = 59
[pid   356] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   356] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   359] <... futex resumed>)        = 0
[pid   356] <... futex resumed>)        = 1
[pid   359] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0) = -1 EBADF (Bad file descriptor)
[pid   359] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   359] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   356] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   356] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   359] <... futex resumed>)        = 0
[pid   356] <... futex resumed>)        = 1
[pid   359] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid   356] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   359] <... bpf resumed>)          = 6
[pid   359] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   356] <... futex resumed>)        = 0
[pid   359] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   358] <... open resumed>)         = 4
[pid   357] <... openat resumed>)       = 5
[pid   358] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   357] ioctl(5, LOOP_CLR_FD <unfinished ...>
[pid   358] <... futex resumed>)        = 0
[pid   357] <... ioctl resumed>)        = 0
[pid   358] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   357] close(5)                    = 0
[pid   357] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   357] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   356] close(3)                    = 0
[pid   356] close(4)                    = 0
[pid   356] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   356] close(6)                    = 0
[pid   356] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   356] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   356] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   356] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   356] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   356] exit_group(0)               = ?
[pid   357] <... futex resumed>)        = ?
[pid   357] +++ exited with 0 +++
[pid   358] <... futex resumed>)        = ?
[pid   358] +++ exited with 0 +++
[pid   359] <... futex resumed>)        = ?
[pid   359] +++ exited with 0 +++
[pid   356] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=56, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./18/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./18/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./18/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./18/bus")          = 0
[pid   299] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./18/binderfs")     = 0
[pid   299] umount2("./18/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./18/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./18/cgroup.net")   = 0
[pid   299] umount2("./18/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./18/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./18/cgroup.cpu")   = 0
[pid   299] umount2("./18/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./18/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./18/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./18")               = 0
[pid   299] mkdir("./19", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 361 attached
 <unfinished ...>
[pid   361] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 60
[pid   361] <... set_robust_list resumed>) = 0
[pid   361] chdir("./19")               = 0
[pid   361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   361] setpgid(0, 0)               = 0
[pid   361] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   361] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   361] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   361] write(3, "1000", 4)         = 4
[pid   361] close(3)                    = 0
[pid   361] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   361] write(1, "executing program\n", 18) = 18
[pid   361] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   361] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   361] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   361] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   361] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   361] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   361] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[61]}, 88) = 61
[pid   361] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   361] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   361] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   361] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   361] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   361] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   361] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 363 attached
./strace-static-x86_64: Process 362 attached
 <unfinished ...>
[pid   363] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   362] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   363] <... set_robust_list resumed>) = 0
[pid   362] <... set_robust_list resumed>) = 0
[pid   363] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   362] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   363] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   362] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   363] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   361] <... clone3 resumed> => {parent_tid=[62]}, 88) = 62
[pid   362] memfd_create("syzkaller", 0 <unfinished ...>
[pid   361] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   361] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   363] <... futex resumed>)        = 0
[pid   362] <... memfd_create resumed>) = 3
[pid   361] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   363] creat("./bus", 000 <unfinished ...>
[pid   362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   363] <... creat resumed>)        = 4
[pid   362] <... mmap resumed>)         = 0x7faa8752f000
[pid   363] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   361] <... futex resumed>)        = 0
[pid   363] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   361] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   363] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   361] <... futex resumed>)        = 0
[pid   363] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   361] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   363] <... mount resumed>)        = 0
[pid   363] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   361] <... futex resumed>)        = 0
[pid   363] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   361] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   363] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   361] <... futex resumed>)        = 0
[pid   363] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   361] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   363] <... open resumed>)         = 5
[pid   363] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   361] <... futex resumed>)        = 0
[pid   363] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   361] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   363] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   361] <... futex resumed>)        = 0
[pid   363] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   361] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   363] <... mmap resumed>)         = 0x20000000
[pid   363] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   362] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20001303} ---
[pid   363] <... futex resumed>)        = 1
[pid   361] <... futex resumed>)        = 0
[pid   363] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   361] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   363] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   361] <... futex resumed>)        = 0
[pid   363] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   361] read(-1885088256,  <unfinished ...>
[pid   362] +++ killed by SIGBUS (core dumped) +++
[pid   363] +++ killed by SIGBUS (core dumped) +++
[pid   361] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=60, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./19/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./19/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./19/core")         = 0
[pid   299] umount2("./19/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./19/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./19/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./19/bus")          = 0
[pid   299] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./19/binderfs")     = 0
[pid   299] umount2("./19/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./19/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./19/cgroup.net")   = 0
[pid   299] umount2("./19/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./19/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./19/cgroup.cpu")   = 0
[pid   299] umount2("./19/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./19/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./19/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./19")               = 0
[pid   299] mkdir("./20", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 364 attached
 <unfinished ...>
[pid   364] set_robust_list(0x555579a076a0, 24) = 0
[pid   364] chdir("./20" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 63
[pid   364] <... chdir resumed>)        = 0
[pid   364] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   364] setpgid(0, 0)               = 0
[pid   364] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   364] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   364] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   364] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   364] write(3, "1000", 4)         = 4
[pid   364] close(3)                    = 0
[pid   364] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   364] write(1, "executing program\n", 18) = 18
[pid   364] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   364] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   364] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   364] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   364] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   364] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   364] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 365 attached
 <unfinished ...>
[pid   365] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   364] <... clone3 resumed> => {parent_tid=[64]}, 88) = 64
[pid   365] <... set_robust_list resumed>) = 0
[pid   365] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   365] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   364] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   364] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   365] <... futex resumed>)        = 0
[pid   364] <... futex resumed>)        = 1
[pid   365] memfd_create("syzkaller", 0 <unfinished ...>
[pid   364] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   365] <... memfd_create resumed>) = 3
[pid   364] <... futex resumed>)        = 0
[pid   365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   365] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   364] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   365] <... write resumed>)        = 262144
[pid   364] <... mmap resumed>)         = 0x7faa8752f000
[pid   365] munmap(0x7faa87550000, 138412032) = 0
[pid   364] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   365] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   364] <... mprotect resumed>)     = 0
[pid   365] <... openat resumed>)       = 4
[pid   364] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   364] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   365] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 366 attached
)    = 0
[pid   366] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   365] close(3 <unfinished ...>
[pid   366] <... set_robust_list resumed>) = 0
[pid   365] <... close resumed>)        = 0
[pid   366] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   365] close(4 <unfinished ...>
[pid   364] <... clone3 resumed> => {parent_tid=[65]}, 88) = 65
[pid   364] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   364] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   364] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   366] creat("./bus", 000)         = 3
[pid   366] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   364] <... futex resumed>)        = 0
[pid   366] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   364] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   366] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   364] <... futex resumed>)        = 0
[pid   366] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   364] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   366] <... mount resumed>)        = 0
[pid   366] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   364] <... futex resumed>)        = 0
[pid   366] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   364] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   366] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   364] <... futex resumed>)        = 0
[pid   366] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   364] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   366] <... open resumed>)         = 5
[pid   366] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   364] <... futex resumed>)        = 0
[pid   366] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   364] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   366] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   364] <... futex resumed>)        = 0
[pid   366] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   364] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   365] <... close resumed>)        = 0
[pid   366] <... mmap resumed>)         = 0x20000000
[pid   366] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   364] <... futex resumed>)        = 0
[pid   366] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   364] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   366] <... bpf resumed>)          = 4
[pid   364] <... futex resumed>)        = 0
[pid   365] mkdir(0x20000000, 0777 <unfinished ...>
[pid   366] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   364] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   366] <... futex resumed>)        = 0
[pid   364] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   366] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   365] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   365] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   365] ioctl(6, LOOP_CLR_FD)       = 0
[pid   365] close(6)                    = 0
[pid   365] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   365] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   364] close(3)                    = 0
[pid   364] close(4)                    = 0
[pid   364] close(5)                    = 0
[pid   364] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   364] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   364] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   364] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   364] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   364] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   364] exit_group(0 <unfinished ...>
[pid   366] <... futex resumed>)        = ?
[pid   365] <... futex resumed>)        = ?
[pid   364] <... exit_group resumed>)   = ?
[pid   366] +++ exited with 0 +++
[pid   365] +++ exited with 0 +++
[pid   364] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=63, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[   27.591492][  T365] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./20/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./20/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./20/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./20/bus")          = 0
[pid   299] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./20/binderfs")     = 0
[pid   299] umount2("./20/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./20/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./20/cgroup.net")   = 0
[pid   299] umount2("./20/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./20/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./20/cgroup.cpu")   = 0
[pid   299] umount2("./20/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./20/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./20/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./20")               = 0
[pid   299] mkdir("./21", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
./strace-static-x86_64: Process 367 attached
 <unfinished ...>
[pid   367] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 66
[pid   367] <... set_robust_list resumed>) = 0
[pid   367] chdir("./21")               = 0
[pid   367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   367] setpgid(0, 0)               = 0
[pid   367] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   367] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   367] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   367] write(3, "1000", 4)         = 4
[pid   367] close(3)                    = 0
[pid   367] symlink("/dev/binderfs", "./binderfs") = 0
[pid   367] write(1, "executing program\n", 18) = 18
[pid   367] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   367] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   367] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   367] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   367] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   367] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   367] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 368 attached
 <unfinished ...>
[pid   368] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   367] <... clone3 resumed> => {parent_tid=[67]}, 88) = 67
[pid   368] <... set_robust_list resumed>) = 0
[pid   367] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   368] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   367] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   368] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   367] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   368] memfd_create("syzkaller", 0 <unfinished ...>
[pid   367] <... futex resumed>)        = 0
[pid   368] <... memfd_create resumed>) = 3
[pid   367] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   367] <... futex resumed>)        = 0
[pid   368] <... mmap resumed>)         = 0x7faa87550000
[pid   367] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   367] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   367] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   367] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 369 attached
 <unfinished ...>
[pid   369] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   367] <... clone3 resumed> => {parent_tid=[68]}, 88) = 68
[pid   368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   369] <... set_robust_list resumed>) = 0
[pid   367] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   369] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   367] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   369] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   367] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   369] creat("./bus", 000 <unfinished ...>
[pid   367] <... futex resumed>)        = 0
[pid   369] <... creat resumed>)        = 4
[pid   367] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   369] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   367] <... futex resumed>)        = 0
[pid   369] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   367] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   369] <... mount resumed>)        = 0
[pid   367] <... futex resumed>)        = 0
[pid   369] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   367] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   369] <... futex resumed>)        = 0
[pid   367] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   368] <... write resumed>)        = 262144
[pid   369] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   367] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   369] <... open resumed>)         = 5
[pid   367] <... futex resumed>)        = 0
[pid   369] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   367] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   369] <... futex resumed>)        = 0
[pid   367] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   369] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   367] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   368] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   367] <... futex resumed>)        = 0
[pid   369] <... mmap resumed>)         = 0x20000000
[pid   368] <... munmap resumed>)       = 0
[pid   369] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   367] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   367] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   367] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   368] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   369] <... futex resumed>)        = 1
[pid   367] <... futex resumed>)        = 0
[pid   367] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=549000000} <unfinished ...>
[pid   368] <... ioctl resumed>)        = 0
[pid   368] close(3)                    = 0
[pid   368] close(6)                    = 0
[pid   368] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   369] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   368] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   368] ioctl(3, LOOP_CLR_FD)       = 0
[pid   368] close(3)                    = 0
[pid   368] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   368] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   369] <... bpf resumed>)          = 3
[pid   369] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   367] <... futex resumed>)        = 0
[pid   367] close(3)                    = 0
[pid   367] close(4)                    = 0
[pid   367] close(5)                    = 0
[pid   367] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   367] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   367] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   367] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   367] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   367] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   367] exit_group(0)               = ?
[pid   368] <... futex resumed>)        = ?
[pid   368] +++ exited with 0 +++
[pid   369] <... futex resumed>)        = ?
[pid   369] +++ exited with 0 +++
[pid   367] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=66, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[   27.670348][  T368] loop0: detected capacity change from 0 to 512
[   27.670811][  T369] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 0
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./21/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./21/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./21/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./21/bus")          = 0
[pid   299] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./21/binderfs")     = 0
[pid   299] umount2("./21/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./21/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./21/cgroup.net")   = 0
[pid   299] umount2("./21/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./21/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./21/cgroup.cpu")   = 0
[pid   299] umount2("./21/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./21/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./21/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./21")               = 0
[pid   299] mkdir("./22", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
./strace-static-x86_64: Process 370 attached
 <unfinished ...>
[pid   370] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 69
[pid   370] <... set_robust_list resumed>) = 0
[pid   370] chdir("./22")               = 0
[pid   370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   370] setpgid(0, 0)               = 0
[pid   370] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   370] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   370] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   370] write(3, "1000", 4)         = 4
[pid   370] close(3)                    = 0
[pid   370] symlink("/dev/binderfs", "./binderfs") = 0
[pid   370] write(1, "executing program\n", 18) = 18
[pid   370] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   370] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   370] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   370] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   370] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   370] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   370] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 371 attached
 <unfinished ...>
[pid   371] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   370] <... clone3 resumed> => {parent_tid=[70]}, 88) = 70
[pid   371] <... set_robust_list resumed>) = 0
[pid   370] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   371] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   370] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   371] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   370] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   371] memfd_create("syzkaller", 0 <unfinished ...>
[pid   370] <... futex resumed>)        = 0
[pid   371] <... memfd_create resumed>) = 3
[pid   370] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   370] <... futex resumed>)        = 0
[pid   371] <... mmap resumed>)         = 0x7faa87550000
[pid   370] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   370] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   370] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   371] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   370] <... rt_sigprocmask resumed>[], 8) = 0
[pid   370] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 372 attached
 => {parent_tid=[71]}, 88) = 71
[pid   370] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   372] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   370] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   372] <... set_robust_list resumed>) = 0
[pid   370] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   372] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   371] <... write resumed>)        = 262144
[pid   370] <... futex resumed>)        = 0
[pid   371] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   370] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   371] <... munmap resumed>)       = 0
[pid   371] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   371] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   372] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   372] creat("./bus", 000)         = 5
[pid   372] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   372] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   370] <... futex resumed>)        = 0
[pid   370] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   372] <... futex resumed>)        = 0
[pid   370] <... futex resumed>)        = 1
[pid   372] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   370] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   372] <... mount resumed>)        = 0
[pid   372] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   370] <... futex resumed>)        = 0
[pid   372] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   370] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   372] <... open resumed>)         = 6
[pid   371] <... ioctl resumed>)        = 0
[pid   370] <... futex resumed>)        = 0
[pid   372] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   371] close(3 <unfinished ...>
[pid   370] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   370] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   370] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   372] <... futex resumed>)        = 1
[pid   370] <... futex resumed>)        = 0
[pid   372] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   370] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   371] <... close resumed>)        = 0
[pid   371] close(4)                    = 0
[pid   371] mkdir(0x20000000, 0777 <unfinished ...>
[pid   372] <... mmap resumed>)         = 0x20000000
[pid   371] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   372] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   371] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   372] <... futex resumed>)        = 1
[pid   371] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   370] <... futex resumed>)        = 0
[pid   372] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   371] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   371] ioctl(3, LOOP_CLR_FD)       = 0
[pid   371] close(3)                    = 0
[pid   370] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   371] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   370] <... futex resumed>)        = 1
[pid   371] <... futex resumed>)        = 0
[pid   370] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   371] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   372] <... futex resumed>)        = 0
[pid   372] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   372] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   370] <... futex resumed>)        = 0
[pid   372] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   370] close(3)                    = 0
[pid   370] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   370] close(5)                    = 0
[pid   370] close(6)                    = 0
[pid   370] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   370] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   370] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   370] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   370] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   370] exit_group(0)               = ?
[pid   372] <... futex resumed>)        = ?
[pid   371] <... futex resumed>)        = ?
[pid   371] +++ exited with 0 +++
[   27.751533][  T371] loop0: detected capacity change from 0 to 512
[pid   372] +++ exited with 0 +++
[pid   370] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=69, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./22/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./22/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./22/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./22/bus")          = 0
[pid   299] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./22/binderfs")     = 0
[pid   299] umount2("./22/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./22/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./22/cgroup.net")   = 0
[pid   299] umount2("./22/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./22/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./22/cgroup.cpu")   = 0
[pid   299] umount2("./22/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./22/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./22/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./22")               = 0
[pid   299] mkdir("./23", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
executing program
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 373 attached
 <unfinished ...>
[pid   373] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 72
[pid   373] <... set_robust_list resumed>) = 0
[pid   373] chdir("./23")               = 0
[pid   373] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   373] setpgid(0, 0)               = 0
[pid   373] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   373] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   373] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   373] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   373] write(3, "1000", 4)         = 4
[pid   373] close(3)                    = 0
[pid   373] symlink("/dev/binderfs", "./binderfs") = 0
[pid   373] write(1, "executing program\n", 18) = 18
[pid   373] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   373] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   373] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   373] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   373] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   373] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   373] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 374 attached
 <unfinished ...>
[pid   374] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   373] <... clone3 resumed> => {parent_tid=[73]}, 88) = 73
[pid   374] <... set_robust_list resumed>) = 0
[pid   373] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   374] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   373] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   374] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   373] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   374] memfd_create("syzkaller", 0 <unfinished ...>
[pid   373] <... futex resumed>)        = 0
[pid   374] <... memfd_create resumed>) = 3
[pid   373] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   374] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   373] <... futex resumed>)        = 0
[pid   374] <... mmap resumed>)         = 0x7faa87550000
[pid   373] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   373] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   374] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   373] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   373] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 375 attached
 => {parent_tid=[74]}, 88) = 74
[pid   375] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   373] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   375] <... set_robust_list resumed>) = 0
[pid   373] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   375] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   373] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   374] <... write resumed>)        = 262144
[pid   375] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   375] creat("./bus", 000)         = 4
[pid   373] <... futex resumed>)        = 0
[pid   374] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   375] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   373] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   375] <... futex resumed>)        = 0
[pid   374] <... munmap resumed>)       = 0
[pid   373] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   375] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   374] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   373] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   373] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   375] <... futex resumed>)        = 0
[pid   374] <... openat resumed>)       = 5
[pid   375] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   374] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   375] <... mount resumed>)        = 0
[pid   375] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   375] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   373] <... futex resumed>)        = 0
[pid   373] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   375] <... futex resumed>)        = 0
[pid   373] <... futex resumed>)        = 1
[pid   375] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   373] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   375] <... open resumed>)         = 6
[pid   374] <... ioctl resumed>)        = 0
[pid   375] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   374] close(3)                    = 0
[pid   375] <... futex resumed>)        = 1
[pid   373] <... futex resumed>)        = 0
[pid   374] close(5)                    = 0
[pid   374] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   374] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   374] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   374] ioctl(3, LOOP_CLR_FD)       = 0
[pid   374] close(3)                    = 0
[pid   374] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   374] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   373] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   373] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   375] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   374] <... futex resumed>)        = 0
[pid   374] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0) = 0x20000000
[pid   374] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   373] <... futex resumed>)        = 0
[pid   373] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   373] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   374] <... futex resumed>)        = 1
[pid   374] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   374] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   373] <... futex resumed>)        = 0
[pid   373] close(3)                    = 0
[pid   373] close(4 <unfinished ...>
[pid   374] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   373] <... close resumed>)        = 0
[pid   373] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   373] close(6)                    = 0
[pid   373] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   373] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   373] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   373] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   373] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   373] exit_group(0)               = ?
[pid   375] <... futex resumed>)        = ?
[pid   375] +++ exited with 0 +++
[pid   374] <... futex resumed>)        = ?
[pid   374] +++ exited with 0 +++
[pid   373] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=72, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./23/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./23/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./23/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./23/bus")          = 0
[pid   299] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./23/binderfs")     = 0
[pid   299] umount2("./23/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./23/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./23/cgroup.net")   = 0
[pid   299] umount2("./23/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./23/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./23/cgroup.cpu")   = 0
[pid   299] umount2("./23/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./23/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./23/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./23")               = 0
[pid   299] mkdir("./24", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 75
./strace-static-x86_64: Process 376 attached
[pid   376] set_robust_list(0x555579a076a0, 24) = 0
[pid   376] chdir("./24")               = 0
[pid   376] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   376] setpgid(0, 0)               = 0
[pid   376] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   376] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   376] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   376] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
executing program
[pid   376] write(3, "1000", 4)         = 4
[pid   376] close(3)                    = 0
[pid   376] symlink("/dev/binderfs", "./binderfs") = 0
[pid   376] write(1, "executing program\n", 18) = 18
[pid   376] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   376] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   376] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   376] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   376] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   376] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   376] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[76]}, 88) = 76
[pid   376] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   376] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   376] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
./strace-static-x86_64: Process 377 attached
[pid   376] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   376] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   376] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   376] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[77]}, 88) = 77
[pid   376] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   376] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   376] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 378 attached
 <unfinished ...>
[pid   378] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   378] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   378] creat("./bus", 000)         = 3
[pid   378] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   376] <... futex resumed>)        = 0
[pid   376] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   376] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   378] <... futex resumed>)        = 1
[pid   378] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[   27.837784][  T374] loop0: detected capacity change from 0 to 512
[pid   378] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   376] <... futex resumed>)        = 0
[pid   376] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   377] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   376] <... futex resumed>)        = 0
[pid   376] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   378] <... futex resumed>)        = 1
[pid   378] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   377] <... set_robust_list resumed>) = 0
[pid   378] <... open resumed>)         = 4
[pid   378] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   376] <... futex resumed>)        = 0
[pid   378] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   376] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   378] <... mmap resumed>)         = 0x20000000
[pid   376] <... futex resumed>)        = 0
[pid   376] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   378] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   376] <... futex resumed>)        = 0
[pid   376] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   378] <... futex resumed>)        = 1
[pid   376] <... futex resumed>)        = 0
[pid   378] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   376] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000}) = ?
[pid   378] +++ killed by SIGBUS (core dumped) +++
[pid   377] +++ killed by SIGBUS (core dumped) +++
[pid   376] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=75, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./24/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./24/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./24/core")         = 0
[pid   299] umount2("./24/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./24/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./24/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./24/bus")          = 0
[pid   299] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./24/binderfs")     = 0
[pid   299] umount2("./24/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./24/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./24/cgroup.net")   = 0
[pid   299] umount2("./24/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./24/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./24/cgroup.cpu")   = 0
[pid   299] umount2("./24/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./24/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./24/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./24")               = 0
[pid   299] mkdir("./25", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 78
./strace-static-x86_64: Process 379 attached
[pid   379] set_robust_list(0x555579a076a0, 24) = 0
[pid   379] chdir("./25")               = 0
[pid   379] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   379] setpgid(0, 0)               = 0
[pid   379] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   379] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   379] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   379] write(3, "1000", 4)         = 4
[pid   379] close(3)                    = 0
[pid   379] symlink("/dev/binderfs", "./binderfs") = 0
[pid   379] write(1, "executing program\n", 18executing program
) = 18
[pid   379] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   379] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   379] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   379] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   379] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   379] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   379] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 380 attached
 => {parent_tid=[79]}, 88) = 79
[pid   380] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   380] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   380] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   379] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   379] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   380] <... futex resumed>)        = 0
[pid   380] memfd_create("syzkaller", 0 <unfinished ...>
[pid   379] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   380] <... memfd_create resumed>) = 3
[pid   380] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   379] <... futex resumed>)        = 0
[pid   379] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   379] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   379] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   379] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   380] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   379] <... clone3 resumed> => {parent_tid=[80]}, 88) = 80
[pid   379] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   379] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   380] <... write resumed>)        = 262144
[pid   379] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   380] munmap(0x7faa87550000, 138412032) = 0
[pid   380] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   380] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 381 attached
)    = 0
[pid   381] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   381] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   381] creat("./bus", 000 <unfinished ...>
[pid   380] close(3 <unfinished ...>
[pid   381] <... creat resumed>)        = 5
[pid   381] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   380] <... close resumed>)        = 0
[pid   380] close(4 <unfinished ...>
[pid   381] <... futex resumed>)        = 1
[pid   379] <... futex resumed>)        = 0
[pid   379] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   381] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   380] <... close resumed>)        = 0
[pid   379] <... futex resumed>)        = 0
[pid   379] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   380] mkdir("./bus", 0777 <unfinished ...>
[pid   381] <... mount resumed>)        = 0
[pid   380] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   380] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   381] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   379] <... futex resumed>)        = 0
[pid   379] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   379] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   381] <... futex resumed>)        = 1
[pid   381] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 3
[pid   381] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   379] <... futex resumed>)        = 0
[pid   379] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   379] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   381] <... futex resumed>)        = 1
[pid   381] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0) = 0x20000000
[pid   381] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   379] <... futex resumed>)        = 0
[pid   379] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   379] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   381] <... futex resumed>)        = 1
[pid   381] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 4
[pid   381] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   379] <... futex resumed>)        = 0
[pid   381] <... futex resumed>)        = 1
[   27.943969][  T380] loop0: detected capacity change from 0 to 512
[   27.956610][  T380] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   27.969667][  T380] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   27.979521][  T380] ================================================================================
[   27.988668][  T380] UBSAN: shift-out-of-bounds in fs/ext4/super.c:4424:27
[   27.995402][  T380] shift exponent 807429217 is too large for 32-bit type 'int'
[   28.002724][  T380] CPU: 1 PID: 380 Comm: syz-executor334 Not tainted 5.15.175-syzkaller-00803-g19092c8155b4 #0
[   28.012844][  T380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   28.022767][  T380] Call Trace:
[   28.025857][  T380]  <TASK>
[   28.028645][  T380]  dump_stack_lvl+0x151/0x1c0
[   28.033148][  T380]  ? io_uring_drop_tctx_refs+0x190/0x190
[   28.038621][  T380]  dump_stack+0x15/0x20
[   28.042606][  T380]  __ubsan_handle_shift_out_of_bounds+0x3bf/0x420
[   28.048861][  T380]  ? ext4_max_size+0xa3/0x120
[   28.053369][  T380]  ext4_fill_super+0x7491/0x96e0
[   28.058159][  T380]  ? ext4_mount+0x40/0x40
[   28.062311][  T380]  ? vscnprintf+0x80/0x80
[   28.066483][  T380]  ? set_blocksize+0x1f0/0x380
[   28.071530][  T380]  ? sb_set_blocksize+0xa8/0xf0
[   28.076215][  T380]  mount_bdev+0x282/0x3b0
[   28.080384][  T380]  ? ext4_mount+0x40/0x40
[   28.084547][  T380]  ext4_mount+0x34/0x40
[   28.088540][  T380]  legacy_get_tree+0xf1/0x190
[pid   381] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   379] close(3)                    = 0
[pid   379] close(4)                    = 0
[pid   379] close(5)                    = 0
[pid   379] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   379] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   379] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   379] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   379] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   379] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   379] exit_group(0)               = ?
[pid   381] <... futex resumed>)        = ?
[pid   381] +++ exited with 0 +++
[   28.093055][  T380]  ? ext4_errno_to_code+0x140/0x140
[   28.098093][  T380]  vfs_get_tree+0x88/0x290
[   28.102345][  T380]  do_new_mount+0x2ba/0xb30
[   28.106685][  T380]  ? do_move_mount_old+0x160/0x160
[   28.111632][  T380]  ? security_capable+0x87/0xb0
[   28.116315][  T380]  ? ns_capable+0x89/0xe0
[   28.120486][  T380]  path_mount+0x671/0x1070
[   28.124734][  T380]  __se_sys_mount+0x2c4/0x3b0
[   28.129247][  T380]  ? __x64_sys_mount+0xd0/0xd0
[   28.133852][  T380]  ? __kasan_check_write+0x14/0x20
[   28.138794][  T380]  __x64_sys_mount+0xbf/0xd0
[   28.143219][  T380]  x64_sys_call+0x49d/0x9a0
[   28.147568][  T380]  do_syscall_64+0x3b/0xb0
[   28.151809][  T380]  ? clear_bhb_loop+0x35/0x90
[   28.156324][  T380]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   28.162064][  T380] RIP: 0033:0x7faa8f9b60ea
[   28.166308][  T380] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 8e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   28.185837][  T380] RSP: 002b:00007faa8f970088 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   28.194097][  T380] RAX: ffffffffffffffda RBX: 00007faa8f9700a0 RCX: 00007faa8f9b60ea
[   28.201893][  T380] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 00007faa8f9700a0
[   28.209825][  T380] RBP: 0000000000000004 R08: 00007faa8f9700e0 R09: 00007faa8f9700e0
[   28.217757][  T380] R10: 000000000200010e R11: 0000000000000246 R12: 00007faa8f9700e0
[   28.225567][  T380] R13: 000000000200010e R14: 0000000000000003 R15: 0000000000040000
[   28.233383][  T380]  </TASK>
[pid   380] <... mount resumed>)        = ?
[pid   380] +++ exited with 0 +++
[pid   379] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=78, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./25/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./25/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./25/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./25/bus")          = 0
[pid   299] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./25/binderfs")     = 0
[pid   299] umount2("./25/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./25/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./25/cgroup.net")   = 0
[pid   299] umount2("./25/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./25/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./25/cgroup.cpu")   = 0
[pid   299] umount2("./25/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./25/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./25/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./25")               = 0
[pid   299] mkdir("./26", 0777)         = 0
[   28.236433][  T380] ================================================================================
[   28.245757][  T380] EXT4-fs (loop0): fragment/cluster size (2048) != block size (1024)
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = 0
executing program
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 81
./strace-static-x86_64: Process 382 attached
[pid   382] set_robust_list(0x555579a076a0, 24) = 0
[pid   382] chdir("./26")               = 0
[pid   382] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   382] setpgid(0, 0)               = 0
[pid   382] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   382] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   382] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   382] write(3, "1000", 4)         = 4
[pid   382] close(3)                    = 0
[pid   382] symlink("/dev/binderfs", "./binderfs") = 0
[pid   382] write(1, "executing program\n", 18) = 18
[pid   382] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   382] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   382] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   382] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   382] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   382] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   382] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[82]}, 88) = 82
[pid   382] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   382] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   382] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   382] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   382] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   382] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   382] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[83]}, 88) = 83
[pid   382] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   382] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   382] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 383 attached
 <unfinished ...>
[pid   383] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   383] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   383] memfd_create("syzkaller", 0) = 3
[pid   383] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   383] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid   383] munmap(0x7faa8752f000, 138412032) = 0
[pid   383] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   383] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 384 attached
 <unfinished ...>
[pid   384] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   384] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   384] creat("./bus", 000)         = 5
[pid   384] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   382] <... futex resumed>)        = 0
[pid   382] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   382] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   384] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   384] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   382] <... futex resumed>)        = 0
[pid   382] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   382] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   384] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 6
[pid   384] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   382] <... futex resumed>)        = 0
[pid   382] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   382] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   384] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0) = 0x20000000
[pid   384] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   382] <... futex resumed>)        = 0
[pid   382] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   382] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   384] <... futex resumed>)        = 1
[pid   384] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 7
[pid   384] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   382] <... futex resumed>)        = 0
[pid   384] <... futex resumed>)        = 1
[pid   384] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   383] <... ioctl resumed>)        = 0
[pid   383] close(3)                    = 0
[pid   383] close(4)                    = 0
[pid   383] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   383] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   383] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   383] ioctl(3, LOOP_CLR_FD)       = 0
[pid   383] close(3)                    = 0
[pid   383] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   383] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   382] close(3)                    = -1 EBADF (Bad file descriptor)
[pid   382] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   382] close(5)                    = 0
[pid   382] close(6)                    = 0
[pid   382] close(7)                    = 0
[pid   382] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   382] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   382] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   382] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   382] exit_group(0 <unfinished ...>
[pid   384] <... futex resumed>)        = ?
[pid   383] <... futex resumed>)        = ?
[pid   382] <... exit_group resumed>)   = ?
[pid   384] +++ exited with 0 +++
[pid   383] +++ exited with 0 +++
[pid   382] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=81, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./26/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./26/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./26/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./26/bus")          = 0
[pid   299] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./26/binderfs")     = 0
[pid   299] umount2("./26/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./26/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./26/cgroup.net")   = 0
[pid   299] umount2("./26/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./26/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./26/cgroup.cpu")   = 0
[pid   299] umount2("./26/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./26/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./26/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./26")               = 0
[pid   299] mkdir("./27", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = 0
[pid   299] close(3executing program
)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 84
./strace-static-x86_64: Process 386 attached
[pid   386] set_robust_list(0x555579a076a0, 24) = 0
[pid   386] chdir("./27")               = 0
[pid   386] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   386] setpgid(0, 0)               = 0
[pid   386] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   386] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   386] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   386] write(3, "1000", 4)         = 4
[pid   386] close(3)                    = 0
[pid   386] symlink("/dev/binderfs", "./binderfs") = 0
[pid   386] write(1, "executing program\n", 18) = 18
[pid   386] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   386] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   386] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   386] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   386] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   386] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   386] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[85]}, 88) = 85
[pid   386] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   386] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   386] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   386] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   386] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   386] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   386] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[86]}, 88) = 86
[pid   386] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   386] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   386] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 387 attached
 <unfinished ...>
[pid   387] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   387] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   387] memfd_create("syzkaller", 0) = 3
[pid   387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
./strace-static-x86_64: Process 388 attached
[pid   388] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   387] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   388] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   388] creat("./bus", 000)         = 4
[pid   388] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   386] <... futex resumed>)        = 0
[pid   386] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   386] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   388] <... futex resumed>)        = 1
[pid   388] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   387] <... write resumed>)        = 262144
[pid   387] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   388] <... mount resumed>)        = 0
[pid   388] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   387] <... munmap resumed>)       = 0
[pid   386] <... futex resumed>)        = 0
[pid   386] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   386] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   388] <... futex resumed>)        = 1
[pid   388] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   387] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   388] <... open resumed>)         = 5
[pid   387] <... openat resumed>)       = 6
[pid   388] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   387] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   388] <... futex resumed>)        = 1
[pid   386] <... futex resumed>)        = 0
[   28.368731][  T383] loop0: detected capacity change from 0 to 512
[pid   388] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   387] <... ioctl resumed>)        = 0
[pid   386] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   387] close(3 <unfinished ...>
[pid   386] <... futex resumed>)        = 0
[pid   387] <... close resumed>)        = 0
[pid   386] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   387] close(6)                    = 0
[pid   388] <... mmap resumed>)         = 0x20000000
[pid   388] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   387] mkdir(0x20000000, 0777 <unfinished ...>
[pid   388] <... futex resumed>)        = 1
[pid   388] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   387] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   387] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   386] <... futex resumed>)        = 0
[pid   387] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   386] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   387] <... openat resumed>)       = 3
[pid   386] <... futex resumed>)        = 1
[pid   387] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   386] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   387] <... ioctl resumed>)        = 0
[pid   387] close(3)                    = 0
[pid   387] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   387] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   388] <... futex resumed>)        = 0
[pid   388] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   388] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   386] <... futex resumed>)        = 0
[pid   386] close(3)                    = 0
[pid   386] close(4)                    = 0
[pid   386] close(5)                    = 0
[pid   386] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   386] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   388] <... futex resumed>)        = 1
[pid   386] close(8 <unfinished ...>
[pid   388] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   386] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   386] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   386] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   386] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   386] exit_group(0 <unfinished ...>
[pid   388] <... futex resumed>)        = ?
[pid   387] <... futex resumed>)        = ?
[pid   386] <... exit_group resumed>)   = ?
[pid   387] +++ exited with 0 +++
[   28.409110][  T387] loop0: detected capacity change from 0 to 512
[pid   388] +++ exited with 0 +++
[pid   386] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=84, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./27/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./27/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./27/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./27/bus")          = 0
[pid   299] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./27/binderfs")     = 0
[pid   299] umount2("./27/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./27/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./27/cgroup.net")   = 0
[pid   299] umount2("./27/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./27/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./27/cgroup.cpu")   = 0
[pid   299] umount2("./27/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./27/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./27/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./27")               = 0
[pid   299] mkdir("./28", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 389 attached
 <unfinished ...>
[pid   389] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 87
[pid   389] <... set_robust_list resumed>) = 0
[pid   389] chdir("./28")               = 0
[pid   389] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   389] setpgid(0, 0)               = 0
[pid   389] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   389] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   389] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   389] write(3, "1000", 4)         = 4
[pid   389] close(3)                    = 0
[pid   389] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   389] write(1, "executing program\n", 18) = 18
[pid   389] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   389] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   389] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   389] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   389] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   389] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   389] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 390 attached
 <unfinished ...>
[pid   390] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   389] <... clone3 resumed> => {parent_tid=[88]}, 88) = 88
[pid   390] <... set_robust_list resumed>) = 0
[pid   389] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   390] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   389] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   390] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   389] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   390] memfd_create("syzkaller", 0 <unfinished ...>
[pid   389] <... futex resumed>)        = 0
[pid   390] <... memfd_create resumed>) = 3
[pid   389] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   389] <... futex resumed>)        = 0
[pid   390] <... mmap resumed>)         = 0x7faa87550000
[pid   389] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   389] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   389] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   389] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 391 attached
 <unfinished ...>
[pid   391] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   389] <... clone3 resumed> => {parent_tid=[89]}, 88) = 89
[pid   391] <... set_robust_list resumed>) = 0
[pid   389] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   391] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   389] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   391] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   389] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   391] creat("./bus", 000 <unfinished ...>
[pid   389] <... futex resumed>)        = 0
[pid   391] <... creat resumed>)        = 4
[pid   390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   389] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   391] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   389] <... futex resumed>)        = 0
[pid   391] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   389] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   391] <... mount resumed>)        = 0
[pid   389] <... futex resumed>)        = 0
[pid   391] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   389] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   391] <... futex resumed>)        = 0
[pid   389] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   391] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   389] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   391] <... open resumed>)         = 5
[pid   389] <... futex resumed>)        = 0
[pid   391] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   389] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   391] <... futex resumed>)        = 0
[pid   389] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   391] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   390] <... write resumed>)        = 262144
[pid   389] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   391] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   389] <... futex resumed>)        = 0
[pid   391] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   389] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   391] <... mmap resumed>)         = 0x20000000
[pid   390] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   391] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   389] <... futex resumed>)        = 0
[pid   391] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   389] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   390] <... munmap resumed>)       = ?
[pid   390] +++ killed by SIGBUS (core dumped) +++
[pid   391] +++ killed by SIGBUS (core dumped) +++
[pid   389] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=87, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./28/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./28/core", {st_mode=S_IFREG|0600, st_size=17084416, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./28/core")         = 0
[pid   299] umount2("./28/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./28/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./28/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./28/bus")          = 0
[pid   299] umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./28/binderfs")     = 0
[pid   299] umount2("./28/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./28/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./28/cgroup.net")   = 0
[pid   299] umount2("./28/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./28/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./28/cgroup.cpu")   = 0
[pid   299] umount2("./28/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./28/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./28/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./28")               = 0
[pid   299] mkdir("./29", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 393 attached
 <unfinished ...>
[pid   393] set_robust_list(0x555579a076a0, 24) = 0
[pid   393] chdir("./29" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 90
[pid   393] <... chdir resumed>)        = 0
[pid   393] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   393] setpgid(0, 0)               = 0
[pid   393] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   393] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   393] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   393] write(3, "1000", 4)         = 4
[pid   393] close(3)                    = 0
[pid   393] symlink("/dev/binderfs", "./binderfs") = 0
[pid   393] write(1, "executing program\n", 18executing program
) = 18
[pid   393] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   393] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   393] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   393] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   393] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   393] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   393] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 394 attached
 <unfinished ...>
[pid   394] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   394] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   394] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   393] <... clone3 resumed> => {parent_tid=[91]}, 88) = 91
[pid   393] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   393] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   394] <... futex resumed>)        = 0
[pid   393] <... futex resumed>)        = 1
[pid   394] memfd_create("syzkaller", 0 <unfinished ...>
[pid   393] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   394] <... memfd_create resumed>) = 3
[pid   393] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   393] <... mmap resumed>)         = 0x7faa8f92f000
[pid   394] <... mmap resumed>)         = 0x7faa8752f000
[pid   393] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   394] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   393] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   394] <... write resumed>)        = 262144
[pid   393] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 395 attached
 <unfinished ...>
[pid   395] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   394] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   393] <... clone3 resumed> => {parent_tid=[92]}, 88) = 92
[pid   395] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   395] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   393] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   394] <... munmap resumed>)       = 0
[pid   393] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   394] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   393] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   395] <... futex resumed>)        = 0
[pid   393] <... futex resumed>)        = 1
[pid   394] <... openat resumed>)       = 4
[pid   395] creat("./bus", 000)         = 5
[pid   395] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   395] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   394] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   393] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   394] <... ioctl resumed>)        = 0
[pid   394] close(3)                    = 0
[pid   394] close(4 <unfinished ...>
[pid   393] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   395] <... futex resumed>)        = 0
[pid   393] <... futex resumed>)        = 1
[pid   395] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   395] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   395] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   393] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   393] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   395] <... futex resumed>)        = 0
[pid   393] <... futex resumed>)        = 1
[pid   395] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   393] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   395] <... open resumed>)         = 3
[pid   394] <... close resumed>)        = 0
[pid   395] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   394] mkdir("./bus", 0777 <unfinished ...>
[pid   395] <... futex resumed>)        = 1
[pid   394] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   393] <... futex resumed>)        = 0
[pid   395] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   394] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   393] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   395] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   394] <... mount resumed>)        = -1 ENODEV (No such device)
[pid   393] <... futex resumed>)        = 0
[pid   395] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   394] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   393] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   395] <... mmap resumed>)         = 0x20000000
[pid   394] <... openat resumed>)       = 4
[pid   395] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   394] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   395] <... futex resumed>)        = 1
[pid   394] <... ioctl resumed>)        = 0
[pid   393] <... futex resumed>)        = 0
[pid   395] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   394] close(4 <unfinished ...>
[pid   393] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   395] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   394] <... close resumed>)        = 0
[pid   393] <... futex resumed>)        = 0
[pid   395] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   394] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   393] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   395] <... bpf resumed>)          = 4
[pid   395] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   394] <... futex resumed>)        = 0
[pid   393] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   395] <... futex resumed>)        = 0
[pid   394] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   393] close(3 <unfinished ...>
[pid   395] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   393] <... close resumed>)        = 0
[pid   393] close(4)                    = 0
[pid   393] close(5)                    = 0
[pid   393] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   393] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   393] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   393] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   393] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   393] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   393] exit_group(0 <unfinished ...>
[pid   395] <... futex resumed>)        = ?
[pid   394] <... futex resumed>)        = ?
[pid   393] <... exit_group resumed>)   = ?
[pid   395] +++ exited with 0 +++
[pid   394] +++ exited with 0 +++
[   28.554550][  T394] loop0: detected capacity change from 0 to 512
[pid   393] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=90, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./29/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./29/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./29/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./29/bus")          = 0
[pid   299] umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./29/binderfs")     = 0
[pid   299] umount2("./29/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./29/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./29/cgroup.net")   = 0
[pid   299] umount2("./29/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./29/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./29/cgroup.cpu")   = 0
[pid   299] umount2("./29/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./29/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./29/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./29")               = 0
[pid   299] mkdir("./30", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 396 attached
 <unfinished ...>
[pid   396] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 93
[pid   396] <... set_robust_list resumed>) = 0
[pid   396] chdir("./30")               = 0
[pid   396] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   396] setpgid(0, 0)               = 0
executing program
[pid   396] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   396] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   396] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   396] write(3, "1000", 4)         = 4
[pid   396] close(3)                    = 0
[pid   396] symlink("/dev/binderfs", "./binderfs") = 0
[pid   396] write(1, "executing program\n", 18) = 18
[pid   396] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   396] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   396] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   396] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   396] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   396] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   396] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 397 attached
 <unfinished ...>
[pid   397] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   396] <... clone3 resumed> => {parent_tid=[94]}, 88) = 94
[pid   397] <... set_robust_list resumed>) = 0
[pid   396] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   397] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   396] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   397] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   396] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   397] memfd_create("syzkaller", 0 <unfinished ...>
[pid   396] <... futex resumed>)        = 0
[pid   397] <... memfd_create resumed>) = 3
[pid   396] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   396] <... futex resumed>)        = 0
[pid   397] <... mmap resumed>)         = 0x7faa87550000
[pid   396] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   396] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   396] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   396] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 398 attached
 <unfinished ...>
[pid   398] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   396] <... clone3 resumed> => {parent_tid=[95]}, 88) = 95
[pid   398] <... set_robust_list resumed>) = 0
[pid   396] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   398] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   396] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   398] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   396] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   398] creat("./bus", 000 <unfinished ...>
[pid   396] <... futex resumed>)        = 0
[pid   398] <... creat resumed>)        = 4
[pid   396] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   397] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   398] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   396] <... futex resumed>)        = 0
[pid   398] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   396] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   398] <... mount resumed>)        = 0
[pid   396] <... futex resumed>)        = 0
[pid   398] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   396] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   398] <... futex resumed>)        = 0
[pid   396] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   398] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   396] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   398] <... open resumed>)         = 5
[pid   396] <... futex resumed>)        = 0
[pid   398] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   396] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   398] <... futex resumed>)        = 0
[pid   396] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   398] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   396] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   398] <... mmap resumed>)         = 0x20000000
[pid   396] <... futex resumed>)        = 0
[pid   398] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   396] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   398] <... futex resumed>)        = 0
[pid   396] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   398] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   396] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   397] <... write resumed>)        = ?
[pid   396] <... futex resumed>)        = ?
[pid   397] +++ killed by SIGBUS (core dumped) +++
[pid   398] +++ killed by SIGBUS (core dumped) +++
[pid   396] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=93, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./30/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./30/core", {st_mode=S_IFREG|0600, st_size=17084416, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./30/core")         = 0
[pid   299] umount2("./30/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./30/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./30/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./30/bus")          = 0
[pid   299] umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./30/binderfs")     = 0
[pid   299] umount2("./30/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./30/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./30/cgroup.net")   = 0
[pid   299] umount2("./30/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./30/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./30/cgroup.cpu")   = 0
[pid   299] umount2("./30/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./30/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./30/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./30")               = 0
[pid   299] mkdir("./31", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 96
./strace-static-x86_64: Process 399 attached
[pid   399] set_robust_list(0x555579a076a0, 24) = 0
[pid   399] chdir("./31")               = 0
[pid   399] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   399] setpgid(0, 0)               = 0
[pid   399] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   399] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   399] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   399] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   399] write(3, "1000", 4)         = 4
[pid   399] close(3)                    = 0
[pid   399] symlink("/dev/binderfs", "./binderfs") = 0
[pid   399] write(1, "executing program\n", 18executing program
) = 18
[pid   399] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   399] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   399] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   399] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   399] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   399] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   399] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 400 attached
 <unfinished ...>
[pid   400] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   400] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   400] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   399] <... clone3 resumed> => {parent_tid=[97]}, 88) = 97
[pid   399] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   399] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   400] <... futex resumed>)        = 0
[pid   400] memfd_create("syzkaller", 0) = 3
[pid   400] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   399] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   399] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   400] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   399] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   400] <... write resumed>)        = 262144
[pid   399] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   400] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   399] <... rt_sigprocmask resumed>[], 8) = 0
[pid   399] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   400] <... munmap resumed>)       = 0
[pid   400] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 401 attached
 <unfinished ...>
[pid   401] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   401] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   401] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   399] <... clone3 resumed> => {parent_tid=[98]}, 88) = 98
[pid   400] <... openat resumed>)       = 4
[pid   400] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   399] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   400] <... ioctl resumed>)        = 0
[pid   399] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   400] close(3 <unfinished ...>
[pid   399] <... futex resumed>)        = 1
[pid   401] <... futex resumed>)        = 0
[pid   401] creat("./bus", 000)         = 5
[pid   401] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   401] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   400] <... close resumed>)        = 0
[pid   399] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   400] close(4 <unfinished ...>
[pid   399] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   400] <... close resumed>)        = 0
[pid   399] <... futex resumed>)        = 1
[pid   400] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   399] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   400] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   401] <... futex resumed>)        = 0
[pid   401] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   401] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   399] <... futex resumed>)        = 0
[pid   401] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   399] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   401] <... open resumed>)         = 3
[pid   399] <... futex resumed>)        = 0
[pid   401] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   399] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   401] <... futex resumed>)        = 0
[pid   399] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   401] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   399] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   399] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   401] <... mmap resumed>)         = 0x20000000
[pid   401] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   399] <... futex resumed>)        = 0
[pid   399] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   399] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   401] <... futex resumed>)        = 1
[pid   401] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 4
[pid   401] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   399] <... futex resumed>)        = 0
[pid   401] <... futex resumed>)        = 1
[   28.721960][  T400] loop0: detected capacity change from 0 to 512
[   28.734346][  T400] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   28.747265][  T400] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz-executor334: invalid indirect mapped block 512 (level 0)
[   28.761529][  T400] EXT4-fs (loop0): Remounting filesystem read-only
[   28.768663][  T400] EXT4-fs error (device loop0): __ext4_get_inode_loc:4351: comm syz-executor334: Invalid inode table block 5 in block_group 0
[   28.781901][  T400] EXT4-fs (loop0): Remounting filesystem read-only
[   28.788515][  T400] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   28.798093][  T400] EXT4-fs (loop0): Remounting filesystem read-only
[   28.804412][  T400] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   28.813094][  T400] EXT4-fs (loop0): Remounting filesystem read-only
[   28.819470][  T400] EXT4-fs error (device loop0): __ext4_get_inode_loc:4351: comm syz-executor334: Invalid inode table block 5 in block_group 0
[   28.832630][  T400] EXT4-fs (loop0): Remounting filesystem read-only
[   28.838970][  T400] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   28.848404][  T400] EXT4-fs (loop0): Remounting filesystem read-only
[   28.854721][  T400] EXT4-fs error (device loop0): ext4_truncate:4303: inode #16: comm syz-executor334: mark_inode_dirty error
[   28.866287][  T400] EXT4-fs (loop0): Remounting filesystem read-only
[pid   401] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   399] close(3)                    = 0
[pid   399] close(4)                    = 0
[pid   399] close(5)                    = 0
[pid   399] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   399] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   399] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   399] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   399] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   399] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   399] exit_group(0 <unfinished ...>
[pid   401] <... futex resumed>)        = ?
[pid   401] +++ exited with 0 +++
[pid   399] <... exit_group resumed>)   = ?
[pid   400] <... mount resumed>)        = ?
[   28.872634][  T400] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[   28.881582][  T400] EXT4-fs (loop0): Remounting filesystem read-only
[   28.888019][  T400] EXT4-fs (loop0): 1 orphan inode deleted
[   28.894114][  T400] EXT4-fs (loop0): 1 truncate cleaned up
[   28.899625][  T400] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[pid   400] +++ exited with 0 +++
[pid   399] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=96, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./31/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./31/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./31/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./31/bus")          = 0
[pid   299] umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./31/binderfs")     = 0
[pid   299] umount2("./31/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./31/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./31/cgroup.net")   = 0
[pid   299] umount2("./31/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./31/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./31/cgroup.cpu")   = 0
[pid   299] umount2("./31/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./31/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./31/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./31")               = 0
[pid   299] mkdir("./32", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = 0
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 99
./strace-static-x86_64: Process 404 attached
[pid   404] set_robust_list(0x555579a076a0, 24) = 0
[pid   404] chdir("./32")               = 0
[pid   404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   404] setpgid(0, 0)               = 0
[pid   404] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   404] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   404] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program
) = 3
[pid   404] write(3, "1000", 4)         = 4
[pid   404] close(3)                    = 0
[pid   404] symlink("/dev/binderfs", "./binderfs") = 0
[pid   404] write(1, "executing program\n", 18) = 18
[pid   404] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   404] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   404] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   404] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   404] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   404] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   404] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[100]}, 88) = 100
[pid   404] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   404] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   404] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   404] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   404] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   404] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   404] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[101]}, 88) = 101
[pid   404] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   404] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   404] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 405 attached
 <unfinished ...>
[pid   405] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   405] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
./strace-static-x86_64: Process 406 attached
[pid   405] memfd_create("syzkaller", 0 <unfinished ...>
[pid   406] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   406] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   406] creat("./bus", 000 <unfinished ...>
[pid   405] <... memfd_create resumed>) = 3
[pid   406] <... creat resumed>)        = 4
[pid   405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   406] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   405] <... mmap resumed>)         = 0x7faa8752f000
[pid   404] <... futex resumed>)        = 0
[pid   404] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   404] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   406] <... futex resumed>)        = 1
[pid   406] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   406] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   404] <... futex resumed>)        = 0
[pid   404] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   404] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   406] <... futex resumed>)        = 1
[pid   406] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   406] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   404] <... futex resumed>)        = 0
[pid   404] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   404] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   406] <... futex resumed>)        = 1
[pid   406] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   405] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20001280} ---
[pid   406] <... mmap resumed>)         = 0x20000000
[pid   404] <... futex resumed>)        = ?
[pid   406] +++ killed by SIGBUS (core dumped) +++
[pid   405] +++ killed by SIGBUS (core dumped) +++
[pid   404] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=99, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./32/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./32/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./32/core")         = 0
[pid   299] umount2("./32/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./32/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./32/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./32/bus")          = 0
[pid   299] umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./32/binderfs")     = 0
[pid   299] umount2("./32/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./32/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./32/cgroup.net")   = 0
[pid   299] umount2("./32/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./32/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./32/cgroup.cpu")   = 0
[pid   299] umount2("./32/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./32/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./32/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./32")               = 0
[pid   299] mkdir("./33", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 407 attached
, child_tidptr=0x555579a07690) = 102
[pid   407] set_robust_list(0x555579a076a0, 24) = 0
[pid   407] chdir("./33")               = 0
[pid   407] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   407] setpgid(0, 0)               = 0
[pid   407] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   407] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   407] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   407] write(3, "1000", 4)         = 4
[pid   407] close(3)                    = 0
[pid   407] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   407] write(1, "executing program\n", 18) = 18
[pid   407] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   407] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   407] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   407] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   407] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   407] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   407] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 408 attached
 <unfinished ...>
[pid   408] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   408] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   408] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   407] <... clone3 resumed> => {parent_tid=[103]}, 88) = 103
[pid   407] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   407] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   408] <... futex resumed>)        = 0
[pid   407] <... futex resumed>)        = 1
[pid   408] memfd_create("syzkaller", 0 <unfinished ...>
[pid   407] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   408] <... memfd_create resumed>) = 3
[pid   408] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   408] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   407] <... futex resumed>)        = 0
[pid   408] <... write resumed>)        = 262144
[pid   407] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   408] munmap(0x7faa87550000, 138412032) = 0
[pid   407] <... mmap resumed>)         = 0x7faa8f92f000
[pid   407] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   408] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   407] <... mprotect resumed>)     = 0
[pid   408] <... openat resumed>)       = 4
[pid   408] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid   407] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   408] close(3)                    = 0
[pid   408] close(4 <unfinished ...>
[pid   407] <... rt_sigprocmask resumed>[], 8) = 0
[pid   407] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 409 attached
 <unfinished ...>
[pid   409] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   409] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   409] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   407] <... clone3 resumed> => {parent_tid=[104]}, 88) = 104
[pid   407] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   407] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   407] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   409] <... futex resumed>)        = 0
[pid   409] creat("./bus", 000)         = 3
[pid   409] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   407] <... futex resumed>)        = 0
[pid   409] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   407] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   409] <... mount resumed>)        = 0
[pid   407] <... futex resumed>)        = 0
[pid   409] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   407] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   409] <... futex resumed>)        = 0
[pid   407] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   409] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   407] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   407] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   408] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   408] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[   29.209547][  T408] loop0: detected capacity change from 0 to 512
[pid   408] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   409] <... open resumed>)         = 4
[pid   408] <... openat resumed>)       = 5
[pid   409] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   408] ioctl(5, LOOP_CLR_FD <unfinished ...>
[pid   409] <... futex resumed>)        = 1
[pid   408] <... ioctl resumed>)        = 0
[pid   407] <... futex resumed>)        = 0
[pid   409] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   408] close(5 <unfinished ...>
[pid   407] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   407] <... futex resumed>)        = 0
[pid   408] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   407] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   408] <... futex resumed>)        = 0
[pid   408] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   409] <... mmap resumed>)         = 0x20000000
[pid   409] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   407] <... futex resumed>)        = 0
[pid   407] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   408] <... futex resumed>)        = 0
[pid   408] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 5
[pid   408] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   408] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   407] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   407] close(3)                    = 0
[pid   407] close(4)                    = 0
[pid   407] close(5)                    = 0
[pid   407] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   407] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   407] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   407] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   407] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   409] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   407] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   407] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   407] exit_group(0 <unfinished ...>
[pid   409] <... futex resumed>)        = ?
[pid   408] <... futex resumed>)        = ?
[pid   407] <... exit_group resumed>)   = ?
[pid   408] +++ exited with 0 +++
[pid   409] +++ exited with 0 +++
[pid   407] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=102, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./33/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./33/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./33/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./33/bus")          = 0
[pid   299] umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./33/binderfs")     = 0
[pid   299] umount2("./33/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./33/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./33/cgroup.net")   = 0
[pid   299] umount2("./33/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./33/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./33/cgroup.cpu")   = 0
[pid   299] umount2("./33/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./33/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./33/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./33")               = 0
[pid   299] mkdir("./34", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 410 attached
 <unfinished ...>
[pid   410] set_robust_list(0x555579a076a0, 24) = 0
[pid   410] chdir("./34" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 105
[pid   410] <... chdir resumed>)        = 0
[pid   410] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   410] setpgid(0, 0)               = 0
[pid   410] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   410] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   410] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   410] write(3, "1000", 4)         = 4
[pid   410] close(3)                    = 0
[pid   410] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   410] write(1, "executing program\n", 18) = 18
[pid   410] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   410] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   410] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   410] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   410] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   410] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   410] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 411 attached
 <unfinished ...>
[pid   411] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   410] <... clone3 resumed> => {parent_tid=[106]}, 88) = 106
[pid   411] <... set_robust_list resumed>) = 0
[pid   410] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   411] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   410] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   411] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   410] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   411] memfd_create("syzkaller", 0 <unfinished ...>
[pid   410] <... futex resumed>)        = 0
[pid   411] <... memfd_create resumed>) = 3
[pid   410] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   411] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   410] <... futex resumed>)        = 0
[pid   411] <... mmap resumed>)         = 0x7faa87550000
[pid   410] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   411] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid   410] <... mmap resumed>)         = 0x7faa8752f000
[pid   411] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   410] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   411] <... munmap resumed>)       = 0
[pid   410] <... mprotect resumed>)     = 0
[pid   411] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   411] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   410] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   410] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[107]}, 88) = 107
[pid   410] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   410] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   410] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 412 attached
 <unfinished ...>
[pid   411] <... ioctl resumed>)        = 0
[pid   412] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   411] close(3 <unfinished ...>
[pid   412] <... set_robust_list resumed>) = 0
[pid   411] <... close resumed>)        = 0
[pid   412] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   411] close(4 <unfinished ...>
[pid   412] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   412] creat("./bus", 000)         = 3
[pid   412] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   410] <... futex resumed>)        = 0
[pid   412] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   410] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   412] <... mount resumed>)        = 0
[pid   410] <... futex resumed>)        = 0
[pid   412] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   410] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   412] <... futex resumed>)        = 0
[pid   410] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   412] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   410] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   412] <... open resumed>)         = 4
[pid   410] <... futex resumed>)        = 0
[pid   412] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   410] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   412] <... futex resumed>)        = 0
[pid   410] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   412] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   410] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   410] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   411] <... close resumed>)        = 0
[pid   411] mkdir(0x20000000, 0777 <unfinished ...>
[pid   412] <... mmap resumed>)         = 0x20000000
[pid   411] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   412] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   411] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   412] <... futex resumed>)        = 1
[pid   411] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   410] <... futex resumed>)        = 0
[pid   412] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   411] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   410] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   412] <... bpf resumed>)          = 6
[pid   411] <... openat resumed>)       = 5
[pid   410] <... futex resumed>)        = 0
[pid   412] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   411] ioctl(5, LOOP_CLR_FD <unfinished ...>
[pid   410] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   412] <... futex resumed>)        = 0
[pid   411] <... ioctl resumed>)        = 0
[pid   410] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   412] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   411] close(5)                    = 0
[pid   411] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   411] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   410] close(3)                    = 0
[pid   410] close(4)                    = 0
[pid   410] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   410] close(6)                    = 0
[pid   410] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   410] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   410] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   410] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   410] exit_group(0 <unfinished ...>
[pid   412] <... futex resumed>)        = ?
[pid   411] <... futex resumed>)        = ?
[pid   410] <... exit_group resumed>)   = ?
[pid   412] +++ exited with 0 +++
[pid   411] +++ exited with 0 +++
[pid   410] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=105, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./34/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./34/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./34/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./34/bus")          = 0
[pid   299] umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[   29.332382][  T411] loop0: detected capacity change from 0 to 512
[pid   299] unlink("./34/binderfs")     = 0
[pid   299] umount2("./34/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./34/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./34/cgroup.net")   = 0
[pid   299] umount2("./34/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./34/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./34/cgroup.cpu")   = 0
[pid   299] umount2("./34/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./34/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./34/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./34")               = 0
[pid   299] mkdir("./35", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 413 attached
 <unfinished ...>
[pid   413] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 108
[pid   413] <... set_robust_list resumed>) = 0
[pid   413] chdir("./35")               = 0
[pid   413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   413] setpgid(0, 0)               = 0
[pid   413] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   413] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   413] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   413] write(3, "1000", 4)         = 4
[pid   413] close(3)                    = 0
[pid   413] symlink("/dev/binderfs", "./binderfs") = 0
[pid   413] write(1, "executing program\n", 18executing program
) = 18
[pid   413] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   413] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   413] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   413] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   413] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   413] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   413] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 414 attached
 <unfinished ...>
[pid   414] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   413] <... clone3 resumed> => {parent_tid=[109]}, 88) = 109
[pid   414] <... set_robust_list resumed>) = 0
[pid   413] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   414] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   413] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   413] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   414] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   413] <... futex resumed>)        = 0
[pid   414] memfd_create("syzkaller", 0 <unfinished ...>
[pid   413] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   414] <... memfd_create resumed>) = 3
[pid   413] <... futex resumed>)        = 0
[pid   414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   413] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   414] <... mmap resumed>)         = 0x7faa87550000
[pid   413] <... mmap resumed>)         = 0x7faa8752f000
[pid   413] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   413] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   413] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 415 attached
 => {parent_tid=[110]}, 88) = 110
[pid   415] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   413] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   415] <... set_robust_list resumed>) = 0
[pid   413] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   415] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   413] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   415] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   413] <... futex resumed>)        = 0
[pid   415] creat("./bus", 000 <unfinished ...>
[pid   413] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   415] <... creat resumed>)        = 4
[pid   414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   415] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   413] <... futex resumed>)        = 0
[pid   415] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   413] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   415] <... mount resumed>)        = 0
[pid   413] <... futex resumed>)        = 0
[pid   415] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   414] <... write resumed>)        = 262144
[pid   413] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   415] <... futex resumed>)        = 0
[pid   415] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   414] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   413] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   414] <... munmap resumed>)       = 0
[pid   413] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   414] ioctl(5, LOOP_SET_FD, 3)    = 0
[pid   413] <... futex resumed>)        = 1
[pid   415] <... futex resumed>)        = 0
[pid   415] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 6
[pid   415] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   415] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   414] close(3)                    = 0
[pid   414] close(5)                    = 0
[pid   414] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   414] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   414] ioctl(3, LOOP_CLR_FD)       = 0
[pid   414] close(3)                    = 0
[pid   414] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   414] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   413] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   413] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   413] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   414] <... futex resumed>)        = 0
[pid   414] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0) = 0x20000000
[pid   414] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   413] <... futex resumed>)        = 0
[pid   413] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   413] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   414] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   414] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   414] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   413] <... futex resumed>)        = 0
[pid   413] close(3)                    = 0
[pid   413] close(4)                    = 0
[pid   413] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   413] close(6)                    = 0
[pid   413] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   413] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   413] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   413] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   413] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   413] exit_group(0)               = ?
[pid   414] <... futex resumed>)        = ?
[pid   414] +++ exited with 0 +++
[pid   415] <... futex resumed>)        = ?
[pid   415] +++ exited with 0 +++
[pid   413] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=108, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[   29.409739][  T414] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./35/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./35/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./35/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./35/bus")          = 0
[pid   299] umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./35/binderfs")     = 0
[pid   299] umount2("./35/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./35/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./35/cgroup.net")   = 0
[pid   299] umount2("./35/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./35/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./35/cgroup.cpu")   = 0
[pid   299] umount2("./35/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./35/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./35/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./35")               = 0
[pid   299] mkdir("./36", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 416 attached
 <unfinished ...>
[pid   416] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 111
[pid   416] <... set_robust_list resumed>) = 0
[pid   416] chdir("./36")               = 0
[pid   416] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   416] setpgid(0, 0)               = 0
[pid   416] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   416] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   416] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   416] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   416] write(3, "1000", 4)         = 4
[pid   416] close(3)                    = 0
[pid   416] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   416] write(1, "executing program\n", 18) = 18
[pid   416] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   416] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   416] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   416] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   416] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   416] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   416] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 417 attached
 <unfinished ...>
[pid   417] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   416] <... clone3 resumed> => {parent_tid=[112]}, 88) = 112
[pid   417] <... set_robust_list resumed>) = 0
[pid   416] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   417] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   416] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   417] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   416] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   417] memfd_create("syzkaller", 0 <unfinished ...>
[pid   416] <... futex resumed>)        = 0
[pid   417] <... memfd_create resumed>) = 3
[pid   416] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   416] <... futex resumed>)        = 0
[pid   417] <... mmap resumed>)         = 0x7faa87550000
[pid   416] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   417] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   416] <... mmap resumed>)         = 0x7faa8752f000
[pid   417] <... write resumed>)        = 262144
[pid   416] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   417] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   416] <... mprotect resumed>)     = 0
[pid   417] <... munmap resumed>)       = 0
[pid   416] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   417] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   416] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 418 attached
 => {parent_tid=[113]}, 88) = 113
[pid   417] <... openat resumed>)       = 4
[pid   416] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   417] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   416] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   418] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   416] <... futex resumed>)        = 0
[pid   417] <... ioctl resumed>)        = 0
[pid   417] close(3 <unfinished ...>
[pid   416] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   418] <... set_robust_list resumed>) = 0
[pid   417] <... close resumed>)        = 0
[pid   417] close(4 <unfinished ...>
[pid   418] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   417] <... close resumed>)        = 0
[pid   417] mkdir("./bus", 0777)        = 0
[pid   417] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   418] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   418] creat("./bus", 000)         = -1 EISDIR (Is a directory)
[pid   418] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   418] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   416] <... futex resumed>)        = 0
[pid   416] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   418] <... futex resumed>)        = 0
[pid   416] <... futex resumed>)        = 1
[pid   418] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   416] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   418] <... mount resumed>)        = -1 ENOTDIR (Not a directory)
[pid   418] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   416] <... futex resumed>)        = 0
[pid   418] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid   416] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   418] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   416] <... futex resumed>)        = 0
[pid   418] <... open resumed>)         = -1 EISDIR (Is a directory)
[pid   416] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   418] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   416] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   418] <... futex resumed>)        = 0
[pid   416] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   418] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0 <unfinished ...>
[pid   416] <... futex resumed>)        = 0
[pid   418] <... mmap resumed>)         = -1 EBADF (Bad file descriptor)
[pid   416] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   418] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   416] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   418] <... futex resumed>)        = 0
[pid   416] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   418] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid   416] <... futex resumed>)        = 0
[pid   416] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   418] <... bpf resumed>)          = 3
[pid   418] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   416] <... futex resumed>)        = 0
[pid   418] <... futex resumed>)        = 1
[   29.486318][  T417] loop0: detected capacity change from 0 to 512
[   29.494474][  T417] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   29.508259][  T417] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz-executor334: invalid indirect mapped block 512 (level 0)
[   29.523221][  T417] EXT4-fs (loop0): Remounting filesystem read-only
[   29.529977][  T417] EXT4-fs (loop0): 1 orphan inode deleted
[pid   418] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   417] <... mount resumed>)        = 0
[pid   417] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 4
[pid   417] chdir("./bus")              = 0
[pid   417] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   417] ioctl(5, LOOP_CLR_FD)       = 0
[pid   417] close(5)                    = 0
[pid   417] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   417] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   416] close(3)                    = 0
[pid   416] close(4)                    = 0
[pid   416] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   416] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   416] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   416] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   416] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   416] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   416] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   416] exit_group(0 <unfinished ...>
[pid   418] <... futex resumed>)        = 231
[pid   416] <... exit_group resumed>)   = ?
[pid   417] <... futex resumed>)        = ?
[pid   418] +++ exited with 0 +++
[pid   417] +++ exited with 0 +++
[pid   416] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=111, si_uid=0, si_status=0, si_utime=0, si_stime=9} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[   29.535643][  T417] EXT4-fs (loop0): 1 truncate cleaned up
[   29.541221][  T417] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[pid   299] umount2("./36/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./36/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./36/bus", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] umount2("./36/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./36/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(4, 0x555579a10770 /* 2 entries */, 32768) = 48
[pid   299] getdents64(4, 0x555579a10770 /* 0 entries */, 32768) = 0
[pid   299] close(4)                    = 0
[pid   299] rmdir("./36/bus")           = 0
[pid   299] umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./36/binderfs")     = 0
[pid   299] umount2("./36/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./36/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./36/cgroup.net")   = 0
[pid   299] umount2("./36/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./36/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./36/cgroup.cpu")   = 0
[pid   299] umount2("./36/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./36/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./36/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./36")               = 0
[pid   299] mkdir("./37", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 114
./strace-static-x86_64: Process 421 attached
[pid   421] set_robust_list(0x555579a076a0, 24) = 0
[pid   421] chdir("./37")               = 0
[pid   421] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   421] setpgid(0, 0)               = 0
[pid   421] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   421] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   421] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   421] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   421] write(3, "1000", 4)         = 4
[pid   421] close(3)                    = 0
[pid   421] symlink("/dev/binderfs", "./binderfs") = 0
[pid   421] write(1, "executing program\n", 18executing program
) = 18
[pid   421] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   421] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   421] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   421] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   421] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   421] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   421] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 422 attached
 => {parent_tid=[115]}, 88) = 115
[pid   422] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   421] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   422] <... set_robust_list resumed>) = 0
[pid   422] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   422] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   421] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   421] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   422] <... futex resumed>)        = 0
[pid   422] memfd_create("syzkaller", 0 <unfinished ...>
[pid   421] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   422] <... memfd_create resumed>) = 3
[pid   422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   421] <... futex resumed>)        = 0
[pid   421] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   421] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   421] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   421] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 423 attached
 => {parent_tid=[116]}, 88) = 116
[pid   423] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   422] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   421] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   423] <... set_robust_list resumed>) = 0
[pid   421] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   423] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   421] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   423] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   421] <... futex resumed>)        = 0
[pid   423] creat("./bus", 000 <unfinished ...>
[pid   421] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   423] <... creat resumed>)        = 4
[pid   422] <... write resumed>)        = 262144
[pid   422] munmap(0x7faa87550000, 138412032) = 0
[pid   422] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   423] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   422] <... openat resumed>)       = 5
[pid   422] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   421] <... futex resumed>)        = 0
[pid   423] <... futex resumed>)        = 1
[pid   423] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   421] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   422] <... ioctl resumed>)        = 0
[pid   421] <... futex resumed>)        = 0
[pid   422] close(3 <unfinished ...>
[pid   421] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   423] <... mount resumed>)        = 0
[pid   422] <... close resumed>)        = 0
[pid   423] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   422] close(5 <unfinished ...>
[pid   421] <... futex resumed>)        = 0
[pid   421] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   423] <... futex resumed>)        = 1
[pid   421] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   423] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   422] <... close resumed>)        = 0
[pid   423] <... open resumed>)         = 3
[pid   423] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   423] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   422] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   422] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   422] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   422] ioctl(5, LOOP_CLR_FD)       = 0
[pid   422] close(5)                    = 0
[pid   422] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   422] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   421] <... futex resumed>)        = 0
[pid   421] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   421] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   422] <... futex resumed>)        = 0
[pid   422] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0) = 0x20000000
[pid   422] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   421] <... futex resumed>)        = 0
[pid   421] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   421] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   422] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 5
[pid   422] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   421] <... futex resumed>)        = 0
[pid   421] close(3)                    = 0
[pid   421] close(4)                    = 0
[pid   421] close(5)                    = 0
[pid   421] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   421] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   421] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   421] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   421] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   422] <... futex resumed>)        = 1
[pid   421] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   421] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   421] exit_group(0)               = ?
[pid   423] <... futex resumed>)        = ?
[pid   422] +++ exited with 0 +++
[   29.657631][  T422] loop0: detected capacity change from 0 to 512
[pid   423] +++ exited with 0 +++
[pid   421] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=114, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./37/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./37/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./37/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./37/bus")          = 0
[pid   299] umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./37/binderfs")     = 0
[pid   299] umount2("./37/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./37/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./37/cgroup.net")   = 0
[pid   299] umount2("./37/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./37/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./37/cgroup.cpu")   = 0
[pid   299] umount2("./37/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./37/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./37/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./37")               = 0
[pid   299] mkdir("./38", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x555579a07690) = 117
./strace-static-x86_64: Process 424 attached
[pid   424] set_robust_list(0x555579a076a0, 24) = 0
[pid   424] chdir("./38")               = 0
[pid   424] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   424] setpgid(0, 0)               = 0
[pid   424] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   424] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   424] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   424] write(3, "1000", 4)         = 4
[pid   424] close(3)                    = 0
[pid   424] symlink("/dev/binderfs", "./binderfs") = 0
[pid   424] write(1, "executing program\n", 18) = 18
[pid   424] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   424] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   424] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   424] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   424] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   424] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[118]}, 88) = 118
[pid   424] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   424] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   424] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   424] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   424] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[119]}, 88) = 119
[pid   424] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   424] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 425 attached
 <unfinished ...>
[pid   425] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   425] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   425] memfd_create("syzkaller", 0) = 3
[pid   425] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
./strace-static-x86_64: Process 426 attached
[pid   426] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   425] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   426] <... set_robust_list resumed>) = 0
[pid   426] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   426] creat("./bus", 000)         = 4
[pid   426] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   424] <... futex resumed>)        = 0
[pid   424] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   426] <... futex resumed>)        = 1
[pid   426] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   425] <... write resumed>)        = 262144
[pid   426] <... mount resumed>)        = 0
[pid   426] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   424] <... futex resumed>)        = 0
[pid   424] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   426] <... futex resumed>)        = 1
[pid   426] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   426] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   424] <... futex resumed>)        = 0
[pid   424] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   426] <... futex resumed>)        = 1
[pid   426] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0) = 0x20000000
[pid   426] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   424] <... futex resumed>)        = 0
[pid   424] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   426] <... futex resumed>)        = 1
[pid   426] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   424] <... futex resumed>)        = ?
[pid   425] +++ killed by SIGBUS (core dumped) +++
[pid   426] +++ killed by SIGBUS (core dumped) +++
[pid   424] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=117, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./38/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./38/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./38/core")         = 0
[pid   299] umount2("./38/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./38/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./38/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./38/bus")          = 0
[pid   299] umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./38/binderfs")     = 0
[pid   299] umount2("./38/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./38/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./38/cgroup.net")   = 0
[pid   299] umount2("./38/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./38/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./38/cgroup.cpu")   = 0
[pid   299] umount2("./38/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./38/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./38/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./38")               = 0
[pid   299] mkdir("./39", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 427 attached
 <unfinished ...>
[pid   427] set_robust_list(0x555579a076a0, 24) = 0
[pid   427] chdir("./39" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 120
[pid   427] <... chdir resumed>)        = 0
[pid   427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   427] setpgid(0, 0)               = 0
[pid   427] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   427] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   427] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   427] write(3, "1000", 4)         = 4
[pid   427] close(3)                    = 0
[pid   427] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   427] write(1, "executing program\n", 18) = 18
[pid   427] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   427] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   427] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   427] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   427] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   427] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   427] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 428 attached
 <unfinished ...>
[pid   428] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   427] <... clone3 resumed> => {parent_tid=[121]}, 88) = 121
[pid   428] <... set_robust_list resumed>) = 0
[pid   427] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   428] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   427] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   428] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   427] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   428] memfd_create("syzkaller", 0 <unfinished ...>
[pid   427] <... futex resumed>)        = 0
[pid   428] <... memfd_create resumed>) = 3
[pid   427] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   427] <... futex resumed>)        = 0
[pid   428] <... mmap resumed>)         = 0x7faa87550000
[pid   427] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   427] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   427] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   427] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 429 attached
 <unfinished ...>
[pid   429] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   429] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   429] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   428] <... write resumed>)        = 262144
[pid   427] <... clone3 resumed> => {parent_tid=[122]}, 88) = 122
[pid   428] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   427] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   428] <... munmap resumed>)       = 0
[pid   428] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   427] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   429] <... futex resumed>)        = 0
[pid   427] <... futex resumed>)        = 1
[pid   429] creat("./bus", 000 <unfinished ...>
[pid   428] <... openat resumed>)       = 4
[pid   429] <... creat resumed>)        = 5
[pid   428] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   427] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   429] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   429] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   427] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   428] <... ioctl resumed>)        = 0
[pid   427] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   429] <... futex resumed>)        = 0
[pid   428] close(3 <unfinished ...>
[pid   427] <... futex resumed>)        = 1
[pid   429] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   427] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   429] <... mount resumed>)        = 0
[pid   428] <... close resumed>)        = 0
[pid   429] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   427] <... futex resumed>)        = 0
[pid   429] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   427] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   429] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   427] <... futex resumed>)        = 0
[pid   429] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   427] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   429] <... open resumed>)         = 3
[pid   429] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   427] <... futex resumed>)        = 0
[pid   429] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   427] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   429] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   427] <... futex resumed>)        = 0
[pid   429] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   427] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   428] close(4 <unfinished ...>
[pid   429] <... mmap resumed>)         = 0x20000000
[pid   428] <... close resumed>)        = 0
[pid   429] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   428] mkdir(0x20000000, 0777 <unfinished ...>
[pid   429] <... futex resumed>)        = 1
[pid   428] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   427] <... futex resumed>)        = 0
[pid   429] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   428] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   427] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   429] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   428] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   427] <... futex resumed>)        = 0
[pid   429] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   428] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   427] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   429] <... bpf resumed>)          = 4
[pid   428] <... openat resumed>)       = 6
[pid   429] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   428] ioctl(6, LOOP_CLR_FD <unfinished ...>
[pid   429] <... futex resumed>)        = 1
[pid   428] <... ioctl resumed>)        = 0
[pid   427] <... futex resumed>)        = 0
[pid   429] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   428] close(6)                    = 0
[pid   428] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   428] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   427] close(3)                    = 0
[pid   427] close(4)                    = 0
[pid   427] close(5)                    = 0
[pid   427] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   427] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   427] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   427] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   427] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   427] exit_group(0 <unfinished ...>
[pid   429] <... futex resumed>)        = ?
[pid   428] <... futex resumed>)        = ?
[pid   427] <... exit_group resumed>)   = ?
[pid   429] +++ exited with 0 +++
[pid   428] +++ exited with 0 +++
[pid   427] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=120, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[   29.831373][  T428] loop0: detected capacity change from 0 to 512
[pid   299] umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./39/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./39/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./39/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./39/bus")          = 0
[pid   299] umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./39/binderfs")     = 0
[pid   299] umount2("./39/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./39/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./39/cgroup.net")   = 0
[pid   299] umount2("./39/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./39/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./39/cgroup.cpu")   = 0
[pid   299] umount2("./39/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./39/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./39/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./39")               = 0
[pid   299] mkdir("./40", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 430 attached
 <unfinished ...>
[pid   430] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 123
[pid   430] <... set_robust_list resumed>) = 0
[pid   430] chdir("./40")               = 0
[pid   430] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   430] setpgid(0, 0)               = 0
[pid   430] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   430] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   430] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   430] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   430] write(3, "1000", 4)         = 4
[pid   430] close(3)                    = 0
[pid   430] symlink("/dev/binderfs", "./binderfs") = 0
[pid   430] write(1, "executing program\n", 18executing program
) = 18
[pid   430] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   430] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   430] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   430] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   430] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   430] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   430] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 431 attached
 <unfinished ...>
[pid   431] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   430] <... clone3 resumed> => {parent_tid=[124]}, 88) = 124
[pid   431] <... set_robust_list resumed>) = 0
[pid   430] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   431] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   430] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   431] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   430] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   431] memfd_create("syzkaller", 0 <unfinished ...>
[pid   430] <... futex resumed>)        = 0
[pid   431] <... memfd_create resumed>) = 3
[pid   430] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   431] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   430] <... futex resumed>)        = 0
[pid   431] <... mmap resumed>)         = 0x7faa87550000
[pid   430] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   431] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   430] <... mmap resumed>)         = 0x7faa8752f000
[pid   431] <... write resumed>)        = 262144
[pid   430] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   431] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   430] <... mprotect resumed>)     = 0
[pid   431] <... munmap resumed>)       = 0
[pid   430] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   431] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   430] <... rt_sigprocmask resumed>[], 8) = 0
[pid   431] <... openat resumed>)       = 4
[pid   430] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   431] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 432 attached
)    = 0
[pid   430] <... clone3 resumed> => {parent_tid=[125]}, 88) = 125
[pid   432] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   430] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   432] <... set_robust_list resumed>) = 0
[pid   430] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   431] close(3 <unfinished ...>
[pid   432] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   430] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   432] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   431] <... close resumed>)        = 0
[pid   430] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   432] creat("./bus", 000 <unfinished ...>
[pid   431] close(4 <unfinished ...>
[pid   432] <... creat resumed>)        = 3
[pid   432] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   430] <... futex resumed>)        = 0
[pid   432] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   430] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   432] <... mount resumed>)        = 0
[pid   430] <... futex resumed>)        = 0
[pid   432] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   430] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   432] <... futex resumed>)        = 0
[pid   430] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   432] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   430] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   430] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   431] <... close resumed>)        = 0
[pid   431] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   431] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   431] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   431] ioctl(5, LOOP_CLR_FD)       = 0
[pid   431] close(5)                    = 0
[pid   431] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   431] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   432] <... open resumed>)         = 4
[pid   432] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   432] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   430] <... futex resumed>)        = 0
[pid   430] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   430] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   431] <... futex resumed>)        = 0
[pid   431] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0) = 0x20000000
[pid   431] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   430] <... futex resumed>)        = 0
[pid   431] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   430] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   430] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   431] <... bpf resumed>)          = 5
[pid   431] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   430] <... futex resumed>)        = 0
[pid   430] close(3)                    = 0
[pid   430] close(4)                    = 0
[pid   430] close(5)                    = 0
[pid   430] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   430] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   431] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   430] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   430] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   430] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   430] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   430] exit_group(0)               = ?
[pid   432] <... futex resumed>)        = ?
[pid   431] <... futex resumed>)        = ?
[pid   432] +++ exited with 0 +++
[pid   431] +++ exited with 0 +++
[   29.910564][  T431] loop0: detected capacity change from 0 to 512
[pid   430] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=123, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./40/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./40/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./40/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./40/bus")          = 0
[pid   299] umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./40/binderfs")     = 0
[pid   299] umount2("./40/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./40/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./40/cgroup.net")   = 0
[pid   299] umount2("./40/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./40/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./40/cgroup.cpu")   = 0
[pid   299] umount2("./40/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./40/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./40/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./40")               = 0
[pid   299] mkdir("./41", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 433 attached
 <unfinished ...>
[pid   433] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 126
[pid   433] <... set_robust_list resumed>) = 0
[pid   433] chdir("./41")               = 0
[pid   433] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   433] setpgid(0, 0)               = 0
[pid   433] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   433] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   433] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   433] write(3, "1000", 4)         = 4
[pid   433] close(3)                    = 0
[pid   433] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   433] write(1, "executing program\n", 18) = 18
[pid   433] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   433] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   433] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   433] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   433] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   433] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   433] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[127]}, 88) = 127
[pid   433] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   433] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   433] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   433] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   433] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   433] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   433] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 435 attached
./strace-static-x86_64: Process 434 attached
 => {parent_tid=[128]}, 88) = 128
[pid   433] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   433] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   433] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   435] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   435] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   435] creat("./bus", 000)         = 3
[pid   435] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   433] <... futex resumed>)        = 0
[pid   435] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   433] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   435] <... mount resumed>)        = 0
[pid   433] <... futex resumed>)        = 0
[pid   435] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   433] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   435] <... futex resumed>)        = 0
[pid   433] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   435] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   433] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   435] <... open resumed>)         = 4
[pid   433] <... futex resumed>)        = 0
[pid   435] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   433] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   435] <... futex resumed>)        = 0
[pid   433] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   435] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   433] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   435] <... mmap resumed>)         = 0x20000000
[pid   433] <... futex resumed>)        = 0
[pid   435] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   433] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   435] <... futex resumed>)        = 0
[pid   433] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   435] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   433] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   434] +++ killed by SIGBUS (core dumped) +++
[pid   435] +++ killed by SIGBUS (core dumped) +++
[pid   433] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=126, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./41/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./41/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./41/core")         = 0
[pid   299] umount2("./41/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./41/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./41/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./41/bus")          = 0
[pid   299] umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./41/binderfs")     = 0
[pid   299] umount2("./41/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./41/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./41/cgroup.net")   = 0
[pid   299] umount2("./41/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./41/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./41/cgroup.cpu")   = 0
[pid   299] umount2("./41/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./41/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./41/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./41")               = 0
[pid   299] mkdir("./42", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 436 attached
 <unfinished ...>
[pid   436] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 129
[pid   436] <... set_robust_list resumed>) = 0
[pid   436] chdir("./42")               = 0
[pid   436] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   436] setpgid(0, 0)               = 0
[pid   436] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   436] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   436] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   436] write(3, "1000", 4)         = 4
[pid   436] close(3)                    = 0
[pid   436] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   436] write(1, "executing program\n", 18) = 18
[pid   436] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   436] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   436] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   436] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   436] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   436] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   436] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 437 attached
 <unfinished ...>
[pid   437] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   436] <... clone3 resumed> => {parent_tid=[130]}, 88) = 130
[pid   437] <... set_robust_list resumed>) = 0
[pid   437] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   436] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   437] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   437] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   436] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   436] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   437] <... futex resumed>)        = 0
[pid   436] <... futex resumed>)        = 1
[pid   437] memfd_create("syzkaller", 0 <unfinished ...>
[pid   436] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   437] <... memfd_create resumed>) = 3
[pid   437] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   436] <... futex resumed>)        = 0
[pid   437] <... mmap resumed>)         = 0x7faa87550000
[pid   436] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   436] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   436] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   436] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[131]}, 88) = 131
[pid   436] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   436] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
./strace-static-x86_64: Process 438 attached
[pid   437] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   436] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   438] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   437] <... write resumed>)        = 262144
[pid   438] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   437] munmap(0x7faa87550000, 138412032) = 0
[pid   437] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   438] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   437] <... openat resumed>)       = 4
[pid   438] creat("./bus", 000 <unfinished ...>
[pid   437] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   438] <... creat resumed>)        = 5
[pid   438] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   438] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   437] <... ioctl resumed>)        = 0
[pid   437] close(3)                    = 0
[pid   437] close(4 <unfinished ...>
[pid   436] <... futex resumed>)        = 0
[pid   436] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   438] <... futex resumed>)        = 0
[pid   436] <... futex resumed>)        = 1
[pid   438] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   436] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   438] <... mount resumed>)        = 0
[pid   438] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   436] <... futex resumed>)        = 0
[pid   438] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   436] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   438] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   436] <... futex resumed>)        = 0
[pid   438] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   436] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   438] <... open resumed>)         = 3
[pid   437] <... close resumed>)        = 0
[pid   438] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   437] mkdir("./bus", 0777 <unfinished ...>
[pid   438] <... futex resumed>)        = 1
[pid   437] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   436] <... futex resumed>)        = 0
[pid   438] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   437] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   436] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   438] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   437] <... mount resumed>)        = -1 ENODEV (No such device)
[pid   436] <... futex resumed>)        = 0
[pid   438] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   437] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   436] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   437] <... openat resumed>)       = 4
[pid   437] ioctl(4, LOOP_CLR_FD)       = 0
[pid   437] close(4)                    = 0
[pid   437] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   437] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   438] <... mmap resumed>)         = 0x20000000
[pid   438] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   436] <... futex resumed>)        = 0
[pid   438] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   436] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   437] <... futex resumed>)        = 0
[pid   436] <... futex resumed>)        = 1
[pid   437] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   436] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   437] <... bpf resumed>)          = 4
[pid   437] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   437] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   436] <... futex resumed>)        = 0
[pid   436] close(3)                    = 0
[pid   436] close(4)                    = 0
[pid   436] close(5)                    = 0
[pid   436] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   436] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   436] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   436] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   436] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   436] exit_group(0 <unfinished ...>
[pid   437] <... futex resumed>)        = ?
[pid   436] <... exit_group resumed>)   = ?
[pid   438] <... futex resumed>)        = ?
[pid   437] +++ exited with 0 +++
[   30.037445][  T437] loop0: detected capacity change from 0 to 512
[pid   438] +++ exited with 0 +++
[pid   436] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=129, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./42/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./42/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./42/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./42/bus")          = 0
[pid   299] umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./42/binderfs")     = 0
[pid   299] umount2("./42/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./42/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./42/cgroup.net")   = 0
[pid   299] umount2("./42/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./42/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./42/cgroup.cpu")   = 0
[pid   299] umount2("./42/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./42/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./42/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./42")               = 0
[pid   299] mkdir("./43", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 439 attached
 <unfinished ...>
[pid   439] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 132
[pid   439] <... set_robust_list resumed>) = 0
[pid   439] chdir("./43")               = 0
[pid   439] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   439] setpgid(0, 0)               = 0
[pid   439] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   439] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   439] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   439] write(3, "1000", 4)         = 4
[pid   439] close(3)                    = 0
[pid   439] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   439] write(1, "executing program\n", 18) = 18
[pid   439] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   439] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   439] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   439] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   439] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   439] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   439] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 440 attached
 <unfinished ...>
[pid   440] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   439] <... clone3 resumed> => {parent_tid=[133]}, 88) = 133
[pid   440] <... set_robust_list resumed>) = 0
[pid   439] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   440] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   439] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   440] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   439] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   440] memfd_create("syzkaller", 0 <unfinished ...>
[pid   439] <... futex resumed>)        = 0
[pid   440] <... memfd_create resumed>) = 3
[pid   439] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   440] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   439] <... futex resumed>)        = 0
[pid   440] <... mmap resumed>)         = 0x7faa87550000
[pid   439] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   439] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   439] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   439] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 441 attached
 => {parent_tid=[134]}, 88) = 134
[pid   441] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   439] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   440] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   441] <... set_robust_list resumed>) = 0
[pid   441] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   441] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   439] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   439] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   441] <... futex resumed>)        = 0
[pid   439] <... futex resumed>)        = 1
[pid   441] creat("./bus", 000 <unfinished ...>
[pid   439] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   441] <... creat resumed>)        = 4
[pid   441] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   439] <... futex resumed>)        = 0
[pid   441] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   439] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   441] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   439] <... futex resumed>)        = 0
[pid   441] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   439] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   441] <... mount resumed>)        = 0
[pid   440] <... write resumed>)        = 262144
[pid   441] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   439] <... futex resumed>)        = 0
[pid   441] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   439] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   441] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   439] <... futex resumed>)        = 0
[pid   441] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   439] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   441] <... open resumed>)         = 5
[pid   440] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   441] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   440] <... munmap resumed>)       = 0
[pid   439] <... futex resumed>)        = 0
[pid   441] <... futex resumed>)        = 1
[pid   440] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   441] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   439] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   440] <... openat resumed>)       = 6
[pid   439] <... futex resumed>)        = 0
[pid   440] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   439] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   441] <... mmap resumed>)         = 0x20000000
[pid   441] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   439] <... futex resumed>)        = 0
[pid   441] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   439] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   441] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   439] <... futex resumed>)        = 0
[pid   440] <... ioctl resumed>)        = 0
[pid   440] close(3)                    = 0
[pid   440] close(6 <unfinished ...>
[pid   439] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   441] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   440] <... close resumed>)        = 0
[pid   441] <... bpf resumed>)          = 3
[pid   440] mkdir(0x20000000, 0777 <unfinished ...>
[pid   441] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   440] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   441] <... futex resumed>)        = 1
[pid   440] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   441] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   440] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   440] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   440] ioctl(6, LOOP_CLR_FD)       = 0
[pid   440] close(6)                    = 0
[pid   440] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   440] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   439] <... futex resumed>)        = 0
[pid   439] close(3)                    = 0
[pid   439] close(4)                    = 0
[pid   439] close(5)                    = 0
[pid   439] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   439] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   439] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   439] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   439] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   439] exit_group(0 <unfinished ...>
[pid   440] <... futex resumed>)        = ?
[pid   439] <... exit_group resumed>)   = ?
[pid   440] +++ exited with 0 +++
[pid   441] <... futex resumed>)        = ?
[pid   441] +++ exited with 0 +++
[pid   439] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=132, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./43/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./43/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./43/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./43/bus")          = 0
[pid   299] umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./43/binderfs")     = 0
[pid   299] umount2("./43/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./43/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./43/cgroup.net")   = 0
[pid   299] umount2("./43/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./43/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./43/cgroup.cpu")   = 0
[pid   299] umount2("./43/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./43/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./43/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./43")               = 0
[pid   299] mkdir("./44", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 442 attached
 <unfinished ...>
[pid   442] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 135
[pid   442] <... set_robust_list resumed>) = 0
[pid   442] chdir("./44")               = 0
[pid   442] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   442] setpgid(0, 0)               = 0
[pid   442] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   442] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   442] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   442] write(3, "1000", 4)         = 4
[pid   442] close(3)                    = 0
[pid   442] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   442] write(1, "executing program\n", 18) = 18
[pid   442] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   442] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   442] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   442] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   442] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   442] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   442] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 443 attached
 <unfinished ...>
[pid   443] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   442] <... clone3 resumed> => {parent_tid=[136]}, 88) = 136
[pid   443] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   443] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   442] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   442] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   443] <... futex resumed>)        = 0
[pid   442] <... futex resumed>)        = 1
[pid   443] memfd_create("syzkaller", 0) = 3
[pid   443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   443] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   442] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   443] <... write resumed>)        = 262144
[pid   442] <... futex resumed>)        = 0
[pid   443] munmap(0x7faa87550000, 138412032) = 0
[pid   442] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   443] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   443] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   442] <... mmap resumed>)         = 0x7faa8f92f000
[   30.142276][  T440] loop0: detected capacity change from 0 to 512
[   30.143386][  T441] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 0
[pid   442] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   442] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   442] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[137]}, 88) = 137
[pid   442] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   442] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   442] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 444 attached
 <unfinished ...>
[pid   443] <... ioctl resumed>)        = 0
[pid   444] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   443] close(3 <unfinished ...>
[pid   444] <... set_robust_list resumed>) = 0
[pid   443] <... close resumed>)        = 0
[pid   444] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   443] close(4 <unfinished ...>
[pid   444] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   444] creat("./bus", 000)         = 3
[pid   444] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   442] <... futex resumed>)        = 0
[pid   444] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   442] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   444] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   442] <... futex resumed>)        = 0
[pid   444] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   442] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   444] <... mount resumed>)        = 0
[pid   444] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   442] <... futex resumed>)        = 0
[pid   444] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   442] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   444] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   442] <... futex resumed>)        = 0
[pid   444] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   442] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   443] <... close resumed>)        = 0
[pid   443] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   443] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   443] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   442] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   442] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   442] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   442] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   442] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f90e000
[pid   442] mprotect(0x7faa8f90f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   442] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   442] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f92e990, parent_tid=0x7faa8f92e990, exit_signal=0, stack=0x7faa8f90e000, stack_size=0x20300, tls=0x7faa8f92e6c0}./strace-static-x86_64: Process 445 attached
 <unfinished ...>
[pid   445] set_robust_list(0x7faa8f92e9a0, 24 <unfinished ...>
[pid   442] <... clone3 resumed> => {parent_tid=[138]}, 88) = 138
[pid   445] <... set_robust_list resumed>) = 0
[pid   442] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   445] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   442] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   445] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   442] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   445] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0 <unfinished ...>
[pid   442] <... futex resumed>)        = 0
[pid   445] <... mmap resumed>)         = -1 EBADF (Bad file descriptor)
[   30.196862][  T443] loop0: detected capacity change from 0 to 512
[pid   442] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   445] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   442] <... futex resumed>)        = 0
[pid   445] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid   442] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   445] <... bpf resumed>)          = 6
[pid   442] <... futex resumed>)        = 0
[pid   445] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   442] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   445] <... futex resumed>)        = 0
[pid   442] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   445] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   444] <... open resumed>)         = 4
[pid   443] <... openat resumed>)       = 5
[pid   444] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   443] ioctl(5, LOOP_CLR_FD <unfinished ...>
[pid   444] <... futex resumed>)        = 0
[pid   443] <... ioctl resumed>)        = 0
[pid   444] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   443] close(5)                    = 0
[pid   443] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   442] close(3 <unfinished ...>
[pid   443] <... futex resumed>)        = 0
[pid   442] <... close resumed>)        = 0
[pid   443] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   442] close(4)                    = 0
[pid   442] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   442] close(6)                    = 0
[pid   442] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   442] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   442] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   442] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   442] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   442] exit_group(0 <unfinished ...>
[pid   443] <... futex resumed>)        = ?
[pid   442] <... exit_group resumed>)   = ?
[pid   443] +++ exited with 0 +++
[pid   444] <... futex resumed>)        = ?
[pid   444] +++ exited with 0 +++
[pid   445] <... futex resumed>)        = ?
[pid   445] +++ exited with 0 +++
[pid   442] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=135, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./44", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./44/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./44/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./44/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./44/bus")          = 0
[pid   299] umount2("./44/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./44/binderfs")     = 0
[pid   299] umount2("./44/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./44/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./44/cgroup.net")   = 0
[pid   299] umount2("./44/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./44/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./44/cgroup.cpu")   = 0
[pid   299] umount2("./44/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./44/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./44/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./44")               = 0
[pid   299] mkdir("./45", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 446 attached
 <unfinished ...>
[pid   446] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 139
[pid   446] <... set_robust_list resumed>) = 0
[pid   446] chdir("./45")               = 0
[pid   446] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   446] setpgid(0, 0)               = 0
[pid   446] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   446] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   446] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   446] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   446] write(3, "1000", 4)         = 4
[pid   446] close(3)                    = 0
[pid   446] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   446] write(1, "executing program\n", 18) = 18
[pid   446] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   446] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   446] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   446] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   446] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   446] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   446] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 447 attached
 <unfinished ...>
[pid   447] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   446] <... clone3 resumed> => {parent_tid=[140]}, 88) = 140
[pid   447] <... set_robust_list resumed>) = 0
[pid   447] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   446] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   447] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   446] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   447] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid   446] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   447] memfd_create("syzkaller", 0 <unfinished ...>
[pid   446] <... futex resumed>)        = 0
[pid   447] <... memfd_create resumed>) = 3
[pid   447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   446] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   447] <... mmap resumed>)         = 0x7faa87550000
[pid   447] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   446] <... futex resumed>)        = 0
[pid   447] <... write resumed>)        = 262144
[pid   446] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   447] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   446] <... mmap resumed>)         = 0x7faa8752f000
[pid   447] <... munmap resumed>)       = 0
[pid   446] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   447] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   446] <... mprotect resumed>)     = 0
[pid   447] <... openat resumed>)       = 4
[pid   446] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   447] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   446] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 448 attached
 <unfinished ...>
[pid   448] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   447] <... ioctl resumed>)        = 0
[pid   448] <... set_robust_list resumed>) = 0
[pid   446] <... clone3 resumed> => {parent_tid=[141]}, 88) = 141
[pid   448] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   446] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   448] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   446] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   448] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   446] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   448] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   446] <... futex resumed>)        = 0
[pid   448] creat("./bus", 000 <unfinished ...>
[pid   447] close(3 <unfinished ...>
[pid   446] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   447] <... close resumed>)        = 0
[pid   448] <... creat resumed>)        = 5
[pid   448] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   447] close(4 <unfinished ...>
[pid   446] <... futex resumed>)        = 0
[pid   448] <... futex resumed>)        = 1
[pid   448] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   446] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   448] <... mount resumed>)        = 0
[pid   446] <... futex resumed>)        = 0
[pid   448] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   446] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   448] <... futex resumed>)        = 0
[pid   446] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   448] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   446] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   448] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   446] <... futex resumed>)        = 0
[pid   448] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   446] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   447] <... close resumed>)        = 0
[pid   447] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   447] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   447] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   446] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   446] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   446] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   446] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   446] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   446] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   446] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   446] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   446] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 449 attached
 <unfinished ...>
[pid   449] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   446] <... clone3 resumed> => {parent_tid=[142]}, 88) = 142
[pid   449] <... set_robust_list resumed>) = 0
[   30.358162][  T447] loop0: detected capacity change from 0 to 512
[pid   446] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   449] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   446] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   449] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   446] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   449] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0 <unfinished ...>
[pid   446] <... futex resumed>)        = 0
[pid   449] <... mmap resumed>)         = -1 EBADF (Bad file descriptor)
[pid   446] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   449] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   446] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   449] <... futex resumed>)        = 0
[pid   446] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   449] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid   446] <... futex resumed>)        = 0
[pid   449] <... bpf resumed>)          = 6
[pid   446] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   449] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   446] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   449] <... futex resumed>)        = 0
[pid   449] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   448] <... open resumed>)         = 3
[pid   447] <... openat resumed>)       = 4
[pid   447] ioctl(4, LOOP_CLR_FD)       = 0
[pid   447] close(4 <unfinished ...>
[pid   448] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   447] <... close resumed>)        = 0
[pid   448] <... futex resumed>)        = 0
[pid   447] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   448] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   447] <... futex resumed>)        = 0
[pid   447] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   446] close(3)                    = 0
[pid   446] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   446] close(5)                    = 0
[pid   446] close(6)                    = 0
[pid   446] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   446] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   446] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   446] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   446] exit_group(0 <unfinished ...>
[pid   448] <... futex resumed>)        = ?
[pid   447] <... futex resumed>)        = ?
[pid   446] <... exit_group resumed>)   = ?
[pid   449] <... futex resumed>)        = ?
[pid   447] +++ exited with 0 +++
[pid   448] +++ exited with 0 +++
[pid   449] +++ exited with 0 +++
[pid   446] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=139, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./45", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./45/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./45/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./45/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./45/bus")          = 0
[pid   299] umount2("./45/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./45/binderfs")     = 0
[pid   299] umount2("./45/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./45/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./45/cgroup.net")   = 0
[pid   299] umount2("./45/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./45/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./45/cgroup.cpu")   = 0
[pid   299] umount2("./45/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./45/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./45/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./45")               = 0
[pid   299] mkdir("./46", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 450 attached
 <unfinished ...>
[pid   450] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 143
[pid   450] <... set_robust_list resumed>) = 0
[pid   450] chdir("./46")               = 0
[pid   450] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   450] setpgid(0, 0)               = 0
[pid   450] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   450] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   450] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   450] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   450] write(3, "1000", 4)         = 4
[pid   450] close(3)                    = 0
[pid   450] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   450] write(1, "executing program\n", 18) = 18
[pid   450] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   450] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   450] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   450] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   450] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   450] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   450] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 451 attached
 <unfinished ...>
[pid   451] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   450] <... clone3 resumed> => {parent_tid=[144]}, 88) = 144
[pid   451] <... set_robust_list resumed>) = 0
[pid   450] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   451] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   450] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   451] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   450] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   451] memfd_create("syzkaller", 0 <unfinished ...>
[pid   450] <... futex resumed>)        = 0
[pid   451] <... memfd_create resumed>) = 3
[pid   450] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   451] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   450] <... futex resumed>)        = 0
[pid   451] <... mmap resumed>)         = 0x7faa87550000
[pid   450] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   451] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   450] <... mmap resumed>)         = 0x7faa8752f000
[pid   450] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   450] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   451] <... write resumed>)        = 262144
[pid   450] <... rt_sigprocmask resumed>[], 8) = 0
[pid   451] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   450] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   451] <... munmap resumed>)       = 0
./strace-static-x86_64: Process 452 attached
[pid   451] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   452] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   451] <... openat resumed>)       = 4
[pid   450] <... clone3 resumed> => {parent_tid=[145]}, 88) = 145
[pid   452] <... set_robust_list resumed>) = 0
[pid   451] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   450] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   452] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   450] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   450] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   450] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   452] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   452] creat("./bus", 000)         = 5
[pid   452] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   450] <... futex resumed>)        = 0
[pid   452] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   450] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   452] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   450] <... futex resumed>)        = 0
[pid   452] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   450] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   452] <... mount resumed>)        = 0
[pid   452] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   450] <... futex resumed>)        = 0
[pid   452] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   450] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   452] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   450] <... futex resumed>)        = 0
[pid   452] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   450] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   452] <... open resumed>)         = 6
[pid   451] <... ioctl resumed>)        = 0
[pid   451] close(3)                    = 0
[pid   451] close(4 <unfinished ...>
[pid   452] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   451] <... close resumed>)        = 0
[pid   452] <... futex resumed>)        = 1
[pid   451] mkdir("./bus", 0777 <unfinished ...>
[pid   450] <... futex resumed>)        = 0
[pid   452] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   451] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   450] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   452] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   451] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   450] <... futex resumed>)        = 0
[pid   452] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   451] <... mount resumed>)        = -1 ENODEV (No such device)
[pid   450] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   452] <... mmap resumed>)         = 0x20000000
[pid   452] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   452] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   451] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   451] ioctl(3, LOOP_CLR_FD)       = 0
[pid   451] close(3)                    = 0
[pid   451] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   451] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   450] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   450] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   451] <... futex resumed>)        = 0
[pid   450] <... futex resumed>)        = 1
[pid   451] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   450] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   451] <... bpf resumed>)          = 3
[pid   451] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   451] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   450] <... futex resumed>)        = 0
[pid   450] close(3)                    = 0
[pid   450] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   450] close(5)                    = 0
[pid   450] close(6)                    = 0
[pid   450] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   450] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   450] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   450] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   450] exit_group(0 <unfinished ...>
[pid   452] <... futex resumed>)        = ?
[pid   451] <... futex resumed>)        = ?
[pid   450] <... exit_group resumed>)   = ?
[pid   452] +++ exited with 0 +++
[pid   451] +++ exited with 0 +++
[   30.480498][  T451] loop0: detected capacity change from 0 to 512
[pid   450] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=143, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./46", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./46/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./46/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./46/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./46/bus")          = 0
[pid   299] umount2("./46/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./46/binderfs")     = 0
[pid   299] umount2("./46/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./46/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./46/cgroup.net")   = 0
[pid   299] umount2("./46/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./46/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./46/cgroup.cpu")   = 0
[pid   299] umount2("./46/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./46/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./46/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./46")               = 0
[pid   299] mkdir("./47", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 146
./strace-static-x86_64: Process 454 attached
[pid   454] set_robust_list(0x555579a076a0, 24) = 0
[pid   454] chdir("./47")               = 0
[pid   454] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   454] setpgid(0, 0)               = 0
[pid   454] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   454] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   454] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   454] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   454] write(3, "1000", 4)         = 4
[pid   454] close(3)                    = 0
[pid   454] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   454] write(1, "executing program\n", 18) = 18
[pid   454] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   454] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   454] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   454] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   454] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   454] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   454] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[147]}, 88) = 147
[pid   454] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   454] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   454] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   454] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0./strace-static-x86_64: Process 455 attached
) = 0x7faa8f92f000
[pid   455] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   454] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   455] <... set_robust_list resumed>) = 0
[pid   454] <... mprotect resumed>)     = 0
[pid   455] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   454] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   455] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   454] <... rt_sigprocmask resumed>[], 8) = 0
[pid   455] memfd_create("syzkaller", 0 <unfinished ...>
[pid   454] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 456 attached
 <unfinished ...>
[pid   455] <... memfd_create resumed>) = 3
[pid   454] <... clone3 resumed> => {parent_tid=[148]}, 88) = 148
[pid   456] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   455] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   454] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   455] <... mmap resumed>)         = 0x7faa8752f000
[pid   454] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   456] <... set_robust_list resumed>) = 0
[pid   455] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   454] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   456] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   454] <... futex resumed>)        = 0
[pid   454] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   456] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   456] creat("./bus", 000)         = 4
[pid   456] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   455] <... write resumed>)        = 262144
[pid   455] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   456] <... futex resumed>)        = 1
[pid   454] <... futex resumed>)        = 0
[pid   454] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   454] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   455] <... munmap resumed>)       = 0
[pid   456] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   455] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   455] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   456] <... mount resumed>)        = 0
[pid   456] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   455] <... ioctl resumed>)        = 0
[pid   456] <... futex resumed>)        = 1
[pid   456] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   455] close(3 <unfinished ...>
[pid   454] <... futex resumed>)        = 0
[pid   455] <... close resumed>)        = 0
[pid   454] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   455] close(5 <unfinished ...>
[pid   456] <... futex resumed>)        = 0
[pid   454] <... futex resumed>)        = 1
[pid   456] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   454] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   455] <... close resumed>)        = 0
[pid   455] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   455] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   455] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   455] ioctl(5, LOOP_CLR_FD)       = 0
[pid   455] close(5)                    = 0
[pid   455] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   455] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   456] <... open resumed>)         = 3
[pid   456] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   456] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   454] <... futex resumed>)        = 0
[pid   454] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   455] <... futex resumed>)        = 0
[pid   454] <... futex resumed>)        = 1
[pid   455] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   454] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   455] <... mmap resumed>)         = 0x20000000
[pid   455] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   454] <... futex resumed>)        = 0
[pid   455] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   454] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   455] <... bpf resumed>)          = 5
[pid   454] <... futex resumed>)        = 0
[pid   455] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   454] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   455] <... futex resumed>)        = 0
[pid   454] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   455] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   454] close(3)                    = 0
[pid   454] close(4)                    = 0
[pid   454] close(5)                    = 0
[pid   454] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   454] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   454] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   454] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   454] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   454] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   454] exit_group(0 <unfinished ...>
[pid   456] <... futex resumed>)        = ?
[pid   455] <... futex resumed>)        = ?
[pid   454] <... exit_group resumed>)   = ?
[pid   456] +++ exited with 0 +++
[pid   455] +++ exited with 0 +++
[pid   454] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=146, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[   30.571872][  T455] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./47", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./47/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./47/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./47/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./47/bus")          = 0
[pid   299] umount2("./47/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./47/binderfs")     = 0
[pid   299] umount2("./47/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./47/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./47/cgroup.net")   = 0
[pid   299] umount2("./47/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./47/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./47/cgroup.cpu")   = 0
[pid   299] umount2("./47/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./47/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./47/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./47")               = 0
[pid   299] mkdir("./48", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x555579a07690) = 149
./strace-static-x86_64: Process 457 attached
[pid   457] set_robust_list(0x555579a076a0, 24) = 0
[pid   457] chdir("./48")               = 0
[pid   457] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   457] setpgid(0, 0)               = 0
[pid   457] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   457] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   457] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   457] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   457] write(3, "1000", 4)         = 4
[pid   457] close(3)                    = 0
[pid   457] symlink("/dev/binderfs", "./binderfs") = 0
[pid   457] write(1, "executing program\n", 18) = 18
[pid   457] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   457] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   457] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   457] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   457] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   457] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   457] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[150]}, 88) = 150
[pid   457] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   457] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   457] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   457] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   457] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
./strace-static-x86_64: Process 458 attached
[pid   457] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   458] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   457] <... rt_sigprocmask resumed>[], 8) = 0
[pid   458] <... set_robust_list resumed>) = 0
[pid   457] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 459 attached
 <unfinished ...>
[pid   458] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   459] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   458] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   457] <... clone3 resumed> => {parent_tid=[151]}, 88) = 151
[pid   459] <... set_robust_list resumed>) = 0
[pid   458] memfd_create("syzkaller", 0 <unfinished ...>
[pid   457] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   459] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   458] <... memfd_create resumed>) = 3
[pid   457] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   459] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   457] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   459] creat("./bus", 000 <unfinished ...>
[pid   458] <... mmap resumed>)         = 0x7faa8752f000
[pid   457] <... futex resumed>)        = 0
[pid   458] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   457] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   458] <... write resumed>)        = 262144
[pid   458] munmap(0x7faa8752f000, 138412032) = 0
[pid   458] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   458] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   459] <... creat resumed>)        = 5
[pid   458] <... ioctl resumed>)        = 0
[pid   459] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   458] close(3)                    = 0
[pid   459] <... futex resumed>)        = 1
[pid   457] <... futex resumed>)        = 0
[pid   457] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   457] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   459] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   458] close(4 <unfinished ...>
[pid   459] <... mount resumed>)        = 0
[pid   458] <... close resumed>)        = 0
[pid   458] mkdir("./bus", 0777 <unfinished ...>
[pid   459] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   458] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   457] <... futex resumed>)        = 0
[pid   457] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   457] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   459] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   458] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   459] <... open resumed>)         = 3
[pid   458] <... mount resumed>)        = -1 ENODEV (No such device)
[pid   459] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   458] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   457] <... futex resumed>)        = 0
[pid   457] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   457] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   459] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   458] <... openat resumed>)       = 4
[pid   458] ioctl(4, LOOP_CLR_FD)       = 0
[pid   458] close(4 <unfinished ...>
[pid   459] <... mmap resumed>)         = 0x20000000
[pid   458] <... close resumed>)        = 0
[pid   459] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   457] <... futex resumed>)        = 0
[pid   457] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   457] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   459] <... futex resumed>)        = 1
[pid   459] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   458] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   459] <... bpf resumed>)          = 4
[pid   459] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   457] <... futex resumed>)        = 0
[pid   457] close(3)                    = 0
[pid   457] close(4)                    = 0
[pid   457] close(5)                    = 0
[pid   457] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   457] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   457] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   457] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   457] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   457] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   457] exit_group(0)               = ?
[pid   459] <... futex resumed>)        = ?
[pid   459] +++ exited with 0 +++
[pid   458] <... futex resumed>)        = ?
[pid   458] +++ exited with 0 +++
[pid   457] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=149, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./48", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./48/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./48/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./48/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./48/bus")          = 0
[pid   299] umount2("./48/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./48/binderfs")     = 0
[pid   299] umount2("./48/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./48/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./48/cgroup.net")   = 0
[pid   299] umount2("./48/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./48/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./48/cgroup.cpu")   = 0
[pid   299] umount2("./48/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./48/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./48/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./48")               = 0
[pid   299] mkdir("./49", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3executing program
)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 460 attached
 <unfinished ...>
[pid   460] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 152
[pid   460] <... set_robust_list resumed>) = 0
[pid   460] chdir("./49")               = 0
[pid   460] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   460] setpgid(0, 0)               = 0
[pid   460] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   460] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   460] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   460] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   460] write(3, "1000", 4)         = 4
[pid   460] close(3)                    = 0
[pid   460] symlink("/dev/binderfs", "./binderfs") = 0
[pid   460] write(1, "executing program\n", 18) = 18
[pid   460] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   460] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   460] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   460] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   460] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   460] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[153]}, 88) = 153
[pid   460] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   460] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   460] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   460] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
./strace-static-x86_64: Process 461 attached
[pid   460] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 462 attached
 <unfinished ...>
[pid   462] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   460] <... clone3 resumed> => {parent_tid=[154]}, 88) = 154
[pid   462] <... set_robust_list resumed>) = 0
[pid   460] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   462] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   460] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   462] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   460] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   462] creat("./bus", 000 <unfinished ...>
[pid   460] <... futex resumed>)        = 0
[pid   462] <... creat resumed>)        = 3
[pid   461] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   462] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   460] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   461] <... set_robust_list resumed>) = 0
[pid   460] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   462] <... futex resumed>)        = 0
[pid   460] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   462] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   460] <... futex resumed>)        = 0
[pid   461] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   460] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   462] <... mount resumed>)        = 0
[pid   461] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   462] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   461] memfd_create("syzkaller", 0 <unfinished ...>
[pid   460] <... futex resumed>)        = 0
[pid   462] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   460] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   462] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   460] <... futex resumed>)        = 0
[pid   462] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   460] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   461] <... memfd_create resumed>) = 5
[pid   461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   462] <... open resumed>)         = 4
[pid   462] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   461] <... mmap resumed>)         = 0x7faa8752f000
[pid   462] <... futex resumed>)        = 1
[pid   460] <... futex resumed>)        = 0
[pid   462] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   460] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   462] <... mmap resumed>)         = 0x20000000
[pid   462] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   461] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200011fb} ---
[   30.668039][  T458] loop0: detected capacity change from 0 to 512
[pid   462] <... futex resumed>)        = ?
[pid   460] <... futex resumed>)        = ?
[pid   462] +++ killed by SIGBUS (core dumped) +++
[pid   461] +++ killed by SIGBUS (core dumped) +++
[pid   460] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=152, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./49", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./49/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./49/core", {st_mode=S_IFREG|0600, st_size=16949248, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./49/core")         = 0
[pid   299] umount2("./49/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./49/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./49/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./49/bus")          = 0
[pid   299] umount2("./49/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./49/binderfs")     = 0
[pid   299] umount2("./49/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./49/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./49/cgroup.net")   = 0
[pid   299] umount2("./49/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./49/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./49/cgroup.cpu")   = 0
[pid   299] umount2("./49/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./49/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./49/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./49")               = 0
[pid   299] mkdir("./50", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 463 attached
 <unfinished ...>
[pid   463] set_robust_list(0x555579a076a0, 24) = 0
[pid   463] chdir("./50")               = 0
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 155
[pid   463] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   463] setpgid(0, 0)               = 0
[pid   463] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   463] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   463] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   463] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   463] write(3, "1000", 4)         = 4
[pid   463] close(3)                    = 0
[pid   463] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   463] write(1, "executing program\n", 18) = 18
[pid   463] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   463] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   463] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   463] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   463] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   463] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   463] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 464 attached
 <unfinished ...>
[pid   464] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   463] <... clone3 resumed> => {parent_tid=[156]}, 88) = 156
[pid   464] <... set_robust_list resumed>) = 0
[pid   463] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   464] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   463] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   464] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   463] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   464] memfd_create("syzkaller", 0 <unfinished ...>
[pid   463] <... futex resumed>)        = 0
[pid   464] <... memfd_create resumed>) = 3
[pid   463] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   463] <... futex resumed>)        = 0
[pid   464] <... mmap resumed>)         = 0x7faa87550000
[pid   463] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   464] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   463] <... mmap resumed>)         = 0x7faa8752f000
[pid   464] <... write resumed>)        = 262144
[pid   463] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   464] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   463] <... mprotect resumed>)     = 0
[pid   464] <... munmap resumed>)       = 0
[pid   463] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   464] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   463] <... rt_sigprocmask resumed>[], 8) = 0
[pid   464] <... openat resumed>)       = 4
[pid   463] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   464] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 465 attached
 <unfinished ...>
[pid   465] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   463] <... clone3 resumed> => {parent_tid=[157]}, 88) = 157
[pid   465] <... set_robust_list resumed>) = 0
[pid   463] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   465] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   463] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   465] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   463] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   465] creat("./bus", 000 <unfinished ...>
[pid   463] <... futex resumed>)        = 0
[pid   465] <... creat resumed>)        = 5
[pid   463] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   465] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   463] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   465] <... futex resumed>)        = 0
[pid   463] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   465] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   463] <... futex resumed>)        = 0
[pid   465] <... mount resumed>)        = 0
[pid   463] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   465] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   463] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   465] <... futex resumed>)        = 0
[pid   463] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   465] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   463] <... futex resumed>)        = 0
[pid   463] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   465] <... open resumed>)         = 6
[pid   464] <... ioctl resumed>)        = 0
[pid   465] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   463] <... futex resumed>)        = 0
[pid   465] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   463] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   465] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   463] <... futex resumed>)        = 0
[pid   465] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   463] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   464] close(3)                    = 0
[pid   464] close(4)                    = 0
[pid   464] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   464] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   464] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   464] ioctl(3, LOOP_CLR_FD)       = 0
[pid   464] close(3)                    = 0
[pid   464] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   464] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   465] <... mmap resumed>)         = 0x20000000
[pid   465] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   463] <... futex resumed>)        = 0
[pid   465] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   463] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   464] <... futex resumed>)        = 0
[pid   463] <... futex resumed>)        = 1
[pid   464] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   463] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   464] <... bpf resumed>)          = 3
[pid   464] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   463] <... futex resumed>)        = 0
[pid   464] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   463] close(3)                    = 0
[pid   463] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   463] close(5)                    = 0
[pid   463] close(6)                    = 0
[pid   463] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   463] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   463] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   463] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   463] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   463] exit_group(0 <unfinished ...>
[pid   465] <... futex resumed>)        = ?
[pid   464] <... futex resumed>)        = ?
[pid   463] <... exit_group resumed>)   = ?
[pid   465] +++ exited with 0 +++
[pid   464] +++ exited with 0 +++
[   30.797694][  T464] loop0: detected capacity change from 0 to 512
[pid   463] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=155, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] umount2("./50", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./50/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./50/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./50/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./50/bus")          = 0
[pid   299] umount2("./50/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./50/binderfs")     = 0
[pid   299] umount2("./50/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./50/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./50/cgroup.net")   = 0
[pid   299] umount2("./50/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./50/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./50/cgroup.cpu")   = 0
[pid   299] umount2("./50/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./50/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./50/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./50")               = 0
[pid   299] mkdir("./51", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 466 attached
 <unfinished ...>
[pid   466] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 158
[pid   466] <... set_robust_list resumed>) = 0
[pid   466] chdir("./51")               = 0
[pid   466] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   466] setpgid(0, 0)               = 0
[pid   466] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   466] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   466] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   466] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   466] write(3, "1000", 4)         = 4
[pid   466] close(3)                    = 0
[pid   466] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   466] write(1, "executing program\n", 18) = 18
[pid   466] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   466] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   466] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   466] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   466] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   466] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   466] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[159]}, 88) = 159
[pid   466] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   466] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   466] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   466] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   466] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   466] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   466] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 468 attached
./strace-static-x86_64: Process 467 attached
 <unfinished ...>
[pid   468] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   466] <... clone3 resumed> => {parent_tid=[160]}, 88) = 160
[pid   467] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   468] <... set_robust_list resumed>) = 0
[pid   468] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   467] <... set_robust_list resumed>) = 0
[pid   466] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   468] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   467] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   468] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   467] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   466] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   466] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   467] memfd_create("syzkaller", 0 <unfinished ...>
[pid   468] <... futex resumed>)        = 0
[pid   466] <... futex resumed>)        = 1
[pid   468] creat("./bus", 000 <unfinished ...>
[pid   467] <... memfd_create resumed>) = 3
[pid   466] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   468] <... creat resumed>)        = 4
[pid   468] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   466] <... futex resumed>)        = 0
[pid   468] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   466] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   468] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   466] <... futex resumed>)        = 0
[pid   468] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   466] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   468] <... mount resumed>)        = 0
[pid   468] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   466] <... futex resumed>)        = 0
[pid   468] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   466] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   468] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   466] <... futex resumed>)        = 0
[pid   468] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   466] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   468] <... open resumed>)         = 5
[pid   468] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   466] <... futex resumed>)        = 0
[pid   468] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   466] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   468] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   466] <... futex resumed>)        = 0
[pid   468] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   466] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   468] <... mmap resumed>)         = 0x20000000
[pid   467] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   468] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   467] <... mmap resumed>)         = 0x7faa8752f000
[pid   466] <... futex resumed>)        = 0
[pid   468] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   466] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   468] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   466] <... futex resumed>)        = 0
[pid   468] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   467] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000ec2} ---
[pid   466] ????()                      = ?
[pid   467] +++ killed by SIGBUS (core dumped) +++
[pid   468] +++ killed by SIGBUS (core dumped) +++
[pid   466] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=158, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./51", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./51/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./51/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./51/core")         = 0
[pid   299] umount2("./51/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./51/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./51/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./51/bus")          = 0
[pid   299] umount2("./51/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./51/binderfs")     = 0
[pid   299] umount2("./51/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./51/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./51/cgroup.net")   = 0
[pid   299] umount2("./51/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./51/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./51/cgroup.cpu")   = 0
[pid   299] umount2("./51/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./51/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./51/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./51")               = 0
[pid   299] mkdir("./52", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 469 attached
 <unfinished ...>
[pid   469] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 161
[pid   469] <... set_robust_list resumed>) = 0
[pid   469] chdir("./52")               = 0
[pid   469] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   469] setpgid(0, 0)               = 0
[pid   469] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   469] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   469] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   469] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   469] write(3, "1000", 4)         = 4
[pid   469] close(3)                    = 0
[pid   469] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   469] write(1, "executing program\n", 18) = 18
[pid   469] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   469] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   469] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   469] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   469] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   469] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   469] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 470 attached
 <unfinished ...>
[pid   470] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   469] <... clone3 resumed> => {parent_tid=[162]}, 88) = 162
[pid   470] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   469] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   470] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   469] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   469] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   470] <... futex resumed>)        = 0
[pid   469] <... futex resumed>)        = 1
[pid   469] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   469] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   470] memfd_create("syzkaller", 0 <unfinished ...>
[pid   469] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   470] <... memfd_create resumed>) = 3
[pid   469] <... mprotect resumed>)     = 0
[pid   470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   469] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   469] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 471 attached
 <unfinished ...>
[pid   471] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   469] <... clone3 resumed> => {parent_tid=[163]}, 88) = 163
[pid   471] <... set_robust_list resumed>) = 0
[pid   469] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   471] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   469] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   471] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   469] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   471] creat("./bus", 000 <unfinished ...>
[pid   469] <... futex resumed>)        = 0
[pid   471] <... creat resumed>)        = 4
[pid   469] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   471] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   469] <... futex resumed>)        = 0
[pid   471] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   469] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   471] <... mount resumed>)        = 0
[pid   469] <... futex resumed>)        = 0
[pid   471] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   469] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   471] <... futex resumed>)        = 0
[pid   469] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   470] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   471] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   469] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   471] <... open resumed>)         = 5
[pid   469] <... futex resumed>)        = 0
[pid   471] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   469] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   471] <... futex resumed>)        = 0
[pid   469] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   471] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   469] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   471] <... mmap resumed>)         = 0x20000000
[pid   469] <... futex resumed>)        = 0
[pid   471] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   469] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   471] <... futex resumed>)        = 0
[pid   469] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   471] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   470] <... write resumed>)        = 262144
[pid   469] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   470] +++ killed by SIGBUS (core dumped) +++
[pid   471] +++ killed by SIGBUS (core dumped) +++
[pid   469] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=161, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./52/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./52/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./52/core")         = 0
[pid   299] umount2("./52/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./52/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./52/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./52/bus")          = 0
[pid   299] umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./52/binderfs")     = 0
[pid   299] umount2("./52/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./52/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./52/cgroup.net")   = 0
[pid   299] umount2("./52/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./52/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./52/cgroup.cpu")   = 0
[pid   299] umount2("./52/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./52/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./52/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./52")               = 0
[pid   299] mkdir("./53", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 164
./strace-static-x86_64: Process 472 attached
[pid   472] set_robust_list(0x555579a076a0, 24) = 0
[pid   472] chdir("./53")               = 0
[pid   472] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   472] setpgid(0, 0)               = 0
[pid   472] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   472] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   472] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   472] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   472] write(3, "1000", 4)         = 4
[pid   472] close(3)                    = 0
[pid   472] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   472] write(1, "executing program\n", 18) = 18
[pid   472] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   472] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   472] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   472] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   472] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   472] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   472] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 473 attached
 <unfinished ...>
[pid   473] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   472] <... clone3 resumed> => {parent_tid=[165]}, 88) = 165
[pid   473] <... set_robust_list resumed>) = 0
[pid   472] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   473] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   472] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   473] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   472] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   473] memfd_create("syzkaller", 0 <unfinished ...>
[pid   472] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   473] <... memfd_create resumed>) = 3
[pid   473] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   472] <... futex resumed>)        = 0
[pid   473] <... mmap resumed>)         = 0x7faa87550000
[pid   472] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   472] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   472] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   472] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 474 attached
 => {parent_tid=[166]}, 88) = 166
[pid   474] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   474] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   474] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   472] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   472] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   474] <... futex resumed>)        = 0
[pid   474] creat("./bus", 000 <unfinished ...>
[pid   472] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   474] <... creat resumed>)        = 4
[pid   474] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   474] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   472] <... futex resumed>)        = 0
[pid   472] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   474] <... futex resumed>)        = 0
[pid   474] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   472] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   474] <... mount resumed>)        = 0
[pid   474] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   474] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   472] <... futex resumed>)        = 0
[pid   472] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   474] <... futex resumed>)        = 0
[pid   474] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   474] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   472] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   474] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   472] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   472] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   474] <... futex resumed>)        = 0
[pid   474] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   472] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   474] <... mmap resumed>)         = 0x20000000
[pid   474] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   473] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200012d5} ---
[pid   472] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   474] <... futex resumed>)        = 0
[pid   474] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL) = ?
[pid   474] +++ killed by SIGBUS (core dumped) +++
[pid   473] +++ killed by SIGBUS (core dumped) +++
[pid   472] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=164, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./53/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./53/core", {st_mode=S_IFREG|0600, st_size=17084416, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./53/core")         = 0
[pid   299] umount2("./53/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./53/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./53/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./53/bus")          = 0
[pid   299] umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./53/binderfs")     = 0
[pid   299] umount2("./53/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./53/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./53/cgroup.net")   = 0
[pid   299] umount2("./53/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./53/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./53/cgroup.cpu")   = 0
[pid   299] umount2("./53/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./53/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./53/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./53")               = 0
[pid   299] mkdir("./54", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 167
./strace-static-x86_64: Process 475 attached
[pid   475] set_robust_list(0x555579a076a0, 24) = 0
[pid   475] chdir("./54")               = 0
[pid   475] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   475] setpgid(0, 0)               = 0
[pid   475] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   475] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   475] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   475] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   475] write(3, "1000", 4)         = 4
[pid   475] close(3)                    = 0
[pid   475] symlink("/dev/binderfs", "./binderfs") = 0
[pid   475] write(1, "executing program\n", 18executing program
) = 18
[pid   475] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   475] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   475] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   475] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   475] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   475] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   475] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[168]}, 88) = 168
./strace-static-x86_64: Process 476 attached
[pid   475] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   475] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   475] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   475] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   475] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   475] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   475] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} <unfinished ...>
[pid   476] set_robust_list(0x7faa8f9709a0, 24./strace-static-x86_64: Process 477 attached
 <unfinished ...>
[pid   475] <... clone3 resumed> => {parent_tid=[169]}, 88) = 169
[pid   475] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   475] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   475] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   476] <... set_robust_list resumed>) = 0
[pid   476] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   476] memfd_create("syzkaller", 0 <unfinished ...>
[pid   477] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   476] <... memfd_create resumed>) = 3
[pid   476] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   477] <... set_robust_list resumed>) = 0
[pid   477] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   477] creat("./bus", 000)         = 4
[pid   477] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   475] <... futex resumed>)        = 0
[pid   475] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   475] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   477] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   477] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   475] <... futex resumed>)        = 0
[pid   475] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   475] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   477] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   476] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   477] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   475] <... futex resumed>)        = 0
[pid   475] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   475] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   477] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0) = 0x20000000
[pid   477] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   475] <... futex resumed>)        = 0
[pid   475] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   475] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   477] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   475] <... futex resumed>)        = ?
[pid   476] <... write resumed>)        = ?
[pid   476] +++ killed by SIGBUS (core dumped) +++
[pid   477] +++ killed by SIGBUS (core dumped) +++
[pid   475] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=167, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./54/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./54/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./54/core")         = 0
[pid   299] umount2("./54/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./54/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./54/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./54/bus")          = 0
[pid   299] umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./54/binderfs")     = 0
[pid   299] umount2("./54/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./54/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./54/cgroup.net")   = 0
[pid   299] umount2("./54/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./54/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./54/cgroup.cpu")   = 0
[pid   299] umount2("./54/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./54/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./54/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./54")               = 0
[pid   299] mkdir("./55", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 170
./strace-static-x86_64: Process 478 attached
[pid   478] set_robust_list(0x555579a076a0, 24) = 0
[pid   478] chdir("./55")               = 0
[pid   478] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   478] setpgid(0, 0)               = 0
[pid   478] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   478] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   478] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   478] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   478] write(3, "1000", 4)         = 4
[pid   478] close(3)                    = 0
[pid   478] symlink("/dev/binderfs", "./binderfs") = 0
[pid   478] write(1, "executing program\n", 18executing program
) = 18
[pid   478] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   478] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   478] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   478] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   478] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   478] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   478] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 479 attached
 => {parent_tid=[171]}, 88) = 171
[pid   479] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   479] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   479] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   478] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   478] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   479] <... futex resumed>)        = 0
[pid   479] memfd_create("syzkaller", 0 <unfinished ...>
[pid   478] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   479] <... memfd_create resumed>) = 3
[pid   479] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   478] <... futex resumed>)        = 0
[pid   478] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   478] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   478] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   478] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[172]}, 88) = 172
[pid   478] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   478] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   478] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   479] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 480 attached
) = 262144
[pid   480] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   479] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   480] <... set_robust_list resumed>) = 0
[pid   479] <... munmap resumed>)       = 0
[pid   480] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   479] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   480] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   479] <... openat resumed>)       = 4
[pid   480] creat("./bus", 000 <unfinished ...>
[pid   479] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   480] <... creat resumed>)        = 5
[pid   480] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   478] <... futex resumed>)        = 0
[pid   478] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   478] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   480] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   480] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   478] <... futex resumed>)        = 0
[pid   478] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   478] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   480] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   479] <... ioctl resumed>)        = 0
[pid   480] <... open resumed>)         = 6
[pid   479] close(3)                    = 0
[pid   480] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   479] close(4 <unfinished ...>
[pid   480] <... futex resumed>)        = 1
[pid   478] <... futex resumed>)        = 0
[pid   478] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   478] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   479] <... close resumed>)        = 0
[pid   480] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   479] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   479] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   479] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   479] ioctl(3, LOOP_CLR_FD)       = 0
[pid   479] close(3)                    = 0
[pid   479] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   479] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   480] <... mmap resumed>)         = 0x20000000
[pid   480] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   478] <... futex resumed>)        = 0
[pid   478] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   478] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   480] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   479] <... futex resumed>)        = 0
[pid   479] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   479] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   478] <... futex resumed>)        = 0
[pid   478] close(3)                    = 0
[pid   478] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   478] close(5)                    = 0
[pid   478] close(6)                    = 0
[pid   478] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   478] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   478] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   478] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   478] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   478] exit_group(0)               = ?
[pid   479] +++ exited with 0 +++
[pid   480] <... futex resumed>)        = ?
[pid   480] +++ exited with 0 +++
[pid   478] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=170, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./55/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./55/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./55/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./55/bus")          = 0
[pid   299] umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./55/binderfs")     = 0
[pid   299] umount2("./55/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./55/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./55/cgroup.net")   = 0
[pid   299] umount2("./55/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./55/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./55/cgroup.cpu")   = 0
[pid   299] umount2("./55/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./55/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./55/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./55")               = 0
[   31.113507][  T479] loop0: detected capacity change from 0 to 512
[pid   299] mkdir("./56", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 481 attached
 <unfinished ...>
[pid   481] set_robust_list(0x555579a076a0, 24) = 0
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 173
[pid   481] chdir("./56")               = 0
[pid   481] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   481] setpgid(0, 0)               = 0
[pid   481] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   481] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   481] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   481] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   481] write(3, "1000", 4)         = 4
[pid   481] close(3)                    = 0
[pid   481] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   481] write(1, "executing program\n", 18) = 18
[pid   481] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   481] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   481] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   481] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   481] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   481] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   481] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[174]}, 88) = 174
[pid   481] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   481] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   481] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   481] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   481] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   481] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   481] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 483 attached
 => {parent_tid=[175]}, 88) = 175
[pid   483] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   481] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   481] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   481] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   483] <... set_robust_list resumed>) = 0
./strace-static-x86_64: Process 482 attached
[pid   482] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   482] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   482] memfd_create("syzkaller", 0) = 3
[pid   483] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   483] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   483] creat("./bus", 000)         = 4
[pid   483] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   481] <... futex resumed>)        = 0
[pid   481] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   481] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   483] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   482] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   483] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   481] <... futex resumed>)        = 0
[pid   481] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   481] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   483] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   483] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   481] <... futex resumed>)        = 0
[pid   481] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   481] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   482] <... write resumed>)        = 262144
[pid   483] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   482] munmap(0x7faa8752f000, 138412032) = 0
[pid   483] <... mmap resumed>)         = 0x20000000
[pid   482] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   483] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   482] <... openat resumed>)       = 6
[pid   483] <... futex resumed>)        = 1
[pid   482] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   481] <... futex resumed>)        = 0
[pid   483] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   481] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   483] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   481] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   483] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   481] <... futex resumed>)        = ?
[pid   482] <... ioctl resumed>)        = ?
[pid   482] +++ killed by SIGBUS (core dumped) +++
[pid   483] +++ killed by SIGBUS (core dumped) +++
[pid   481] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=173, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[   31.189942][  T482] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./56/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./56/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./56/core")         = 0
[pid   299] umount2("./56/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./56/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./56/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./56/bus")          = 0
[pid   299] umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./56/binderfs")     = 0
[pid   299] umount2("./56/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./56/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./56/cgroup.net")   = 0
[pid   299] umount2("./56/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./56/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./56/cgroup.cpu")   = 0
[pid   299] umount2("./56/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./56/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./56/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./56")               = 0
[pid   299] mkdir("./57", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = 0
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x555579a07690) = 176
./strace-static-x86_64: Process 484 attached
[pid   484] set_robust_list(0x555579a076a0, 24) = 0
[pid   484] chdir("./57")               = 0
[pid   484] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   484] setpgid(0, 0)               = 0
[pid   484] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   484] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   484] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   484] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   484] write(3, "1000", 4)         = 4
[pid   484] close(3)                    = 0
[pid   484] symlink("/dev/binderfs", "./binderfs") = 0
[pid   484] write(1, "executing program\n", 18) = 18
[pid   484] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   484] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   484] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   484] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   484] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   484] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   484] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 485 attached
 => {parent_tid=[177]}, 88) = 177
[pid   484] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   484] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   485] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   484] <... futex resumed>)        = 0
[pid   484] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   484] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   484] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   485] <... set_robust_list resumed>) = 0
[pid   485] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   484] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   485] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   484] <... rt_sigprocmask resumed>[], 8) = 0
[pid   484] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 486 attached
 <unfinished ...>
[pid   485] memfd_create("syzkaller", 0 <unfinished ...>
[pid   486] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   484] <... clone3 resumed> => {parent_tid=[178]}, 88) = 178
[pid   486] <... set_robust_list resumed>) = 0
[pid   485] <... memfd_create resumed>) = 3
[pid   484] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   484] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   484] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   486] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   485] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   486] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   486] creat("./bus", 000 <unfinished ...>
[pid   485] <... mmap resumed>)         = 0x7faa8752f000
[pid   486] <... creat resumed>)        = 4
[pid   486] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   484] <... futex resumed>)        = 0
[pid   484] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   484] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   486] <... futex resumed>)        = 1
[pid   486] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   486] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   484] <... futex resumed>)        = 0
[pid   484] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   484] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   486] <... futex resumed>)        = 1
[pid   486] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   486] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   484] <... futex resumed>)        = 0
[pid   484] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   484] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   486] <... futex resumed>)        = 1
[pid   486] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0) = 0x20000000
[pid   486] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   485] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200012db} ---
[pid   484] <... futex resumed>)        = 0
[pid   484] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   484] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   486] <... futex resumed>)        = 1
[pid   486] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   484] <... futex resumed>)        = ?
[pid   485] +++ killed by SIGBUS (core dumped) +++
[pid   486] +++ killed by SIGBUS (core dumped) +++
[pid   484] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=176, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./57/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./57/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./57/core")         = 0
[pid   299] umount2("./57/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./57/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./57/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./57/bus")          = 0
[pid   299] umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./57/binderfs")     = 0
[pid   299] umount2("./57/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./57/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./57/cgroup.net")   = 0
[pid   299] umount2("./57/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./57/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./57/cgroup.cpu")   = 0
[pid   299] umount2("./57/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./57/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./57/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./57")               = 0
[pid   299] mkdir("./58", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 487 attached
 <unfinished ...>
[pid   487] set_robust_list(0x555579a076a0, 24) = 0
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 179
[pid   487] chdir("./58")               = 0
[pid   487] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   487] setpgid(0, 0)               = 0
[pid   487] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   487] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   487] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   487] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   487] write(3, "1000", 4)         = 4
[pid   487] close(3)                    = 0
[pid   487] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   487] write(1, "executing program\n", 18) = 18
[pid   487] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   487] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   487] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   487] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   487] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   487] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   487] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[180]}, 88) = 180
[pid   487] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   487] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   487] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   487] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   487] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   487] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   487] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[181]}, 88) = 181
[pid   487] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   487] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   487] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 488 attached
 <unfinished ...>
[pid   488] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   488] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   488] memfd_create("syzkaller", 0) = 3
[pid   488] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
./strace-static-x86_64: Process 489 attached
[pid   489] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   489] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   489] creat("./bus", 000)         = 4
[pid   489] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   487] <... futex resumed>)        = 0
[pid   489] <... futex resumed>)        = 1
[pid   488] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   489] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   487] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   487] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   489] <... mount resumed>)        = 0
[pid   489] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   487] <... futex resumed>)        = 0
[pid   489] <... futex resumed>)        = 1
[pid   487] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   489] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   487] <... futex resumed>)        = 0
[pid   487] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   489] <... open resumed>)         = 5
[pid   488] <... write resumed>)        = 262144
[pid   488] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   489] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   488] <... munmap resumed>)       = 0
[pid   489] <... futex resumed>)        = 1
[pid   487] <... futex resumed>)        = 0
[pid   488] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   488] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   489] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   487] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   487] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   488] <... ioctl resumed>)        = 0
[pid   488] close(3)                    = 0
[pid   488] close(6)                    = 0
[pid   488] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   488] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   488] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   488] ioctl(3, LOOP_CLR_FD)       = 0
[pid   488] close(3)                    = 0
[pid   488] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   488] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   489] <... mmap resumed>)         = 0x20000000
[pid   489] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   487] <... futex resumed>)        = 0
[pid   487] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   487] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   488] <... futex resumed>)        = 0
[pid   488] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   489] <... futex resumed>)        = 1
[pid   488] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   489] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   487] <... futex resumed>)        = 0
[pid   487] close(3)                    = 0
[pid   487] close(4)                    = 0
[pid   487] close(5)                    = 0
[pid   487] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   487] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   487] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   487] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   487] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(12 <unfinished ...>
[pid   488] <... futex resumed>)        = 1
[pid   487] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   487] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(25 <unfinished ...>
[pid   488] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   487] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   487] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   487] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   487] exit_group(0)               = ?
[pid   489] <... futex resumed>)        = ?
[pid   488] <... futex resumed>)        = ?
[pid   489] +++ exited with 0 +++
[   31.457556][  T488] loop0: detected capacity change from 0 to 512
[pid   488] +++ exited with 0 +++
[pid   487] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=179, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./58", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./58/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./58/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./58/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./58/bus")          = 0
[pid   299] umount2("./58/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./58/binderfs")     = 0
[pid   299] umount2("./58/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./58/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./58/cgroup.net")   = 0
[pid   299] umount2("./58/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./58/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./58/cgroup.cpu")   = 0
[pid   299] umount2("./58/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./58/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./58/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./58")               = 0
[pid   299] mkdir("./59", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 491 attached
 <unfinished ...>
[pid   491] set_robust_list(0x555579a076a0, 24) = 0
[pid   491] chdir("./59" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 182
[pid   491] <... chdir resumed>)        = 0
[pid   491] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   491] setpgid(0, 0)               = 0
[pid   491] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   491] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   491] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   491] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
executing program
[pid   491] write(3, "1000", 4)         = 4
[pid   491] close(3)                    = 0
[pid   491] symlink("/dev/binderfs", "./binderfs") = 0
[pid   491] write(1, "executing program\n", 18) = 18
[pid   491] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   491] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   491] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   491] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   491] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   491] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   491] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 492 attached
 => {parent_tid=[183]}, 88) = 183
[pid   492] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   491] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   492] <... set_robust_list resumed>) = 0
[pid   491] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   492] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   491] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   492] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   491] <... futex resumed>)        = 0
[pid   491] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   492] memfd_create("syzkaller", 0 <unfinished ...>
[pid   491] <... futex resumed>)        = 0
[pid   491] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   492] <... memfd_create resumed>) = 3
[pid   491] <... mmap resumed>)         = 0x7faa8f92f000
[pid   492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   491] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   492] <... mmap resumed>)         = 0x7faa8752f000
[pid   491] <... mprotect resumed>)     = 0
[pid   491] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   491] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 493 attached
 <unfinished ...>
[pid   493] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   491] <... clone3 resumed> => {parent_tid=[184]}, 88) = 184
[pid   493] <... set_robust_list resumed>) = 0
[pid   491] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   493] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   491] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   493] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   491] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   493] creat("./bus", 000 <unfinished ...>
[pid   491] <... futex resumed>)        = 0
[pid   493] <... creat resumed>)        = 4
[pid   491] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   493] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   491] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   493] <... futex resumed>)        = 0
[pid   491] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   493] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   491] <... futex resumed>)        = 0
[pid   493] <... mount resumed>)        = 0
[pid   491] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   493] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   491] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   493] <... futex resumed>)        = 0
[pid   491] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   493] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   492] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   491] <... futex resumed>)        = 0
[pid   493] <... open resumed>)         = 5
[pid   491] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   493] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   491] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   493] <... futex resumed>)        = 0
[pid   491] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   493] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   491] <... futex resumed>)        = 0
[pid   493] <... mmap resumed>)         = 0x20000000
[pid   492] <... write resumed>)        = 262144
[pid   493] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   491] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   493] <... futex resumed>)        = 0
[pid   491] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   493] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   492] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   491] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   493] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   491] <... futex resumed>)        = 0
[pid   493] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   492] <... munmap resumed>)       = 0
[pid   491] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000}) = ?
[pid   492] +++ killed by SIGBUS (core dumped) +++
[pid   493] +++ killed by SIGBUS (core dumped) +++
[pid   491] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=182, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./59", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./59/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./59/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./59/core")         = 0
[pid   299] umount2("./59/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./59/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./59/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./59/bus")          = 0
[pid   299] umount2("./59/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./59/binderfs")     = 0
[pid   299] umount2("./59/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./59/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./59/cgroup.net")   = 0
[pid   299] umount2("./59/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./59/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./59/cgroup.cpu")   = 0
[pid   299] umount2("./59/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./59/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./59/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./59")               = 0
[pid   299] mkdir("./60", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 494 attached
 <unfinished ...>
[pid   494] set_robust_list(0x555579a076a0, 24) = 0
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 185
[pid   494] chdir("./60")               = 0
[pid   494] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   494] setpgid(0, 0)               = 0
[pid   494] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   494] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   494] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   494] write(3, "1000", 4executing program
)         = 4
[pid   494] close(3)                    = 0
[pid   494] symlink("/dev/binderfs", "./binderfs") = 0
[pid   494] write(1, "executing program\n", 18) = 18
[pid   494] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   494] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   494] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   494] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   494] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   494] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   494] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 495 attached
 <unfinished ...>
[pid   495] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   495] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   495] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   494] <... clone3 resumed> => {parent_tid=[186]}, 88) = 186
[pid   494] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   494] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   495] <... futex resumed>)        = 0
[pid   494] <... futex resumed>)        = 1
[pid   495] memfd_create("syzkaller", 0 <unfinished ...>
[pid   494] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   495] <... memfd_create resumed>) = 3
[pid   494] <... futex resumed>)        = 0
[pid   495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   494] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   495] <... mmap resumed>)         = 0x7faa87550000
[pid   494] <... mmap resumed>)         = 0x7faa8752f000
[pid   495] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   494] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   495] <... write resumed>)        = 262144
[pid   494] <... mprotect resumed>)     = 0
[pid   495] munmap(0x7faa87550000, 138412032) = 0
[pid   494] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   495] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   495] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid   494] <... rt_sigprocmask resumed>[], 8) = 0
[pid   494] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   495] close(3)                    = 0
[pid   495] close(4 <unfinished ...>
[pid   494] <... clone3 resumed> => {parent_tid=[187]}, 88) = 187
./strace-static-x86_64: Process 496 attached
[pid   496] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   496] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   496] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   494] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   494] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   496] <... futex resumed>)        = 0
[pid   496] creat("./bus", 000)         = 3
[pid   496] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   496] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   494] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   494] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   496] <... futex resumed>)        = 0
[pid   496] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   496] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   496] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   494] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   494] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   496] <... futex resumed>)        = 0
[pid   496] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   494] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   495] <... close resumed>)        = 0
[pid   495] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   495] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[   31.601104][  T495] loop0: detected capacity change from 0 to 512
[pid   495] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   494] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   494] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   494] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   494] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   494] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   494] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 497 attached
 => {parent_tid=[188]}, 88) = 188
[pid   497] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   494] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   497] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   494] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   497] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   494] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   497] <... futex resumed>)        = 0
[pid   494] <... futex resumed>)        = 1
[pid   497] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0) = -1 EBADF (Bad file descriptor)
[pid   494] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   497] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   494] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   497] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   494] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   497] <... futex resumed>)        = 0
[pid   494] <... futex resumed>)        = 1
[pid   497] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid   494] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   497] <... bpf resumed>)          = 6
[pid   497] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   494] <... futex resumed>)        = 0
[pid   497] <... futex resumed>)        = 1
[pid   497] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   496] <... open resumed>)         = 4
[pid   495] <... openat resumed>)       = 5
[pid   496] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   495] ioctl(5, LOOP_CLR_FD <unfinished ...>
[pid   496] <... futex resumed>)        = 0
[pid   495] <... ioctl resumed>)        = 0
[pid   496] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   495] close(5)                    = 0
[pid   495] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   495] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   494] close(3)                    = 0
[pid   494] close(4)                    = 0
[pid   494] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   494] close(6)                    = 0
[pid   494] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   494] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   494] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   494] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   494] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   494] exit_group(0 <unfinished ...>
[pid   497] <... futex resumed>)        = ?
[pid   496] <... futex resumed>)        = ?
[pid   495] <... futex resumed>)        = ?
[pid   494] <... exit_group resumed>)   = ?
[pid   495] +++ exited with 0 +++
[pid   497] +++ exited with 0 +++
[pid   496] +++ exited with 0 +++
[pid   494] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=185, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] umount2("./60", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./60/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./60/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./60/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./60/bus")          = 0
[pid   299] umount2("./60/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./60/binderfs")     = 0
[pid   299] umount2("./60/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./60/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./60/cgroup.net")   = 0
[pid   299] umount2("./60/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./60/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./60/cgroup.cpu")   = 0
[pid   299] umount2("./60/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./60/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./60/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./60")               = 0
[pid   299] mkdir("./61", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 498 attached
, child_tidptr=0x555579a07690) = 189
[pid   498] set_robust_list(0x555579a076a0, 24) = 0
[pid   498] chdir("./61")               = 0
[pid   498] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   498] setpgid(0, 0)               = 0
[pid   498] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   498] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   498] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   498] write(3, "1000", 4)         = 4
[pid   498] close(3)                    = 0
[pid   498] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   498] write(1, "executing program\n", 18) = 18
[pid   498] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   498] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   498] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   498] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   498] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   498] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   498] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 499 attached
 <unfinished ...>
[pid   499] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   498] <... clone3 resumed> => {parent_tid=[190]}, 88) = 190
[pid   499] <... set_robust_list resumed>) = 0
[pid   498] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   499] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   498] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   499] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   498] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   499] memfd_create("syzkaller", 0 <unfinished ...>
[pid   498] <... futex resumed>)        = 0
[pid   499] <... memfd_create resumed>) = 3
[pid   498] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   499] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   498] <... futex resumed>)        = 0
[pid   499] <... mmap resumed>)         = 0x7faa87550000
[pid   498] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   498] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   498] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   498] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   499] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 500 attached
 <unfinished ...>
[pid   500] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   500] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   498] <... clone3 resumed> => {parent_tid=[191]}, 88) = 191
[pid   500] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   498] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   498] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   500] <... futex resumed>)        = 0
[pid   498] <... futex resumed>)        = 1
[pid   499] <... write resumed>)        = 262144
[pid   500] creat("./bus", 000)         = 4
[pid   499] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   498] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   500] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   500] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   498] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   498] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   498] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   499] <... munmap resumed>)       = 0
[pid   500] <... futex resumed>)        = 0
[pid   499] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   500] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   499] <... openat resumed>)       = 5
[pid   500] <... mount resumed>)        = 0
[pid   499] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   500] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   498] <... futex resumed>)        = 0
[pid   500] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   498] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   498] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   499] <... ioctl resumed>)        = 0
[pid   500] <... open resumed>)         = 6
[pid   500] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   498] <... futex resumed>)        = 0
[pid   500] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   498] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   499] close(3 <unfinished ...>
[pid   498] <... futex resumed>)        = 0
[pid   498] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   499] <... close resumed>)        = 0
[pid   499] close(5)                    = 0
[pid   499] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   499] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   500] <... mmap resumed>)         = 0x20000000
[pid   499] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   500] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   499] <... openat resumed>)       = 3
[pid   500] <... futex resumed>)        = 1
[pid   499] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   498] <... futex resumed>)        = 0
[pid   500] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   499] <... ioctl resumed>)        = 0
[pid   498] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   500] <... bpf resumed>)          = 5
[pid   499] close(3 <unfinished ...>
[pid   498] <... futex resumed>)        = 0
[pid   500] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   499] <... close resumed>)        = 0
[pid   498] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   500] <... futex resumed>)        = 0
[pid   499] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   498] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   500] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   499] <... futex resumed>)        = 0
[pid   498] close(3 <unfinished ...>
[pid   499] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   498] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   498] close(4)                    = 0
[pid   498] close(5)                    = 0
[pid   498] close(6)                    = 0
[pid   498] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   498] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   498] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   498] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   498] exit_group(0 <unfinished ...>
[pid   500] <... futex resumed>)        = ?
[pid   499] <... futex resumed>)        = ?
[pid   498] <... exit_group resumed>)   = ?
[pid   499] +++ exited with 0 +++
[pid   500] +++ exited with 0 +++
[pid   498] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=189, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./61", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./61/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./61/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./61/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./61/bus")          = 0
[pid   299] umount2("./61/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./61/binderfs")     = 0
[pid   299] umount2("./61/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./61/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./61/cgroup.net")   = 0
[pid   299] umount2("./61/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./61/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./61/cgroup.cpu")   = 0
[pid   299] umount2("./61/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./61/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./61/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./61")               = 0
[pid   299] mkdir("./62", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 501 attached
 <unfinished ...>
[   31.750527][  T499] loop0: detected capacity change from 0 to 512
[pid   501] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 192
[pid   501] <... set_robust_list resumed>) = 0
[pid   501] chdir("./62")               = 0
[pid   501] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   501] setpgid(0, 0)               = 0
[pid   501] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   501] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   501] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   501] write(3, "1000", 4)         = 4
[pid   501] close(3)                    = 0
[pid   501] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   501] write(1, "executing program\n", 18) = 18
[pid   501] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   501] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   501] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   501] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   501] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   501] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   501] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 502 attached
 <unfinished ...>
[pid   502] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   501] <... clone3 resumed> => {parent_tid=[193]}, 88) = 193
[pid   502] <... set_robust_list resumed>) = 0
[pid   501] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   502] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   501] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   502] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   501] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   502] memfd_create("syzkaller", 0 <unfinished ...>
[pid   501] <... futex resumed>)        = 0
[pid   502] <... memfd_create resumed>) = 3
[pid   501] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   502] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   501] <... futex resumed>)        = 0
[pid   501] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   502] <... mmap resumed>)         = 0x7faa8752f000
[pid   501] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   501] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   501] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[194]}, 88) = 194
[pid   501] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   501] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   501] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 503 attached
 <unfinished ...>
[pid   503] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   503] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   503] creat("./bus", 000)         = 4
[pid   503] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   502] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   501] <... futex resumed>)        = 0
[pid   503] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   501] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   503] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   501] <... futex resumed>)        = 0
[pid   503] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   501] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   503] <... mount resumed>)        = 0
[pid   503] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   501] <... futex resumed>)        = 0
[pid   503] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   501] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   503] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   501] <... futex resumed>)        = 0
[pid   503] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   501] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   503] <... open resumed>)         = 5
[pid   503] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   502] <... write resumed>)        = 262144
[pid   503] <... futex resumed>)        = 1
[pid   501] <... futex resumed>)        = 0
[pid   503] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   501] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   503] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   501] <... futex resumed>)        = 0
[pid   503] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   501] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   503] <... mmap resumed>)         = 0x20000000
[pid   502] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   503] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   501] <... futex resumed>)        = 0
[pid   503] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   501] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   503] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   501] <... futex resumed>)        = 0
[pid   503] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   502] <... munmap resumed>)       = 0
[pid   502] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   501] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000}) = ?
[pid   502] +++ killed by SIGBUS (core dumped) +++
[pid   503] +++ killed by SIGBUS (core dumped) +++
[pid   501] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=192, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./62", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./62/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./62/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./62/core")         = 0
[pid   299] umount2("./62/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./62/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./62/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./62/bus")          = 0
[pid   299] umount2("./62/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./62/binderfs")     = 0
[pid   299] umount2("./62/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./62/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./62/cgroup.net")   = 0
[pid   299] umount2("./62/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./62/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./62/cgroup.cpu")   = 0
[pid   299] umount2("./62/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./62/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./62/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./62")               = 0
[pid   299] mkdir("./63", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 504 attached
 <unfinished ...>
[pid   504] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 195
[pid   504] <... set_robust_list resumed>) = 0
[pid   504] chdir("./63")               = 0
[pid   504] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   504] setpgid(0, 0)               = 0
[pid   504] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   504] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   504] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   504] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   504] write(3, "1000", 4)         = 4
[pid   504] close(3)                    = 0
[pid   504] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   504] write(1, "executing program\n", 18) = 18
[pid   504] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   504] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   504] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   504] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   504] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   504] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   504] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 505 attached
 <unfinished ...>
[pid   505] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   505] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   505] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   504] <... clone3 resumed> => {parent_tid=[196]}, 88) = 196
[pid   504] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   504] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   505] <... futex resumed>)        = 0
[pid   504] <... futex resumed>)        = 1
[pid   505] memfd_create("syzkaller", 0) = 3
[pid   505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   505] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   504] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   505] <... write resumed>)        = 262144
[pid   504] <... futex resumed>)        = 0
[pid   505] munmap(0x7faa87550000, 138412032) = 0
[pid   504] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   505] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   505] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   504] <... mmap resumed>)         = 0x7faa8f92f000
[pid   505] <... ioctl resumed>)        = 0
[pid   504] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   505] close(3)                    = 0
[pid   504] <... mprotect resumed>)     = 0
[pid   505] close(4 <unfinished ...>
[pid   504] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   504] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 506 attached
 => {parent_tid=[197]}, 88) = 197
[pid   506] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   504] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   506] <... set_robust_list resumed>) = 0
[pid   504] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   506] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   504] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   506] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   504] <... futex resumed>)        = 0
[pid   506] creat("./bus", 000 <unfinished ...>
[pid   504] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   506] <... creat resumed>)        = 3
[pid   506] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   504] <... futex resumed>)        = 0
[pid   506] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   504] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   506] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   504] <... futex resumed>)        = 0
[pid   506] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   504] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   506] <... mount resumed>)        = 0
[pid   506] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   504] <... futex resumed>)        = 0
[pid   506] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   504] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   506] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   504] <... futex resumed>)        = 0
[pid   506] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   504] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   505] <... close resumed>)        = 0
[pid   505] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   505] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   505] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   504] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   504] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   504] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   504] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   504] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   504] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f90e000
[pid   504] mprotect(0x7faa8f90f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   504] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   504] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f92e990, parent_tid=0x7faa8f92e990, exit_signal=0, stack=0x7faa8f90e000, stack_size=0x20300, tls=0x7faa8f92e6c0} => {parent_tid=[198]}, 88) = 198
[pid   504] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   31.867296][  T505] loop0: detected capacity change from 0 to 512
[pid   504] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   504] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 507 attached
 <unfinished ...>
[pid   507] set_robust_list(0x7faa8f92e9a0, 24) = 0
[pid   507] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   507] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0) = -1 EBADF (Bad file descriptor)
[pid   507] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   504] <... futex resumed>)        = 0
[pid   504] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   504] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   507] <... futex resumed>)        = 1
[pid   507] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128) = 6
[pid   507] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   504] <... futex resumed>)        = 0
[pid   507] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   506] <... open resumed>)         = 4
[pid   505] <... openat resumed>)       = 5
[pid   506] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   505] ioctl(5, LOOP_CLR_FD <unfinished ...>
[pid   506] <... futex resumed>)        = 0
[pid   505] <... ioctl resumed>)        = 0
[pid   506] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   505] close(5)                    = 0
[pid   505] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   505] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   504] close(3)                    = 0
[pid   504] close(4)                    = 0
[pid   504] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   504] close(6)                    = 0
[pid   504] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   504] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   504] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   504] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   504] exit_group(0 <unfinished ...>
[pid   507] <... futex resumed>)        = ?
[pid   504] <... exit_group resumed>)   = ?
[pid   507] +++ exited with 0 +++
[pid   506] <... futex resumed>)        = ?
[pid   505] <... futex resumed>)        = ?
[pid   506] +++ exited with 0 +++
[pid   505] +++ exited with 0 +++
[pid   504] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=195, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./63", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./63/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./63/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./63/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./63/bus")          = 0
[pid   299] umount2("./63/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./63/binderfs")     = 0
[pid   299] umount2("./63/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./63/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./63/cgroup.net")   = 0
[pid   299] umount2("./63/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./63/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./63/cgroup.cpu")   = 0
[pid   299] umount2("./63/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./63/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./63/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./63")               = 0
[pid   299] mkdir("./64", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 508 attached
 <unfinished ...>
[pid   508] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 199
[pid   508] <... set_robust_list resumed>) = 0
[pid   508] chdir("./64")               = 0
[pid   508] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   508] setpgid(0, 0)               = 0
[pid   508] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   508] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   508] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   508] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   508] write(3, "1000", 4)         = 4
[pid   508] close(3)                    = 0
[pid   508] symlink("/dev/binderfs", "./binderfs") = 0
[pid   508] write(1, "executing program\n", 18executing program
) = 18
[pid   508] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   508] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   508] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   508] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   508] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   508] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   508] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 509 attached
 <unfinished ...>
[pid   509] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   508] <... clone3 resumed> => {parent_tid=[200]}, 88) = 200
[pid   509] <... set_robust_list resumed>) = 0
[pid   508] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   509] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   508] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   509] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   508] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   508] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   509] memfd_create("syzkaller", 0 <unfinished ...>
[pid   508] <... futex resumed>)        = 0
[pid   509] <... memfd_create resumed>) = 3
[pid   508] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   509] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   508] <... mmap resumed>)         = 0x7faa8752f000
[pid   508] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   508] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   508] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 510 attached
 <unfinished ...>
[pid   510] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   508] <... clone3 resumed> => {parent_tid=[201]}, 88) = 201
[pid   510] <... set_robust_list resumed>) = 0
[pid   508] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   510] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   508] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   510] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   508] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   510] creat("./bus", 000 <unfinished ...>
[pid   508] <... futex resumed>)        = 0
[pid   510] <... creat resumed>)        = 4
[pid   508] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   510] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   508] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   510] <... futex resumed>)        = 0
[pid   508] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   510] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   508] <... futex resumed>)        = 0
[pid   510] <... mount resumed>)        = 0
[pid   508] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   510] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   509] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   508] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   510] <... futex resumed>)        = 0
[pid   508] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   510] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   508] <... futex resumed>)        = 0
[pid   510] <... open resumed>)         = 5
[pid   508] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   510] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   508] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   510] <... futex resumed>)        = 0
[pid   508] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   510] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   508] <... futex resumed>)        = 0
[pid   510] <... mmap resumed>)         = 0x20000000
[pid   508] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   510] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   508] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   510] <... futex resumed>)        = 0
[pid   508] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   510] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   508] <... futex resumed>)        = -1 (errno 18446744073709551414)
[pid   509] <... write resumed>)        = ?
[pid   509] +++ killed by SIGBUS (core dumped) +++
[pid   510] +++ killed by SIGBUS (core dumped) +++
[pid   508] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=199, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./64", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./64/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./64/core", {st_mode=S_IFREG|0600, st_size=17084416, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./64/core")         = 0
[pid   299] umount2("./64/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./64/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./64/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./64/bus")          = 0
[pid   299] umount2("./64/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./64/binderfs")     = 0
[pid   299] umount2("./64/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./64/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./64/cgroup.net")   = 0
[pid   299] umount2("./64/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./64/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./64/cgroup.cpu")   = 0
[pid   299] umount2("./64/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./64/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./64/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./64")               = 0
[pid   299] mkdir("./65", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 202
./strace-static-x86_64: Process 511 attached
[pid   511] set_robust_list(0x555579a076a0, 24) = 0
[pid   511] chdir("./65")               = 0
[pid   511] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   511] setpgid(0, 0)               = 0
[pid   511] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   511] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   511] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   511] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   511] write(3, "1000", 4)         = 4
[pid   511] close(3)                    = 0
[pid   511] symlink("/dev/binderfs", "./binderfs") = 0
[pid   511] write(1, "executing program\n", 18executing program
) = 18
[pid   511] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   511] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   511] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   511] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   511] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   511] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   511] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[203]}, 88) = 203
[pid   511] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   511] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   511] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   511] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   511] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   511] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   511] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[204]}, 88) = 204
[pid   511] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   511] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   511] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 512 attached
 <unfinished ...>
[pid   512] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   512] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   512] memfd_create("syzkaller", 0) = 3
[pid   512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
./strace-static-x86_64: Process 513 attached
[pid   513] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   513] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   513] creat("./bus", 000)         = 4
[pid   513] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   511] <... futex resumed>)        = 0
[pid   511] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   511] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   513] <... futex resumed>)        = 1
[pid   513] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   513] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   511] <... futex resumed>)        = 0
[pid   511] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   511] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   513] <... futex resumed>)        = 1
[pid   513] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   513] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   511] <... futex resumed>)        = 0
[pid   511] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   511] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   513] <... futex resumed>)        = 1
[pid   513] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   512] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   513] <... mmap resumed>)         = 0x20000000
[pid   513] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   511] <... futex resumed>)        = 0
[pid   511] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   513] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   511] <... futex resumed>)        = 0
[pid   512] <... write resumed>)        = ?
[pid   512] +++ killed by SIGBUS (core dumped) +++
[pid   513] +++ killed by SIGBUS (core dumped) +++
[pid   511] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=202, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
[pid   299] umount2("./65", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./65/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./65/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./65/core")         = 0
[pid   299] umount2("./65/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./65/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./65/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./65/bus")          = 0
[pid   299] umount2("./65/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./65/binderfs")     = 0
[pid   299] umount2("./65/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./65/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./65/cgroup.net")   = 0
[pid   299] umount2("./65/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./65/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./65/cgroup.cpu")   = 0
[pid   299] umount2("./65/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./65/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./65/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./65")               = 0
[pid   299] mkdir("./66", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 205
./strace-static-x86_64: Process 514 attached
[pid   514] set_robust_list(0x555579a076a0, 24) = 0
[pid   514] chdir("./66")               = 0
[pid   514] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   514] setpgid(0, 0)               = 0
[pid   514] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   514] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   514] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   514] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   514] write(3, "1000", 4)         = 4
[pid   514] close(3)                    = 0
[pid   514] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   514] write(1, "executing program\n", 18) = 18
[pid   514] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   514] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   514] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   514] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   514] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   514] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   514] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[206]}, 88) = 206
[pid   514] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   514] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   514] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   514] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   514] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   514] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   514] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[207]}, 88) = 207
[pid   514] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   514] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   514] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 515 attached
 <unfinished ...>
[pid   515] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   515] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   515] memfd_create("syzkaller", 0) = 3
[pid   515] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
./strace-static-x86_64: Process 516 attached
[pid   516] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   516] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   516] creat("./bus", 000)         = 4
[pid   516] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   514] <... futex resumed>)        = 0
[pid   514] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   514] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   516] <... futex resumed>)        = 1
[pid   516] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   516] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   514] <... futex resumed>)        = 0
[pid   514] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   514] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   515] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   516] <... futex resumed>)        = 1
[pid   516] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   516] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   514] <... futex resumed>)        = 0
[pid   514] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   514] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   516] <... futex resumed>)        = 1
[pid   515] <... write resumed>)        = 262144
[pid   516] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0) = 0x20000000
[pid   516] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   514] <... futex resumed>)        = 0
[pid   514] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   514] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   516] <... futex resumed>)        = 1
[pid   516] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   514] <... futex resumed>)        = ?
[pid   515] +++ killed by SIGBUS (core dumped) +++
executing program
[pid   516] +++ killed by SIGBUS (core dumped) +++
[pid   514] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=205, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] umount2("./66", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./66/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./66/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./66/core")         = 0
[pid   299] umount2("./66/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./66/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./66/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./66/bus")          = 0
[pid   299] umount2("./66/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./66/binderfs")     = 0
[pid   299] umount2("./66/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./66/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./66/cgroup.net")   = 0
[pid   299] umount2("./66/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./66/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./66/cgroup.cpu")   = 0
[pid   299] umount2("./66/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./66/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./66/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./66")               = 0
[pid   299] mkdir("./67", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 208
./strace-static-x86_64: Process 517 attached
[pid   517] set_robust_list(0x555579a076a0, 24) = 0
[pid   517] chdir("./67")               = 0
[pid   517] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   517] setpgid(0, 0)               = 0
[pid   517] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   517] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   517] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   517] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   517] write(3, "1000", 4)         = 4
[pid   517] close(3)                    = 0
[pid   517] symlink("/dev/binderfs", "./binderfs") = 0
[pid   517] write(1, "executing program\n", 18) = 18
[pid   517] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   517] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   517] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   517] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   517] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   517] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   517] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[209]}, 88) = 209
[pid   517] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   517] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   517] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   517] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   517] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   517] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   517] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[210]}, 88) = 210
[pid   517] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   517] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   517] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 518 attached
 <unfinished ...>
[pid   518] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   518] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   518] memfd_create("syzkaller", 0) = 3
[pid   518] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
./strace-static-x86_64: Process 519 attached
[pid   519] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   519] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   519] creat("./bus", 000)         = 4
[pid   519] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   518] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   519] <... futex resumed>)        = 1
[pid   517] <... futex resumed>)        = 0
[pid   517] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   517] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   519] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   519] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   517] <... futex resumed>)        = 0
[pid   517] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   517] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   519] <... futex resumed>)        = 1
[pid   519] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   519] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   518] <... write resumed>)        = 262144
[pid   519] <... futex resumed>)        = 1
[pid   517] <... futex resumed>)        = 0
[pid   517] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   517] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   518] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   519] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   518] <... munmap resumed>)       = 0
[pid   519] <... mmap resumed>)         = 0x20000000
[pid   519] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   517] <... futex resumed>)        = 0
[pid   517] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   517] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   519] <... futex resumed>)        = 1
[pid   519] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   517] <... futex resumed>)        = ?
[pid   518] +++ killed by SIGBUS (core dumped) +++
[pid   519] +++ killed by SIGBUS (core dumped) +++
[pid   517] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=208, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./67/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./67/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./67/core")         = 0
[pid   299] umount2("./67/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./67/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./67/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./67/bus")          = 0
[pid   299] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./67/binderfs")     = 0
[pid   299] umount2("./67/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./67/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./67/cgroup.net")   = 0
[pid   299] umount2("./67/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./67/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./67/cgroup.cpu")   = 0
[pid   299] umount2("./67/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./67/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./67/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./67")               = 0
[pid   299] mkdir("./68", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 211
./strace-static-x86_64: Process 520 attached
[pid   520] set_robust_list(0x555579a076a0, 24) = 0
[pid   520] chdir("./68")               = 0
[pid   520] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   520] setpgid(0, 0)               = 0
[pid   520] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   520] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   520] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   520] write(3, "1000", 4)         = 4
[pid   520] close(3)                    = 0
[pid   520] symlink("/dev/binderfs", "./binderfs") = 0
[pid   520] write(1, "executing program\n", 18executing program
) = 18
[pid   520] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   520] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   520] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   520] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   520] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   520] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   520] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 521 attached
 <unfinished ...>
[pid   521] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   520] <... clone3 resumed> => {parent_tid=[212]}, 88) = 212
[pid   521] <... set_robust_list resumed>) = 0
[pid   521] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   521] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   520] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   520] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   521] <... futex resumed>)        = 0
[pid   520] <... futex resumed>)        = 1
[pid   521] memfd_create("syzkaller", 0) = 3
[pid   521] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   521] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   520] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   521] <... write resumed>)        = 262144
[pid   520] <... futex resumed>)        = 0
[pid   521] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   520] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   521] <... munmap resumed>)       = 0
[pid   520] <... mmap resumed>)         = 0x7faa8f92f000
[pid   521] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   520] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   521] <... openat resumed>)       = 4
[pid   521] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   520] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   521] <... ioctl resumed>)        = 0
[pid   520] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[213]}, 88) = 213
[pid   521] close(3 <unfinished ...>
[pid   520] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   520] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   520] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 522 attached
 <unfinished ...>
[pid   522] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   522] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   522] creat("./bus", 000 <unfinished ...>
[pid   521] <... close resumed>)        = 0
[pid   522] <... creat resumed>)        = 5
[pid   522] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   520] <... futex resumed>)        = 0
[pid   520] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   520] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   522] <... futex resumed>)        = 1
[pid   522] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   522] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   520] <... futex resumed>)        = 0
[pid   520] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   520] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   522] <... futex resumed>)        = 1
[pid   522] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 3
[pid   522] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   520] <... futex resumed>)        = 0
[pid   520] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   520] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   522] <... futex resumed>)        = 1
[pid   522] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   521] close(4)                    = 0
[pid   521] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   521] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   521] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   521] ioctl(4, LOOP_CLR_FD)       = 0
[pid   521] close(4)                    = 0
[pid   521] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   521] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   522] <... mmap resumed>)         = 0x20000000
[pid   522] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   520] <... futex resumed>)        = 0
[pid   520] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   520] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   521] <... futex resumed>)        = 0
[pid   521] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 4
[pid   521] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   520] <... futex resumed>)        = 0
[pid   520] close(3 <unfinished ...>
[pid   522] <... futex resumed>)        = 1
[pid   521] <... futex resumed>)        = 1
[pid   520] <... close resumed>)        = 0
[pid   520] close(4)                    = 0
[pid   520] close(5)                    = 0
[pid   520] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   520] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   520] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   520] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   520] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   520] exit_group(0)               = ?
[pid   522] +++ exited with 0 +++
[pid   521] +++ exited with 0 +++
[pid   520] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=211, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[   32.240328][  T521] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./68/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./68/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./68/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./68/bus")          = 0
[pid   299] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./68/binderfs")     = 0
[pid   299] umount2("./68/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./68/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./68/cgroup.net")   = 0
[pid   299] umount2("./68/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./68/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./68/cgroup.cpu")   = 0
[pid   299] umount2("./68/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./68/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./68/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./68")               = 0
[pid   299] mkdir("./69", 0777executing program
)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 523 attached
 <unfinished ...>
[pid   523] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 214
[pid   523] <... set_robust_list resumed>) = 0
[pid   523] chdir("./69")               = 0
[pid   523] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   523] setpgid(0, 0)               = 0
[pid   523] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   523] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   523] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   523] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   523] write(3, "1000", 4)         = 4
[pid   523] close(3)                    = 0
[pid   523] symlink("/dev/binderfs", "./binderfs") = 0
[pid   523] write(1, "executing program\n", 18) = 18
[pid   523] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   523] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   523] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   523] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   523] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   523] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   523] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 524 attached
 <unfinished ...>
[pid   524] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   523] <... clone3 resumed> => {parent_tid=[215]}, 88) = 215
[pid   524] <... set_robust_list resumed>) = 0
[pid   523] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   524] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   523] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   524] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   523] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   524] memfd_create("syzkaller", 0 <unfinished ...>
[pid   523] <... futex resumed>)        = 0
[pid   524] <... memfd_create resumed>) = 3
[pid   523] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   523] <... futex resumed>)        = 0
[pid   524] <... mmap resumed>)         = 0x7faa87550000
[pid   523] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   524] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   523] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   523] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   523] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[216]}, 88) = 216
[pid   523] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   523] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   523] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 525 attached
 <unfinished ...>
[pid   525] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   525] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   525] creat("./bus", 000)         = 4
[pid   525] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   523] <... futex resumed>)        = 0
[pid   525] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   523] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   524] <... write resumed>)        = 262144
[pid   525] <... mount resumed>)        = 0
[pid   523] <... futex resumed>)        = 0
[pid   525] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   523] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   525] <... futex resumed>)        = 0
[pid   523] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   525] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   523] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   525] <... open resumed>)         = 5
[pid   523] <... futex resumed>)        = 0
[pid   525] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   523] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   524] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   525] <... futex resumed>)        = 0
[pid   524] <... munmap resumed>)       = 0
[pid   523] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   525] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   523] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   523] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   524] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   524] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   525] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   525] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   524] <... ioctl resumed>)        = 0
[pid   524] close(3)                    = 0
[pid   524] close(6)                    = 0
[pid   524] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   524] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   524] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   525] <... mmap resumed>)         = 0x20000000
[pid   525] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   523] <... futex resumed>)        = 0
[pid   523] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   523] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   525] <... futex resumed>)        = 1
[pid   525] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 6
[pid   525] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   523] <... futex resumed>)        = 0
[pid   525] <... futex resumed>)        = 1
[pid   525] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   524] <... openat resumed>)       = 3
[pid   524] ioctl(3, LOOP_CLR_FD)       = 0
[pid   524] close(3)                    = 0
[pid   524] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   524] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   523] close(3)                    = -1 EBADF (Bad file descriptor)
[pid   523] close(4)                    = 0
[pid   523] close(5)                    = 0
[pid   523] close(6)                    = 0
[pid   523] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   523] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   523] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   523] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   523] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   523] exit_group(0)               = ?
[pid   524] <... futex resumed>)        = ?
[pid   525] <... futex resumed>)        = ?
[pid   524] +++ exited with 0 +++
[pid   525] +++ exited with 0 +++
[pid   523] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=214, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./69/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./69/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./69/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./69/bus")          = 0
[pid   299] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./69/binderfs")     = 0
[pid   299] umount2("./69/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./69/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./69/cgroup.net")   = 0
[pid   299] umount2("./69/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./69/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./69/cgroup.cpu")   = 0
[pid   299] umount2("./69/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./69/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./69/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./69")               = 0
[pid   299] mkdir("./70", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 217
./strace-static-x86_64: Process 526 attached
[pid   526] set_robust_list(0x555579a076a0, 24) = 0
[pid   526] chdir("./70")               = 0
[pid   526] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   526] setpgid(0, 0)               = 0
[pid   526] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   526] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   526] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   526] write(3, "1000", 4)         = 4
[pid   526] close(3)                    = 0
[pid   526] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   526] write(1, "executing program\n", 18) = 18
[pid   526] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   526] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   526] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[   32.315570][  T524] loop0: detected capacity change from 0 to 512
[pid   526] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   526] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   526] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   526] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 527 attached
 <unfinished ...>
[pid   527] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   527] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   527] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   526] <... clone3 resumed> => {parent_tid=[218]}, 88) = 218
[pid   526] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   526] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   527] <... futex resumed>)        = 0
[pid   527] memfd_create("syzkaller", 0 <unfinished ...>
[pid   526] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   527] <... memfd_create resumed>) = 3
[pid   526] <... futex resumed>)        = 0
[pid   527] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   527] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   526] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   526] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   526] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   526] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[219]}, 88) = 219
[pid   526] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   526] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   526] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 528 attached
 <unfinished ...>
[pid   527] <... write resumed>)        = 262144
[pid   528] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   527] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   528] <... set_robust_list resumed>) = 0
[pid   527] <... munmap resumed>)       = 0
[pid   528] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   527] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   528] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   527] <... openat resumed>)       = 4
[pid   528] creat("./bus", 000 <unfinished ...>
[pid   527] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   528] <... creat resumed>)        = 5
[pid   528] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   526] <... futex resumed>)        = 0
[pid   528] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   526] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   528] <... mount resumed>)        = 0
[pid   526] <... futex resumed>)        = 0
[pid   528] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   526] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   528] <... futex resumed>)        = 0
[pid   526] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   528] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   526] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   526] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   527] <... ioctl resumed>)        = 0
[pid   528] <... open resumed>)         = 6
[pid   527] close(3 <unfinished ...>
[pid   528] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   527] <... close resumed>)        = 0
[pid   526] <... futex resumed>)        = 0
[pid   526] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   526] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   527] close(4 <unfinished ...>
[pid   528] <... futex resumed>)        = 1
[pid   528] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   527] <... close resumed>)        = 0
[pid   527] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   527] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   527] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   527] ioctl(3, LOOP_CLR_FD)       = 0
[pid   527] close(3)                    = 0
[pid   527] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   527] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   528] <... mmap resumed>)         = 0x20000000
[pid   528] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   526] <... futex resumed>)        = 0
[pid   526] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   526] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   527] <... futex resumed>)        = 0
[pid   527] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   528] <... futex resumed>)        = 1
[pid   528] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   527] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   526] <... futex resumed>)        = 0
[pid   526] close(3)                    = 0
[pid   526] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   526] close(5)                    = 0
[pid   527] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   526] close(6)                    = 0
[pid   526] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   526] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   526] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   526] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   526] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   526] exit_group(0)               = ?
[pid   528] <... futex resumed>)        = ?
[pid   527] <... futex resumed>)        = ?
[pid   528] +++ exited with 0 +++
[pid   527] +++ exited with 0 +++
[pid   526] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=217, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[   32.385315][  T527] loop0: detected capacity change from 0 to 512
[pid   299] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./70/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./70/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./70/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./70/bus")          = 0
[pid   299] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./70/binderfs")     = 0
[pid   299] umount2("./70/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./70/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./70/cgroup.net")   = 0
[pid   299] umount2("./70/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./70/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./70/cgroup.cpu")   = 0
[pid   299] umount2("./70/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./70/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./70/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./70")               = 0
[pid   299] mkdir("./71", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 220
./strace-static-x86_64: Process 529 attached
[pid   529] set_robust_list(0x555579a076a0, 24) = 0
[pid   529] chdir("./71")               = 0
[pid   529] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   529] setpgid(0, 0)               = 0
[pid   529] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   529] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   529] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   529] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   529] write(3, "1000", 4)         = 4
[pid   529] close(3)                    = 0
[pid   529] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   529] write(1, "executing program\n", 18) = 18
[pid   529] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   529] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   529] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   529] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   529] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   529] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   529] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 530 attached
 <unfinished ...>
[pid   530] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   530] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   530] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   529] <... clone3 resumed> => {parent_tid=[221]}, 88) = 221
[pid   529] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   529] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   530] <... futex resumed>)        = 0
[pid   530] memfd_create("syzkaller", 0) = 3
[pid   530] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   530] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   529] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   529] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   529] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   529] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   530] <... write resumed>)        = 262144
[pid   529] <... rt_sigprocmask resumed>[], 8) = 0
[pid   530] munmap(0x7faa87550000, 138412032) = 0
[pid   529] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   530] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   530] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 531 attached
)    = 0
[pid   531] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   529] <... clone3 resumed> => {parent_tid=[222]}, 88) = 222
[pid   531] <... set_robust_list resumed>) = 0
[pid   529] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   531] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   529] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   531] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   530] close(3 <unfinished ...>
[pid   529] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   531] creat("./bus", 000 <unfinished ...>
[pid   529] <... futex resumed>)        = 0
[pid   530] <... close resumed>)        = 0
[pid   529] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   530] close(4 <unfinished ...>
[pid   531] <... creat resumed>)        = 5
[pid   531] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   529] <... futex resumed>)        = 0
[pid   531] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   529] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   531] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   529] <... futex resumed>)        = 0
[pid   531] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   529] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   531] <... mount resumed>)        = 0
[pid   531] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   529] <... futex resumed>)        = 0
[pid   529] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   529] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   531] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   530] <... close resumed>)        = 0
[pid   530] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   530] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   530] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   531] <... open resumed>)         = 3
[pid   530] <... openat resumed>)       = 4
[pid   531] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   530] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   531] <... futex resumed>)        = 1
[pid   530] <... ioctl resumed>)        = 0
[pid   529] <... futex resumed>)        = 0
[pid   531] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[   32.470062][  T530] loop0: detected capacity change from 0 to 512
[pid   530] close(4 <unfinished ...>
[pid   529] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   531] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   530] <... close resumed>)        = 0
[pid   529] <... futex resumed>)        = 0
[pid   531] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   530] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   529] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   530] <... futex resumed>)        = 0
[pid   530] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   531] <... mmap resumed>)         = 0x20000000
[pid   531] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   529] <... futex resumed>)        = 0
[pid   531] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   529] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   530] <... futex resumed>)        = 0
[pid   529] <... futex resumed>)        = 1
[pid   530] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   529] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   530] <... bpf resumed>)          = 4
[pid   530] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   529] <... futex resumed>)        = 0
[pid   529] close(3)                    = 0
[pid   529] close(4)                    = 0
[pid   529] close(5)                    = 0
[pid   529] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   529] close(7 <unfinished ...>
[pid   530] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   529] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   529] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   529] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   529] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   529] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   529] exit_group(0 <unfinished ...>
[pid   531] <... futex resumed>)        = ?
[pid   529] <... exit_group resumed>)   = ?
[pid   531] +++ exited with 0 +++
[pid   530] <... futex resumed>)        = ?
[pid   530] +++ exited with 0 +++
[pid   529] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=220, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./71/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./71/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./71/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./71/bus")          = 0
[pid   299] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./71/binderfs")     = 0
[pid   299] umount2("./71/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./71/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./71/cgroup.net")   = 0
[pid   299] umount2("./71/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./71/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./71/cgroup.cpu")   = 0
[pid   299] umount2("./71/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./71/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./71/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./71")               = 0
[pid   299] mkdir("./72", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 533 attached
 <unfinished ...>
[pid   533] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 223
[pid   533] <... set_robust_list resumed>) = 0
[pid   533] chdir("./72")               = 0
[pid   533] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   533] setpgid(0, 0)               = 0
[pid   533] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   533] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   533] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   533] write(3, "1000", 4)         = 4
[pid   533] close(3)                    = 0
[pid   533] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   533] write(1, "executing program\n", 18) = 18
[pid   533] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   533] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   533] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   533] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   533] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   533] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   533] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 534 attached
 <unfinished ...>
[pid   534] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   533] <... clone3 resumed> => {parent_tid=[224]}, 88) = 224
[pid   534] <... set_robust_list resumed>) = 0
[pid   534] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   533] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   534] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   534] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   533] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   533] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   534] <... futex resumed>)        = 0
[pid   533] <... futex resumed>)        = 1
[pid   534] memfd_create("syzkaller", 0 <unfinished ...>
[pid   533] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   534] <... memfd_create resumed>) = 3
[pid   533] <... futex resumed>)        = 0
[pid   533] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   533] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   533] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   534] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   533] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[225]}, 88) = 225
[pid   533] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   533] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   533] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 535 attached
 <unfinished ...>
[pid   535] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   535] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   535] creat("./bus", 000)         = 4
[pid   534] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   535] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   533] <... futex resumed>)        = 0
[pid   535] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   533] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   535] <... mount resumed>)        = 0
[pid   533] <... futex resumed>)        = 0
[pid   535] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   533] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   535] <... futex resumed>)        = 0
[pid   534] <... write resumed>)        = 262144
[pid   533] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   535] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   533] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   535] <... open resumed>)         = 5
[pid   533] <... futex resumed>)        = 0
[pid   535] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   534] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   533] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   535] <... futex resumed>)        = 0
[pid   533] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   535] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   533] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   535] <... mmap resumed>)         = 0x20000000
[pid   533] <... futex resumed>)        = 0
[pid   534] <... munmap resumed>)       = 0
[pid   535] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   533] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   535] <... futex resumed>)        = 0
[pid   533] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   535] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   533] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   534] +++ killed by SIGBUS (core dumped) +++
[pid   535] +++ killed by SIGBUS (core dumped) +++
[pid   533] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=223, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./72/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./72/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./72/core")         = 0
[pid   299] umount2("./72/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./72/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./72/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./72/bus")          = 0
[pid   299] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./72/binderfs")     = 0
[pid   299] umount2("./72/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./72/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./72/cgroup.net")   = 0
[pid   299] umount2("./72/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./72/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./72/cgroup.cpu")   = 0
[pid   299] umount2("./72/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./72/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./72/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./72")               = 0
[pid   299] mkdir("./73", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 226
./strace-static-x86_64: Process 536 attached
[pid   536] set_robust_list(0x555579a076a0, 24) = 0
[pid   536] chdir("./73")               = 0
[pid   536] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   536] setpgid(0, 0)               = 0
[pid   536] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   536] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   536] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   536] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   536] write(3, "1000", 4)         = 4
[pid   536] close(3)                    = 0
[pid   536] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   536] write(1, "executing program\n", 18) = 18
[pid   536] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   536] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   536] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   536] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   536] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   536] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   536] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 537 attached
 <unfinished ...>
[pid   537] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   536] <... clone3 resumed> => {parent_tid=[227]}, 88) = 227
[pid   537] <... set_robust_list resumed>) = 0
[pid   536] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   537] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   536] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   537] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   536] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   537] memfd_create("syzkaller", 0 <unfinished ...>
[pid   536] <... futex resumed>)        = 0
[pid   537] <... memfd_create resumed>) = 3
[pid   536] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   536] <... futex resumed>)        = 0
[pid   537] <... mmap resumed>)         = 0x7faa87550000
[pid   536] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   536] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   536] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   536] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 538 attached
 => {parent_tid=[228]}, 88) = 228
[pid   537] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   538] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   538] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   538] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   536] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   536] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   536] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   538] <... futex resumed>)        = 0
[pid   538] creat("./bus", 000)         = 4
[pid   538] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   536] <... futex resumed>)        = 0
[pid   538] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   537] <... write resumed>)        = 262144
[pid   536] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   537] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   538] <... mount resumed>)        = 0
[pid   536] <... futex resumed>)        = 0
[pid   538] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   537] <... munmap resumed>)       = 0
[pid   536] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   538] <... futex resumed>)        = 0
[pid   536] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   538] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   536] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   538] <... open resumed>)         = 5
[pid   536] <... futex resumed>)        = 0
[pid   538] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   536] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   538] <... futex resumed>)        = 0
[pid   536] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   538] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   536] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   538] <... mmap resumed>)         = 0x20000000
[pid   537] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   536] <... futex resumed>)        = 0
[pid   538] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   536] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   537] <... openat resumed>)       = 6
[pid   538] <... futex resumed>)        = 0
[pid   536] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   538] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   536] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   537] +++ killed by SIGBUS (core dumped) +++
[pid   538] +++ killed by SIGBUS (core dumped) +++
[pid   536] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=226, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./73/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./73/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./73/core")         = 0
[pid   299] umount2("./73/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./73/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./73/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./73/bus")          = 0
[pid   299] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./73/binderfs")     = 0
[pid   299] umount2("./73/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./73/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./73/cgroup.net")   = 0
[pid   299] umount2("./73/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./73/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./73/cgroup.cpu")   = 0
[pid   299] umount2("./73/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./73/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./73/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./73")               = 0
[pid   299] mkdir("./74", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 229
./strace-static-x86_64: Process 539 attached
[pid   539] set_robust_list(0x555579a076a0, 24) = 0
[pid   539] chdir("./74")               = 0
[pid   539] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   539] setpgid(0, 0)               = 0
[pid   539] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   539] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   539] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   539] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   539] write(3, "1000", 4)         = 4
[pid   539] close(3)                    = 0
[pid   539] symlink("/dev/binderfs", "./binderfs") = 0
[pid   539] write(1, "executing program\n", 18executing program
) = 18
[pid   539] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   539] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   539] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   539] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   539] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   539] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   539] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 540 attached
 <unfinished ...>
[pid   540] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   540] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   540] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   539] <... clone3 resumed> => {parent_tid=[230]}, 88) = 230
[pid   539] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   539] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   540] <... futex resumed>)        = 0
[pid   539] <... futex resumed>)        = 1
[pid   540] memfd_create("syzkaller", 0) = 3
[pid   540] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   540] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   539] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   540] <... write resumed>)        = 262144
[pid   539] <... futex resumed>)        = 0
[pid   540] munmap(0x7faa87550000, 138412032) = 0
[pid   539] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   540] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   540] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid   539] <... mmap resumed>)         = 0x7faa8f92f000
[pid   540] close(3 <unfinished ...>
[pid   539] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   540] <... close resumed>)        = 0
[pid   540] close(4 <unfinished ...>
[pid   539] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   539] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 541 attached
 => {parent_tid=[231]}, 88) = 231
[pid   541] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   539] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   539] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   539] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   541] <... set_robust_list resumed>) = 0
[pid   541] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   541] creat("./bus", 000)         = 3
[pid   541] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   539] <... futex resumed>)        = 0
[pid   539] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   539] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   541] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   541] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   539] <... futex resumed>)        = 0
[pid   539] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   541] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   539] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   540] <... close resumed>)        = 0
[pid   540] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   540] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[   32.701403][  T540] loop0: detected capacity change from 0 to 512
[pid   540] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   539] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   539] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   539] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   539] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   539] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   539] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f90e000
[pid   539] mprotect(0x7faa8f90f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   539] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   539] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f92e990, parent_tid=0x7faa8f92e990, exit_signal=0, stack=0x7faa8f90e000, stack_size=0x20300, tls=0x7faa8f92e6c0}./strace-static-x86_64: Process 542 attached
 <unfinished ...>
[pid   542] set_robust_list(0x7faa8f92e9a0, 24 <unfinished ...>
[pid   539] <... clone3 resumed> => {parent_tid=[232]}, 88) = 232
[pid   542] <... set_robust_list resumed>) = 0
[pid   542] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   542] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   539] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   539] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   542] <... futex resumed>)        = 0
[pid   542] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0) = -1 EBADF (Bad file descriptor)
[pid   542] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   542] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   539] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   539] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   542] <... futex resumed>)        = 0
[pid   542] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid   539] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   542] <... bpf resumed>)          = 6
[pid   541] <... open resumed>)         = 4
[pid   542] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   541] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   542] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   540] <... openat resumed>)       = 5
[pid   539] <... futex resumed>)        = 0
[pid   541] <... futex resumed>)        = 0
[pid   540] ioctl(5, LOOP_CLR_FD)       = 0
[pid   541] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   540] close(5)                    = 0
[pid   540] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   540] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   539] close(3)                    = 0
[pid   539] close(4)                    = 0
[pid   539] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   539] close(6)                    = 0
[pid   539] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   539] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   539] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   539] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   539] exit_group(0 <unfinished ...>
[pid   540] <... futex resumed>)        = ?
[pid   539] <... exit_group resumed>)   = ?
[pid   542] <... futex resumed>)        = ?
[pid   541] <... futex resumed>)        = ?
[pid   540] +++ exited with 0 +++
[pid   541] +++ exited with 0 +++
[pid   542] +++ exited with 0 +++
[pid   539] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=229, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./74/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./74/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./74/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./74/bus")          = 0
[pid   299] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./74/binderfs")     = 0
[pid   299] umount2("./74/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./74/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./74/cgroup.net")   = 0
[pid   299] umount2("./74/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./74/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./74/cgroup.cpu")   = 0
[pid   299] umount2("./74/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./74/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./74/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./74")               = 0
[pid   299] mkdir("./75", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 543 attached
 <unfinished ...>
[pid   543] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 233
[pid   543] <... set_robust_list resumed>) = 0
[pid   543] chdir("./75")               = 0
[pid   543] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   543] setpgid(0, 0)               = 0
[pid   543] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   543] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   543] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   543] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   543] write(3, "1000", 4)         = 4
[pid   543] close(3)                    = 0
[pid   543] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   543] write(1, "executing program\n", 18) = 18
[pid   543] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   543] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   543] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   543] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   543] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   543] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   543] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 544 attached
 <unfinished ...>
[pid   544] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   543] <... clone3 resumed> => {parent_tid=[234]}, 88) = 234
[pid   544] <... set_robust_list resumed>) = 0
[pid   543] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   544] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   543] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   544] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   543] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   544] memfd_create("syzkaller", 0 <unfinished ...>
[pid   543] <... futex resumed>)        = 0
[pid   544] <... memfd_create resumed>) = 3
[pid   543] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   544] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   543] <... futex resumed>)        = 0
[pid   544] <... mmap resumed>)         = 0x7faa87550000
[pid   543] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   544] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   543] <... mmap resumed>)         = 0x7faa8752f000
[pid   544] <... write resumed>)        = 262144
[pid   544] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   543] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   544] <... munmap resumed>)       = 0
[pid   543] <... mprotect resumed>)     = 0
[pid   544] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   543] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   544] <... openat resumed>)       = 4
[pid   543] <... rt_sigprocmask resumed>[], 8) = 0
[pid   544] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   543] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 545 attached
 <unfinished ...>
[pid   545] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   545] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   545] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   543] <... clone3 resumed> => {parent_tid=[235]}, 88) = 235
[pid   543] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   543] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   545] <... futex resumed>)        = 0
[pid   543] <... futex resumed>)        = 1
[pid   545] creat("./bus", 000 <unfinished ...>
[pid   543] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   545] <... creat resumed>)        = 5
[pid   545] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   543] <... futex resumed>)        = 0
[pid   545] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   543] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   545] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   543] <... futex resumed>)        = 0
[pid   545] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   543] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   545] <... mount resumed>)        = 0
[pid   545] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   543] <... futex resumed>)        = 0
[pid   545] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   543] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   545] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   544] <... ioctl resumed>)        = 0
[pid   543] <... futex resumed>)        = 0
[pid   545] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   543] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   545] <... open resumed>)         = 6
[pid   545] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   543] <... futex resumed>)        = 0
[pid   545] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   543] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   545] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   543] <... futex resumed>)        = 0
[pid   545] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   543] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   544] close(3)                    = 0
[pid   544] close(4 <unfinished ...>
[pid   545] <... mmap resumed>)         = 0x20000000
[pid   544] <... close resumed>)        = 0
[pid   545] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   544] mkdir(0x20000000, 0777 <unfinished ...>
[pid   545] <... futex resumed>)        = 1
[pid   544] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   543] <... futex resumed>)        = 0
[pid   545] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   544] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   543] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   545] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   544] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   543] <... futex resumed>)        = 0
[pid   545] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   544] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   543] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   545] <... bpf resumed>)          = 3
[pid   545] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   544] <... openat resumed>)       = 4
[pid   545] <... futex resumed>)        = 1
[pid   545] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   544] ioctl(4, LOOP_CLR_FD)       = 0
[pid   544] close(4)                    = 0
[pid   544] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   544] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   543] <... futex resumed>)        = 0
[pid   543] close(3)                    = 0
[pid   543] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   543] close(5)                    = 0
[pid   543] close(6)                    = 0
[pid   543] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   543] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   543] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   543] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   543] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   543] exit_group(0 <unfinished ...>
[pid   545] <... futex resumed>)        = ?
[pid   544] <... futex resumed>)        = ?
[pid   543] <... exit_group resumed>)   = ?
[pid   544] +++ exited with 0 +++
[pid   545] +++ exited with 0 +++
[pid   543] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=233, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./75/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./75/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./75/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./75/bus")          = 0
[pid   299] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./75/binderfs")     = 0
[pid   299] umount2("./75/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./75/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./75/cgroup.net")   = 0
[pid   299] umount2("./75/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./75/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./75/cgroup.cpu")   = 0
[pid   299] umount2("./75/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./75/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./75/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./75")               = 0
[pid   299] mkdir("./76", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[   32.851038][  T544] loop0: detected capacity change from 0 to 512
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
./strace-static-x86_64: Process 546 attached
 <unfinished ...>
[pid   546] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 236
[pid   546] <... set_robust_list resumed>) = 0
[pid   546] chdir("./76")               = 0
[pid   546] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   546] setpgid(0, 0)               = 0
[pid   546] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   546] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   546] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   546] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   546] write(3, "1000", 4)         = 4
[pid   546] close(3)                    = 0
[pid   546] symlink("/dev/binderfs", "./binderfs") = 0
[pid   546] write(1, "executing program\n", 18) = 18
[pid   546] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   546] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   546] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   546] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   546] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   546] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   546] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 547 attached
 <unfinished ...>
[pid   547] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   546] <... clone3 resumed> => {parent_tid=[237]}, 88) = 237
[pid   547] <... set_robust_list resumed>) = 0
[pid   546] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   547] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   546] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   547] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   546] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   547] memfd_create("syzkaller", 0 <unfinished ...>
[pid   546] <... futex resumed>)        = 0
[pid   547] <... memfd_create resumed>) = 3
[pid   546] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   546] <... futex resumed>)        = 0
[pid   547] <... mmap resumed>)         = 0x7faa87550000
[pid   546] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   546] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   546] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   547] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   546] <... rt_sigprocmask resumed>[], 8) = 0
[pid   546] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[238]}, 88) = 238
[pid   546] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   546] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   546] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 548 attached
 <unfinished ...>
[pid   548] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   548] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   548] creat("./bus", 000)         = 4
[pid   548] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   547] <... write resumed>)        = 262144
[pid   548] <... futex resumed>)        = 1
[pid   546] <... futex resumed>)        = 0
[pid   548] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   546] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   548] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   546] <... futex resumed>)        = 0
[pid   548] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   546] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   548] <... mount resumed>)        = 0
[pid   547] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   548] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   546] <... futex resumed>)        = 0
[pid   548] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   546] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   548] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   546] <... futex resumed>)        = 0
[pid   548] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   546] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   548] <... open resumed>)         = 5
[pid   547] <... munmap resumed>)       = 0
[pid   548] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   546] <... futex resumed>)        = 0
[pid   548] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   546] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   548] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   546] <... futex resumed>)        = 0
[pid   548] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   546] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   548] <... mmap resumed>)         = 0x20000000
[pid   547] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   548] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   547] <... openat resumed>)       = 6
[pid   548] <... futex resumed>)        = 1
[pid   547] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   546] <... futex resumed>)        = 0
[pid   548] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   546] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   548] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   546] <... futex resumed>)        = 0
[pid   547] <... ioctl resumed>)        = 0
[pid   546] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   547] close(3)                    = 0
[pid   547] close(6 <unfinished ...>
[pid   548] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   548] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   548] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   547] <... close resumed>)        = 0
[pid   547] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   547] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   547] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   547] ioctl(6, LOOP_CLR_FD)       = 0
[pid   547] close(6)                    = 0
[pid   547] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   547] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   546] <... futex resumed>)        = 0
[pid   546] close(3)                    = 0
[pid   546] close(4)                    = 0
[pid   546] close(5)                    = 0
[pid   546] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   546] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   546] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   546] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   546] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   546] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   546] exit_group(0 <unfinished ...>
[pid   548] <... futex resumed>)        = ?
[pid   547] <... futex resumed>)        = ?
[pid   546] <... exit_group resumed>)   = ?
[pid   548] +++ exited with 0 +++
[pid   547] +++ exited with 0 +++
[pid   546] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=236, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./76/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./76/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./76/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./76/bus")          = 0
[pid   299] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./76/binderfs")     = 0
[pid   299] umount2("./76/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./76/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./76/cgroup.net")   = 0
[pid   299] umount2("./76/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./76/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./76/cgroup.cpu")   = 0
[pid   299] umount2("./76/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./76/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./76/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./76")               = 0
[pid   299] mkdir("./77", 0777)         = 0
[   32.920239][  T547] loop0: detected capacity change from 0 to 512
[   32.920897][  T548] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 549 attached
 <unfinished ...>
[pid   549] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 239
[pid   549] <... set_robust_list resumed>) = 0
[pid   549] chdir("./77")               = 0
[pid   549] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   549] setpgid(0, 0)               = 0
[pid   549] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   549] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   549] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   549] write(3, "1000", 4executing program
)         = 4
[pid   549] close(3)                    = 0
[pid   549] symlink("/dev/binderfs", "./binderfs") = 0
[pid   549] write(1, "executing program\n", 18) = 18
[pid   549] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   549] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   549] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   549] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   549] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   549] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   549] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 550 attached
 => {parent_tid=[240]}, 88) = 240
[pid   550] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   549] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   550] <... set_robust_list resumed>) = 0
[pid   549] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   549] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   549] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   549] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   550] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   549] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   549] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 551 attached
 <unfinished ...>
[pid   550] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   551] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   549] <... clone3 resumed> => {parent_tid=[241]}, 88) = 241
[pid   551] <... set_robust_list resumed>) = 0
[pid   550] memfd_create("syzkaller", 0 <unfinished ...>
[pid   549] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   551] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   550] <... memfd_create resumed>) = 3
[pid   549] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   549] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   549] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   551] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   551] creat("./bus", 000 <unfinished ...>
[pid   550] <... mmap resumed>)         = 0x7faa8752f000
[pid   551] <... creat resumed>)        = 4
[pid   550] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   551] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   550] <... write resumed>)        = 262144
[pid   551] <... futex resumed>)        = 1
[pid   550] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   551] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   550] <... munmap resumed>)       = 0
[pid   550] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   550] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   549] <... futex resumed>)        = 0
[pid   549] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   549] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   551] <... futex resumed>)        = 0
[pid   551] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   551] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   549] <... futex resumed>)        = 0
[pid   551] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   549] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   551] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   549] <... futex resumed>)        = 0
[pid   551] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   549] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   550] <... ioctl resumed>)        = 0
[pid   550] close(3)                    = 0
[pid   550] close(5 <unfinished ...>
[pid   551] <... open resumed>)         = 6
[pid   550] <... close resumed>)        = 0
[pid   551] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   550] mkdir("./bus", 0777 <unfinished ...>
[pid   551] <... futex resumed>)        = 1
[pid   550] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   549] <... futex resumed>)        = 0
[pid   551] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   550] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   549] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   549] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   550] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   551] <... mmap resumed>)         = 0x20000000
[pid   550] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   551] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   551] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   550] <... openat resumed>)       = 3
[pid   550] ioctl(3, LOOP_CLR_FD)       = 0
[pid   550] close(3)                    = 0
[pid   550] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   550] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   549] <... futex resumed>)        = 0
[pid   549] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   550] <... futex resumed>)        = 0
[pid   549] <... futex resumed>)        = 1
[pid   550] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   549] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   550] <... bpf resumed>)          = 3
[pid   550] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   549] <... futex resumed>)        = 0
[pid   550] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   549] close(3)                    = 0
[pid   549] close(4)                    = 0
[pid   549] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   549] close(6)                    = 0
[pid   549] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   549] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   549] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   549] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   549] exit_group(0 <unfinished ...>
[pid   551] <... futex resumed>)        = ?
[pid   550] <... futex resumed>)        = ?
[pid   549] <... exit_group resumed>)   = ?
[pid   550] +++ exited with 0 +++
[pid   551] +++ exited with 0 +++
[pid   549] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=239, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./77/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./77/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./77/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./77/bus")          = 0
[pid   299] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./77/binderfs")     = 0
[pid   299] umount2("./77/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./77/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./77/cgroup.net")   = 0
[pid   299] umount2("./77/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./77/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./77/cgroup.cpu")   = 0
[pid   299] umount2("./77/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./77/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./77/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./77")               = 0
[pid   299] mkdir("./78", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 552 attached
 <unfinished ...>
[pid   552] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 242
[pid   552] <... set_robust_list resumed>) = 0
[pid   552] chdir("./78")               = 0
[pid   552] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   552] setpgid(0, 0)               = 0
[pid   552] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   552] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   552] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   552] write(3, "1000", 4)         = 4
[pid   552] close(3)                    = 0
[pid   552] symlink("/dev/binderfs", "./binderfs") = 0
[pid   552] write(1, "executing program\n", 18executing program
) = 18
[pid   552] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   552] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   552] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   552] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   552] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   552] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   552] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 553 attached
 <unfinished ...>
[pid   553] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   552] <... clone3 resumed> => {parent_tid=[243]}, 88) = 243
[pid   553] <... set_robust_list resumed>) = 0
[pid   552] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   553] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   552] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   553] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   552] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   553] memfd_create("syzkaller", 0 <unfinished ...>
[pid   552] <... futex resumed>)        = 0
[pid   553] <... memfd_create resumed>) = 3
[pid   552] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   553] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   552] <... futex resumed>)        = 0
[pid   553] <... mmap resumed>)         = 0x7faa87550000
[pid   552] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   553] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   552] <... mmap resumed>)         = 0x7faa8752f000
[pid   552] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[   33.005146][  T550] loop0: detected capacity change from 0 to 512
[pid   552] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   552] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   553] <... write resumed>)        = 262144
./strace-static-x86_64: Process 554 attached
[pid   553] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   552] <... clone3 resumed> => {parent_tid=[244]}, 88) = 244
[pid   552] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   552] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   552] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   554] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   553] <... munmap resumed>)       = 0
[pid   554] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   554] creat("./bus", 000 <unfinished ...>
[pid   553] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   554] <... creat resumed>)        = 4
[pid   553] <... openat resumed>)       = 5
[pid   554] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   553] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   554] <... futex resumed>)        = 1
[pid   552] <... futex resumed>)        = 0
[pid   554] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   552] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   554] <... futex resumed>)        = 0
[pid   552] <... futex resumed>)        = 1
[pid   554] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   552] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   554] <... mount resumed>)        = 0
[pid   554] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   552] <... futex resumed>)        = 0
[pid   554] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   552] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   554] <... open resumed>)         = 6
[pid   553] <... ioctl resumed>)        = 0
[pid   552] <... futex resumed>)        = 0
[pid   554] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   553] close(3 <unfinished ...>
[pid   554] <... futex resumed>)        = 0
[pid   553] <... close resumed>)        = 0
[pid   552] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   554] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   553] close(5 <unfinished ...>
[pid   552] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   552] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   552] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   554] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   554] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   553] <... close resumed>)        = 0
[pid   553] mkdir(0x20000000, 0777 <unfinished ...>
[pid   554] <... mmap resumed>)         = 0x20000000
[pid   553] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   554] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   553] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   554] <... futex resumed>)        = 1
[pid   553] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   552] <... futex resumed>)        = 0
[pid   554] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   553] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   552] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   553] <... openat resumed>)       = 3
[pid   552] <... futex resumed>)        = 0
[pid   554] <... bpf resumed>)          = 5
[pid   554] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   554] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   553] ioctl(3, LOOP_CLR_FD)       = 0
[pid   553] close(3)                    = 0
[pid   553] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   553] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   552] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   552] close(3)                    = -1 EBADF (Bad file descriptor)
[pid   552] close(4)                    = 0
[pid   552] close(5)                    = 0
[pid   552] close(6)                    = 0
[pid   552] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   552] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   552] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   552] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   552] exit_group(0 <unfinished ...>
[pid   554] <... futex resumed>)        = ?
[pid   553] <... futex resumed>)        = ?
[pid   552] <... exit_group resumed>)   = ?
[pid   553] +++ exited with 0 +++
[pid   554] +++ exited with 0 +++
[pid   552] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=242, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./78/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./78/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./78/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./78/bus")          = 0
[pid   299] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./78/binderfs")     = 0
[pid   299] umount2("./78/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./78/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./78/cgroup.net")   = 0
[pid   299] umount2("./78/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./78/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./78/cgroup.cpu")   = 0
[pid   299] umount2("./78/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./78/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./78/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./78")               = 0
[pid   299] mkdir("./79", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 245
./strace-static-x86_64: Process 555 attached
[pid   555] set_robust_list(0x555579a076a0, 24) = 0
[   33.068351][  T553] loop0: detected capacity change from 0 to 512
[pid   555] chdir("./79")               = 0
[pid   555] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   555] setpgid(0, 0)               = 0
[pid   555] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   555] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   555] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   555] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   555] write(3, "1000", 4)         = 4
[pid   555] close(3)                    = 0
[pid   555] symlink("/dev/binderfs", "./binderfs") = 0
[pid   555] write(1, "executing program\n", 18executing program
) = 18
[pid   555] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   555] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   555] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   555] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   555] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   555] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   555] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 556 attached
 <unfinished ...>
[pid   556] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   555] <... clone3 resumed> => {parent_tid=[246]}, 88) = 246
[pid   556] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   555] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   556] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   556] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   555] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   555] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   556] <... futex resumed>)        = 0
[pid   555] <... futex resumed>)        = 1
[pid   555] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   556] memfd_create("syzkaller", 0 <unfinished ...>
[pid   555] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   555] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   555] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   556] <... memfd_create resumed>) = 3
[pid   556] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   555] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} <unfinished ...>
[pid   556] <... mmap resumed>)         = 0x7faa8752f000
[pid   555] <... clone3 resumed> => {parent_tid=[247]}, 88) = 247
[pid   555] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   555] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 557 attached
) = 0
[pid   557] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   555] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   557] <... set_robust_list resumed>) = 0
[pid   557] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   557] creat("./bus", 000)         = 4
[pid   557] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   555] <... futex resumed>)        = 0
[pid   557] <... futex resumed>)        = 1
[pid   555] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   557] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   555] <... futex resumed>)        = 0
[pid   557] <... mount resumed>)        = 0
[pid   555] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   557] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   555] <... futex resumed>)        = 0
[pid   555] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   556] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   557] <... futex resumed>)        = 1
[pid   555] <... futex resumed>)        = 0
[pid   557] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   555] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   557] <... open resumed>)         = 5
[pid   557] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   555] <... futex resumed>)        = 0
[pid   557] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   555] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   557] <... mmap resumed>)         = 0x20000000
[pid   555] <... futex resumed>)        = 0
[pid   555] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   557] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   555] <... futex resumed>)        = 0
[pid   557] <... futex resumed>)        = 1
[pid   555] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   557] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   555] <... futex resumed>)        = 0
[pid   556] <... write resumed>)        = 262144
[pid   556] +++ killed by SIGBUS (core dumped) +++
[pid   557] +++ killed by SIGBUS (core dumped) +++
[pid   555] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=245, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
[pid   299] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./79/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./79/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./79/core")         = 0
[pid   299] umount2("./79/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./79/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./79/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./79/bus")          = 0
[pid   299] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./79/binderfs")     = 0
[pid   299] umount2("./79/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./79/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./79/cgroup.net")   = 0
[pid   299] umount2("./79/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./79/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./79/cgroup.cpu")   = 0
[pid   299] umount2("./79/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./79/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./79/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./79")               = 0
[pid   299] mkdir("./80", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 248
./strace-static-x86_64: Process 558 attached
[pid   558] set_robust_list(0x555579a076a0, 24) = 0
[pid   558] chdir("./80")               = 0
[pid   558] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   558] setpgid(0, 0)               = 0
[pid   558] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   558] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   558] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   558] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   558] write(3, "1000", 4)         = 4
[pid   558] close(3)                    = 0
executing program
[pid   558] symlink("/dev/binderfs", "./binderfs") = 0
[pid   558] write(1, "executing program\n", 18) = 18
[pid   558] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   558] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   558] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   558] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   558] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   558] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   558] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[249]}, 88) = 249
./strace-static-x86_64: Process 559 attached
[pid   558] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   559] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   558] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   559] <... set_robust_list resumed>) = 0
[pid   559] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   559] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   558] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   558] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   558] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   558] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   558] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   558] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[250]}, 88) = 250
[pid   558] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   558] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   558] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   559] <... futex resumed>)        = 0
./strace-static-x86_64: Process 560 attached
[pid   560] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   559] memfd_create("syzkaller", 0 <unfinished ...>
[pid   560] <... set_robust_list resumed>) = 0
[pid   560] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   560] creat("./bus", 000)         = 3
[pid   560] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   558] <... futex resumed>)        = 0
[pid   558] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   558] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   560] <... futex resumed>)        = 1
[pid   560] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   559] <... memfd_create resumed>) = 4
[pid   560] <... mount resumed>)        = 0
[pid   560] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   558] <... futex resumed>)        = 0
[pid   558] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   558] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   560] <... futex resumed>)        = 1
[pid   560] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
[pid   560] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   558] <... futex resumed>)        = 0
[pid   558] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   558] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   560] <... futex resumed>)        = 1
[pid   560] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0) = 0x20000000
[pid   559] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   560] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   558] <... futex resumed>)        = 0
[pid   558] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   558] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   560] <... futex resumed>)        = 1
[pid   560] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   559] <... mmap resumed>)         = 0x7faa8752f000
[pid   558] <... futex resumed>)        = ?
[pid   559] +++ killed by SIGBUS (core dumped) +++
[pid   560] +++ killed by SIGBUS (core dumped) +++
[pid   558] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=248, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./80/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./80/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./80/core")         = 0
[pid   299] umount2("./80/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./80/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./80/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./80/bus")          = 0
[pid   299] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./80/binderfs")     = 0
[pid   299] umount2("./80/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./80/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./80/cgroup.net")   = 0
[pid   299] umount2("./80/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./80/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./80/cgroup.cpu")   = 0
[pid   299] umount2("./80/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./80/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./80/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./80")               = 0
[pid   299] mkdir("./81", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 561 attached
, child_tidptr=0x555579a07690) = 251
[pid   561] set_robust_list(0x555579a076a0, 24) = 0
[pid   561] chdir("./81")               = 0
[pid   561] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   561] setpgid(0, 0)               = 0
[pid   561] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   561] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   561] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   561] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   561] write(3, "1000", 4)         = 4
[pid   561] close(3)                    = 0
[pid   561] symlink("/dev/binderfs", "./binderfs") = 0
[pid   561] write(1, "executing program\n", 18executing program
) = 18
[pid   561] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   561] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   561] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   561] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   561] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   561] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   561] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 562 attached
 => {parent_tid=[252]}, 88) = 252
[pid   562] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   561] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   562] <... set_robust_list resumed>) = 0
[pid   562] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   562] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   561] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   561] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   562] <... futex resumed>)        = 0
[pid   561] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   562] memfd_create("syzkaller", 0 <unfinished ...>
[pid   561] <... futex resumed>)        = 0
[pid   562] <... memfd_create resumed>) = 3
[pid   562] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   561] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   561] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   561] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   561] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[253]}, 88) = 253
[pid   561] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   561] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   561] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 563 attached
 <unfinished ...>
[pid   562] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   563] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   562] <... write resumed>)        = 262144
[pid   563] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   562] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   563] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   562] <... munmap resumed>)       = 0
[pid   563] creat("./bus", 000 <unfinished ...>
[pid   562] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   563] <... creat resumed>)        = 5
[pid   562] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   563] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   562] <... ioctl resumed>)        = 0
[pid   563] <... futex resumed>)        = 1
[pid   561] <... futex resumed>)        = 0
[pid   563] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   561] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   563] <... mount resumed>)        = 0
[pid   562] close(3 <unfinished ...>
[pid   561] <... futex resumed>)        = 0
[pid   563] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   561] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   563] <... futex resumed>)        = 0
[pid   561] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   563] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   561] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   563] <... open resumed>)         = 6
[pid   561] <... futex resumed>)        = 0
[pid   563] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   561] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   563] <... futex resumed>)        = 0
[pid   561] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   563] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   561] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   562] <... close resumed>)        = 0
[pid   561] <... futex resumed>)        = 0
[pid   561] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   562] close(4 <unfinished ...>
[pid   563] <... mmap resumed>)         = 0x20000000
[pid   562] <... close resumed>)        = 0
[pid   563] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   561] <... futex resumed>)        = 0
[pid   563] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   561] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   563] <... bpf resumed>)          = 3
[pid   561] <... futex resumed>)        = 0
[pid   563] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   561] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   563] <... futex resumed>)        = 0
[pid   561] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   563] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   562] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   562] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   562] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   562] ioctl(4, LOOP_CLR_FD)       = 0
[pid   562] close(4)                    = 0
[pid   562] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   562] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   561] close(3)                    = 0
[pid   561] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   561] close(5)                    = 0
[pid   561] close(6)                    = 0
[pid   561] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   561] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   561] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   561] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   561] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   561] exit_group(0 <unfinished ...>
[pid   563] <... futex resumed>)        = ?
[pid   562] <... futex resumed>)        = ?
[pid   561] <... exit_group resumed>)   = ?
[pid   563] +++ exited with 0 +++
[pid   562] +++ exited with 0 +++
[pid   561] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=251, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./81/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./81/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./81/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[   33.241117][  T562] loop0: detected capacity change from 0 to 512
[pid   299] unlink("./81/bus")          = 0
[pid   299] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./81/binderfs")     = 0
[pid   299] umount2("./81/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./81/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./81/cgroup.net")   = 0
[pid   299] umount2("./81/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./81/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./81/cgroup.cpu")   = 0
[pid   299] umount2("./81/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./81/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./81/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./81")               = 0
[pid   299] mkdir("./82", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 564 attached
 <unfinished ...>
[pid   564] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 254
[pid   564] <... set_robust_list resumed>) = 0
[pid   564] chdir("./82")               = 0
[pid   564] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   564] setpgid(0, 0)               = 0
[pid   564] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   564] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   564] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   564] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   564] write(3, "1000", 4)         = 4
[pid   564] close(3)                    = 0
[pid   564] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   564] write(1, "executing program\n", 18) = 18
[pid   564] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   564] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   564] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   564] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   564] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   564] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   564] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 565 attached
 <unfinished ...>
[pid   565] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   564] <... clone3 resumed> => {parent_tid=[255]}, 88) = 255
[pid   565] <... set_robust_list resumed>) = 0
[pid   564] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   565] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   564] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   565] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   564] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   565] memfd_create("syzkaller", 0 <unfinished ...>
[pid   564] <... futex resumed>)        = 0
[pid   565] <... memfd_create resumed>) = 3
[pid   564] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   565] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   564] <... futex resumed>)        = 0
[pid   565] <... mmap resumed>)         = 0x7faa87550000
[pid   564] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   565] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   564] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   564] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   564] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[256]}, 88) = 256
[pid   564] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 566 attached
 <unfinished ...>
[pid   565] <... write resumed>)        = 262144
[pid   564] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   566] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   565] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   564] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   566] <... set_robust_list resumed>) = 0
[pid   565] <... munmap resumed>)       = 0
[pid   564] <... futex resumed>)        = 0
[pid   566] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   566] creat("./bus", 000)         = 4
[pid   564] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   565] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   566] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   566] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   564] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   564] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   566] <... futex resumed>)        = 0
[pid   564] <... futex resumed>)        = 1
[pid   566] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   564] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   566] <... mount resumed>)        = 0
[pid   565] <... openat resumed>)       = 5
[pid   566] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   564] <... futex resumed>)        = 0
[pid   566] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   564] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   566] <... open resumed>)         = 6
[pid   564] <... futex resumed>)        = 0
[pid   565] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   566] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   564] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   566] <... futex resumed>)        = 0
[pid   564] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   566] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   564] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   566] <... mmap resumed>)         = 0x20000000
[pid   564] <... futex resumed>)        = 0
[pid   566] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   564] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   566] <... futex resumed>)        = 0
[pid   564] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   565] <... ioctl resumed>)        = 0
[pid   564] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   565] close(3)                    = 0
[pid   565] close(5)                    = 0
[pid   565] mkdir(0x20000000, 0777 <unfinished ...>
[pid   564] <... futex resumed>)        = 0
[pid   564] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   566] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   565] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   566] <... bpf resumed>)          = 3
[pid   565] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   566] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   565] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   566] <... futex resumed>)        = 1
[pid   565] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   566] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   565] <... openat resumed>)       = 5
[pid   565] ioctl(5, LOOP_CLR_FD)       = 0
[pid   565] close(5)                    = 0
[pid   565] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   565] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   564] <... futex resumed>)        = 0
[pid   564] close(3)                    = 0
[pid   564] close(4)                    = 0
[pid   564] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   564] close(6)                    = 0
[pid   564] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   564] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   564] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   564] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   564] exit_group(0 <unfinished ...>
[pid   566] <... futex resumed>)        = ?
[pid   565] <... futex resumed>)        = ?
[pid   564] <... exit_group resumed>)   = ?
[pid   565] +++ exited with 0 +++
[   33.315360][  T565] loop0: detected capacity change from 0 to 512
[   33.315952][  T566] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 29 prio class 0
[pid   566] +++ exited with 0 +++
[pid   564] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=254, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./82/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./82/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./82/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./82/bus")          = 0
[pid   299] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./82/binderfs")     = 0
[pid   299] umount2("./82/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./82/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./82/cgroup.net")   = 0
[pid   299] umount2("./82/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./82/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./82/cgroup.cpu")   = 0
[pid   299] umount2("./82/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./82/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./82/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./82")               = 0
[pid   299] mkdir("./83", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 567 attached
 <unfinished ...>
[pid   567] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 257
[pid   567] <... set_robust_list resumed>) = 0
[pid   567] chdir("./83")               = 0
[pid   567] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   567] setpgid(0, 0)               = 0
[pid   567] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   567] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   567] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   567] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   567] write(3, "1000", 4)         = 4
[pid   567] close(3)                    = 0
[pid   567] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   567] write(1, "executing program\n", 18) = 18
[pid   567] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   567] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   567] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   567] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   567] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   567] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   567] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 568 attached
 <unfinished ...>
[pid   568] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   568] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   568] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   567] <... clone3 resumed> => {parent_tid=[258]}, 88) = 258
[pid   567] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   567] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   568] <... futex resumed>)        = 0
[pid   567] <... futex resumed>)        = 1
[pid   568] memfd_create("syzkaller", 0) = 3
[pid   568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   568] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   567] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   568] <... write resumed>)        = 262144
[pid   567] <... futex resumed>)        = 0
[pid   568] munmap(0x7faa87550000, 138412032) = 0
[pid   567] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   568] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   568] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   567] <... mmap resumed>)         = 0x7faa8f92f000
[pid   567] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   568] <... ioctl resumed>)        = 0
[pid   567] <... mprotect resumed>)     = 0
[pid   568] close(3)                    = 0
[pid   567] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   568] close(4 <unfinished ...>
[pid   567] <... rt_sigprocmask resumed>[], 8) = 0
[pid   567] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 569 attached
 <unfinished ...>
[pid   569] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   567] <... clone3 resumed> => {parent_tid=[259]}, 88) = 259
[pid   569] <... set_robust_list resumed>) = 0
[pid   569] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   569] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   567] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   567] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   569] <... futex resumed>)        = 0
[pid   567] <... futex resumed>)        = 1
[pid   569] creat("./bus", 000)         = 3
[pid   567] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   569] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   569] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   567] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   567] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   569] <... futex resumed>)        = 0
[pid   567] <... futex resumed>)        = 1
[pid   569] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   567] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   569] <... mount resumed>)        = 0
[pid   569] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   567] <... futex resumed>)        = 0
[pid   569] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   567] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   569] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   567] <... futex resumed>)        = 0
[pid   569] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   567] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   569] <... open resumed>)         = 4
[pid   568] <... close resumed>)        = 0
[pid   569] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   567] <... futex resumed>)        = 0
[pid   569] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   567] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   569] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   567] <... futex resumed>)        = 0
[pid   569] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   567] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   568] mkdir(0x20000000, 0777 <unfinished ...>
[pid   569] <... mmap resumed>)         = 0x20000000
[pid   568] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   569] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   568] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   569] <... futex resumed>)        = 1
[pid   567] <... futex resumed>)        = 0
[pid   568] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   569] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   568] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   567] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   568] <... openat resumed>)       = 5
[pid   569] <... futex resumed>)        = 0
[pid   568] ioctl(5, LOOP_CLR_FD <unfinished ...>
[pid   567] <... futex resumed>)        = 1
[pid   569] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   567] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   569] <... bpf resumed>)          = 6
[pid   568] <... ioctl resumed>)        = 0
[pid   569] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   567] <... futex resumed>)        = 0
[pid   569] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   568] close(5)                    = 0
[pid   568] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   568] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   567] close(3)                    = 0
[pid   567] close(4)                    = 0
[pid   567] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   567] close(6)                    = 0
[pid   567] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   567] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   567] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   567] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   567] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   567] exit_group(0 <unfinished ...>
[pid   569] <... futex resumed>)        = ?
[pid   568] <... futex resumed>)        = ?
[pid   567] <... exit_group resumed>)   = ?
[pid   569] +++ exited with 0 +++
[pid   568] +++ exited with 0 +++
[pid   567] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=257, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[   33.410752][  T568] loop0: detected capacity change from 0 to 512
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./83/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./83/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./83/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./83/bus")          = 0
[pid   299] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./83/binderfs")     = 0
[pid   299] umount2("./83/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./83/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./83/cgroup.net")   = 0
[pid   299] umount2("./83/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./83/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./83/cgroup.cpu")   = 0
[pid   299] umount2("./83/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./83/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./83/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./83")               = 0
[pid   299] mkdir("./84", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 570 attached
 <unfinished ...>
[pid   570] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 260
[pid   570] <... set_robust_list resumed>) = 0
[pid   570] chdir("./84")               = 0
[pid   570] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   570] setpgid(0, 0)               = 0
[pid   570] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   570] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   570] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   570] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   570] write(3, "1000", 4)         = 4
[pid   570] close(3)                    = 0
[pid   570] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   570] write(1, "executing program\n", 18) = 18
[pid   570] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   570] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   570] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   570] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   570] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   570] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   570] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 571 attached
 => {parent_tid=[261]}, 88) = 261
[pid   570] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   571] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   570] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   571] <... set_robust_list resumed>) = 0
[pid   570] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   571] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   570] <... futex resumed>)        = 0
[pid   571] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   570] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   570] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   571] memfd_create("syzkaller", 0 <unfinished ...>
[pid   570] <... mmap resumed>)         = 0x7faa8f92f000
[pid   570] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   571] <... memfd_create resumed>) = 3
[pid   570] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   571] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   570] <... rt_sigprocmask resumed>[], 8) = 0
[pid   571] <... mmap resumed>)         = 0x7faa8752f000
[pid   570] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 572 attached
 <unfinished ...>
[pid   572] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   570] <... clone3 resumed> => {parent_tid=[262]}, 88) = 262
[pid   572] <... set_robust_list resumed>) = 0
[pid   570] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   572] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   570] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   572] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   570] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   572] creat("./bus", 000 <unfinished ...>
[pid   570] <... futex resumed>)        = 0
[pid   572] <... creat resumed>)        = 4
[pid   570] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   572] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   570] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   572] <... futex resumed>)        = 0
[pid   570] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   572] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   570] <... futex resumed>)        = 0
[pid   572] <... mount resumed>)        = 0
[pid   570] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   572] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   570] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   572] <... futex resumed>)        = 0
[pid   570] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   572] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   571] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   570] <... futex resumed>)        = 0
[pid   572] <... open resumed>)         = 5
[pid   570] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   572] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   570] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   572] <... futex resumed>)        = 0
[pid   570] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   572] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   570] <... futex resumed>)        = 0
[pid   572] <... mmap resumed>)         = 0x20000000
[pid   570] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   572] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   570] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   572] <... futex resumed>)        = 0
[pid   570] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   572] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   570] <... futex resumed>)        = -1 (errno 18446744073709551414)
[pid   571] <... write resumed>)        = ?
[pid   571] +++ killed by SIGBUS (core dumped) +++
[pid   572] +++ killed by SIGBUS (core dumped) +++
[pid   570] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=260, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./84/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./84/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./84/core")         = 0
[pid   299] umount2("./84/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./84/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./84/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./84/bus")          = 0
[pid   299] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./84/binderfs")     = 0
[pid   299] umount2("./84/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./84/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./84/cgroup.net")   = 0
[pid   299] umount2("./84/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./84/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./84/cgroup.cpu")   = 0
[pid   299] umount2("./84/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./84/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./84/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./84")               = 0
[pid   299] mkdir("./85", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 574 attached
 <unfinished ...>
[pid   574] set_robust_list(0x555579a076a0, 24) = 0
[pid   574] chdir("./85")               = 0
[pid   574] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   574] setpgid(0, 0)               = 0
[pid   574] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 263
[pid   574] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   574] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   574] write(3, "1000", 4)         = 4
[pid   574] close(3)                    = 0
[pid   574] symlink("/dev/binderfs", "./binderfs") = 0
[pid   574] write(1, "executing program\n", 18executing program
) = 18
[pid   574] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   574] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   574] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   574] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   574] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   574] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   574] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 575 attached
 <unfinished ...>
[pid   575] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   574] <... clone3 resumed> => {parent_tid=[264]}, 88) = 264
[pid   575] <... set_robust_list resumed>) = 0
[pid   574] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   575] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   574] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   575] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   574] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   575] memfd_create("syzkaller", 0 <unfinished ...>
[pid   574] <... futex resumed>)        = 0
[pid   575] <... memfd_create resumed>) = 3
[pid   574] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   574] <... futex resumed>)        = 0
[pid   575] <... mmap resumed>)         = 0x7faa87550000
[pid   574] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   575] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   574] <... mmap resumed>)         = 0x7faa8752f000
[pid   575] <... write resumed>)        = 262144
[pid   575] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   574] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   575] <... munmap resumed>)       = 0
[pid   574] <... mprotect resumed>)     = 0
[pid   575] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   574] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   575] <... openat resumed>)       = 4
[pid   574] <... rt_sigprocmask resumed>[], 8) = 0
[pid   575] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   574] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 576 attached
 <unfinished ...>
[pid   576] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   576] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   576] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   574] <... clone3 resumed> => {parent_tid=[265]}, 88) = 265
[pid   574] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   574] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   576] <... futex resumed>)        = 0
[pid   574] <... futex resumed>)        = 1
[pid   576] creat("./bus", 000 <unfinished ...>
[pid   574] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   576] <... creat resumed>)        = 5
[pid   576] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   574] <... futex resumed>)        = 0
[pid   576] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   574] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   576] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   574] <... futex resumed>)        = 0
[pid   576] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   574] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   576] <... mount resumed>)        = 0
[pid   576] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   575] <... ioctl resumed>)        = 0
[pid   576] <... futex resumed>)        = 1
[pid   574] <... futex resumed>)        = 0
[pid   575] close(3 <unfinished ...>
[pid   574] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   576] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   575] <... close resumed>)        = 0
[pid   574] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   576] <... open resumed>)         = 3
[pid   575] close(4 <unfinished ...>
[pid   576] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   575] <... close resumed>)        = 0
[pid   575] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   575] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   575] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   575] ioctl(4, LOOP_CLR_FD)       = 0
[pid   575] close(4)                    = 0
[pid   575] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   575] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   576] <... futex resumed>)        = 1
[pid   574] <... futex resumed>)        = 0
[pid   576] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   574] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   575] <... futex resumed>)        = 0
[pid   574] <... futex resumed>)        = 1
[pid   575] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   574] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   575] <... mmap resumed>)         = 0x20000000
[pid   575] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   574] <... futex resumed>)        = 0
[pid   575] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   574] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   575] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   574] <... futex resumed>)        = 0
[pid   575] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   574] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   575] <... bpf resumed>)          = 4
[pid   575] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   574] <... futex resumed>)        = 0
[pid   575] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   574] close(3)                    = 0
[pid   574] close(4)                    = 0
[pid   574] close(5)                    = 0
[pid   574] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   574] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   574] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   574] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   574] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   574] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   574] exit_group(0 <unfinished ...>
[pid   576] <... futex resumed>)        = ?
[pid   575] <... futex resumed>)        = ?
[pid   574] <... exit_group resumed>)   = ?
[pid   576] +++ exited with 0 +++
[pid   575] +++ exited with 0 +++
[pid   574] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=263, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[   33.544471][  T575] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./85/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./85/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./85/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./85/bus")          = 0
[pid   299] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./85/binderfs")     = 0
[pid   299] umount2("./85/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./85/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./85/cgroup.net")   = 0
[pid   299] umount2("./85/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./85/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./85/cgroup.cpu")   = 0
[pid   299] umount2("./85/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./85/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./85/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./85")               = 0
[pid   299] mkdir("./86", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 577 attached
 <unfinished ...>
[pid   577] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 266
[pid   577] <... set_robust_list resumed>) = 0
[pid   577] chdir("./86")               = 0
[pid   577] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   577] setpgid(0, 0)               = 0
[pid   577] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   577] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   577] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   577] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   577] write(3, "1000", 4)         = 4
[pid   577] close(3)                    = 0
[pid   577] symlink("/dev/binderfs", "./binderfs") = 0
[pid   577] write(1, "executing program\n", 18executing program
) = 18
[pid   577] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   577] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   577] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   577] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   577] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   577] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   577] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 578 attached
 <unfinished ...>
[pid   578] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   577] <... clone3 resumed> => {parent_tid=[267]}, 88) = 267
[pid   578] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   577] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   578] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   577] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   577] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   578] <... futex resumed>)        = 0
[pid   577] <... futex resumed>)        = 1
[pid   578] memfd_create("syzkaller", 0) = 3
[pid   577] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   578] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   577] <... futex resumed>)        = 0
[pid   578] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   577] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   578] <... write resumed>)        = 262144
[pid   577] <... mmap resumed>)         = 0x7faa8752f000
[pid   578] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   577] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   578] <... munmap resumed>)       = 0
[pid   577] <... mprotect resumed>)     = 0
[pid   578] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   577] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   578] <... openat resumed>)       = 4
[pid   577] <... rt_sigprocmask resumed>[], 8) = 0
[pid   578] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   577] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 579 attached
 <unfinished ...>
[pid   579] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   577] <... clone3 resumed> => {parent_tid=[268]}, 88) = 268
[pid   579] <... set_robust_list resumed>) = 0
[pid   577] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   579] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   577] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   579] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   577] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   579] creat("./bus", 000 <unfinished ...>
[pid   577] <... futex resumed>)        = 0
[pid   579] <... creat resumed>)        = 5
[pid   577] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   579] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   577] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   579] <... futex resumed>)        = 0
[pid   577] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   579] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   577] <... futex resumed>)        = 0
[pid   579] <... mount resumed>)        = 0
[pid   577] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   579] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   577] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   579] <... futex resumed>)        = 0
[pid   577] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   579] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   577] <... futex resumed>)        = 0
[pid   579] <... open resumed>)         = 6
[pid   578] <... ioctl resumed>)        = 0
[pid   577] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   579] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   578] close(3 <unfinished ...>
[pid   579] <... futex resumed>)        = 1
[pid   577] <... futex resumed>)        = 0
[pid   579] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   577] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   579] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   577] <... futex resumed>)        = 0
[pid   579] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   577] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   578] <... close resumed>)        = 0
[pid   578] close(4)                    = 0
[pid   578] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   578] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   578] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   578] ioctl(3, LOOP_CLR_FD)       = 0
[pid   578] close(3)                    = 0
[pid   578] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   578] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   579] <... mmap resumed>)         = 0x20000000
[pid   579] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   577] <... futex resumed>)        = 0
[pid   579] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   577] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   578] <... futex resumed>)        = 0
[pid   577] <... futex resumed>)        = 1
[pid   578] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   577] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   578] <... bpf resumed>)          = 3
[pid   578] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   577] <... futex resumed>)        = 0
[pid   578] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   577] close(3)                    = 0
[pid   577] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   577] close(5)                    = 0
[pid   577] close(6)                    = 0
[pid   577] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   577] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   577] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   577] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   577] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   577] exit_group(0 <unfinished ...>
[pid   579] <... futex resumed>)        = ?
[pid   578] <... futex resumed>)        = ?
[pid   577] <... exit_group resumed>)   = ?
[pid   579] +++ exited with 0 +++
[pid   578] +++ exited with 0 +++
[pid   577] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=266, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./86/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./86/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./86/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./86/bus")          = 0
[pid   299] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./86/binderfs")     = 0
[pid   299] umount2("./86/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./86/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./86/cgroup.net")   = 0
[pid   299] umount2("./86/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./86/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./86/cgroup.cpu")   = 0
[pid   299] umount2("./86/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./86/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./86/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./86")               = 0
[pid   299] mkdir("./87", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 580 attached
, child_tidptr=0x555579a07690) = 269
[pid   580] set_robust_list(0x555579a076a0, 24) = 0
[pid   580] chdir("./87")               = 0
[pid   580] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   580] setpgid(0, 0)               = 0
[pid   580] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   580] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   580] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   580] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   580] write(3, "1000", 4)         = 4
[pid   580] close(3)                    = 0
[pid   580] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   580] write(1, "executing program\n", 18) = 18
[pid   580] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   580] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   580] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   580] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   580] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   580] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   580] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 581 attached
 <unfinished ...>
[pid   581] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   581] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   581] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   580] <... clone3 resumed> => {parent_tid=[270]}, 88) = 270
[pid   580] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   580] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   581] <... futex resumed>)        = 0
[pid   580] <... futex resumed>)        = 1
[pid   581] memfd_create("syzkaller", 0) = 3
[pid   580] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   581] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[   33.623632][  T578] loop0: detected capacity change from 0 to 512
[pid   581] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   580] <... futex resumed>)        = 0
[pid   581] <... write resumed>)        = 262144
[pid   580] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   581] munmap(0x7faa87550000, 138412032) = 0
[pid   580] <... mmap resumed>)         = 0x7faa8f92f000
[pid   581] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   581] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   580] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   581] <... ioctl resumed>)        = 0
[pid   580] <... mprotect resumed>)     = 0
[pid   581] close(3)                    = 0
[pid   580] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   581] close(4 <unfinished ...>
[pid   580] <... rt_sigprocmask resumed>[], 8) = 0
[pid   580] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 582 attached
 <unfinished ...>
[pid   582] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   582] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   582] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   580] <... clone3 resumed> => {parent_tid=[271]}, 88) = 271
[pid   580] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   580] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   582] <... futex resumed>)        = 0
[pid   580] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   582] creat("./bus", 000)         = 3
[pid   582] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   580] <... futex resumed>)        = 0
[pid   582] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   580] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   582] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   580] <... futex resumed>)        = 0
[pid   582] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   580] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   582] <... mount resumed>)        = 0
[pid   582] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   580] <... futex resumed>)        = 0
[pid   582] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   580] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   580] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   581] <... close resumed>)        = 0
[pid   581] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   581] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   581] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   580] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   580] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   580] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   580] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   580] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f90e000
[pid   580] mprotect(0x7faa8f90f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   580] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   580] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f92e990, parent_tid=0x7faa8f92e990, exit_signal=0, stack=0x7faa8f90e000, stack_size=0x20300, tls=0x7faa8f92e6c0}./strace-static-x86_64: Process 583 attached
 <unfinished ...>
[pid   583] set_robust_list(0x7faa8f92e9a0, 24) = 0
[pid   583] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   33.686146][  T581] loop0: detected capacity change from 0 to 512
[pid   583] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   580] <... clone3 resumed> => {parent_tid=[272]}, 88) = 272
[pid   580] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   580] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   583] <... futex resumed>)        = 0
[pid   583] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0) = -1 EBADF (Bad file descriptor)
[pid   583] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   580] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   583] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   580] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   580] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   583] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   580] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   583] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128) = 6
[pid   583] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   580] <... futex resumed>)        = 0
[pid   583] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   582] <... open resumed>)         = 4
[pid   582] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   582] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   581] <... openat resumed>)       = 5
[pid   581] ioctl(5, LOOP_CLR_FD)       = 0
[pid   581] close(5)                    = 0
[pid   581] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   581] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   580] close(3)                    = 0
[pid   580] close(4)                    = 0
[pid   580] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   580] close(6)                    = 0
[pid   580] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   580] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   580] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   580] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   580] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   580] exit_group(0 <unfinished ...>
[pid   581] <... futex resumed>)        = ?
[pid   580] <... exit_group resumed>)   = ?
[pid   581] +++ exited with 0 +++
[pid   582] <... futex resumed>)        = ?
[pid   582] +++ exited with 0 +++
[pid   583] <... futex resumed>)        = ?
[pid   583] +++ exited with 0 +++
[pid   580] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=269, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./87/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./87/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./87/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./87/bus")          = 0
[pid   299] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./87/binderfs")     = 0
[pid   299] umount2("./87/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./87/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./87/cgroup.net")   = 0
[pid   299] umount2("./87/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./87/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./87/cgroup.cpu")   = 0
[pid   299] umount2("./87/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./87/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./87/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./87")               = 0
[pid   299] mkdir("./88", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 584 attached
 <unfinished ...>
[pid   584] set_robust_list(0x555579a076a0, 24) = 0
[pid   584] chdir("./88" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 273
[pid   584] <... chdir resumed>)        = 0
[pid   584] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   584] setpgid(0, 0)               = 0
[pid   584] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   584] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   584] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   584] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   584] write(3, "1000", 4)         = 4
[pid   584] close(3)                    = 0
[pid   584] symlink("/dev/binderfs", "./binderfs") = 0
[pid   584] write(1, "executing program\n", 18executing program
) = 18
[pid   584] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   584] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   584] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   584] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   584] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   584] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   584] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 585 attached
 <unfinished ...>
[pid   585] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   585] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   585] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   584] <... clone3 resumed> => {parent_tid=[274]}, 88) = 274
[pid   584] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   584] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   585] <... futex resumed>)        = 0
[pid   584] <... futex resumed>)        = 1
[pid   585] memfd_create("syzkaller", 0) = 3
[pid   585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   584] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   585] <... mmap resumed>)         = 0x7faa87550000
[pid   585] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   584] <... futex resumed>)        = 0
[pid   585] <... write resumed>)        = 262144
[pid   584] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   585] munmap(0x7faa87550000, 138412032) = 0
[pid   584] <... mmap resumed>)         = 0x7faa8f92f000
[pid   585] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   585] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   584] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   584] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   584] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[275]}, 88) = 275
[pid   584] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   584] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   584] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 586 attached
 <unfinished ...>
[pid   586] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   586] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   586] creat("./bus", 000)         = 5
[pid   586] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   584] <... futex resumed>)        = 0
[pid   586] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   584] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   586] <... mount resumed>)        = 0
[pid   584] <... futex resumed>)        = 0
[pid   586] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   584] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   586] <... futex resumed>)        = 0
[pid   584] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   586] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   584] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   585] <... ioctl resumed>)        = 0
[pid   586] <... open resumed>)         = 6
[pid   584] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   586] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   585] close(3 <unfinished ...>
[pid   584] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   586] <... futex resumed>)        = 0
[pid   585] <... close resumed>)        = 0
[pid   584] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   586] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   585] close(4 <unfinished ...>
[pid   584] <... futex resumed>)        = 0
[pid   586] <... mmap resumed>)         = 0x20000000
[pid   585] <... close resumed>)        = 0
[pid   584] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   585] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   585] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   585] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   585] ioctl(3, LOOP_CLR_FD)       = 0
[pid   585] close(3)                    = 0
[pid   585] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   585] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   586] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   586] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   584] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   584] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   585] <... futex resumed>)        = 0
[pid   584] <... futex resumed>)        = 1
[pid   585] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   584] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   585] <... bpf resumed>)          = 3
[pid   585] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   584] <... futex resumed>)        = 0
[pid   585] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   584] close(3)                    = 0
[pid   584] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   584] close(5)                    = 0
[pid   584] close(6)                    = 0
[pid   584] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   584] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   584] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   584] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   584] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   584] exit_group(0 <unfinished ...>
[pid   586] <... futex resumed>)        = ?
[pid   585] <... futex resumed>)        = ?
[pid   584] <... exit_group resumed>)   = ?
[pid   586] +++ exited with 0 +++
[pid   585] +++ exited with 0 +++
[pid   584] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=273, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[   33.824801][  T585] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./88/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./88/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./88/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./88/bus")          = 0
[pid   299] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./88/binderfs")     = 0
[pid   299] umount2("./88/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./88/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./88/cgroup.net")   = 0
[pid   299] umount2("./88/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./88/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./88/cgroup.cpu")   = 0
[pid   299] umount2("./88/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./88/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./88/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./88")               = 0
[pid   299] mkdir("./89", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 587 attached
 <unfinished ...>
[pid   587] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 276
[pid   587] <... set_robust_list resumed>) = 0
[pid   587] chdir("./89")               = 0
[pid   587] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   587] setpgid(0, 0)               = 0
[pid   587] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   587] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   587] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   587] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   587] write(3, "1000", 4)         = 4
[pid   587] close(3)                    = 0
[pid   587] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   587] write(1, "executing program\n", 18) = 18
[pid   587] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   587] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   587] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   587] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   587] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   587] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   587] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 588 attached
 <unfinished ...>
[pid   588] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   587] <... clone3 resumed> => {parent_tid=[277]}, 88) = 277
[pid   588] <... set_robust_list resumed>) = 0
[pid   587] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   588] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   587] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   588] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   587] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   588] memfd_create("syzkaller", 0 <unfinished ...>
[pid   587] <... futex resumed>)        = 0
[pid   588] <... memfd_create resumed>) = 3
[pid   587] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   587] <... futex resumed>)        = 0
[pid   588] <... mmap resumed>)         = 0x7faa87550000
[pid   587] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   588] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid   587] <... mmap resumed>)         = 0x7faa8752f000
[pid   588] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   587] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   588] <... munmap resumed>)       = 0
[pid   587] <... mprotect resumed>)     = 0
[pid   588] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   587] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   588] <... openat resumed>)       = 4
[pid   587] <... rt_sigprocmask resumed>[], 8) = 0
[pid   588] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   587] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 589 attached
 <unfinished ...>
[pid   589] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   589] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   589] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   587] <... clone3 resumed> => {parent_tid=[278]}, 88) = 278
[pid   587] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   587] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   589] <... futex resumed>)        = 0
[pid   587] <... futex resumed>)        = 1
[pid   589] creat("./bus", 000 <unfinished ...>
[pid   587] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   589] <... creat resumed>)        = 5
[pid   588] <... ioctl resumed>)        = 0
[pid   589] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   588] close(3 <unfinished ...>
[pid   589] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   587] <... futex resumed>)        = 0
[pid   587] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   589] <... futex resumed>)        = 0
[pid   587] <... futex resumed>)        = 1
[pid   589] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   587] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   589] <... mount resumed>)        = 0
[pid   588] <... close resumed>)        = 0
[pid   589] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   587] <... futex resumed>)        = 0
[pid   589] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   587] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   589] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   587] <... futex resumed>)        = 0
[pid   589] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   587] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   589] <... open resumed>)         = 3
[pid   589] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   587] <... futex resumed>)        = 0
[pid   589] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   587] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   589] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   587] <... futex resumed>)        = 0
[pid   589] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   587] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   588] close(4)                    = 0
[pid   588] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   588] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   588] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   588] ioctl(4, LOOP_CLR_FD)       = 0
[pid   588] close(4)                    = 0
[pid   588] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   588] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   589] <... mmap resumed>)         = 0x20000000
[pid   589] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   587] <... futex resumed>)        = 0
[pid   589] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   587] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   588] <... futex resumed>)        = 0
[pid   587] <... futex resumed>)        = 1
[pid   588] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   587] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   588] <... bpf resumed>)          = 4
[pid   588] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   587] <... futex resumed>)        = 0
[pid   588] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   587] close(3)                    = 0
[pid   587] close(4)                    = 0
[pid   587] close(5)                    = 0
[pid   587] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   587] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   587] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   587] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   587] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   587] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   587] exit_group(0 <unfinished ...>
[pid   589] <... futex resumed>)        = ?
[pid   588] <... futex resumed>)        = ?
[pid   587] <... exit_group resumed>)   = ?
[pid   589] +++ exited with 0 +++
[pid   588] +++ exited with 0 +++
[pid   587] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=276, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./89/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./89/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   33.901155][  T588] loop0: detected capacity change from 0 to 512
[pid   299] newfstatat(AT_FDCWD, "./89/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./89/bus")          = 0
[pid   299] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./89/binderfs")     = 0
[pid   299] umount2("./89/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./89/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./89/cgroup.net")   = 0
[pid   299] umount2("./89/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./89/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./89/cgroup.cpu")   = 0
[pid   299] umount2("./89/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./89/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./89/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./89")               = 0
[pid   299] mkdir("./90", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 590 attached
 <unfinished ...>
[pid   590] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 279
[pid   590] <... set_robust_list resumed>) = 0
[pid   590] chdir("./90")               = 0
[pid   590] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   590] setpgid(0, 0)               = 0
[pid   590] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   590] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   590] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   590] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   590] write(3, "1000", 4)         = 4
[pid   590] close(3)                    = 0
[pid   590] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   590] write(1, "executing program\n", 18) = 18
[pid   590] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   590] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   590] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   590] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   590] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   590] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   590] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 591 attached
 <unfinished ...>
[pid   591] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   590] <... clone3 resumed> => {parent_tid=[280]}, 88) = 280
[pid   591] <... set_robust_list resumed>) = 0
[pid   590] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   591] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   590] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   591] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   590] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   591] memfd_create("syzkaller", 0 <unfinished ...>
[pid   590] <... futex resumed>)        = 0
[pid   591] <... memfd_create resumed>) = 3
[pid   590] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   591] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   590] <... futex resumed>)        = 0
[pid   591] <... mmap resumed>)         = 0x7faa87550000
[pid   590] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   590] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   590] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   590] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 592 attached
 <unfinished ...>
[pid   592] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   590] <... clone3 resumed> => {parent_tid=[281]}, 88) = 281
[pid   592] <... set_robust_list resumed>) = 0
[pid   590] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   592] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   590] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   592] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   590] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   592] creat("./bus", 000 <unfinished ...>
[pid   590] <... futex resumed>)        = 0
[pid   592] <... creat resumed>)        = 4
[pid   590] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   592] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   591] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   592] <... futex resumed>)        = 1
[pid   590] <... futex resumed>)        = 0
[pid   592] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   590] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   592] <... mount resumed>)        = 0
[pid   590] <... futex resumed>)        = 0
[pid   592] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   590] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   592] <... futex resumed>)        = 0
[pid   590] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   592] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   590] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   592] <... open resumed>)         = 5
[pid   590] <... futex resumed>)        = 0
[pid   592] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   590] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   592] <... futex resumed>)        = 0
[pid   590] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   592] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   590] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   592] <... mmap resumed>)         = 0x20000000
[pid   592] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   590] <... futex resumed>)        = 0
[pid   592] <... futex resumed>)        = 0
[pid   590] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   592] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   590] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   592] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   590] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   592] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   590] <... futex resumed>)        = 0
[pid   591] <... write resumed>)        = ?
[pid   591] +++ killed by SIGBUS (core dumped) +++
[pid   592] +++ killed by SIGBUS (core dumped) +++
[pid   590] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=279, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./90/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./90/core", {st_mode=S_IFREG|0600, st_size=17084416, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./90/core")         = 0
[pid   299] umount2("./90/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./90/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./90/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./90/bus")          = 0
[pid   299] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./90/binderfs")     = 0
[pid   299] umount2("./90/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./90/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./90/cgroup.net")   = 0
[pid   299] umount2("./90/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./90/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./90/cgroup.cpu")   = 0
[pid   299] umount2("./90/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./90/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./90/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./90")               = 0
[pid   299] mkdir("./91", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 282
./strace-static-x86_64: Process 593 attached
[pid   593] set_robust_list(0x555579a076a0, 24) = 0
[pid   593] chdir("./91")               = 0
[pid   593] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   593] setpgid(0, 0)               = 0
[pid   593] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   593] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   593] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   593] write(3, "1000", 4)         = 4
[pid   593] close(3)                    = 0
[pid   593] symlink("/dev/binderfs", "./binderfs") = 0
[pid   593] write(1, "executing program\n", 18executing program
) = 18
[pid   593] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   593] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   593] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   593] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   593] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   593] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   593] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 594 attached
 => {parent_tid=[283]}, 88) = 283
[pid   594] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   594] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   594] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   593] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   593] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   594] <... futex resumed>)        = 0
[pid   594] memfd_create("syzkaller", 0 <unfinished ...>
[pid   593] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   594] <... memfd_create resumed>) = 3
[pid   594] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   593] <... futex resumed>)        = 0
[pid   594] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   593] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   593] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   593] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   593] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 595 attached
 => {parent_tid=[284]}, 88) = 284
[pid   595] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   594] <... write resumed>)        = 262144
[pid   595] <... set_robust_list resumed>) = 0
[pid   593] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   594] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   593] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   595] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   594] <... munmap resumed>)       = 0
[pid   594] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   594] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   593] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   595] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   595] creat("./bus", 000 <unfinished ...>
[pid   593] <... futex resumed>)        = 0
[pid   594] <... ioctl resumed>)        = 0
[pid   593] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   594] close(3)                    = 0
[pid   595] <... creat resumed>)        = 5
[pid   594] close(4 <unfinished ...>
[pid   595] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   593] <... futex resumed>)        = 0
[pid   593] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   593] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   595] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   595] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   593] <... futex resumed>)        = 0
[pid   595] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   593] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   595] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   593] <... futex resumed>)        = 0
[pid   593] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   595] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   594] <... close resumed>)        = 0
[pid   594] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   594] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   594] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   593] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   593] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   593] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   593] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   593] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   593] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 596 attached
 <unfinished ...>
[pid   596] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   593] <... clone3 resumed> => {parent_tid=[285]}, 88) = 285
[pid   596] <... set_robust_list resumed>) = 0
[pid   593] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   596] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   593] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   596] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   593] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   596] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0 <unfinished ...>
[pid   593] <... futex resumed>)        = 0
[pid   596] <... mmap resumed>)         = -1 EBADF (Bad file descriptor)
[   34.048073][  T594] loop0: detected capacity change from 0 to 512
[pid   593] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   596] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   593] <... futex resumed>)        = 0
[pid   596] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid   593] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   596] <... bpf resumed>)          = 6
[pid   593] <... futex resumed>)        = 0
[pid   596] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   593] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   596] <... futex resumed>)        = 0
[pid   593] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   596] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   595] <... open resumed>)         = 3
[pid   594] <... openat resumed>)       = 4
[pid   595] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   594] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   595] <... futex resumed>)        = 0
[pid   594] <... ioctl resumed>)        = 0
[pid   595] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   594] close(4)                    = 0
[pid   594] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   594] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   593] close(3)                    = 0
[pid   593] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   593] close(5)                    = 0
[pid   593] close(6)                    = 0
[pid   593] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   593] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   593] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   593] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   593] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   593] exit_group(0 <unfinished ...>
[pid   596] <... futex resumed>)        = ?
[pid   595] <... futex resumed>)        = ?
[pid   594] <... futex resumed>)        = ?
[pid   593] <... exit_group resumed>)   = ?
[pid   596] +++ exited with 0 +++
[pid   595] +++ exited with 0 +++
[pid   594] +++ exited with 0 +++
[pid   593] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=282, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./91/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./91/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./91/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./91/bus")          = 0
[pid   299] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./91/binderfs")     = 0
[pid   299] umount2("./91/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./91/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./91/cgroup.net")   = 0
[pid   299] umount2("./91/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./91/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./91/cgroup.cpu")   = 0
[pid   299] umount2("./91/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./91/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./91/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./91")               = 0
[pid   299] mkdir("./92", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 597 attached
 <unfinished ...>
[pid   597] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 286
[pid   597] <... set_robust_list resumed>) = 0
[pid   597] chdir("./92")               = 0
[pid   597] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   597] setpgid(0, 0)               = 0
executing program
[pid   597] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   597] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   597] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   597] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   597] write(3, "1000", 4)         = 4
[pid   597] close(3)                    = 0
[pid   597] symlink("/dev/binderfs", "./binderfs") = 0
[pid   597] write(1, "executing program\n", 18) = 18
[pid   597] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   597] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   597] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   597] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   597] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   597] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   597] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 598 attached
 <unfinished ...>
[pid   598] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   597] <... clone3 resumed> => {parent_tid=[287]}, 88) = 287
[pid   598] <... set_robust_list resumed>) = 0
[pid   597] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   598] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   597] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   598] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   597] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   598] memfd_create("syzkaller", 0 <unfinished ...>
[pid   597] <... futex resumed>)        = 0
[pid   598] <... memfd_create resumed>) = 3
[pid   597] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   597] <... futex resumed>)        = 0
[pid   598] <... mmap resumed>)         = 0x7faa87550000
[pid   597] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   598] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   597] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   597] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   597] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 599 attached
 <unfinished ...>
[pid   599] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   597] <... clone3 resumed> => {parent_tid=[288]}, 88) = 288
[pid   599] <... set_robust_list resumed>) = 0
[pid   597] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   599] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   597] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   599] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   597] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   599] creat("./bus", 000 <unfinished ...>
[pid   597] <... futex resumed>)        = 0
[pid   599] <... creat resumed>)        = 4
[pid   598] <... write resumed>)        = 262144
[pid   597] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   599] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   597] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   599] <... futex resumed>)        = 0
[pid   597] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   599] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   597] <... futex resumed>)        = 0
[pid   599] <... mount resumed>)        = 0
[pid   597] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   599] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   597] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   599] <... futex resumed>)        = 0
[pid   597] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   599] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   597] <... futex resumed>)        = 0
[pid   599] <... open resumed>)         = 5
[pid   597] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   599] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   597] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   599] <... futex resumed>)        = 0
[pid   597] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   599] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   597] <... futex resumed>)        = 0
[pid   599] <... mmap resumed>)         = 0x20000000
[pid   598] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   599] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   597] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   599] <... futex resumed>)        = 0
[pid   597] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   599] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   597] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   599] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   597] <... futex resumed>)        = 0
[pid   599] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   598] <... munmap resumed>)       = 0
[pid   597] read(-1885088256,  <unfinished ...>
[pid   598] +++ killed by SIGBUS (core dumped) +++
[pid   599] +++ killed by SIGBUS (core dumped) +++
[pid   597] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=286, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./92/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./92/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./92/core")         = 0
[pid   299] umount2("./92/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./92/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./92/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./92/bus")          = 0
[pid   299] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./92/binderfs")     = 0
[pid   299] umount2("./92/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./92/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./92/cgroup.net")   = 0
[pid   299] umount2("./92/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./92/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./92/cgroup.cpu")   = 0
[pid   299] umount2("./92/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./92/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./92/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./92")               = 0
[pid   299] mkdir("./93", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 600 attached
 <unfinished ...>
[pid   600] set_robust_list(0x555579a076a0, 24) = 0
[pid   600] chdir("./93")               = 0
[pid   600] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   600] setpgid(0, 0)               = 0
[pid   600] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   600] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 289
[pid   600] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   600] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   600] write(3, "1000", 4)         = 4
[pid   600] close(3)                    = 0
[pid   600] symlink("/dev/binderfs", "./binderfs") = 0
[pid   600] write(1, "executing program\n", 18) = 18
[pid   600] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000executing program
) = 0
[pid   600] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   600] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   600] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   600] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   600] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   600] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 601 attached
 <unfinished ...>
[pid   601] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   600] <... clone3 resumed> => {parent_tid=[290]}, 88) = 290
[pid   601] <... set_robust_list resumed>) = 0
[pid   600] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   601] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   600] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   601] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   600] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   601] memfd_create("syzkaller", 0 <unfinished ...>
[pid   600] <... futex resumed>)        = 0
[pid   601] <... memfd_create resumed>) = 3
[pid   600] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   601] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   600] <... futex resumed>)        = 0
[pid   601] <... mmap resumed>)         = 0x7faa87550000
[pid   600] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   601] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   600] <... mmap resumed>)         = 0x7faa8752f000
[pid   600] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   600] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   600] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 602 attached
 => {parent_tid=[291]}, 88) = 291
[pid   602] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   600] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   602] <... set_robust_list resumed>) = 0
[pid   600] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   602] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   600] <... futex resumed>)        = 0
[pid   602] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   600] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   601] <... write resumed>)        = 262144
[pid   602] creat("./bus", 000 <unfinished ...>
[pid   601] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   602] <... creat resumed>)        = 4
[pid   601] <... munmap resumed>)       = 0
[pid   602] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   601] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   602] <... futex resumed>)        = 1
[pid   600] <... futex resumed>)        = 0
[pid   601] <... openat resumed>)       = 5
[pid   602] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   600] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   601] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   602] <... mount resumed>)        = 0
[pid   600] <... futex resumed>)        = 0
[pid   602] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   600] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   602] <... futex resumed>)        = 0
[pid   600] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   602] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   600] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   602] <... open resumed>)         = 6
[pid   601] <... ioctl resumed>)        = 0
[pid   600] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   602] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   602] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   601] close(3)                    = 0
[pid   601] close(5 <unfinished ...>
[pid   600] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   601] <... close resumed>)        = 0
[pid   601] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   601] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   601] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   601] ioctl(3, LOOP_CLR_FD)       = 0
[pid   601] close(3)                    = 0
[pid   601] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   601] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   600] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   601] <... futex resumed>)        = 0
[pid   600] <... futex resumed>)        = 1
[pid   601] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   600] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   601] <... mmap resumed>)         = 0x20000000
[pid   601] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   601] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   600] <... futex resumed>)        = 0
[pid   600] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   601] <... futex resumed>)        = 0
[pid   600] <... futex resumed>)        = 1
[pid   601] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   600] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   601] <... bpf resumed>)          = 3
[pid   601] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   601] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   600] <... futex resumed>)        = 0
[pid   600] close(3)                    = 0
[pid   600] close(4)                    = 0
[pid   600] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   600] close(6)                    = 0
[pid   600] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   600] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   600] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   600] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   600] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   600] exit_group(0 <unfinished ...>
[pid   602] <... futex resumed>)        = ?
[pid   601] <... futex resumed>)        = ?
[pid   600] <... exit_group resumed>)   = ?
[pid   602] +++ exited with 0 +++
[pid   601] +++ exited with 0 +++
[pid   600] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=289, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./93/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./93/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./93/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./93/bus")          = 0
[pid   299] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./93/binderfs")     = 0
[pid   299] umount2("./93/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./93/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./93/cgroup.net")   = 0
[pid   299] umount2("./93/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./93/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./93/cgroup.cpu")   = 0
[pid   299] umount2("./93/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./93/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./93/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./93")               = 0
[pid   299] mkdir("./94", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 603 attached
 <unfinished ...>
[pid   603] set_robust_list(0x555579a076a0, 24) = 0
[pid   603] chdir("./94" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 292
[pid   603] <... chdir resumed>)        = 0
[pid   603] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   603] setpgid(0, 0)               = 0
[pid   603] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   603] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   603] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   603] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   603] write(3, "1000", 4)         = 4
[pid   603] close(3)                    = 0
[pid   603] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   603] write(1, "executing program\n", 18) = 18
[pid   603] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   603] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   603] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   603] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   603] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   603] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   603] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 604 attached
 <unfinished ...>
[pid   604] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   604] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   604] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   603] <... clone3 resumed> => {parent_tid=[293]}, 88) = 293
[pid   603] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   603] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   604] <... futex resumed>)        = 0
[pid   603] <... futex resumed>)        = 1
[pid   604] memfd_create("syzkaller", 0) = 3
[pid   604] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   604] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   603] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   604] <... write resumed>)        = 262144
[pid   603] <... futex resumed>)        = 0
[pid   604] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   603] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   604] <... munmap resumed>)       = 0
[pid   603] <... mmap resumed>)         = 0x7faa8f92f000
[pid   604] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   603] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   604] <... openat resumed>)       = 4
[pid   603] <... mprotect resumed>)     = 0
[   34.202251][  T601] loop0: detected capacity change from 0 to 512
[pid   604] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   603] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   604] <... ioctl resumed>)        = 0
[pid   603] <... rt_sigprocmask resumed>[], 8) = 0
[pid   604] close(3 <unfinished ...>
[pid   603] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} <unfinished ...>
[pid   604] <... close resumed>)        = 0
./strace-static-x86_64: Process 605 attached
[pid   604] close(4 <unfinished ...>
[pid   605] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   604] <... close resumed>)        = 0
[pid   603] <... clone3 resumed> => {parent_tid=[294]}, 88) = 294
[pid   604] mkdir("./bus", 0777)        = 0
[pid   604] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   605] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   603] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   605] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   603] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   605] creat("./bus", 000 <unfinished ...>
[pid   603] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   605] <... creat resumed>)        = -1 EISDIR (Is a directory)
[pid   603] <... futex resumed>)        = 0
[pid   605] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   603] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   605] <... futex resumed>)        = 0
[pid   603] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   605] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   603] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   603] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   605] <... mount resumed>)        = -1 ENOTDIR (Not a directory)
[pid   605] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   603] <... futex resumed>)        = 0
[pid   605] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   603] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   605] <... open resumed>)         = -1 EISDIR (Is a directory)
[pid   603] <... futex resumed>)        = 0
[pid   605] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   603] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   605] <... futex resumed>)        = 0
[pid   603] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   605] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0 <unfinished ...>
[pid   603] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   605] <... mmap resumed>)         = -1 EBADF (Bad file descriptor)
[pid   603] <... futex resumed>)        = 0
[pid   605] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   603] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   605] <... futex resumed>)        = 0
[pid   603] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   605] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid   603] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   603] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   605] <... bpf resumed>)          = 3
[pid   605] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   605] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   603] <... futex resumed>)        = 0
[   34.254283][  T604] loop0: detected capacity change from 0 to 512
[   34.264581][  T604] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   34.276015][  T604] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz-executor334: invalid indirect mapped block 512 (level 0)
[   34.289957][  T604] EXT4-fs (loop0): Remounting filesystem read-only
[   34.296512][  T604] EXT4-fs (loop0): 1 orphan inode deleted
[pid   604] <... mount resumed>)        = 0
[pid   604] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 4
[pid   604] chdir("./bus")              = 0
[pid   604] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   604] ioctl(5, LOOP_CLR_FD)       = 0
[pid   604] close(5)                    = 0
[pid   604] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   604] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   603] close(3)                    = 0
[pid   603] close(4)                    = 0
[pid   603] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   603] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   603] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   603] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   603] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   603] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   603] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   603] exit_group(0 <unfinished ...>
[pid   605] <... futex resumed>)        = ?
[pid   605] +++ exited with 0 +++
[pid   603] <... exit_group resumed>)   = ?
[pid   604] <... futex resumed>)        = ?
[pid   604] +++ exited with 0 +++
[pid   603] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=292, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./94/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./94/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./94/bus", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] umount2("./94/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./94/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(4, 0x555579a10770 /* 2 entries */, 32768) = 48
[pid   299] getdents64(4, 0x555579a10770 /* 0 entries */, 32768) = 0
[pid   299] close(4)                    = 0
[pid   299] rmdir("./94/bus")           = 0
[pid   299] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./94/binderfs")     = 0
[pid   299] umount2("./94/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./94/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./94/cgroup.net")   = 0
[   34.302320][  T604] EXT4-fs (loop0): 1 truncate cleaned up
[   34.307774][  T604] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[pid   299] umount2("./94/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./94/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./94/cgroup.cpu")   = 0
[pid   299] umount2("./94/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./94/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./94/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./94")               = 0
[pid   299] mkdir("./95", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 295
./strace-static-x86_64: Process 608 attached
[pid   608] set_robust_list(0x555579a076a0, 24) = 0
[pid   608] chdir("./95")               = 0
[pid   608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   608] setpgid(0, 0)               = 0
[pid   608] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   608] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   608] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   608] write(3, "1000", 4)         = 4
[pid   608] close(3)                    = 0
[pid   608] symlink("/dev/binderfs", "./binderfs") = 0
[pid   608] write(1, "executing program\n", 18executing program
) = 18
[pid   608] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   608] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   608] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   608] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   608] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   608] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   608] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 609 attached
 <unfinished ...>
[pid   609] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   608] <... clone3 resumed> => {parent_tid=[296]}, 88) = 296
[pid   609] <... set_robust_list resumed>) = 0
[pid   609] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   609] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   608] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   608] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   609] <... futex resumed>)        = 0
[pid   609] memfd_create("syzkaller", 0) = 3
[pid   609] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   609] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   608] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   608] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   608] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   608] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   608] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   609] <... write resumed>)        = 262144
[pid   609] munmap(0x7faa87550000, 138412032) = 0
[pid   609] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   609] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   608] <... clone3 resumed> => {parent_tid=[297]}, 88) = 297
./strace-static-x86_64: Process 610 attached
[pid   608] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   609] <... ioctl resumed>)        = 0
[pid   609] close(3)                    = 0
[pid   609] close(4 <unfinished ...>
[pid   610] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   608] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   608] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   610] <... set_robust_list resumed>) = 0
[pid   610] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   608] <... futex resumed>)        = 0
[pid   610] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   608] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   610] creat("./bus", 000)         = 3
[pid   610] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   610] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   608] <... futex resumed>)        = 0
[pid   608] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   608] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   610] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   610] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   610] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   608] <... futex resumed>)        = 0
[pid   608] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   608] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   610] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 4
[pid   609] <... close resumed>)        = 0
[pid   609] mkdir("./bus", 0777 <unfinished ...>
[pid   610] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   609] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   610] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   609] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   609] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   609] ioctl(5, LOOP_CLR_FD)       = 0
[pid   609] close(5)                    = 0
[pid   609] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   609] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   608] <... futex resumed>)        = 0
[pid   608] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   609] <... futex resumed>)        = 0
[pid   609] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   608] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   609] <... mmap resumed>)         = 0x20000000
[pid   609] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   609] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   608] <... futex resumed>)        = 0
[pid   608] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   608] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   609] <... futex resumed>)        = 0
[pid   609] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 5
[pid   609] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   608] <... futex resumed>)        = 0
[pid   608] close(3)                    = 0
[pid   608] close(4)                    = 0
[pid   608] close(5)                    = 0
[pid   608] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   608] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   608] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   608] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   608] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   608] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   608] exit_group(0)               = ?
[pid   610] <... futex resumed>)        = ?
[pid   609] +++ exited with 0 +++
[   34.383342][  T609] loop0: detected capacity change from 0 to 512
[pid   610] +++ exited with 0 +++
[pid   608] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=295, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./95/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./95/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./95/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./95/bus")          = 0
[pid   299] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./95/binderfs")     = 0
[pid   299] umount2("./95/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./95/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./95/cgroup.net")   = 0
[pid   299] umount2("./95/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./95/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./95/cgroup.cpu")   = 0
[pid   299] umount2("./95/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./95/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./95/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./95")               = 0
[pid   299] mkdir("./96", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 298
./strace-static-x86_64: Process 611 attached
[pid   611] set_robust_list(0x555579a076a0, 24) = 0
[pid   611] chdir("./96")               = 0
[pid   611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   611] setpgid(0, 0)               = 0
[pid   611] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   611] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   611] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   611] write(3, "1000", 4)         = 4
[pid   611] close(3)                    = 0
[pid   611] symlink("/dev/binderfs", "./binderfs") = 0
[pid   611] write(1, "executing program\n", 18executing program
) = 18
[pid   611] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   611] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   611] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   611] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   611] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   611] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   611] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 612 attached
 <unfinished ...>
[pid   612] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   612] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   612] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   611] <... clone3 resumed> => {parent_tid=[299]}, 88) = 299
[pid   611] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   611] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   612] <... futex resumed>)        = 0
[pid   611] <... futex resumed>)        = 1
[pid   612] memfd_create("syzkaller", 0) = 3
[pid   612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   612] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   611] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   612] <... write resumed>)        = 262144
[pid   611] <... futex resumed>)        = 0
[pid   612] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   611] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   612] <... munmap resumed>)       = 0
[pid   611] <... mmap resumed>)         = 0x7faa8f92f000
[pid   612] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   611] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   612] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   611] <... mprotect resumed>)     = 0
[pid   612] <... ioctl resumed>)        = 0
[pid   612] close(3 <unfinished ...>
[pid   611] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   612] <... close resumed>)        = 0
[pid   612] close(4 <unfinished ...>
[pid   611] <... rt_sigprocmask resumed>[], 8) = 0
[pid   611] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 613 attached
 => {parent_tid=[300]}, 88) = 300
[pid   611] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   611] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   613] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   611] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   613] <... set_robust_list resumed>) = 0
[pid   612] <... close resumed>)        = 0
[pid   613] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   613] creat("./bus", 000 <unfinished ...>
[pid   612] mkdir("./bus", 0777 <unfinished ...>
[pid   613] <... creat resumed>)        = 3
[pid   612] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   613] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   611] <... futex resumed>)        = 0
[pid   611] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   611] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   613] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   612] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   613] <... mount resumed>)        = 0
[pid   613] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   613] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   611] <... futex resumed>)        = 0
[pid   611] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   611] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   613] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[   34.510170][  T612] loop0: detected capacity change from 0 to 512
[pid   613] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 4
[pid   613] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   613] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   611] <... futex resumed>)        = 0
[pid   611] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   613] <... futex resumed>)        = 0
[pid   613] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   611] <... futex resumed>)        = 1
[pid   611] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   613] <... mmap resumed>)         = 0x20000000
[pid   613] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   611] <... futex resumed>)        = 0
[pid   611] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   611] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   613] <... futex resumed>)        = 1
[pid   613] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 5
[pid   613] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   611] <... futex resumed>)        = 0
[pid   613] <... futex resumed>)        = 1
[   34.558318][  T612] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   34.570126][  T612] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz-executor334: invalid indirect mapped block 512 (level 0)
[   34.584530][  T612] EXT4-fs (loop0): Remounting filesystem read-only
[   34.591081][  T612] EXT4-fs error (device loop0): __ext4_get_inode_loc:4351: comm syz-executor334: Invalid inode table block 5 in block_group 0
[   34.604476][  T612] EXT4-fs (loop0): Remounting filesystem read-only
[   34.611071][  T612] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   34.620544][  T612] EXT4-fs (loop0): Remounting filesystem read-only
[   34.626885][  T612] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   34.635456][  T612] EXT4-fs (loop0): Remounting filesystem read-only
[   34.641814][  T612] EXT4-fs error (device loop0): __ext4_get_inode_loc:4351: comm syz-executor334: Invalid inode table block 5 in block_group 0
[   34.654850][  T612] EXT4-fs (loop0): Remounting filesystem read-only
[   34.661187][  T612] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   34.670572][  T612] EXT4-fs (loop0): Remounting filesystem read-only
[   34.676899][  T612] EXT4-fs error (device loop0): ext4_truncate:4303: inode #16: comm syz-executor334: mark_inode_dirty error
[   34.688420][  T612] EXT4-fs (loop0): Remounting filesystem read-only
[   34.694745][  T612] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[pid   613] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   611] close(3)                    = 0
[pid   611] close(4)                    = 0
[pid   611] close(5)                    = 0
[pid   611] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   611] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   611] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   611] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   611] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   611] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   611] exit_group(0)               = ?
[pid   613] <... futex resumed>)        = ?
[pid   613] +++ exited with 0 +++
[pid   612] <... mount resumed>)        = ?
[pid   612] +++ exited with 0 +++
[pid   611] +++ exited with 0 +++
[   34.703659][  T612] EXT4-fs (loop0): Remounting filesystem read-only
[   34.710101][  T612] EXT4-fs (loop0): 1 orphan inode deleted
[   34.715627][  T612] EXT4-fs (loop0): 1 truncate cleaned up
[   34.721168][  T612] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=298, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./96/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./96/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./96/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./96/bus")          = 0
[pid   299] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./96/binderfs")     = 0
[pid   299] umount2("./96/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./96/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./96/cgroup.net")   = 0
[pid   299] umount2("./96/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./96/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./96/cgroup.cpu")   = 0
[pid   299] umount2("./96/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./96/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./96/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./96")               = 0
[pid   299] mkdir("./97", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = 0
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 301
./strace-static-x86_64: Process 616 attached
[pid   616] set_robust_list(0x555579a076a0, 24) = 0
[pid   616] chdir("./97")               = 0
[pid   616] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   616] setpgid(0, 0)               = 0
[pid   616] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   616] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   616] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   616] write(3, "1000", 4)         = 4
[pid   616] close(3)                    = 0
[pid   616] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   616] write(1, "executing program\n", 18) = 18
[pid   616] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   616] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   616] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   616] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   616] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   616] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   616] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[302]}, 88) = 302
[pid   616] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   616] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   616] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   616] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   616] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   616] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   616] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[303]}, 88) = 303
./strace-static-x86_64: Process 618 attached
./strace-static-x86_64: Process 617 attached
[pid   616] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   618] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   617] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   616] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   618] <... set_robust_list resumed>) = 0
[pid   617] <... set_robust_list resumed>) = 0
[pid   616] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   616] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   618] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   617] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   618] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   618] creat("./bus", 000 <unfinished ...>
[pid   617] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   617] memfd_create("syzkaller", 0) = 4
[pid   618] <... creat resumed>)        = 3
[pid   617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   618] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   618] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   616] <... futex resumed>)        = 0
[pid   616] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   618] <... futex resumed>)        = 0
[pid   616] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   618] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   618] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   616] <... futex resumed>)        = 0
[pid   618] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   616] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   616] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   618] <... open resumed>)         = 5
[pid   618] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   616] <... futex resumed>)        = 0
[pid   618] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   616] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   618] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   616] <... futex resumed>)        = 0
[pid   618] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   616] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   618] <... mmap resumed>)         = 0x20000000
[pid   618] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   618] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   617] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200012cf} ---
[pid   618] <... futex resumed>)        = ?
[pid   616] <... futex resumed>)        = ?
[pid   618] +++ killed by SIGBUS (core dumped) +++
[pid   617] +++ killed by SIGBUS (core dumped) +++
[pid   616] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=301, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=4} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./97/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./97/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./97/core")         = 0
[pid   299] umount2("./97/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./97/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./97/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./97/bus")          = 0
[pid   299] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./97/binderfs")     = 0
[pid   299] umount2("./97/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./97/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./97/cgroup.net")   = 0
[pid   299] umount2("./97/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./97/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./97/cgroup.cpu")   = 0
[pid   299] umount2("./97/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./97/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./97/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./97")               = 0
[pid   299] mkdir("./98", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3executing program
)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 304
./strace-static-x86_64: Process 619 attached
[pid   619] set_robust_list(0x555579a076a0, 24) = 0
[pid   619] chdir("./98")               = 0
[pid   619] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   619] setpgid(0, 0)               = 0
[pid   619] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   619] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   619] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   619] write(3, "1000", 4)         = 4
[pid   619] close(3)                    = 0
[pid   619] symlink("/dev/binderfs", "./binderfs") = 0
[pid   619] write(1, "executing program\n", 18) = 18
[pid   619] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   619] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   619] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   619] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   619] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   619] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   619] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 620 attached
 => {parent_tid=[305]}, 88) = 305
[pid   620] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   620] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   620] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   619] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   619] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   619] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   619] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   620] <... futex resumed>)        = 0
[pid   619] <... mmap resumed>)         = 0x7faa8f92f000
[pid   620] memfd_create("syzkaller", 0) = 3
[pid   619] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   620] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   619] <... mprotect resumed>)     = 0
[pid   619] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   619] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[306]}, 88) = 306
[pid   619] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   619] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   619] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 621 attached
 <unfinished ...>
[pid   621] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   621] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   621] creat("./bus", 000)         = 4
[pid   621] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   619] <... futex resumed>)        = 0
[pid   619] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   619] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   621] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   620] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   621] <... mount resumed>)        = 0
[pid   621] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   619] <... futex resumed>)        = 0
[pid   621] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   619] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   619] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   621] <... open resumed>)         = 5
[pid   621] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   619] <... futex resumed>)        = 0
[pid   621] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   619] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   619] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   621] <... mmap resumed>)         = 0x20000000
[pid   620] <... write resumed>)        = 262144
[pid   621] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   621] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   620] munmap(0x7faa8752f000, 138412032) = 0
[pid   620] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   620] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   619] <... futex resumed>)        = 0
[pid   620] <... ioctl resumed>)        = 0
[pid   620] close(3)                    = 0
[pid   620] close(6)                    = 0
[pid   619] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   620] mkdir(0x20000000, 0777 <unfinished ...>
[pid   619] <... futex resumed>)        = 1
[pid   619] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   620] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   620] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   620] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   620] ioctl(3, LOOP_CLR_FD)       = 0
[pid   620] close(3)                    = 0
[pid   620] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   620] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   621] <... futex resumed>)        = 0
[pid   621] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   621] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   621] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   619] <... futex resumed>)        = 0
[pid   619] close(3)                    = 0
[pid   619] close(4)                    = 0
[pid   619] close(5)                    = 0
[pid   619] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   619] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   619] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   619] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   619] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   619] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   619] exit_group(0 <unfinished ...>
[pid   621] <... futex resumed>)        = ?
[pid   619] <... exit_group resumed>)   = ?
[pid   621] +++ exited with 0 +++
[pid   620] <... futex resumed>)        = ?
[pid   620] +++ exited with 0 +++
[pid   619] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=304, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./98/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./98/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./98/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./98/bus")          = 0
[pid   299] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./98/binderfs")     = 0
[pid   299] umount2("./98/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./98/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./98/cgroup.net")   = 0
[pid   299] umount2("./98/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./98/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./98/cgroup.cpu")   = 0
[pid   299] umount2("./98/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./98/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./98/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./98")               = 0
[pid   299] mkdir("./99", 0777)         = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 307
./strace-static-x86_64: Process 622 attached
[pid   622] set_robust_list(0x555579a076a0, 24) = 0
[pid   622] chdir("./99")               = 0
[pid   622] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   622] setpgid(0, 0)               = 0
[pid   622] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   622] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   622] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   622] write(3, "1000", 4)         = 4
[pid   622] close(3)                    = 0
[pid   622] symlink("/dev/binderfs", "./binderfs") = 0
[pid   622] write(1, "executing program\n", 18executing program
) = 18
[pid   622] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   622] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   622] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   622] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   622] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   622] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   622] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 623 attached
 <unfinished ...>
[pid   623] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   622] <... clone3 resumed> => {parent_tid=[308]}, 88) = 308
[pid   623] <... set_robust_list resumed>) = 0
[pid   622] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   623] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   622] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   623] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   622] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   623] memfd_create("syzkaller", 0 <unfinished ...>
[pid   622] <... futex resumed>)        = 0
[pid   623] <... memfd_create resumed>) = 3
[pid   622] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   623] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   622] <... futex resumed>)        = 0
[pid   623] <... mmap resumed>)         = 0x7faa87550000
[pid   622] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   623] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   622] <... mmap resumed>)         = 0x7faa8752f000
[pid   622] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   622] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   622] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 624 attached
 => {parent_tid=[309]}, 88) = 309
[pid   622] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   622] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   622] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   624] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   624] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   624] creat("./bus", 000)         = 4
[pid   623] <... write resumed>)        = 262144
[pid   623] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   624] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   623] <... munmap resumed>)       = 0
[pid   623] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   623] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   624] <... futex resumed>)        = 1
[pid   622] <... futex resumed>)        = 0
[pid   622] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   35.018342][  T620] loop0: detected capacity change from 0 to 512
[pid   622] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   624] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   624] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   624] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   622] <... futex resumed>)        = 0
[pid   623] <... ioctl resumed>)        = 0
[pid   622] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   623] close(3)                    = 0
[pid   623] close(5 <unfinished ...>
[pid   624] <... futex resumed>)        = 0
[pid   622] <... futex resumed>)        = 1
[pid   624] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   622] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   624] <... open resumed>)         = 3
[pid   623] <... close resumed>)        = 0
[pid   624] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   622] <... futex resumed>)        = 0
[pid   624] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   622] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   622] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   624] <... mmap resumed>)         = 0x20000000
[pid   623] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   623] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   623] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid   623] ioctl(5, LOOP_CLR_FD <unfinished ...>
[pid   624] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   623] <... ioctl resumed>)        = 0
[pid   624] <... futex resumed>)        = 1
[pid   623] close(5)                    = 0
[pid   624] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   623] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   623] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   622] <... futex resumed>)        = 0
[pid   622] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   622] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   623] <... futex resumed>)        = 0
[pid   623] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 5
[pid   623] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   622] <... futex resumed>)        = 0
[pid   622] close(3)                    = 0
[pid   622] close(4 <unfinished ...>
[pid   623] <... futex resumed>)        = 1
[pid   622] <... close resumed>)        = 0
[pid   622] close(5)                    = 0
[pid   623] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   622] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   622] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   622] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   622] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   622] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   622] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   622] exit_group(0 <unfinished ...>
[pid   624] <... futex resumed>)        = ?
[pid   622] <... exit_group resumed>)   = ?
[pid   624] +++ exited with 0 +++
[pid   623] <... futex resumed>)        = ?
[   35.065509][  T623] loop0: detected capacity change from 0 to 512
[pid   623] +++ exited with 0 +++
[pid   622] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=307, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./99/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./99/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./99/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./99/bus")          = 0
[pid   299] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./99/binderfs")     = 0
[pid   299] umount2("./99/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./99/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./99/cgroup.net")   = 0
[pid   299] umount2("./99/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./99/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./99/cgroup.cpu")   = 0
[pid   299] umount2("./99/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./99/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./99/cgroup")       = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./99")               = 0
[pid   299] mkdir("./100", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 310
./strace-static-x86_64: Process 625 attached
[pid   625] set_robust_list(0x555579a076a0, 24) = 0
[pid   625] chdir("./100")              = 0
[pid   625] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   625] setpgid(0, 0)               = 0
[pid   625] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   625] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   625] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   625] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   625] write(3, "1000", 4)         = 4
[pid   625] close(3)                    = 0
[pid   625] symlink("/dev/binderfs", "./binderfs") = 0
[pid   625] write(1, "executing program\n", 18executing program
) = 18
[pid   625] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   625] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   625] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   625] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   625] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   625] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   625] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 626 attached
 <unfinished ...>
[pid   626] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   626] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   626] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   625] <... clone3 resumed> => {parent_tid=[311]}, 88) = 311
[pid   625] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   625] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   626] <... futex resumed>)        = 0
[pid   625] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   626] memfd_create("syzkaller", 0) = 3
[pid   626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   626] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   625] <... futex resumed>)        = 0
[pid   625] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   625] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   625] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   625] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 627 attached
 <unfinished ...>
[pid   626] <... write resumed>)        = 262144
[pid   627] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   625] <... clone3 resumed> => {parent_tid=[312]}, 88) = 312
[pid   627] <... set_robust_list resumed>) = 0
[pid   625] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   627] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   625] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   627] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   625] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   627] creat("./bus", 000 <unfinished ...>
[pid   625] <... futex resumed>)        = 0
[pid   626] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   627] <... creat resumed>)        = 4
[pid   626] <... munmap resumed>)       = 0
[pid   625] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   627] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   625] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   627] <... futex resumed>)        = 0
[pid   625] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   627] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   625] <... futex resumed>)        = 0
[pid   626] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   625] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   627] <... mount resumed>)        = 0
[pid   627] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   625] <... futex resumed>)        = 0
[pid   627] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   625] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   627] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   625] <... futex resumed>)        = 0
[pid   627] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   625] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   627] <... open resumed>)         = 6
[pid   626] <... openat resumed>)       = 5
[pid   626] ioctl(5, LOOP_SET_FD, 3 <unfinished ...>
[pid   627] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   625] <... futex resumed>)        = 0
[pid   627] <... futex resumed>)        = 1
[pid   625] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   627] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   625] <... futex resumed>)        = 0
[pid   625] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   626] <... ioctl resumed>)        = 0
[pid   626] close(3)                    = 0
[pid   626] close(5)                    = 0
[pid   626] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   626] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   626] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   626] ioctl(3, LOOP_CLR_FD)       = 0
[pid   626] close(3)                    = 0
[pid   626] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   626] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   627] <... mmap resumed>)         = 0x20000000
[pid   627] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   625] <... futex resumed>)        = 0
[pid   627] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   625] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   625] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   626] <... futex resumed>)        = 0
[pid   626] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   626] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   625] <... futex resumed>)        = 0
[pid   626] <... futex resumed>)        = 1
[pid   625] close(3 <unfinished ...>
[pid   626] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   625] <... close resumed>)        = 0
[pid   625] close(4)                    = 0
[pid   625] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   625] close(6)                    = 0
[pid   625] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   625] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   625] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   625] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   625] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   625] exit_group(0)               = ?
[pid   627] <... futex resumed>)        = ?
[pid   627] +++ exited with 0 +++
[pid   626] <... futex resumed>)        = ?
[   35.173107][  T626] loop0: detected capacity change from 0 to 512
[   35.173504][  T627] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 30 prio class 0
[pid   626] +++ exited with 0 +++
[pid   625] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=310, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./100/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./100/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./100/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./100/bus")         = 0
[pid   299] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./100/binderfs")    = 0
[pid   299] umount2("./100/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./100/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./100/cgroup.net")  = 0
[pid   299] umount2("./100/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./100/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./100/cgroup.cpu")  = 0
[pid   299] umount2("./100/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./100/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./100/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./100")              = 0
[pid   299] mkdir("./101", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 313
./strace-static-x86_64: Process 628 attached
[pid   628] set_robust_list(0x555579a076a0, 24) = 0
[pid   628] chdir("./101")              = 0
[pid   628] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   628] setpgid(0, 0)               = 0
[pid   628] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   628] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   628] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   628] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   628] write(3, "1000", 4)         = 4
[pid   628] close(3)                    = 0
[pid   628] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   628] write(1, "executing program\n", 18) = 18
[pid   628] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   628] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   628] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   628] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   628] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   628] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   628] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 629 attached
 <unfinished ...>
[pid   629] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   628] <... clone3 resumed> => {parent_tid=[314]}, 88) = 314
[pid   629] <... set_robust_list resumed>) = 0
[pid   628] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   629] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   628] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   629] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   628] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   628] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   629] memfd_create("syzkaller", 0 <unfinished ...>
[pid   628] <... futex resumed>)        = 0
[pid   628] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   629] <... memfd_create resumed>) = 3
[pid   629] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   628] <... mmap resumed>)         = 0x7faa8f92f000
[pid   629] <... mmap resumed>)         = 0x7faa8752f000
[pid   628] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   628] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   628] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 630 attached
 => {parent_tid=[315]}, 88) = 315
[pid   630] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   628] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   630] <... set_robust_list resumed>) = 0
[pid   628] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   630] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   628] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   630] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   628] <... futex resumed>)        = 0
[pid   630] creat("./bus", 000 <unfinished ...>
[pid   628] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   630] <... creat resumed>)        = 4
[pid   630] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   628] <... futex resumed>)        = 0
[pid   630] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   628] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   630] <... mount resumed>)        = 0
[pid   628] <... futex resumed>)        = 0
[pid   630] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   628] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   630] <... futex resumed>)        = 0
[pid   628] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   630] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   628] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   630] <... open resumed>)         = 5
[pid   628] <... futex resumed>)        = 0
[pid   630] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   628] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   630] <... futex resumed>)        = 0
[pid   628] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   630] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   628] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   628] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   630] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   630] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0) = 0x20000000
[pid   630] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   630] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   628] <... futex resumed>)        = 0
[pid   629] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20001303} ---
[pid   630] <... futex resumed>)        = ?
[pid   629] +++ killed by SIGBUS (core dumped) +++
[pid   630] +++ killed by SIGBUS (core dumped) +++
[pid   628] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=313, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./101/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./101/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./101/core")        = 0
[pid   299] umount2("./101/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./101/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./101/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./101/bus")         = 0
[pid   299] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./101/binderfs")    = 0
[pid   299] umount2("./101/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./101/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./101/cgroup.net")  = 0
[pid   299] umount2("./101/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./101/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./101/cgroup.cpu")  = 0
[pid   299] umount2("./101/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./101/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./101/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./101")              = 0
[pid   299] mkdir("./102", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 316
./strace-static-x86_64: Process 631 attached
[pid   631] set_robust_list(0x555579a076a0, 24) = 0
[pid   631] chdir("./102")              = 0
[pid   631] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   631] setpgid(0, 0)               = 0
[pid   631] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   631] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   631] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   631] write(3, "1000", 4)         = 4
[pid   631] close(3)                    = 0
[pid   631] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   631] write(1, "executing program\n", 18) = 18
[pid   631] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   631] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   631] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   631] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   631] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   631] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   631] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[317]}, 88) = 317
[pid   631] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   631] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   631] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   631] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   631] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   631] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   631] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[318]}, 88) = 318
./strace-static-x86_64: Process 633 attached
[pid   631] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   631] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   631] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 632 attached
 <unfinished ...>
[pid   632] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   632] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   632] memfd_create("syzkaller", 0) = 3
[pid   633] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   633] <... set_robust_list resumed>) = 0
[pid   633] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   633] creat("./bus", 000)         = 4
[pid   633] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   631] <... futex resumed>)        = 0
[pid   631] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   631] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   633] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   632] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   633] <... mount resumed>)        = 0
[pid   633] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   631] <... futex resumed>)        = 0
[pid   631] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   631] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   633] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   632] <... write resumed>)        = 262144
[pid   633] <... open resumed>)         = 5
[pid   632] munmap(0x7faa8752f000, 138412032) = 0
[pid   633] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   632] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   633] <... futex resumed>)        = 1
[pid   631] <... futex resumed>)        = 0
[pid   632] <... ioctl resumed>)        = 0
[pid   632] close(3)                    = 0
[pid   632] close(6 <unfinished ...>
[pid   633] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   631] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   632] <... close resumed>)        = 0
[pid   632] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   632] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   632] ioctl(3, LOOP_CLR_FD)       = 0
[pid   632] close(3)                    = 0
[pid   632] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   631] <... futex resumed>)        = 0
[pid   632] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   631] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   633] <... mmap resumed>)         = 0x20000000
[pid   633] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   631] <... futex resumed>)        = 0
[pid   631] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   631] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   633] <... futex resumed>)        = 1
[pid   633] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   632] <... futex resumed>)        = 0
[pid   632] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   632] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   631] <... futex resumed>)        = 0
[pid   631] close(3)                    = 0
[pid   631] close(4)                    = 0
[pid   631] close(5)                    = 0
[pid   631] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   631] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   631] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   631] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   631] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   631] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   631] exit_group(0)               = ?
[pid   633] <... futex resumed>)        = ?
[pid   632] +++ exited with 0 +++
[pid   633] +++ exited with 0 +++
[pid   631] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=316, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[   35.334450][  T632] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./102/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./102/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./102/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./102/bus")         = 0
[pid   299] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./102/binderfs")    = 0
[pid   299] umount2("./102/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./102/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./102/cgroup.net")  = 0
[pid   299] umount2("./102/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./102/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./102/cgroup.cpu")  = 0
[pid   299] umount2("./102/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./102/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./102/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./102")              = 0
[pid   299] mkdir("./103", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 319
./strace-static-x86_64: Process 634 attached
[pid   634] set_robust_list(0x555579a076a0, 24) = 0
[pid   634] chdir("./103")              = 0
[pid   634] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   634] setpgid(0, 0)               = 0
[pid   634] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   634] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   634] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   634] write(3, "1000", 4)         = 4
[pid   634] close(3)                    = 0
[pid   634] symlink("/dev/binderfs", "./binderfs") = 0
[pid   634] write(1, "executing program\n", 18executing program
) = 18
[pid   634] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   634] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   634] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   634] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   634] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   634] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   634] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 635 attached
 <unfinished ...>
[pid   635] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   634] <... clone3 resumed> => {parent_tid=[320]}, 88) = 320
[pid   635] <... set_robust_list resumed>) = 0
[pid   635] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   634] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   635] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   634] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   634] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   635] memfd_create("syzkaller", 0 <unfinished ...>
[pid   634] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   635] <... memfd_create resumed>) = 3
[pid   635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   634] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   635] <... mmap resumed>)         = 0x7faa8752f000
[pid   634] <... mmap resumed>)         = 0x7faa8f92f000
[pid   634] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   634] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   634] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 636 attached
 <unfinished ...>
[pid   636] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   634] <... clone3 resumed> => {parent_tid=[321]}, 88) = 321
[pid   636] <... set_robust_list resumed>) = 0
[pid   634] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   636] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   634] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   636] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   634] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   636] creat("./bus", 000 <unfinished ...>
[pid   634] <... futex resumed>)        = 0
[pid   636] <... creat resumed>)        = 4
[pid   634] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   636] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   634] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   636] <... futex resumed>)        = 0
[pid   634] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   636] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   634] <... futex resumed>)        = 0
[pid   636] <... mount resumed>)        = 0
[pid   634] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   636] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   634] <... futex resumed>)        = 0
[pid   636] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   634] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   636] <... open resumed>)         = 5
[pid   634] <... futex resumed>)        = 0
[pid   636] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   634] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   636] <... futex resumed>)        = 0
[pid   634] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   636] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   634] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   636] <... mmap resumed>)         = 0x20000000
[pid   634] <... futex resumed>)        = 0
[pid   636] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   635] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200012ff} ---
[pid   634] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   636] <... futex resumed>)        = 0
[pid   634] <... futex resumed>)        = ?
[pid   636] +++ killed by SIGBUS (core dumped) +++
[pid   635] +++ killed by SIGBUS (core dumped) +++
[pid   634] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=319, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./103/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./103/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./103/core")        = 0
[pid   299] umount2("./103/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./103/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./103/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./103/bus")         = 0
[pid   299] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./103/binderfs")    = 0
[pid   299] umount2("./103/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./103/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./103/cgroup.net")  = 0
[pid   299] umount2("./103/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./103/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./103/cgroup.cpu")  = 0
[pid   299] umount2("./103/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./103/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./103/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./103")              = 0
[pid   299] mkdir("./104", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 322
./strace-static-x86_64: Process 637 attached
[pid   637] set_robust_list(0x555579a076a0, 24) = 0
[pid   637] chdir("./104")              = 0
[pid   637] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   637] setpgid(0, 0)               = 0
[pid   637] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   637] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   637] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   637] write(3, "1000", 4)         = 4
[pid   637] close(3)                    = 0
[pid   637] symlink("/dev/binderfs", "./binderfs") = 0
[pid   637] write(1, "executing program\n", 18executing program
) = 18
[pid   637] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   637] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   637] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   637] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   637] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   637] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   637] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[323]}, 88) = 323
./strace-static-x86_64: Process 638 attached
[pid   638] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   638] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   638] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   637] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   637] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   638] <... futex resumed>)        = 0
[pid   638] memfd_create("syzkaller", 0) = 3
[pid   637] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   638] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   637] <... futex resumed>)        = 0
[pid   637] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   637] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   637] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   637] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[324]}, 88) = 324
[pid   637] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   637] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   637] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   638] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 639 attached
 <unfinished ...>
[pid   639] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   638] <... write resumed>)        = 262144
[pid   639] <... set_robust_list resumed>) = 0
[pid   638] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   639] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   638] <... munmap resumed>)       = 0
[pid   639] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   638] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   639] creat("./bus", 000 <unfinished ...>
[pid   638] <... openat resumed>)       = 4
[pid   638] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid   639] <... creat resumed>)        = 5
[pid   639] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   637] <... futex resumed>)        = 0
[pid   638] close(3 <unfinished ...>
[pid   637] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   637] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   639] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   639] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   637] <... futex resumed>)        = 0
[pid   637] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   637] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   639] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 6
[pid   639] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   637] <... futex resumed>)        = 0
[pid   637] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   637] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   639] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   638] <... close resumed>)        = 0
[pid   638] close(4)                    = 0
[pid   638] mkdir(0x20000000, 0777 <unfinished ...>
[pid   639] <... mmap resumed>)         = 0x20000000
[pid   639] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   637] <... futex resumed>)        = 0
[pid   637] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   637] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   639] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   639] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   638] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   637] <... futex resumed>)        = 0
[pid   639] <... futex resumed>)        = 1
[pid   639] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   638] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   638] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   638] ioctl(4, LOOP_CLR_FD)       = 0
[pid   638] close(4)                    = 0
[pid   638] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   638] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   637] close(3)                    = 0
[pid   637] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   637] close(5)                    = 0
[pid   637] close(6)                    = 0
[pid   637] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   637] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   637] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   637] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   637] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   637] exit_group(0)               = ?
[pid   639] <... futex resumed>)        = ?
[pid   638] <... futex resumed>)        = 231
[pid   639] +++ exited with 0 +++
[pid   638] +++ exited with 0 +++
[pid   637] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=322, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./104/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./104/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./104/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./104/bus")         = 0
[pid   299] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./104/binderfs")    = 0
[pid   299] umount2("./104/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./104/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./104/cgroup.net")  = 0
[pid   299] umount2("./104/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./104/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./104/cgroup.cpu")  = 0
[pid   299] umount2("./104/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./104/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./104/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./104")              = 0
[pid   299] mkdir("./105", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[   35.495239][  T638] loop0: detected capacity change from 0 to 512
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
./strace-static-x86_64: Process 641 attached
 <unfinished ...>
[pid   641] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 325
[pid   641] <... set_robust_list resumed>) = 0
[pid   641] chdir("./105")              = 0
[pid   641] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   641] setpgid(0, 0)               = 0
[pid   641] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   641] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   641] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   641] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   641] write(3, "1000", 4)         = 4
[pid   641] close(3)                    = 0
[pid   641] symlink("/dev/binderfs", "./binderfs") = 0
[pid   641] write(1, "executing program\n", 18) = 18
[pid   641] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   641] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   641] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   641] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   641] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   641] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   641] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 642 attached
 <unfinished ...>
[pid   642] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   641] <... clone3 resumed> => {parent_tid=[326]}, 88) = 326
[pid   642] <... set_robust_list resumed>) = 0
[pid   641] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   642] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   641] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   642] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   641] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   642] memfd_create("syzkaller", 0 <unfinished ...>
[pid   641] <... futex resumed>)        = 0
[pid   642] <... memfd_create resumed>) = 3
[pid   641] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   642] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   641] <... futex resumed>)        = 0
[pid   642] <... mmap resumed>)         = 0x7faa87550000
[pid   641] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   641] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   641] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   641] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 643 attached
 <unfinished ...>
[pid   643] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   641] <... clone3 resumed> => {parent_tid=[327]}, 88) = 327
[pid   643] <... set_robust_list resumed>) = 0
[pid   641] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   643] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   641] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   643] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   641] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   642] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   643] creat("./bus", 000 <unfinished ...>
[pid   641] <... futex resumed>)        = 0
[pid   643] <... creat resumed>)        = 4
[pid   641] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   643] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   641] <... futex resumed>)        = 0
[pid   643] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   641] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   643] <... mount resumed>)        = 0
[pid   641] <... futex resumed>)        = 0
[pid   643] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   641] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   643] <... futex resumed>)        = 0
[pid   641] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   643] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   641] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   643] <... open resumed>)         = 5
[pid   641] <... futex resumed>)        = 0
[pid   643] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   641] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   642] <... write resumed>)        = 262144
[pid   643] <... futex resumed>)        = 0
[pid   641] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   643] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   641] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   642] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   641] <... futex resumed>)        = 0
[pid   641] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   643] <... mmap resumed>)         = 0x20000000
[pid   643] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   642] <... munmap resumed>)       = 0
[pid   641] <... futex resumed>)        = 0
[pid   643] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   642] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   641] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   642] <... openat resumed>)       = ?
[pid   641] <... futex resumed>)        = ?
[pid   642] +++ killed by SIGBUS (core dumped) +++
[pid   643] +++ killed by SIGBUS (core dumped) +++
[pid   641] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=325, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./105/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./105/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./105/core")        = 0
[pid   299] umount2("./105/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./105/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./105/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./105/bus")         = 0
[pid   299] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./105/binderfs")    = 0
[pid   299] umount2("./105/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./105/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./105/cgroup.net")  = 0
[pid   299] umount2("./105/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./105/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./105/cgroup.cpu")  = 0
[pid   299] umount2("./105/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./105/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./105/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./105")              = 0
[pid   299] mkdir("./106", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 328
./strace-static-x86_64: Process 644 attached
[pid   644] set_robust_list(0x555579a076a0, 24) = 0
[pid   644] chdir("./106")              = 0
[pid   644] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   644] setpgid(0, 0)               = 0
[pid   644] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   644] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   644] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   644] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   644] write(3, "1000", 4)         = 4
[pid   644] close(3)                    = 0
[pid   644] symlink("/dev/binderfs", "./binderfs") = 0
[pid   644] write(1, "executing program\n", 18executing program
) = 18
[pid   644] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   644] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   644] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   644] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   644] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   644] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   644] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 645 attached
 => {parent_tid=[329]}, 88) = 329
[pid   645] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   645] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   644] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   645] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   645] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   644] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   644] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   645] <... futex resumed>)        = 0
[pid   645] memfd_create("syzkaller", 0) = 3
[pid   645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   645] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   644] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   644] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   644] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   644] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   645] <... write resumed>)        = 262144
[pid   645] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   644] <... rt_sigprocmask resumed>[], 8) = 0
[pid   645] <... munmap resumed>)       = 0
[pid   645] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   645] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   644] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 646 attached
 <unfinished ...>
[pid   645] <... ioctl resumed>)        = 0
[pid   644] <... clone3 resumed> => {parent_tid=[330]}, 88) = 330
[pid   646] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   646] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   646] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   645] close(3 <unfinished ...>
[pid   644] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   645] <... close resumed>)        = 0
[pid   645] close(4 <unfinished ...>
[pid   644] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   644] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   644] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   646] <... futex resumed>)        = 0
[pid   646] creat("./bus", 000)         = 3
[pid   646] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   646] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   644] <... futex resumed>)        = 0
[pid   644] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   646] <... futex resumed>)        = 0
[pid   646] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   644] <... futex resumed>)        = 1
[pid   646] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   644] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   646] <... futex resumed>)        = 0
[pid   644] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   646] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   644] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   646] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   644] <... futex resumed>)        = 0
[pid   646] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   644] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   645] <... close resumed>)        = 0
[pid   645] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   645] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   645] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   644] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   644] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   644] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   644] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   644] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   644] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[331]}, 88) = 331
[pid   644] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   644] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   644] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 647 attached
 <unfinished ...>
[pid   647] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   647] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   35.617297][  T645] loop0: detected capacity change from 0 to 512
[pid   647] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0) = -1 EBADF (Bad file descriptor)
[pid   647] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   644] <... futex resumed>)        = 0
[pid   644] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   644] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   647] <... futex resumed>)        = 1
[pid   647] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128) = 6
[pid   646] <... open resumed>)         = 4
[pid   646] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   646] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   647] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   645] <... openat resumed>)       = 5
[pid   645] ioctl(5, LOOP_CLR_FD)       = 0
[pid   645] close(5)                    = 0
[pid   645] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   645] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   644] <... futex resumed>)        = 0
[pid   644] close(3)                    = 0
[pid   644] close(4)                    = 0
[pid   644] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   647] <... futex resumed>)        = 1
[pid   644] close(6)                    = 0
[pid   647] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   644] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   644] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   644] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   644] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   644] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   644] exit_group(0 <unfinished ...>
[pid   647] <... futex resumed>)        = ?
[pid   645] <... futex resumed>)        = ?
[pid   644] <... exit_group resumed>)   = ?
[pid   646] <... futex resumed>)        = ?
[pid   645] +++ exited with 0 +++
[pid   647] +++ exited with 0 +++
[pid   646] +++ exited with 0 +++
[pid   644] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=328, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./106/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./106/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./106/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./106/bus")         = 0
[pid   299] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./106/binderfs")    = 0
[pid   299] umount2("./106/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./106/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./106/cgroup.net")  = 0
[pid   299] umount2("./106/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./106/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./106/cgroup.cpu")  = 0
[pid   299] umount2("./106/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./106/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./106/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./106")              = 0
[pid   299] mkdir("./107", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 648 attached
 <unfinished ...>
[pid   648] set_robust_list(0x555579a076a0, 24) = 0
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 332
[pid   648] chdir("./107")              = 0
[pid   648] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   648] setpgid(0, 0)               = 0
[pid   648] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   648] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   648] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   648] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   648] write(3, "1000", 4)         = 4
[pid   648] close(3)                    = 0
[pid   648] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   648] write(1, "executing program\n", 18) = 18
[pid   648] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   648] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   648] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   648] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   648] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   648] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   648] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 649 attached
 <unfinished ...>
[pid   649] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   648] <... clone3 resumed> => {parent_tid=[333]}, 88) = 333
[pid   649] <... set_robust_list resumed>) = 0
[pid   648] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   649] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   648] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   649] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   648] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   649] memfd_create("syzkaller", 0 <unfinished ...>
[pid   648] <... futex resumed>)        = 0
[pid   649] <... memfd_create resumed>) = 3
[pid   648] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   649] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   648] <... futex resumed>)        = 0
[pid   649] <... mmap resumed>)         = 0x7faa87550000
[pid   648] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   649] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid   648] <... mmap resumed>)         = 0x7faa8752f000
[pid   649] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   648] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   649] <... munmap resumed>)       = 0
[pid   648] <... mprotect resumed>)     = 0
[pid   649] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   648] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   649] <... openat resumed>)       = 4
[pid   648] <... rt_sigprocmask resumed>[], 8) = 0
[pid   649] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   648] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 650 attached
 <unfinished ...>
[pid   650] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   650] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   650] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   648] <... clone3 resumed> => {parent_tid=[334]}, 88) = 334
[pid   648] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   648] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   650] <... futex resumed>)        = 0
[pid   648] <... futex resumed>)        = 1
[pid   650] creat("./bus", 000 <unfinished ...>
[pid   648] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   650] <... creat resumed>)        = 5
[pid   650] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   648] <... futex resumed>)        = 0
[pid   650] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   648] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   650] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   648] <... futex resumed>)        = 0
[pid   650] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   648] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   650] <... mount resumed>)        = 0
[pid   650] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   648] <... futex resumed>)        = 0
[pid   650] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   648] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   650] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   648] <... futex resumed>)        = 0
[pid   650] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   648] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   650] <... open resumed>)         = 6
[pid   649] <... ioctl resumed>)        = 0
[pid   650] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   649] close(3 <unfinished ...>
[pid   648] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   650] <... futex resumed>)        = 0
[pid   649] <... close resumed>)        = 0
[pid   650] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   648] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   649] close(4 <unfinished ...>
[pid   648] <... futex resumed>)        = 0
[pid   650] <... mmap resumed>)         = 0x20000000
[pid   648] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   650] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   648] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   650] <... futex resumed>)        = 0
[pid   648] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   650] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   649] <... close resumed>)        = 0
[pid   649] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   649] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   650] <... bpf resumed>)          = 3
[pid   649] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   648] <... futex resumed>)        = 0
[pid   649] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   649] ioctl(4, LOOP_CLR_FD)       = 0
[pid   649] close(4)                    = 0
[pid   649] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   649] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   650] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   650] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   648] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   648] close(3)                    = 0
[pid   648] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   648] close(5)                    = 0
[pid   648] close(6)                    = 0
[pid   648] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   648] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   648] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   648] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   648] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   648] exit_group(0 <unfinished ...>
[pid   650] <... futex resumed>)        = ?
[pid   649] <... futex resumed>)        = ?
[pid   648] <... exit_group resumed>)   = ?
[pid   649] +++ exited with 0 +++
[pid   650] +++ exited with 0 +++
[pid   648] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=332, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./107/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./107/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./107/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./107/bus")         = 0
[pid   299] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./107/binderfs")    = 0
[pid   299] umount2("./107/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./107/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./107/cgroup.net")  = 0
[pid   299] umount2("./107/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./107/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./107/cgroup.cpu")  = 0
[pid   299] umount2("./107/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./107/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./107/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./107")              = 0
[pid   299] mkdir("./108", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 651 attached
 <unfinished ...>
[pid   651] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 335
[pid   651] <... set_robust_list resumed>) = 0
[pid   651] chdir("./108")              = 0
[pid   651] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   651] setpgid(0, 0)               = 0
[pid   651] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[   35.741368][  T649] loop0: detected capacity change from 0 to 512
[pid   651] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   651] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   651] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   651] write(3, "1000", 4)         = 4
[pid   651] close(3executing program
)                    = 0
[pid   651] symlink("/dev/binderfs", "./binderfs") = 0
[pid   651] write(1, "executing program\n", 18) = 18
[pid   651] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   651] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   651] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   651] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   651] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   651] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   651] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 652 attached
 <unfinished ...>
[pid   652] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   651] <... clone3 resumed> => {parent_tid=[336]}, 88) = 336
[pid   652] <... set_robust_list resumed>) = 0
[pid   651] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   652] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   651] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   652] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   651] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   651] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   652] memfd_create("syzkaller", 0 <unfinished ...>
[pid   651] <... futex resumed>)        = 0
[pid   651] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   652] <... memfd_create resumed>) = 3
[pid   651] <... mmap resumed>)         = 0x7faa8f92f000
[pid   652] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   651] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   652] <... mmap resumed>)         = 0x7faa8752f000
[pid   651] <... mprotect resumed>)     = 0
[pid   651] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   651] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 653 attached
 <unfinished ...>
[pid   653] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   651] <... clone3 resumed> => {parent_tid=[337]}, 88) = 337
[pid   653] <... set_robust_list resumed>) = 0
[pid   651] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   653] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   651] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   653] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   651] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   653] creat("./bus", 000 <unfinished ...>
[pid   651] <... futex resumed>)        = 0
[pid   653] <... creat resumed>)        = 4
[pid   651] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   653] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   651] <... futex resumed>)        = 0
[pid   653] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   651] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   653] <... mount resumed>)        = 0
[pid   651] <... futex resumed>)        = 0
[pid   653] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   651] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   653] <... futex resumed>)        = 0
[pid   651] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   653] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   651] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   653] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   651] <... futex resumed>)        = 0
[pid   653] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   651] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   653] <... open resumed>)         = 5
[pid   653] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   651] <... futex resumed>)        = 0
[pid   653] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   651] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   653] <... mmap resumed>)         = 0x20000000
[pid   651] <... futex resumed>)        = 0
[pid   653] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   653] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   651] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   652] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200012f3} ---
[pid   653] <... futex resumed>)        = ?
[pid   651] <... futex resumed>)        = ?
[pid   653] +++ killed by SIGBUS (core dumped) +++
[pid   652] +++ killed by SIGBUS (core dumped) +++
[pid   651] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=335, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./108/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./108/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./108/core")        = 0
[pid   299] umount2("./108/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./108/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./108/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./108/bus")         = 0
[pid   299] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./108/binderfs")    = 0
[pid   299] umount2("./108/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./108/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./108/cgroup.net")  = 0
[pid   299] umount2("./108/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./108/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./108/cgroup.cpu")  = 0
[pid   299] umount2("./108/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./108/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./108/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./108")              = 0
[pid   299] mkdir("./109", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 654 attached
 <unfinished ...>
[pid   654] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 338
[pid   654] <... set_robust_list resumed>) = 0
[pid   654] chdir("./109")              = 0
[pid   654] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   654] setpgid(0, 0)               = 0
[pid   654] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   654] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   654] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   654] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   654] write(3, "1000", 4)         = 4
[pid   654] close(3)                    = 0
[pid   654] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   654] write(1, "executing program\n", 18) = 18
[pid   654] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   654] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   654] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   654] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   654] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   654] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   654] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 655 attached
 <unfinished ...>
[pid   655] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   654] <... clone3 resumed> => {parent_tid=[339]}, 88) = 339
[pid   655] <... set_robust_list resumed>) = 0
[pid   654] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   655] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   654] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   655] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   654] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   655] memfd_create("syzkaller", 0 <unfinished ...>
[pid   654] <... futex resumed>)        = 0
[pid   655] <... memfd_create resumed>) = 3
[pid   654] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   654] <... futex resumed>)        = 0
[pid   655] <... mmap resumed>)         = 0x7faa87550000
[pid   654] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   654] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   654] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   654] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 656 attached
 <unfinished ...>
[pid   656] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   654] <... clone3 resumed> => {parent_tid=[340]}, 88) = 340
[pid   656] <... set_robust_list resumed>) = 0
[pid   655] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   654] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   656] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   654] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   656] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   654] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   656] creat("./bus", 000 <unfinished ...>
[pid   654] <... futex resumed>)        = 0
[pid   656] <... creat resumed>)        = 4
[pid   654] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   656] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   654] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   656] <... futex resumed>)        = 0
[pid   654] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   656] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   654] <... futex resumed>)        = 0
[pid   656] <... mount resumed>)        = 0
[pid   654] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   656] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   654] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   656] <... futex resumed>)        = 0
[pid   654] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   656] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   654] <... futex resumed>)        = 0
[pid   656] <... open resumed>)         = 5
[pid   654] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   656] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   654] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   656] <... futex resumed>)        = 0
[pid   654] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   656] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   655] <... write resumed>)        = 262144
[pid   654] <... futex resumed>)        = 0
[pid   656] <... mmap resumed>)         = 0x20000000
[pid   654] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   656] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   654] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   656] <... futex resumed>)        = 0
[pid   654] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   656] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   655] ????( <unfinished ...>
[pid   654] <... futex resumed>)        = -1 (errno 18446744073709551414)
[pid   655] <... ???? resumed>)         = ?
[pid   655] +++ killed by SIGBUS (core dumped) +++
[pid   656] +++ killed by SIGBUS (core dumped) +++
[pid   654] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=338, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./109/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./109/core", {st_mode=S_IFREG|0600, st_size=17084416, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./109/core")        = 0
[pid   299] umount2("./109/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./109/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./109/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./109/bus")         = 0
[pid   299] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./109/binderfs")    = 0
[pid   299] umount2("./109/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./109/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./109/cgroup.net")  = 0
[pid   299] umount2("./109/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./109/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./109/cgroup.cpu")  = 0
[pid   299] umount2("./109/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./109/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./109/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./109")              = 0
[pid   299] mkdir("./110", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 657 attached
 <unfinished ...>
[pid   657] set_robust_list(0x555579a076a0, 24) = 0
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 341
[pid   657] chdir("./110")              = 0
[pid   657] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   657] setpgid(0, 0)               = 0
[pid   657] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   657] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   657] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   657] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   657] write(3, "1000", 4)         = 4
[pid   657] close(3)                    = 0
[pid   657] symlink("/dev/binderfs", "./binderfs") = 0
[pid   657] write(1, "executing program\n", 18executing program
) = 18
[pid   657] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   657] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   657] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   657] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   657] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   657] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   657] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 658 attached
 <unfinished ...>
[pid   658] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   658] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   658] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   657] <... clone3 resumed> => {parent_tid=[342]}, 88) = 342
[pid   657] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   657] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   658] <... futex resumed>)        = 0
[pid   657] <... futex resumed>)        = 1
[pid   658] memfd_create("syzkaller", 0) = 3
[pid   658] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   658] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   657] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   658] <... write resumed>)        = 262144
[pid   657] <... futex resumed>)        = 0
[pid   658] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   657] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   658] <... munmap resumed>)       = 0
[pid   657] <... mmap resumed>)         = 0x7faa8f92f000
[pid   658] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   658] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   657] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   657] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   657] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[343]}, 88) = 343
[pid   657] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   657] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   657] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 659 attached
 <unfinished ...>
[pid   658] <... ioctl resumed>)        = 0
[pid   659] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   659] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   659] creat("./bus", 000)         = 5
[pid   658] close(3 <unfinished ...>
[pid   659] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   657] <... futex resumed>)        = 0
[pid   659] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   657] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   659] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   657] <... futex resumed>)        = 0
[pid   659] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   657] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   659] <... mount resumed>)        = 0
[pid   658] <... close resumed>)        = 0
[pid   659] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   659] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   658] close(4 <unfinished ...>
[pid   657] <... futex resumed>)        = 0
[pid   657] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   659] <... futex resumed>)        = 0
[pid   657] <... futex resumed>)        = 1
[pid   659] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   657] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   658] <... close resumed>)        = 0
[pid   658] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   658] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   658] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   658] ioctl(4, LOOP_CLR_FD)       = 0
[pid   658] close(4)                    = 0
[pid   658] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   658] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   659] <... open resumed>)         = 3
[pid   659] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   657] <... futex resumed>)        = 0
[pid   659] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   657] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   658] <... futex resumed>)        = 0
[pid   657] <... futex resumed>)        = 1
[   35.933055][  T658] loop0: detected capacity change from 0 to 512
[pid   658] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   657] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   658] <... mmap resumed>)         = 0x20000000
[pid   658] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   658] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   657] <... futex resumed>)        = 0
[pid   657] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   658] <... futex resumed>)        = 0
[pid   657] <... futex resumed>)        = 1
[pid   658] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   657] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   658] <... bpf resumed>)          = 4
[pid   658] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   657] <... futex resumed>)        = 0
[pid   658] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   657] close(3)                    = 0
[pid   657] close(4)                    = 0
[pid   657] close(5)                    = 0
[pid   657] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   657] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   657] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   657] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   657] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   657] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   657] exit_group(0 <unfinished ...>
[pid   659] <... futex resumed>)        = ?
[pid   657] <... exit_group resumed>)   = ?
[pid   659] +++ exited with 0 +++
[pid   658] <... futex resumed>)        = ?
[pid   658] +++ exited with 0 +++
[pid   657] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=341, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./110/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./110/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./110/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./110/bus")         = 0
[pid   299] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./110/binderfs")    = 0
[pid   299] umount2("./110/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./110/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./110/cgroup.net")  = 0
[pid   299] umount2("./110/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./110/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./110/cgroup.cpu")  = 0
[pid   299] umount2("./110/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./110/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./110/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./110")              = 0
[pid   299] mkdir("./111", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 660 attached
 <unfinished ...>
[pid   660] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 344
[pid   660] <... set_robust_list resumed>) = 0
[pid   660] chdir("./111")              = 0
[pid   660] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   660] setpgid(0, 0)               = 0
[pid   660] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   660] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   660] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   660] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   660] write(3, "1000", 4)         = 4
[pid   660] close(3)                    = 0
executing program
[pid   660] symlink("/dev/binderfs", "./binderfs") = 0
[pid   660] write(1, "executing program\n", 18) = 18
[pid   660] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   660] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   660] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   660] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   660] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   660] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   660] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 661 attached
 <unfinished ...>
[pid   661] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   660] <... clone3 resumed> => {parent_tid=[345]}, 88) = 345
[pid   661] <... set_robust_list resumed>) = 0
[pid   660] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   661] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   660] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   661] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   660] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   661] memfd_create("syzkaller", 0 <unfinished ...>
[pid   660] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   661] <... memfd_create resumed>) = 3
[pid   660] <... futex resumed>)        = 0
[pid   661] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   660] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   661] <... mmap resumed>)         = 0x7faa8752f000
[pid   660] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   660] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   660] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 662 attached
 <unfinished ...>
[pid   662] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   660] <... clone3 resumed> => {parent_tid=[346]}, 88) = 346
[pid   662] <... set_robust_list resumed>) = 0
[pid   660] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   662] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   660] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   662] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   660] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   662] creat("./bus", 000 <unfinished ...>
[pid   660] <... futex resumed>)        = 0
[pid   662] <... creat resumed>)        = 4
[pid   660] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   662] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   660] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   662] <... futex resumed>)        = 0
[pid   660] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   662] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   660] <... futex resumed>)        = 0
[pid   662] <... mount resumed>)        = 0
[pid   660] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   662] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   660] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   662] <... futex resumed>)        = 0
[pid   660] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   662] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   660] <... futex resumed>)        = 0
[pid   662] <... open resumed>)         = 5
[pid   660] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   662] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   660] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   662] <... futex resumed>)        = 0
[pid   660] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   662] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   660] <... futex resumed>)        = 0
[pid   662] <... mmap resumed>)         = 0x20000000
[pid   660] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   662] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   660] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   662] <... futex resumed>)        = 0
[pid   660] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   662] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   661] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000ec2} ---
[pid   660] <... futex resumed>)        = -1 (errno 18446744073709551414)
[pid   661] +++ killed by SIGBUS (core dumped) +++
[pid   662] +++ killed by SIGBUS (core dumped) +++
[pid   660] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=344, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./111/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./111/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./111/core")        = 0
[pid   299] umount2("./111/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./111/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./111/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./111/bus")         = 0
[pid   299] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./111/binderfs")    = 0
[pid   299] umount2("./111/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./111/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./111/cgroup.net")  = 0
[pid   299] umount2("./111/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./111/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./111/cgroup.cpu")  = 0
[pid   299] umount2("./111/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./111/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./111/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./111")              = 0
[pid   299] mkdir("./112", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 663 attached
 <unfinished ...>
[pid   663] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 347
[pid   663] <... set_robust_list resumed>) = 0
[pid   663] chdir("./112")              = 0
[pid   663] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   663] setpgid(0, 0)               = 0
[pid   663] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   663] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   663] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   663] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   663] write(3, "1000", 4)         = 4
[pid   663] close(3)                    = 0
[pid   663] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   663] write(1, "executing program\n", 18) = 18
[pid   663] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   663] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   663] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   663] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   663] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   663] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   663] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 664 attached
 <unfinished ...>
[pid   664] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   663] <... clone3 resumed> => {parent_tid=[348]}, 88) = 348
[pid   664] <... set_robust_list resumed>) = 0
[pid   663] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   664] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   663] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   664] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   663] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   664] memfd_create("syzkaller", 0 <unfinished ...>
[pid   663] <... futex resumed>)        = 0
[pid   664] <... memfd_create resumed>) = 3
[pid   663] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   664] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   663] <... futex resumed>)        = 0
[pid   664] <... mmap resumed>)         = 0x7faa87550000
[pid   663] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   664] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   663] <... mmap resumed>)         = 0x7faa8752f000
[pid   663] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   663] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   663] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[349]}, 88) = 349
./strace-static-x86_64: Process 665 attached
[pid   664] <... write resumed>)        = 262144
[pid   663] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   663] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   663] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   664] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   665] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   664] <... munmap resumed>)       = 0
[pid   665] <... set_robust_list resumed>) = 0
[pid   664] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   664] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   665] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   665] creat("./bus", 000)         = 5
[pid   665] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   665] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   663] <... futex resumed>)        = 0
[pid   663] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   665] <... futex resumed>)        = 0
[pid   663] <... futex resumed>)        = 1
[pid   665] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   663] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   665] <... mount resumed>)        = 0
[pid   665] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   663] <... futex resumed>)        = 0
[pid   665] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   663] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   665] <... open resumed>)         = 6
[pid   664] <... ioctl resumed>)        = 0
[pid   663] <... futex resumed>)        = 0
[pid   663] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   665] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   663] <... futex resumed>)        = 0
[pid   663] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   663] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   665] <... futex resumed>)        = 1
[pid   665] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   664] close(3)                    = 0
[pid   664] close(4)                    = 0
[pid   664] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   664] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   664] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   664] ioctl(3, LOOP_CLR_FD)       = 0
[pid   664] close(3)                    = 0
[pid   664] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   664] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   665] <... mmap resumed>)         = 0x20000000
[pid   665] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   665] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   663] <... futex resumed>)        = 0
[pid   663] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   663] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   664] <... futex resumed>)        = 0
[pid   664] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   664] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   663] <... futex resumed>)        = 0
[pid   663] close(3)                    = 0
[pid   663] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   663] close(5)                    = 0
[pid   663] close(6)                    = 0
[pid   663] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   663] close(8 <unfinished ...>
[pid   664] <... futex resumed>)        = 1
[pid   663] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   664] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   663] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   663] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   663] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   663] exit_group(0)               = ?
[pid   664] <... futex resumed>)        = ?
[pid   665] <... futex resumed>)        = ?
[pid   664] +++ exited with 0 +++
[pid   665] +++ exited with 0 +++
[pid   663] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=347, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./112/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./112/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./112/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./112/bus")         = 0
[pid   299] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./112/binderfs")    = 0
[pid   299] umount2("./112/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./112/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./112/cgroup.net")  = 0
[pid   299] umount2("./112/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./112/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./112/cgroup.cpu")  = 0
[pid   299] umount2("./112/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./112/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./112/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./112")              = 0
[pid   299] mkdir("./113", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 666 attached
 <unfinished ...>
[pid   666] set_robust_list(0x555579a076a0, 24) = 0
[pid   666] chdir("./113" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 350
[pid   666] <... chdir resumed>)        = 0
[pid   666] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   666] setpgid(0, 0)               = 0
[pid   666] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   666] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   666] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   666] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   666] write(3, "1000", 4)         = 4
[pid   666] close(3)                    = 0
[pid   666] symlink("/dev/binderfs", "./binderfs") = 0
[pid   666] write(1, "executing program\n", 18executing program
) = 18
[pid   666] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   666] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   666] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   666] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   666] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   666] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   666] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 667 attached
 <unfinished ...>
[pid   667] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   667] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   667] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   666] <... clone3 resumed> => {parent_tid=[351]}, 88) = 351
[pid   666] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   666] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   667] <... futex resumed>)        = 0
[pid   666] <... futex resumed>)        = 1
[pid   667] memfd_create("syzkaller", 0) = 3
[pid   667] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   667] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   666] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   667] <... write resumed>)        = 262144
[pid   666] <... futex resumed>)        = 0
[pid   667] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   666] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   667] <... munmap resumed>)       = 0
[pid   666] <... mmap resumed>)         = 0x7faa8f92f000
[pid   667] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   666] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   667] <... openat resumed>)       = 4
[pid   666] <... mprotect resumed>)     = 0
[pid   667] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[   36.120215][  T664] loop0: detected capacity change from 0 to 512
[pid   666] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   667] <... ioctl resumed>)        = 0
[pid   666] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} <unfinished ...>
[pid   667] close(3./strace-static-x86_64: Process 668 attached
 <unfinished ...>
[pid   668] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   668] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   668] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   667] <... close resumed>)        = 0
[pid   667] close(4 <unfinished ...>
[pid   666] <... clone3 resumed> => {parent_tid=[352]}, 88) = 352
[pid   666] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   666] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   668] <... futex resumed>)        = 0
[pid   666] <... futex resumed>)        = 1
[pid   668] creat("./bus", 000 <unfinished ...>
[pid   666] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   668] <... creat resumed>)        = 3
[pid   668] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   666] <... futex resumed>)        = 0
[pid   668] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   666] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   668] <... mount resumed>)        = 0
[pid   666] <... futex resumed>)        = 0
[pid   668] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   666] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   668] <... futex resumed>)        = 0
[pid   666] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   668] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   666] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   666] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   668] <... open resumed>)         = 4
[pid   667] <... close resumed>)        = 0
[pid   668] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   667] mkdir("./bus", 0777 <unfinished ...>
[pid   668] <... futex resumed>)        = 1
[pid   667] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   666] <... futex resumed>)        = 0
[pid   668] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 4, 0 <unfinished ...>
[pid   667] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"... <unfinished ...>
[pid   666] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   667] <... mount resumed>)        = -1 ENODEV (No such device)
[pid   666] <... futex resumed>)        = 0
[pid   667] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   666] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   667] <... openat resumed>)       = 5
[pid   667] ioctl(5, LOOP_CLR_FD)       = 0
[pid   667] close(5)                    = 0
[pid   667] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   667] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   668] <... mmap resumed>)         = 0x20000000
[pid   668] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   668] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   666] <... futex resumed>)        = 0
[pid   666] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   667] <... futex resumed>)        = 0
[pid   666] <... futex resumed>)        = 1
[pid   667] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   666] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   667] <... bpf resumed>)          = 5
[pid   667] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   666] <... futex resumed>)        = 0
[pid   667] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   666] close(3)                    = 0
[pid   666] close(4)                    = 0
[pid   666] close(5)                    = 0
[pid   666] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   666] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   666] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   666] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   666] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   666] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   666] exit_group(0)               = ?
[pid   667] <... futex resumed>)        = ?
[pid   667] +++ exited with 0 +++
[pid   668] <... futex resumed>)        = ?
[   36.178068][  T667] loop0: detected capacity change from 0 to 512
[pid   668] +++ exited with 0 +++
[pid   666] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=350, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./113/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./113/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./113/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./113/bus")         = 0
[pid   299] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./113/binderfs")    = 0
[pid   299] umount2("./113/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./113/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./113/cgroup.net")  = 0
[pid   299] umount2("./113/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./113/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./113/cgroup.cpu")  = 0
[pid   299] umount2("./113/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./113/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./113/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./113")              = 0
[pid   299] mkdir("./114", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 669 attached
 <unfinished ...>
[pid   669] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 353
[pid   669] <... set_robust_list resumed>) = 0
[pid   669] chdir("./114")              = 0
[pid   669] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   669] setpgid(0, 0)               = 0
[pid   669] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   669] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   669] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   669] write(3, "1000", 4)         = 4
[pid   669] close(3)                    = 0
[pid   669] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   669] write(1, "executing program\n", 18) = 18
[pid   669] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   669] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   669] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   669] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   669] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   669] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   669] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[354]}, 88) = 354
[pid   669] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   669] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   669] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   669] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   669] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   669] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   669] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[355]}, 88) = 355
[pid   669] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   669] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   669] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 670 attached
 <unfinished ...>
[pid   670] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   670] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   670] memfd_create("syzkaller", 0) = 3
[pid   670] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
./strace-static-x86_64: Process 671 attached
[pid   671] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   671] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   671] creat("./bus", 000)         = 4
[pid   671] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   669] <... futex resumed>)        = 0
[pid   671] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   669] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   671] <... mount resumed>)        = 0
[pid   669] <... futex resumed>)        = 0
[pid   671] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   669] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   671] <... futex resumed>)        = 0
[pid   669] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   671] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   669] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   671] <... open resumed>)         = 5
[pid   669] <... futex resumed>)        = 0
[pid   671] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   669] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   671] <... futex resumed>)        = 0
[pid   669] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   671] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   669] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   671] <... mmap resumed>)         = 0x20000000
[pid   670] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200012eb} ---
[pid   669] <... futex resumed>)        = 0
[pid   669] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   671] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   669] <... futex resumed>)        = 0
[pid   671] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   669] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   670] +++ killed by SIGBUS (core dumped) +++
[pid   671] +++ killed by SIGBUS (core dumped) +++
[pid   669] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=353, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./114/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./114/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./114/core")        = 0
[pid   299] umount2("./114/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./114/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./114/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./114/bus")         = 0
[pid   299] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./114/binderfs")    = 0
[pid   299] umount2("./114/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./114/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./114/cgroup.net")  = 0
[pid   299] umount2("./114/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./114/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./114/cgroup.cpu")  = 0
[pid   299] umount2("./114/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./114/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./114/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./114")              = 0
[pid   299] mkdir("./115", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
./strace-static-x86_64: Process 672 attached
 <unfinished ...>
[pid   672] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 356
[pid   672] <... set_robust_list resumed>) = 0
[pid   672] chdir("./115")              = 0
[pid   672] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   672] setpgid(0, 0)               = 0
[pid   672] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   672] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   672] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   672] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   672] write(3, "1000", 4)         = 4
[pid   672] close(3)                    = 0
[pid   672] symlink("/dev/binderfs", "./binderfs") = 0
[pid   672] write(1, "executing program\n", 18) = 18
[pid   672] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   672] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   672] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   672] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   672] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   672] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   672] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 673 attached
 <unfinished ...>
[pid   673] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   672] <... clone3 resumed> => {parent_tid=[357]}, 88) = 357
[pid   673] <... set_robust_list resumed>) = 0
[pid   672] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   673] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   672] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   673] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   672] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   673] memfd_create("syzkaller", 0 <unfinished ...>
[pid   672] <... futex resumed>)        = 0
[pid   673] <... memfd_create resumed>) = 3
[pid   672] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   672] <... futex resumed>)        = 0
[pid   673] <... mmap resumed>)         = 0x7faa87550000
[pid   672] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   673] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   672] <... mmap resumed>)         = 0x7faa8752f000
[pid   672] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   672] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   672] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 674 attached
 <unfinished ...>
[pid   674] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   673] <... write resumed>)        = 262144
[pid   672] <... clone3 resumed> => {parent_tid=[358]}, 88) = 358
[pid   674] <... set_robust_list resumed>) = 0
[pid   673] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   672] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   674] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   673] <... munmap resumed>)       = 0
[pid   672] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   674] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   673] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   672] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   674] creat("./bus", 000 <unfinished ...>
[pid   673] <... openat resumed>)       = 4
[pid   672] <... futex resumed>)        = 0
[pid   674] <... creat resumed>)        = 5
[pid   673] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   672] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   674] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   674] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   672] <... futex resumed>)        = 0
[pid   672] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   674] <... futex resumed>)        = 0
[pid   672] <... futex resumed>)        = 1
[pid   674] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   672] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   674] <... mount resumed>)        = 0
[pid   674] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   672] <... futex resumed>)        = 0
[pid   674] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   672] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   674] <... open resumed>)         = 6
[pid   673] <... ioctl resumed>)        = 0
[pid   672] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   674] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   673] close(3 <unfinished ...>
[pid   674] <... futex resumed>)        = 1
[pid   673] <... close resumed>)        = 0
[pid   672] <... futex resumed>)        = 0
[pid   674] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   673] close(4 <unfinished ...>
[pid   672] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   672] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   673] <... close resumed>)        = 0
[pid   673] mkdir(0x20000000, 0777 <unfinished ...>
[pid   674] <... mmap resumed>)         = 0x20000000
[pid   673] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   674] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   673] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   674] <... futex resumed>)        = 1
[pid   673] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   674] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   673] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   673] ioctl(3, LOOP_CLR_FD)       = 0
[pid   673] close(3)                    = 0
[pid   673] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   673] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   672] <... futex resumed>)        = 0
[pid   672] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   673] <... futex resumed>)        = 0
[pid   672] <... futex resumed>)        = 1
[pid   673] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   672] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   673] <... bpf resumed>)          = 3
[pid   673] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   672] <... futex resumed>)        = 0
[pid   673] <... futex resumed>)        = 1
[pid   672] close(3 <unfinished ...>
[pid   673] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   672] <... close resumed>)        = 0
[pid   672] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   672] close(5)                    = 0
[pid   672] close(6)                    = 0
[pid   672] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   672] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   672] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   672] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   672] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   672] exit_group(0)               = ?
[pid   674] <... futex resumed>)        = 231
[pid   673] <... futex resumed>)        = ?
[pid   673] +++ exited with 0 +++
[pid   674] +++ exited with 0 +++
[pid   672] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=356, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./115/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./115/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./115/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./115/bus")         = 0
[   36.334462][  T673] loop0: detected capacity change from 0 to 512
[pid   299] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./115/binderfs")    = 0
[pid   299] umount2("./115/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./115/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./115/cgroup.net")  = 0
[pid   299] umount2("./115/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./115/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./115/cgroup.cpu")  = 0
[pid   299] umount2("./115/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./115/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./115/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./115")              = 0
[pid   299] mkdir("./116", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 675 attached
 <unfinished ...>
[pid   675] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 359
[pid   675] <... set_robust_list resumed>) = 0
[pid   675] chdir("./116")              = 0
[pid   675] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   675] setpgid(0, 0)               = 0
[pid   675] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   675] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   675] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   675] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   675] write(3, "1000", 4)         = 4
[pid   675] close(3)                    = 0
[pid   675] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   675] write(1, "executing program\n", 18) = 18
[pid   675] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   675] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   675] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   675] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   675] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   675] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   675] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[360]}, 88) = 360
[pid   675] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   675] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   675] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   675] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   675] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   675] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   675] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[361]}, 88) = 361
[pid   675] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   675] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   675] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 676 attached
./strace-static-x86_64: Process 677 attached
 <unfinished ...>
[pid   676] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   676] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   676] memfd_create("syzkaller", 0) = 3
[pid   676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   677] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   677] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   677] creat("./bus", 000)         = 4
[pid   677] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   675] <... futex resumed>)        = 0
[pid   677] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   675] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   677] <... mount resumed>)        = 0
[pid   675] <... futex resumed>)        = 0
[pid   677] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   675] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   677] <... futex resumed>)        = 0
[pid   675] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   677] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   675] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   677] <... open resumed>)         = 5
[pid   676] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   675] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   677] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   675] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   677] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   675] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   677] <... mmap resumed>)         = 0x20000000
[pid   675] <... futex resumed>)        = 0
[pid   677] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   676] <... write resumed>)        = 262144
[pid   675] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   677] <... futex resumed>)        = 0
[pid   676] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   675] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   676] <... munmap resumed>)       = 0
[pid   675] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   677] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   676] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   675] <... futex resumed>)        = 0
[pid   676] <... openat resumed>)       = 6
[pid   675] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   676] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   675] <... futex resumed>)        = ?
[pid   676] <... ioctl resumed>)        = ?
[pid   676] +++ killed by SIGBUS (core dumped) +++
[pid   677] +++ killed by SIGBUS (core dumped) +++
[pid   675] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=359, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
[   36.410689][  T676] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./116/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./116/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./116/core")        = 0
[pid   299] umount2("./116/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./116/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./116/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./116/bus")         = 0
[pid   299] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./116/binderfs")    = 0
[pid   299] umount2("./116/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./116/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./116/cgroup.net")  = 0
[pid   299] umount2("./116/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./116/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./116/cgroup.cpu")  = 0
[pid   299] umount2("./116/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./116/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./116/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./116")              = 0
[pid   299] mkdir("./117", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = 0
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 679 attached
 <unfinished ...>
[pid   679] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 362
[pid   679] <... set_robust_list resumed>) = 0
[pid   679] chdir("./117")              = 0
[pid   679] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   679] setpgid(0, 0)               = 0
[pid   679] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   679] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   679] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   679] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   679] write(3, "1000", 4)         = 4
[pid   679] close(3)                    = 0
[pid   679] symlink("/dev/binderfs", "./binderfs") = 0
[pid   679] write(1, "executing program\n", 18executing program
) = 18
[pid   679] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   679] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   679] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   679] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   679] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   679] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   679] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 680 attached
 => {parent_tid=[363]}, 88) = 363
[pid   679] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   679] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   679] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   679] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   680] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   679] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   680] <... set_robust_list resumed>) = 0
[pid   679] <... mprotect resumed>)     = 0
[pid   679] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   680] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   679] <... rt_sigprocmask resumed>[], 8) = 0
[pid   679] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} <unfinished ...>
[pid   680] <... rt_sigprocmask resumed>NULL, 8) = 0
./strace-static-x86_64: Process 681 attached
[pid   679] <... clone3 resumed> => {parent_tid=[364]}, 88) = 364
[pid   679] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   679] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   681] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   680] memfd_create("syzkaller", 0 <unfinished ...>
[pid   679] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   681] <... set_robust_list resumed>) = 0
[pid   680] <... memfd_create resumed>) = 3
[pid   681] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   681] creat("./bus", 000)         = 4
[pid   680] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   681] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   679] <... futex resumed>)        = 0
[pid   681] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   679] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   680] <... mmap resumed>)         = 0x7faa8752f000
[pid   681] <... mount resumed>)        = 0
[pid   679] <... futex resumed>)        = 0
[pid   679] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   681] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   679] <... futex resumed>)        = 0
[pid   681] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   679] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   681] <... open resumed>)         = 5
[pid   679] <... futex resumed>)        = 0
[pid   681] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   679] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   681] <... futex resumed>)        = 0
[pid   679] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   681] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   679] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   681] <... mmap resumed>)         = 0x20000000
[pid   679] <... futex resumed>)        = 0
[pid   681] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   680] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200012a4} ---
[pid   681] <... futex resumed>)        = 0
[pid   681] +++ killed by SIGBUS (core dumped) +++
[pid   680] +++ killed by SIGBUS (core dumped) +++
[pid   679] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=362, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./117/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./117/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./117/core")        = 0
[pid   299] umount2("./117/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./117/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./117/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./117/bus")         = 0
[pid   299] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./117/binderfs")    = 0
[pid   299] umount2("./117/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./117/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./117/cgroup.net")  = 0
[pid   299] umount2("./117/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./117/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./117/cgroup.cpu")  = 0
[pid   299] umount2("./117/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./117/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./117/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./117")              = 0
[pid   299] mkdir("./118", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 682 attached
 <unfinished ...>
[pid   682] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 365
[pid   682] <... set_robust_list resumed>) = 0
[pid   682] chdir("./118")              = 0
[pid   682] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   682] setpgid(0, 0)               = 0
[pid   682] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   682] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   682] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   682] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   682] write(3, "1000", 4)         = 4
[pid   682] close(3)                    = 0
[pid   682] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   682] write(1, "executing program\n", 18) = 18
[pid   682] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   682] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   682] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   682] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   682] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   682] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   682] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 683 attached
 <unfinished ...>
[pid   683] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   683] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   683] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   682] <... clone3 resumed> => {parent_tid=[366]}, 88) = 366
[pid   682] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   682] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   683] <... futex resumed>)        = 0
[pid   682] <... futex resumed>)        = 1
[pid   683] memfd_create("syzkaller", 0 <unfinished ...>
[pid   682] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   683] <... memfd_create resumed>) = 3
[pid   683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   683] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   682] <... futex resumed>)        = 0
[pid   683] <... write resumed>)        = 262144
[pid   682] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   683] munmap(0x7faa87550000, 138412032) = 0
[pid   682] <... mmap resumed>)         = 0x7faa8f92f000
[pid   683] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   682] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   683] <... openat resumed>)       = 4
[pid   682] <... mprotect resumed>)     = 0
[pid   683] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   682] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   682] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 684 attached
 <unfinished ...>
[pid   684] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   682] <... clone3 resumed> => {parent_tid=[367]}, 88) = 367
[pid   684] <... set_robust_list resumed>) = 0
[pid   682] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   684] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   682] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   684] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   682] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   684] creat("./bus", 000 <unfinished ...>
[pid   682] <... futex resumed>)        = 0
[pid   684] <... creat resumed>)        = 5
[pid   682] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   684] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   682] <... futex resumed>)        = 0
[pid   684] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   682] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   684] <... mount resumed>)        = 0
[pid   682] <... futex resumed>)        = 0
[pid   684] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   682] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   684] <... futex resumed>)        = 0
[pid   682] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   684] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   682] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   684] <... open resumed>)         = 6
[pid   683] <... ioctl resumed>)        = 0
[pid   682] <... futex resumed>)        = 0
[pid   682] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   684] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   682] <... futex resumed>)        = 0
[pid   682] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   682] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   684] <... futex resumed>)        = 1
[pid   684] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   683] close(3)                    = 0
[pid   683] close(4)                    = 0
[pid   683] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   683] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   684] <... mmap resumed>)         = 0x20000000
[pid   684] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   682] <... futex resumed>)        = 0
[pid   682] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   682] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   684] <... futex resumed>)        = 1
[pid   684] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   683] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   683] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   683] ioctl(3, LOOP_CLR_FD)       = 0
[pid   683] close(3 <unfinished ...>
[pid   684] <... bpf resumed>)          = 4
[pid   684] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   682] <... futex resumed>)        = 0
[pid   684] <... futex resumed>)        = 1
[pid   684] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   683] <... close resumed>)        = 0
[pid   683] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   683] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   682] close(3)                    = -1 EBADF (Bad file descriptor)
[pid   682] close(4)                    = 0
[pid   682] close(5)                    = 0
[pid   682] close(6)                    = 0
[pid   682] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   682] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   682] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   682] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   682] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   682] exit_group(0)               = ?
[pid   683] <... futex resumed>)        = ?
[pid   684] <... futex resumed>)        = ?
[pid   683] +++ exited with 0 +++
[pid   684] +++ exited with 0 +++
[pid   682] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=365, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./118/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./118/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./118/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./118/bus")         = 0
[pid   299] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./118/binderfs")    = 0
[pid   299] umount2("./118/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./118/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./118/cgroup.net")  = 0
[pid   299] umount2("./118/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./118/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./118/cgroup.cpu")  = 0
[pid   299] umount2("./118/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./118/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./118/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./118")              = 0
[pid   299] mkdir("./119", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[   36.678754][  T683] loop0: detected capacity change from 0 to 512
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 368
./strace-static-x86_64: Process 685 attached
[pid   685] set_robust_list(0x555579a076a0, 24) = 0
[pid   685] chdir("./119")              = 0
[pid   685] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   685] setpgid(0, 0)               = 0
[pid   685] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   685] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
executing program
[pid   685] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   685] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   685] write(3, "1000", 4)         = 4
[pid   685] close(3)                    = 0
[pid   685] symlink("/dev/binderfs", "./binderfs") = 0
[pid   685] write(1, "executing program\n", 18) = 18
[pid   685] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   685] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   685] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   685] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   685] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   685] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   685] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 686 attached
 => {parent_tid=[369]}, 88) = 369
[pid   685] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   685] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   685] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   685] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   685] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   686] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   685] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   686] <... set_robust_list resumed>) = 0
[pid   685] <... rt_sigprocmask resumed>[], 8) = 0
[pid   685] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} <unfinished ...>
[pid   686] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
./strace-static-x86_64: Process 687 attached
[pid   686] memfd_create("syzkaller", 0) = 3
[pid   686] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   685] <... clone3 resumed> => {parent_tid=[370]}, 88) = 370
[pid   687] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   685] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   687] <... set_robust_list resumed>) = 0
[pid   685] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   685] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   687] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   685] <... futex resumed>)        = 0
[pid   685] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   687] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   687] creat("./bus", 000)         = 4
[pid   687] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   685] <... futex resumed>)        = 0
[pid   687] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   685] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   687] <... mount resumed>)        = 0
[pid   685] <... futex resumed>)        = 0
[pid   685] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   687] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   685] <... futex resumed>)        = 0
[pid   687] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   685] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   687] <... futex resumed>)        = 0
[pid   685] <... futex resumed>)        = 1
[pid   687] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   686] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   685] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   687] <... open resumed>)         = 5
[pid   687] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   685] <... futex resumed>)        = 0
[pid   687] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   685] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   687] <... mmap resumed>)         = 0x20000000
[pid   685] <... futex resumed>)        = 0
[pid   685] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   687] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   685] <... futex resumed>)        = 0
[pid   685] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   687] <... futex resumed>)        = 1
[pid   685] <... futex resumed>)        = 0
[pid   687] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   685] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000}) = ?
[pid   686] <... write resumed>)        = ?
[pid   686] +++ killed by SIGBUS (core dumped) +++
[pid   687] +++ killed by SIGBUS (core dumped) +++
[pid   685] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=368, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./119", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./119/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./119/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./119/core")        = 0
[pid   299] umount2("./119/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./119/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./119/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./119/bus")         = 0
[pid   299] umount2("./119/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./119/binderfs")    = 0
[pid   299] umount2("./119/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./119/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./119/cgroup.net")  = 0
[pid   299] umount2("./119/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./119/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./119/cgroup.cpu")  = 0
[pid   299] umount2("./119/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./119/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./119/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./119")              = 0
[pid   299] mkdir("./120", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579a07690) = 371
./strace-static-x86_64: Process 688 attached
[pid   688] set_robust_list(0x555579a076a0, 24) = 0
[pid   688] chdir("./120")              = 0
[pid   688] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   688] setpgid(0, 0)               = 0
[pid   688] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   688] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   688] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   688] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   688] write(3, "1000", 4)         = 4
[pid   688] close(3)                    = 0
[pid   688] symlink("/dev/binderfs", "./binderfs") = 0
[pid   688] write(1, "executing program\n", 18executing program
) = 18
[pid   688] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   688] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   688] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   688] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   688] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   688] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   688] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 689 attached
 <unfinished ...>
[pid   689] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   689] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   689] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   688] <... clone3 resumed> => {parent_tid=[372]}, 88) = 372
[pid   688] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   688] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   689] <... futex resumed>)        = 0
[pid   689] memfd_create("syzkaller", 0 <unfinished ...>
[pid   688] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   689] <... memfd_create resumed>) = 3
[pid   689] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   688] <... futex resumed>)        = 0
[pid   688] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   688] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   688] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   689] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   688] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 690 attached
 => {parent_tid=[373]}, 88) = 373
[pid   690] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   688] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   690] <... set_robust_list resumed>) = 0
[pid   689] <... write resumed>)        = 262144
[pid   689] munmap(0x7faa87550000, 138412032) = 0
[pid   689] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   689] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   688] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   690] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   688] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   689] <... ioctl resumed>)        = 0
[pid   690] creat("./bus", 000 <unfinished ...>
[pid   689] close(3 <unfinished ...>
[pid   688] <... futex resumed>)        = 0
[pid   688] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   689] <... close resumed>)        = 0
[pid   689] close(4 <unfinished ...>
[pid   690] <... creat resumed>)        = 5
[pid   690] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   688] <... futex resumed>)        = 0
[pid   690] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   688] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   690] <... futex resumed>)        = 0
[pid   688] <... futex resumed>)        = 1
[pid   690] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   688] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   690] <... mount resumed>)        = 0
[pid   690] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   688] <... futex resumed>)        = 0
[pid   688] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   688] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   690] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   689] <... close resumed>)        = 0
[pid   689] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   689] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   689] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   688] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   688] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   688] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   688] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   688] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[   36.819114][  T689] loop0: detected capacity change from 0 to 512
[pid   688] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   688] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   688] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 691 attached
 <unfinished ...>
[pid   691] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   691] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   691] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   688] <... clone3 resumed> => {parent_tid=[374]}, 88) = 374
[pid   688] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   688] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   691] <... futex resumed>)        = 0
[pid   688] <... futex resumed>)        = 1
[pid   691] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0) = -1 EBADF (Bad file descriptor)
[pid   688] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   691] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   691] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   688] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   688] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   691] <... futex resumed>)        = 0
[pid   688] <... futex resumed>)        = 1
[pid   691] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128) = 6
[pid   688] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   691] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   691] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   688] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   690] <... open resumed>)         = 3
[pid   690] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   690] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   689] <... openat resumed>)       = 4
[pid   689] ioctl(4, LOOP_CLR_FD)       = 0
[pid   689] close(4)                    = 0
[pid   689] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   689] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   688] close(3)                    = 0
[pid   688] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   688] close(5)                    = 0
[pid   688] close(6)                    = 0
[pid   688] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   688] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   688] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   688] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   688] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   688] exit_group(0 <unfinished ...>
[pid   691] <... futex resumed>)        = ?
[pid   690] <... futex resumed>)        = ?
[pid   689] <... futex resumed>)        = ?
[pid   688] <... exit_group resumed>)   = ?
[pid   690] +++ exited with 0 +++
[pid   691] +++ exited with 0 +++
[pid   689] +++ exited with 0 +++
[pid   688] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=371, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./120", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./120/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./120/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./120/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./120/bus")         = 0
[pid   299] umount2("./120/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./120/binderfs")    = 0
[pid   299] umount2("./120/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./120/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./120/cgroup.net")  = 0
[pid   299] umount2("./120/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./120/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./120/cgroup.cpu")  = 0
[pid   299] umount2("./120/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./120/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./120/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./120")              = 0
[pid   299] mkdir("./121", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3executing program
)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 692 attached
 <unfinished ...>
[pid   692] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 375
[pid   692] <... set_robust_list resumed>) = 0
[pid   692] chdir("./121")              = 0
[pid   692] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   692] setpgid(0, 0)               = 0
[pid   692] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   692] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   692] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   692] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   692] write(3, "1000", 4)         = 4
[pid   692] close(3)                    = 0
[pid   692] symlink("/dev/binderfs", "./binderfs") = 0
[pid   692] write(1, "executing program\n", 18) = 18
[pid   692] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   692] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   692] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   692] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   692] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   692] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   692] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 693 attached
 <unfinished ...>
[pid   693] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   692] <... clone3 resumed> => {parent_tid=[376]}, 88) = 376
[pid   693] <... set_robust_list resumed>) = 0
[pid   692] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   693] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   692] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   693] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   692] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   693] memfd_create("syzkaller", 0 <unfinished ...>
[pid   692] <... futex resumed>)        = 0
[pid   693] <... memfd_create resumed>) = 3
[pid   692] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   692] <... futex resumed>)        = 0
[pid   693] <... mmap resumed>)         = 0x7faa87550000
[pid   692] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   692] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   692] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   692] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 694 attached
 => {parent_tid=[377]}, 88) = 377
[pid   694] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   692] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   693] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   692] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   694] <... set_robust_list resumed>) = 0
[pid   692] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   694] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   692] <... futex resumed>)        = 0
[pid   694] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   692] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   694] creat("./bus", 000)         = 4
[pid   694] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   692] <... futex resumed>)        = 0
[pid   692] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   694] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   692] <... futex resumed>)        = 0
[pid   694] <... mount resumed>)        = 0
[pid   692] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   694] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   692] <... futex resumed>)        = 0
[pid   694] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   692] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   694] <... open resumed>)         = 5
[pid   692] <... futex resumed>)        = 0
[pid   693] <... write resumed>)        = 262144
[pid   694] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   694] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   692] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   692] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   693] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   692] <... futex resumed>)        = 1
[pid   694] <... futex resumed>)        = 0
[pid   694] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   692] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   693] <... munmap resumed>)       = 0
[pid   694] <... mmap resumed>)         = 0x20000000
[pid   694] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   694] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   692] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   692] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   694] <... futex resumed>)        = 0
[pid   693] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   692] <... futex resumed>)        = 1
[pid   694] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   692] write(-256, "/d", 2 <unfinished ...>
[pid   693] <... openat resumed>)       = ?
[pid   693] +++ killed by SIGBUS (core dumped) +++
[pid   694] +++ killed by SIGBUS (core dumped) +++
[pid   692] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=375, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./121", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./121/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./121/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./121/core")        = 0
[pid   299] umount2("./121/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./121/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./121/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./121/bus")         = 0
[pid   299] umount2("./121/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./121/binderfs")    = 0
[pid   299] umount2("./121/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./121/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./121/cgroup.net")  = 0
[pid   299] umount2("./121/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./121/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./121/cgroup.cpu")  = 0
[pid   299] umount2("./121/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./121/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./121/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./121")              = 0
[pid   299] mkdir("./122", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 695 attached
 <unfinished ...>
[pid   695] set_robust_list(0x555579a076a0, 24) = 0
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 378
[pid   695] chdir("./122")              = 0
[pid   695] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   695] setpgid(0, 0)               = 0
[pid   695] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   695] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   695] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   695] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   695] write(3, "1000", 4)         = 4
[pid   695] close(3)                    = 0
[pid   695] symlink("/dev/binderfs", "./binderfs") = 0
[pid   695] write(1, "executing program\n", 18executing program
) = 18
[pid   695] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   695] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   695] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   695] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   695] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   695] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   695] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 696 attached
 <unfinished ...>
[pid   696] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   696] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   696] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   695] <... clone3 resumed> => {parent_tid=[379]}, 88) = 379
[pid   695] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   695] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   696] <... futex resumed>)        = 0
[pid   695] <... futex resumed>)        = 1
[pid   696] memfd_create("syzkaller", 0) = 3
[pid   696] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   696] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   695] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   696] <... write resumed>)        = 262144
[pid   695] <... futex resumed>)        = 0
[pid   696] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   695] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   696] <... munmap resumed>)       = 0
[pid   696] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   695] <... mmap resumed>)         = 0x7faa8f92f000
[pid   696] <... openat resumed>)       = 4
[pid   695] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   696] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   695] <... mprotect resumed>)     = 0
[pid   695] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   695] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[380]}, 88) = 380
[pid   695] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   695] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   695] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 697 attached
 <unfinished ...>
[pid   697] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   697] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   697] creat("./bus", 000)         = 5
[pid   697] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   695] <... futex resumed>)        = 0
[pid   695] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   695] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   697] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   696] <... ioctl resumed>)        = 0
[pid   696] close(3)                    = 0
[pid   697] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   696] close(4 <unfinished ...>
[pid   697] <... futex resumed>)        = 1
[pid   695] <... futex resumed>)        = 0
[pid   697] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   695] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   697] <... open resumed>)         = 3
[pid   695] <... futex resumed>)        = 0
[pid   697] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   695] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   697] <... futex resumed>)        = 0
[pid   695] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   697] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   695] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   695] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   696] <... close resumed>)        = 0
[pid   696] mkdir(0x20000000, 0777 <unfinished ...>
[pid   697] <... mmap resumed>)         = 0x20000000
[pid   696] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   697] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   695] <... futex resumed>)        = 0
[pid   695] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   695] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   697] <... futex resumed>)        = 1
[pid   697] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   696] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   697] <... bpf resumed>)          = 4
[pid   696] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   697] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   695] <... futex resumed>)        = 0
[pid   697] <... futex resumed>)        = 1
[pid   697] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   696] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   696] ioctl(6, LOOP_CLR_FD)       = 0
[pid   696] close(6)                    = 0
[pid   696] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   696] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   695] close(3)                    = 0
[pid   695] close(4)                    = 0
[pid   695] close(5)                    = 0
[pid   695] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   695] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   695] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   695] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   695] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   695] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   695] exit_group(0)               = ?
[pid   697] <... futex resumed>)        = ?
[pid   696] <... futex resumed>)        = ?
[pid   696] +++ exited with 0 +++
[pid   697] +++ exited with 0 +++
[pid   695] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=378, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./122", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./122/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./122/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./122/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./122/bus")         = 0
[pid   299] umount2("./122/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./122/binderfs")    = 0
[pid   299] umount2("./122/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./122/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[   37.024769][  T696] loop0: detected capacity change from 0 to 512
[pid   299] unlink("./122/cgroup.net"executing program
)  = 0
[pid   299] umount2("./122/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./122/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./122/cgroup.cpu")  = 0
[pid   299] umount2("./122/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./122/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./122/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./122")              = 0
[pid   299] mkdir("./123", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 698 attached
 <unfinished ...>
[pid   698] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 381
[pid   698] <... set_robust_list resumed>) = 0
[pid   698] chdir("./123")              = 0
[pid   698] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   698] setpgid(0, 0)               = 0
[pid   698] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   698] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   698] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   698] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   698] write(3, "1000", 4)         = 4
[pid   698] close(3)                    = 0
[pid   698] symlink("/dev/binderfs", "./binderfs") = 0
[pid   698] write(1, "executing program\n", 18) = 18
[pid   698] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   698] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   698] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   698] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   698] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   698] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   698] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 699 attached
 <unfinished ...>
[pid   699] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   698] <... clone3 resumed> => {parent_tid=[382]}, 88) = 382
[pid   699] <... set_robust_list resumed>) = 0
[pid   698] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   699] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   698] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   699] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   698] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   699] memfd_create("syzkaller", 0 <unfinished ...>
[pid   698] <... futex resumed>)        = 0
[pid   699] <... memfd_create resumed>) = 3
[pid   698] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   699] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   698] <... futex resumed>)        = 0
[pid   699] <... mmap resumed>)         = 0x7faa87550000
[pid   698] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   699] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   698] <... mmap resumed>)         = 0x7faa8752f000
[pid   699] <... write resumed>)        = 262144
[pid   698] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   699] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   698] <... mprotect resumed>)     = 0
[pid   699] <... munmap resumed>)       = 0
[pid   698] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   699] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   698] <... rt_sigprocmask resumed>[], 8) = 0
[pid   699] <... openat resumed>)       = 4
[pid   698] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 700 attached
 <unfinished ...>
[pid   699] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   700] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   698] <... clone3 resumed> => {parent_tid=[383]}, 88) = 383
[pid   700] <... set_robust_list resumed>) = 0
[pid   700] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   700] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   698] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   698] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   700] <... futex resumed>)        = 0
[pid   698] <... futex resumed>)        = 1
[pid   700] creat("./bus", 000 <unfinished ...>
[pid   698] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   700] <... creat resumed>)        = 5
[pid   700] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   698] <... futex resumed>)        = 0
[pid   700] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   698] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   700] <... mount resumed>)        = 0
[pid   698] <... futex resumed>)        = 0
[pid   700] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   698] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   700] <... futex resumed>)        = 0
[pid   698] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   700] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   698] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   698] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   700] <... open resumed>)         = 6
[pid   699] <... ioctl resumed>)        = 0
[pid   700] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   699] close(3)                    = 0
[pid   700] <... futex resumed>)        = 1
[pid   699] close(4 <unfinished ...>
[pid   700] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   699] <... close resumed>)        = 0
[pid   698] <... futex resumed>)        = 0
[pid   698] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   698] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   700] <... futex resumed>)        = 0
[pid   700] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   699] mkdir("./bus", 0777)        = -1 ENOENT (No such file or directory)
[pid   699] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   699] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   699] ioctl(3, LOOP_CLR_FD)       = 0
[pid   699] close(3)                    = 0
[pid   699] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   699] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   700] <... mmap resumed>)         = 0x20000000
[pid   700] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   698] <... futex resumed>)        = 0
[pid   698] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   700] <... futex resumed>)        = 1
[pid   699] <... futex resumed>)        = 0
[pid   698] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   700] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   699] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   699] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   698] <... futex resumed>)        = 0
[pid   698] close(3)                    = 0
[pid   698] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   698] close(5)                    = 0
[pid   698] close(6)                    = 0
[pid   698] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   698] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   698] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   698] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   698] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   698] exit_group(0)               = ?
[pid   699] +++ exited with 0 +++
[pid   700] <... futex resumed>)        = ?
[pid   700] +++ exited with 0 +++
[pid   698] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=381, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[   37.093993][  T699] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./123", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./123/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./123/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./123/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./123/bus")         = 0
[pid   299] umount2("./123/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./123/binderfs")    = 0
[pid   299] umount2("./123/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./123/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./123/cgroup.net")  = 0
[pid   299] umount2("./123/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./123/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./123/cgroup.cpu")  = 0
[pid   299] umount2("./123/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./123/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./123/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./123")              = 0
[pid   299] mkdir("./124", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 701 attached
 <unfinished ...>
[pid   701] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 384
[pid   701] <... set_robust_list resumed>) = 0
[pid   701] chdir("./124")              = 0
[pid   701] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   701] setpgid(0, 0)               = 0
executing program
[pid   701] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   701] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   701] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   701] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   701] write(3, "1000", 4)         = 4
[pid   701] close(3)                    = 0
[pid   701] symlink("/dev/binderfs", "./binderfs") = 0
[pid   701] write(1, "executing program\n", 18) = 18
[pid   701] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   701] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   701] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   701] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   701] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   701] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   701] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 702 attached
 <unfinished ...>
[pid   702] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   701] <... clone3 resumed> => {parent_tid=[385]}, 88) = 385
[pid   702] <... set_robust_list resumed>) = 0
[pid   701] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   702] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   701] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   702] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   701] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   702] memfd_create("syzkaller", 0 <unfinished ...>
[pid   701] <... futex resumed>)        = 0
[pid   702] <... memfd_create resumed>) = 3
[pid   701] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   702] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   701] <... futex resumed>)        = 0
[pid   702] <... mmap resumed>)         = 0x7faa87550000
[pid   701] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   701] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   701] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   701] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 703 attached
 <unfinished ...>
[pid   703] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   701] <... clone3 resumed> => {parent_tid=[386]}, 88) = 386
[pid   703] <... set_robust_list resumed>) = 0
[pid   701] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   703] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   701] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   703] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   701] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   703] creat("./bus", 000 <unfinished ...>
[pid   701] <... futex resumed>)        = 0
[pid   703] <... creat resumed>)        = 4
[pid   701] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   703] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   701] <... futex resumed>)        = 0
[pid   703] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   701] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   703] <... mount resumed>)        = 0
[pid   701] <... futex resumed>)        = 0
[pid   703] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   701] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   703] <... futex resumed>)        = 0
[pid   701] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   703] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   701] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   703] <... open resumed>)         = 5
[pid   702] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   701] <... futex resumed>)        = 0
[pid   703] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   701] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   703] <... futex resumed>)        = 0
[pid   701] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   703] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   701] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   702] <... write resumed>)        = 262144
[pid   701] <... futex resumed>)        = 0
[pid   702] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   703] <... mmap resumed>)         = 0x20000000
[pid   702] <... munmap resumed>)       = 0
[pid   703] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   702] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   703] <... futex resumed>)        = 0
[pid   702] <... openat resumed>)       = 6
[pid   703] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   702] ioctl(6, LOOP_SET_FD, 3)    = 0
[pid   702] close(3)                    = 0
[pid   701] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   702] close(6)                    = 0
[pid   701] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   702] mkdir(0x20000000, 0777 <unfinished ...>
[pid   701] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   701] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   702] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   702] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   702] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   702] ioctl(3, LOOP_CLR_FD)       = 0
[pid   702] close(3)                    = 0
[pid   702] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   702] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   703] <... futex resumed>)        = 0
[pid   703] bpf(BPF_PROG_LOAD, 0x20000680, 128) = 3
[pid   703] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   701] <... futex resumed>)        = 0
[pid   701] close(3)                    = 0
[pid   701] close(4)                    = 0
[pid   701] close(5)                    = 0
[pid   701] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   701] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   701] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   701] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   701] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(12 <unfinished ...>
[pid   703] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   701] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   701] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   701] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   701] exit_group(0 <unfinished ...>
[pid   703] <... futex resumed>)        = ?
[pid   702] <... futex resumed>)        = ?
[pid   701] <... exit_group resumed>)   = ?
[pid   703] +++ exited with 0 +++
[pid   702] +++ exited with 0 +++
[pid   701] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=384, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[   37.170965][  T702] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./124", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./124/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./124/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./124/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./124/bus")         = 0
[pid   299] umount2("./124/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./124/binderfs")    = 0
[pid   299] umount2("./124/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./124/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./124/cgroup.net")  = 0
[pid   299] umount2("./124/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./124/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./124/cgroup.cpu")  = 0
[pid   299] umount2("./124/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./124/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./124/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./124")              = 0
[pid   299] mkdir("./125", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 704 attached
, child_tidptr=0x555579a07690) = 387
[pid   704] set_robust_list(0x555579a076a0, 24) = 0
[pid   704] chdir("./125")              = 0
[pid   704] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   704] setpgid(0, 0)               = 0
executing program
[pid   704] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   704] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   704] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   704] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   704] write(3, "1000", 4)         = 4
[pid   704] close(3)                    = 0
[pid   704] symlink("/dev/binderfs", "./binderfs") = 0
[pid   704] write(1, "executing program\n", 18) = 18
[pid   704] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   704] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   704] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   704] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   704] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   704] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   704] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 705 attached
 <unfinished ...>
[pid   705] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   705] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   705] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   704] <... clone3 resumed> => {parent_tid=[388]}, 88) = 388
[pid   704] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   704] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   705] <... futex resumed>)        = 0
[pid   704] <... futex resumed>)        = 1
[pid   705] memfd_create("syzkaller", 0) = 3
[pid   705] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   705] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   704] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   705] <... write resumed>)        = 262144
[pid   704] <... futex resumed>)        = 0
[pid   705] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   704] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   705] <... munmap resumed>)       = 0
[pid   704] <... mmap resumed>)         = 0x7faa8f92f000
[pid   705] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   704] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   705] <... openat resumed>)       = 4
[pid   704] <... mprotect resumed>)     = 0
[pid   705] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   704] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   704] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[389]}, 88) = 389
./strace-static-x86_64: Process 706 attached
[pid   705] <... ioctl resumed>)        = 0
[pid   704] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   706] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   704] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   704] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   704] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   705] close(3)                    = 0
[pid   705] close(4 <unfinished ...>
[pid   706] <... set_robust_list resumed>) = 0
[pid   706] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   706] creat("./bus", 000)         = 3
[pid   706] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   704] <... futex resumed>)        = 0
[pid   706] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   704] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   706] <... mount resumed>)        = 0
[pid   704] <... futex resumed>)        = 0
[pid   706] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   704] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   706] <... futex resumed>)        = 0
[pid   704] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   706] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   704] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   704] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   705] <... close resumed>)        = 0
[pid   705] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   705] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   705] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   704] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   704] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   704] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   704] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f90e000
[pid   704] mprotect(0x7faa8f90f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   704] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   704] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f92e990, parent_tid=0x7faa8f92e990, exit_signal=0, stack=0x7faa8f90e000, stack_size=0x20300, tls=0x7faa8f92e6c0}./strace-static-x86_64: Process 707 attached
[   37.251936][  T705] loop0: detected capacity change from 0 to 512
 => {parent_tid=[390]}, 88) = 390
[pid   707] set_robust_list(0x7faa8f92e9a0, 24 <unfinished ...>
[pid   704] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   704] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   704] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   707] <... set_robust_list resumed>) = 0
[pid   707] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   707] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, -1, 0) = -1 EBADF (Bad file descriptor)
[pid   707] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   704] <... futex resumed>)        = 0
[pid   707] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x20000380, license="GPL", log_level=1, log_size=166, log_buf="./bus", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid   704] futex(0x7faa8fa3d6e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   707] <... bpf resumed>)          = 6
[pid   704] <... futex resumed>)        = 0
[pid   707] futex(0x7faa8fa3d6ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   704] futex(0x7faa8fa3d6ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   707] <... futex resumed>)        = 0
[pid   704] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   707] futex(0x7faa8fa3d6e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   706] <... open resumed>)         = 4
[pid   705] <... openat resumed>)       = 5
[pid   706] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   705] ioctl(5, LOOP_CLR_FD <unfinished ...>
[pid   706] <... futex resumed>)        = 0
[pid   705] <... ioctl resumed>)        = 0
[pid   706] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   705] close(5)                    = 0
[pid   705] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   705] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   704] close(3)                    = 0
[pid   704] close(4)                    = 0
[pid   704] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   704] close(6)                    = 0
[pid   704] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   704] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   704] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   704] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   704] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   704] exit_group(0 <unfinished ...>
[pid   707] <... futex resumed>)        = ?
[pid   706] <... futex resumed>)        = ?
[pid   705] <... futex resumed>)        = ?
[pid   704] <... exit_group resumed>)   = ?
[pid   706] +++ exited with 0 +++
[pid   705] +++ exited with 0 +++
[pid   707] +++ exited with 0 +++
[pid   704] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=387, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./125", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./125/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./125/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./125/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./125/bus")         = 0
[pid   299] umount2("./125/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./125/binderfs")    = 0
[pid   299] umount2("./125/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./125/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./125/cgroup.net")  = 0
[pid   299] umount2("./125/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./125/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./125/cgroup.cpu")  = 0
[pid   299] umount2("./125/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./125/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./125/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./125")              = 0
[pid   299] mkdir("./126", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 708 attached
 <unfinished ...>
[pid   708] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 391
[pid   708] <... set_robust_list resumed>) = 0
[pid   708] chdir("./126")              = 0
[pid   708] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   708] setpgid(0, 0)               = 0
[pid   708] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   708] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   708] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   708] write(3, "1000", 4)         = 4
[pid   708] close(3)                    = 0
[pid   708] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   708] write(1, "executing program\n", 18) = 18
[pid   708] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   708] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   708] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   708] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   708] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   708] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   708] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 709 attached
 <unfinished ...>
[pid   709] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   708] <... clone3 resumed> => {parent_tid=[392]}, 88) = 392
[pid   709] <... set_robust_list resumed>) = 0
[pid   708] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   709] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   708] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   709] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   708] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   709] memfd_create("syzkaller", 0 <unfinished ...>
[pid   708] <... futex resumed>)        = 0
[pid   709] <... memfd_create resumed>) = 3
[pid   708] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   709] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   708] <... futex resumed>)        = 0
[pid   709] <... mmap resumed>)         = 0x7faa87550000
[pid   708] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   708] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   708] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   709] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   708] <... rt_sigprocmask resumed>[], 8) = 0
[pid   708] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 710 attached
 <unfinished ...>
[pid   710] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   708] <... clone3 resumed> => {parent_tid=[393]}, 88) = 393
[pid   710] <... set_robust_list resumed>) = 0
[pid   708] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   710] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   708] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   710] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   708] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   710] creat("./bus", 000 <unfinished ...>
[pid   708] <... futex resumed>)        = 0
[pid   710] <... creat resumed>)        = 4
[pid   708] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   709] <... write resumed>)        = 262144
[pid   710] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   708] <... futex resumed>)        = 0
[pid   710] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   708] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   709] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   708] <... futex resumed>)        = 0
[pid   710] <... mount resumed>)        = 0
[pid   710] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   708] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   710] <... futex resumed>)        = 0
[pid   708] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   710] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   708] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   710] <... open resumed>)         = 5
[pid   708] <... futex resumed>)        = 0
[pid   710] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   708] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   710] <... futex resumed>)        = 0
[pid   708] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   710] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   708] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   709] <... munmap resumed>)       = 0
[pid   709] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   708] <... futex resumed>)        = 0
[pid   710] <... mmap resumed>)         = 0x20000000
[pid   709] <... openat resumed>)       = 6
[pid   709] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   710] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   708] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   710] <... futex resumed>)        = 0
[pid   708] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   709] <... ioctl resumed>)        = 0
[pid   708] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   709] close(3)                    = 0
[pid   709] close(6)                    = 0
[pid   709] mkdir(0x20000000, 0777 <unfinished ...>
[pid   708] <... futex resumed>)        = 0
[pid   708] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   710] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   709] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   710] <... bpf resumed>)          = 3
[pid   709] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   710] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   709] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   710] <... futex resumed>)        = 1
[pid   709] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   710] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   709] <... openat resumed>)       = 6
[pid   709] ioctl(6, LOOP_CLR_FD)       = 0
[pid   709] close(6)                    = 0
[pid   709] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   709] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   708] <... futex resumed>)        = 0
[pid   708] close(3)                    = 0
[pid   708] close(4)                    = 0
[pid   708] close(5)                    = 0
[pid   708] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   708] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   708] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   708] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   708] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   708] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   708] exit_group(0)               = ?
[pid   709] <... futex resumed>)        = ?
[pid   710] <... futex resumed>)        = ?
[pid   709] +++ exited with 0 +++
[pid   710] +++ exited with 0 +++
[pid   708] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=391, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./126", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./126/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./126/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./126/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./126/bus")         = 0
[pid   299] umount2("./126/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./126/binderfs")    = 0
[pid   299] umount2("./126/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./126/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./126/cgroup.net")  = 0
[pid   299] umount2("./126/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./126/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./126/cgroup.cpu")  = 0
[pid   299] umount2("./126/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./126/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./126/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./126")              = 0
[pid   299] mkdir("./127", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 711 attached
 <unfinished ...>
[pid   711] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 394
[pid   711] <... set_robust_list resumed>) = 0
[pid   711] chdir("./127")              = 0
[pid   711] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   711] setpgid(0, 0)               = 0
[pid   711] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   711] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   711] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[   37.382754][  T709] loop0: detected capacity change from 0 to 512
[   37.383926][  T710] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[pid   711] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program
) = 3
[pid   711] write(3, "1000", 4)         = 4
[pid   711] close(3)                    = 0
[pid   711] symlink("/dev/binderfs", "./binderfs") = 0
[pid   711] write(1, "executing program\n", 18) = 18
[pid   711] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   711] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   711] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   711] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   711] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   711] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   711] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 712 attached
 <unfinished ...>
[pid   712] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   711] <... clone3 resumed> => {parent_tid=[395]}, 88) = 395
[pid   711] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   711] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   711] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   711] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   711] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   712] <... set_robust_list resumed>) = 0
[pid   711] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   712] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   711] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 713 attached
 <unfinished ...>
[pid   712] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   713] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   711] <... clone3 resumed> => {parent_tid=[396]}, 88) = 396
[pid   713] <... set_robust_list resumed>) = 0
[pid   711] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   713] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   711] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   712] memfd_create("syzkaller", 0 <unfinished ...>
[pid   713] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   711] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   713] creat("./bus", 000 <unfinished ...>
[pid   711] <... futex resumed>)        = 0
[pid   713] <... creat resumed>)        = 3
[pid   711] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   712] <... memfd_create resumed>) = 4
[pid   713] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   712] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   711] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   711] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   711] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   713] <... futex resumed>)        = 1
[pid   712] <... mmap resumed>)         = 0x7faa8752f000
[pid   711] <... futex resumed>)        = 0
[pid   713] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid   711] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   713] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   711] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   713] <... futex resumed>)        = 0
[pid   711] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   713] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   711] <... futex resumed>)        = 0
[pid   713] <... open resumed>)         = 5
[pid   711] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   713] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   711] <... futex resumed>)        = 0
[pid   713] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   711] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   713] <... mmap resumed>)         = 0x20000000
[pid   711] <... futex resumed>)        = 0
[pid   713] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   711] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   713] <... futex resumed>)        = 0
[pid   711] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   712] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x2000124c} ---
[pid   713] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   711] ????()                      = ?
[pid   713] +++ killed by SIGBUS (core dumped) +++
[pid   712] +++ killed by SIGBUS (core dumped) +++
[pid   711] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=394, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] umount2("./127", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./127/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./127/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./127/core")        = 0
[pid   299] umount2("./127/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./127/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./127/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./127/bus")         = 0
[pid   299] umount2("./127/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./127/binderfs")    = 0
[pid   299] umount2("./127/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./127/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./127/cgroup.net")  = 0
[pid   299] umount2("./127/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./127/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./127/cgroup.cpu")  = 0
[pid   299] umount2("./127/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./127/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./127/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./127")              = 0
[pid   299] mkdir("./128", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 714 attached
 <unfinished ...>
[pid   714] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 397
[pid   714] <... set_robust_list resumed>) = 0
[pid   714] chdir("./128")              = 0
[pid   714] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   714] setpgid(0, 0)               = 0
[pid   714] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   714] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   714] symlink("/syzcgroup/net/syz0", "./cgroup.net"executing program
) = 0
[pid   714] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   714] write(3, "1000", 4)         = 4
[pid   714] close(3)                    = 0
[pid   714] symlink("/dev/binderfs", "./binderfs") = 0
[pid   714] write(1, "executing program\n", 18) = 18
[pid   714] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   714] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   714] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   714] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   714] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   714] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   714] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 715 attached
 <unfinished ...>
[pid   715] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   715] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   715] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   714] <... clone3 resumed> => {parent_tid=[398]}, 88) = 398
[pid   714] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   714] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   715] <... futex resumed>)        = 0
[pid   714] <... futex resumed>)        = 1
[pid   715] memfd_create("syzkaller", 0 <unfinished ...>
[pid   714] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   715] <... memfd_create resumed>) = 3
[pid   714] <... futex resumed>)        = 0
[pid   715] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   714] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   715] <... mmap resumed>)         = 0x7faa87550000
[pid   714] <... mmap resumed>)         = 0x7faa8752f000
[pid   714] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   714] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   714] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} => {parent_tid=[399]}, 88) = 399
[pid   714] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   714] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   714] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 716 attached
 <unfinished ...>
[pid   715] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   716] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   716] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   716] creat("./bus", 000)         = 4
[pid   716] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   714] <... futex resumed>)        = 0
[pid   716] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   714] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   716] <... mount resumed>)        = 0
[pid   714] <... futex resumed>)        = 0
[pid   716] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   714] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   716] <... futex resumed>)        = 0
[pid   714] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   716] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   714] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   715] <... write resumed>)        = 262144
[pid   716] <... open resumed>)         = 5
[pid   714] <... futex resumed>)        = 0
[pid   716] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   714] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   715] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   716] <... futex resumed>)        = 0
[pid   714] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   716] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   714] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   716] <... mmap resumed>)         = 0x20000000
[pid   715] <... munmap resumed>)       = 0
[pid   714] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   716] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   714] <... futex resumed>)        = 0
[pid   716] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   714] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   715] +++ killed by SIGBUS (core dumped) +++
[pid   716] +++ killed by SIGBUS (core dumped) +++
[pid   714] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=397, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./128", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./128/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./128/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./128/core")        = 0
[pid   299] umount2("./128/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./128/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./128/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./128/bus")         = 0
[pid   299] umount2("./128/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./128/binderfs")    = 0
[pid   299] umount2("./128/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./128/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./128/cgroup.net")  = 0
[pid   299] umount2("./128/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./128/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./128/cgroup.cpu")  = 0
[pid   299] umount2("./128/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./128/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./128/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./128")              = 0
[pid   299] mkdir("./129", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 718 attached
 <unfinished ...>
[pid   718] set_robust_list(0x555579a076a0, 24) = 0
[pid   718] chdir("./129" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 400
[pid   718] <... chdir resumed>)        = 0
[pid   718] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   718] setpgid(0, 0)               = 0
[pid   718] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   718] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   718] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   718] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   718] write(3, "1000", 4)         = 4
[pid   718] close(3)                    = 0
[pid   718] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   718] write(1, "executing program\n", 18) = 18
[pid   718] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   718] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   718] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   718] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   718] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   718] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   718] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 719 attached
 <unfinished ...>
[pid   719] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   719] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   719] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   718] <... clone3 resumed> => {parent_tid=[401]}, 88) = 401
[pid   718] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   718] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   719] <... futex resumed>)        = 0
[pid   718] <... futex resumed>)        = 1
[pid   719] memfd_create("syzkaller", 0 <unfinished ...>
[pid   718] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   719] <... memfd_create resumed>) = 3
[pid   718] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   719] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   718] <... mmap resumed>)         = 0x7faa8f92f000
[pid   719] <... mmap resumed>)         = 0x7faa8752f000
[pid   718] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   719] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   718] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   719] <... write resumed>)        = 262144
[pid   718] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 720 attached
 <unfinished ...>
[pid   719] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   720] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   720] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   720] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   718] <... clone3 resumed> => {parent_tid=[402]}, 88) = 402
[pid   719] <... munmap resumed>)       = 0
[pid   719] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   718] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   719] <... openat resumed>)       = 4
[pid   718] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   720] <... futex resumed>)        = 0
[pid   719] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   718] <... futex resumed>)        = 1
[pid   720] creat("./bus", 000)         = 5
[pid   718] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   720] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   720] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   718] <... futex resumed>)        = 0
[pid   718] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   720] <... futex resumed>)        = 0
[pid   718] <... futex resumed>)        = 1
[pid   720] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   718] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   720] <... mount resumed>)        = 0
[pid   720] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   718] <... futex resumed>)        = 0
[pid   720] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   718] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   720] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   718] <... futex resumed>)        = 0
[pid   720] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   718] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   720] <... open resumed>)         = 6
[pid   719] <... ioctl resumed>)        = 0
[pid   720] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   719] close(3 <unfinished ...>
[pid   720] <... futex resumed>)        = 0
[pid   719] <... close resumed>)        = 0
[pid   718] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   720] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   719] close(4 <unfinished ...>
[pid   718] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   718] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   720] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   720] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   719] <... close resumed>)        = 0
[pid   719] mkdir(0x20000000, 0777 <unfinished ...>
[pid   720] <... mmap resumed>)         = 0x20000000
[pid   720] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   718] <... futex resumed>)        = 0
[pid   720] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   718] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   720] <... bpf resumed>)          = 3
[pid   718] <... futex resumed>)        = 0
[pid   719] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   720] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   718] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   720] <... futex resumed>)        = 0
[pid   718] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   720] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   719] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   719] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   719] ioctl(4, LOOP_CLR_FD)       = 0
[pid   719] close(4)                    = 0
[pid   719] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   719] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   718] close(3)                    = 0
[pid   718] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   718] close(5)                    = 0
[pid   718] close(6)                    = 0
[pid   718] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   718] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   718] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   718] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   718] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   718] exit_group(0 <unfinished ...>
[pid   720] <... futex resumed>)        = ?
[pid   719] <... futex resumed>)        = ?
[pid   718] <... exit_group resumed>)   = ?
[pid   720] +++ exited with 0 +++
[pid   719] +++ exited with 0 +++
[   37.554796][  T719] loop0: detected capacity change from 0 to 512
[pid   718] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=400, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./129", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./129/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./129/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./129/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./129/bus")         = 0
[pid   299] umount2("./129/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./129/binderfs")    = 0
[pid   299] umount2("./129/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./129/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./129/cgroup.net")  = 0
[pid   299] umount2("./129/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./129/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./129/cgroup.cpu")  = 0
[pid   299] umount2("./129/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./129/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./129/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./129")              = 0
[pid   299] mkdir("./130", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3executing program
)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 721 attached
 <unfinished ...>
[pid   721] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 403
[pid   721] <... set_robust_list resumed>) = 0
[pid   721] chdir("./130")              = 0
[pid   721] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   721] setpgid(0, 0)               = 0
[pid   721] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   721] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   721] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   721] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   721] write(3, "1000", 4)         = 4
[pid   721] close(3)                    = 0
[pid   721] symlink("/dev/binderfs", "./binderfs") = 0
[pid   721] write(1, "executing program\n", 18) = 18
[pid   721] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   721] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   721] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   721] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   721] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   721] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   721] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 722 attached
 <unfinished ...>
[pid   722] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   721] <... clone3 resumed> => {parent_tid=[404]}, 88) = 404
[pid   722] <... set_robust_list resumed>) = 0
[pid   721] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   722] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   721] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   722] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   721] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   722] memfd_create("syzkaller", 0 <unfinished ...>
[pid   721] <... futex resumed>)        = 0
[pid   722] <... memfd_create resumed>) = 3
[pid   721] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   722] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   721] <... futex resumed>)        = 0
[pid   722] <... mmap resumed>)         = 0x7faa87550000
[pid   721] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8752f000
[pid   721] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   721] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   722] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   721] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 723 attached
 <unfinished ...>
[pid   723] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   721] <... clone3 resumed> => {parent_tid=[405]}, 88) = 405
[pid   723] <... set_robust_list resumed>) = 0
[pid   721] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   723] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   721] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   723] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   721] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   723] creat("./bus", 000 <unfinished ...>
[pid   721] <... futex resumed>)        = 0
[pid   723] <... creat resumed>)        = 4
[pid   721] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   723] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   721] <... futex resumed>)        = 0
[pid   723] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   721] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   723] <... mount resumed>)        = 0
[pid   722] <... write resumed>)        = 262144
[pid   723] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   721] <... futex resumed>)        = 0
[pid   723] <... futex resumed>)        = 0
[pid   721] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   723] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   721] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   723] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   721] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   722] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   723] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   721] <... futex resumed>)        = 0
[pid   723] <... open resumed>)         = 5
[pid   721] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   723] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   722] <... munmap resumed>)       = 0
[pid   723] <... futex resumed>)        = 0
[pid   721] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   723] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   721] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   722] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   721] <... futex resumed>)        = 0
[pid   723] <... mmap resumed>)         = 0x20000000
[pid   723] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   721] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   723] <... futex resumed>)        = 0
[pid   722] <... openat resumed>)       = 6
[pid   721] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   723] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   721] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   722] +++ killed by SIGBUS (core dumped) +++
[pid   723] +++ killed by SIGBUS (core dumped) +++
[pid   721] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=403, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./130", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./130/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./130/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./130/core")        = 0
[pid   299] umount2("./130/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./130/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./130/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./130/bus")         = 0
[pid   299] umount2("./130/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./130/binderfs")    = 0
[pid   299] umount2("./130/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./130/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./130/cgroup.net")  = 0
[pid   299] umount2("./130/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./130/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./130/cgroup.cpu")  = 0
[pid   299] umount2("./130/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./130/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./130/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./130")              = 0
[pid   299] mkdir("./131", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 724 attached
 <unfinished ...>
[pid   724] set_robust_list(0x555579a076a0, 24) = 0
[pid   724] chdir("./131" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 406
[pid   724] <... chdir resumed>)        = 0
[pid   724] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   724] setpgid(0, 0)               = 0
[pid   724] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   724] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   724] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   724] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   724] write(3, "1000", 4)         = 4
[pid   724] close(3)                    = 0
[pid   724] symlink("/dev/binderfs", "./binderfs") = 0
[pid   724] write(1, "executing program\n", 18executing program
) = 18
[pid   724] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   724] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   724] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   724] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   724] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   724] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   724] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 725 attached
 <unfinished ...>
[pid   725] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   725] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   724] <... clone3 resumed> => {parent_tid=[407]}, 88) = 407
[pid   725] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   724] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   724] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   725] <... futex resumed>)        = 0
[pid   724] <... futex resumed>)        = 1
[pid   725] memfd_create("syzkaller", 0) = 3
[pid   724] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   725] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   725] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   724] <... futex resumed>)        = 0
[pid   725] <... write resumed>)        = 262144
[pid   724] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   725] munmap(0x7faa87550000, 138412032) = 0
[pid   724] <... mmap resumed>)         = 0x7faa8f92f000
[pid   725] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   725] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   724] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   724] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   724] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[408]}, 88) = 408
[pid   724] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   724] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   724] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 726 attached
 <unfinished ...>
[pid   726] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   726] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   726] creat("./bus", 000)         = 5
[pid   726] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   724] <... futex resumed>)        = 0
[pid   726] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   724] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   726] <... mount resumed>)        = 0
[pid   724] <... futex resumed>)        = 0
[pid   726] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   724] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   726] <... futex resumed>)        = 0
[pid   724] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   726] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   724] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   726] <... open resumed>)         = 6
[pid   725] <... ioctl resumed>)        = 0
[pid   724] <... futex resumed>)        = 0
[pid   726] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   725] close(3 <unfinished ...>
[pid   724] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   724] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   724] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   726] <... futex resumed>)        = 1
[pid   725] <... close resumed>)        = 0
[pid   724] <... futex resumed>)        = 0
[pid   726] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   724] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   725] close(4)                    = 0
[pid   725] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   725] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   726] <... mmap resumed>)         = 0x20000000
[pid   725] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   726] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   725] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   726] <... futex resumed>)        = 1
[pid   725] <... openat resumed>)       = 3
[pid   724] <... futex resumed>)        = 0
[pid   726] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   725] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   724] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   726] <... bpf resumed>)          = 4
[pid   725] <... ioctl resumed>)        = 0
[pid   724] <... futex resumed>)        = 0
[pid   726] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   725] close(3 <unfinished ...>
[pid   724] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   726] <... futex resumed>)        = 0
[pid   725] <... close resumed>)        = 0
[pid   724] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   726] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   725] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   725] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   724] close(3)                    = -1 EBADF (Bad file descriptor)
[pid   724] close(4)                    = 0
[pid   724] close(5)                    = 0
[pid   724] close(6)                    = 0
[pid   724] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   724] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   724] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   724] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   724] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   724] exit_group(0 <unfinished ...>
[pid   726] <... futex resumed>)        = ?
[pid   725] <... futex resumed>)        = ?
[pid   724] <... exit_group resumed>)   = ?
[pid   726] +++ exited with 0 +++
[pid   725] +++ exited with 0 +++
[pid   724] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=406, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./131", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./131/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./131/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./131/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./131/bus")         = 0
[pid   299] umount2("./131/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./131/binderfs")    = 0
[pid   299] umount2("./131/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./131/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./131/cgroup.net")  = 0
[pid   299] umount2("./131/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./131/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./131/cgroup.cpu")  = 0
[pid   299] umount2("./131/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./131/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./131/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./131")              = 0
[pid   299] mkdir("./132", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 727 attached
 <unfinished ...>
[pid   727] set_robust_list(0x555579a076a0, 24) = 0
[pid   727] chdir("./132" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 409
[pid   727] <... chdir resumed>)        = 0
[pid   727] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   727] setpgid(0, 0)               = 0
[pid   727] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   727] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   727] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   727] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   727] write(3, "1000", 4)         = 4
[pid   727] close(3)                    = 0
[pid   727] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   727] write(1, "executing program\n", 18) = 18
[pid   727] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   727] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   727] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   727] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   727] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   727] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   727] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0} => {parent_tid=[410]}, 88) = 410
[pid   727] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   727] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   727] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   727] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   727] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   727] rt_sigprocmask(SIG_BLOCK, ~[], ./strace-static-x86_64: Process 728 attached
[], 8) = 0
[pid   727] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 729 attached
 <unfinished ...>
[pid   728] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   727] <... clone3 resumed> => {parent_tid=[411]}, 88) = 411
[pid   727] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   727] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   727] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   729] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   728] <... set_robust_list resumed>) = 0
[pid   729] <... set_robust_list resumed>) = 0
[pid   728] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   729] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   728] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   729] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   729] creat("./bus", 000 <unfinished ...>
[pid   728] memfd_create("syzkaller", 0) = 4
[pid   728] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa8752f000
[pid   729] <... creat resumed>)        = 3
[pid   729] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   728] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   729] <... futex resumed>)        = 1
[pid   727] <... futex resumed>)        = 0
[pid   727] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   727] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   729] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   728] <... write resumed>)        = 262144
[pid   728] munmap(0x7faa8752f000, 138412032 <unfinished ...>
[pid   729] <... mount resumed>)        = 0
[pid   729] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   728] <... munmap resumed>)       = 0
[pid   729] <... futex resumed>)        = 1
[pid   728] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   727] <... futex resumed>)        = 0
[pid   727] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   727] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   729] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   728] <... openat resumed>)       = 5
[   37.685272][  T725] loop0: detected capacity change from 0 to 512
[pid   728] ioctl(5, LOOP_SET_FD, 4 <unfinished ...>
[pid   729] <... open resumed>)         = 6
[pid   729] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   728] <... ioctl resumed>)        = 0
[pid   727] <... futex resumed>)        = 0
[pid   729] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   727] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   729] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   727] <... futex resumed>)        = 0
[pid   729] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   727] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   728] close(4)                    = 0
[pid   728] close(5)                    = 0
[pid   728] mkdir(0x20000000, 0777 <unfinished ...>
[pid   729] <... mmap resumed>)         = 0x20000000
[pid   728] <... mkdir resumed>)        = -1 ENOENT (No such file or directory)
[pid   729] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   728] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "" <unfinished ...>
[pid   729] <... futex resumed>)        = 1
[pid   728] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   727] <... futex resumed>)        = 0
[pid   729] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   728] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   727] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   729] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   728] <... openat resumed>)       = 4
[pid   727] <... futex resumed>)        = 0
[pid   729] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   728] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   727] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   729] <... bpf resumed>)          = 5
[pid   728] <... ioctl resumed>)        = 0
[pid   729] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   728] close(4 <unfinished ...>
[pid   729] <... futex resumed>)        = 1
[pid   728] <... close resumed>)        = 0
[pid   727] <... futex resumed>)        = 0
[pid   729] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   728] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   727] close(3 <unfinished ...>
[pid   728] <... futex resumed>)        = 0
[pid   727] <... close resumed>)        = 0
[pid   728] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   727] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   727] close(5)                    = 0
[pid   727] close(6)                    = 0
[pid   727] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   727] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   727] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   727] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   727] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   727] exit_group(0 <unfinished ...>
[pid   729] <... futex resumed>)        = ?
[pid   728] <... futex resumed>)        = ?
[pid   727] <... exit_group resumed>)   = ?
[pid   729] +++ exited with 0 +++
[pid   728] +++ exited with 0 +++
[pid   727] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=409, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./132", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./132/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./132/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./132/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./132/bus")         = 0
[pid   299] umount2("./132/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./132/binderfs")    = 0
[pid   299] umount2("./132/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./132/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./132/cgroup.net")  = 0
[pid   299] umount2("./132/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./132/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./132/cgroup.cpu")  = 0
[pid   299] umount2("./132/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./132/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./132/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./132")              = 0
[pid   299] mkdir("./133", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 730 attached
 <unfinished ...>
[pid   730] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 412
[pid   730] <... set_robust_list resumed>) = 0
[pid   730] chdir("./133")              = 0
[pid   730] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   730] setpgid(0, 0)               = 0
[pid   730] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   730] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   730] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   730] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   730] write(3, "1000", 4)         = 4
[pid   730] close(3)                    = 0
[pid   730] symlink("/dev/binderfs", "./binderfs") = 0
[pid   730] write(1, "executing program\n", 18executing program
) = 18
[pid   730] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   730] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   730] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   730] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   730] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   730] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   730] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 731 attached
 <unfinished ...>
[pid   731] set_robust_list(0x7faa8f9709a0, 24) = 0
[pid   731] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   731] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   730] <... clone3 resumed> => {parent_tid=[413]}, 88) = 413
[pid   730] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   730] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   731] <... futex resumed>)        = 0
[pid   730] <... futex resumed>)        = 1
[pid   731] memfd_create("syzkaller", 0) = 3
[   37.745139][  T728] loop0: detected capacity change from 0 to 512
[pid   731] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faa87550000
[pid   731] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   730] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   731] <... write resumed>)        = 262144
[pid   730] <... futex resumed>)        = 0
[pid   731] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   730] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   731] <... munmap resumed>)       = 0
[pid   730] <... mmap resumed>)         = 0x7faa8f92f000
[pid   731] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   730] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   731] <... openat resumed>)       = 4
[pid   730] <... mprotect resumed>)     = 0
[pid   731] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   730] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   731] <... ioctl resumed>)        = 0
[pid   730] <... rt_sigprocmask resumed>[], 8) = 0
[pid   730] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0}./strace-static-x86_64: Process 732 attached
 <unfinished ...>
[pid   732] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   730] <... clone3 resumed> => {parent_tid=[414]}, 88) = 414
[pid   731] close(3 <unfinished ...>
[pid   732] <... set_robust_list resumed>) = 0
[pid   730] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   732] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   730] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   732] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   730] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   732] creat("./bus", 000 <unfinished ...>
[pid   730] <... futex resumed>)        = 0
[pid   732] <... creat resumed>)        = 5
[pid   731] <... close resumed>)        = 0
[pid   730] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   732] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   730] <... futex resumed>)        = 0
[pid   732] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   730] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   732] <... mount resumed>)        = 0
[pid   731] close(4 <unfinished ...>
[pid   730] <... futex resumed>)        = 0
[pid   732] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   730] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   732] <... futex resumed>)        = 0
[pid   730] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   732] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   730] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   732] <... open resumed>)         = 3
[pid   730] <... futex resumed>)        = 0
[pid   732] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   730] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   732] <... futex resumed>)        = 0
[pid   730] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   732] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 3, 0 <unfinished ...>
[pid   730] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   732] <... mmap resumed>)         = 0x20000000
[pid   730] <... futex resumed>)        = 0
[pid   732] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   730] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   732] <... futex resumed>)        = 0
[pid   730] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   732] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   730] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   732] <... bpf resumed>)          = 4
[pid   730] <... futex resumed>)        = 0
[pid   731] <... close resumed>)        = 0
[pid   732] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   730] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   732] <... futex resumed>)        = 0
[pid   730] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   732] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   731] mkdir(0x20000000, 0777)     = -1 ENOENT (No such file or directory)
[pid   731] mount("/dev/loop0", 0x20000000, 0x20000040, MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "") = -1 ENOENT (No such file or directory)
[pid   731] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   731] ioctl(6, LOOP_CLR_FD)       = 0
[pid   731] close(6)                    = 0
[pid   731] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   731] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   730] close(3)                    = 0
[pid   730] close(4)                    = 0
[pid   730] close(5)                    = 0
[pid   730] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   730] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   730] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   730] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   730] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   730] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   730] exit_group(0 <unfinished ...>
[pid   732] <... futex resumed>)        = ?
[pid   731] <... futex resumed>)        = ?
[pid   730] <... exit_group resumed>)   = ?
[pid   732] +++ exited with 0 +++
[pid   731] +++ exited with 0 +++
[pid   730] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=412, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./133", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./133/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./133/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./133/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./133/bus")         = 0
[pid   299] umount2("./133/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./133/binderfs")    = 0
[pid   299] umount2("./133/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./133/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./133/cgroup.net")  = 0
[pid   299] umount2("./133/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./133/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./133/cgroup.cpu")  = 0
[pid   299] umount2("./133/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./133/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./133/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./133")              = 0
[pid   299] mkdir("./134", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
./strace-static-x86_64: Process 733 attached
 <unfinished ...>
[pid   733] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 415
[pid   733] <... set_robust_list resumed>) = 0
[pid   733] chdir("./134")              = 0
[pid   733] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   733] setpgid(0, 0)               = 0
[pid   733] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   733] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   733] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   733] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   733] write(3, "1000", 4)         = 4
[pid   733] close(3)                    = 0
[pid   733] symlink("/dev/binderfs", "./binderfs") = 0
[pid   733] write(1, "executing program\n", 18) = 18
[pid   733] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   733] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   733] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   733] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   733] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   733] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   733] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 734 attached
 <unfinished ...>
[pid   734] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   733] <... clone3 resumed> => {parent_tid=[416]}, 88) = 416
[pid   734] <... set_robust_list resumed>) = 0
[pid   733] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   734] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   733] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   734] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   733] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   734] memfd_create("syzkaller", 0 <unfinished ...>
[pid   733] <... futex resumed>)        = 0
[pid   734] <... memfd_create resumed>) = 3
[pid   733] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   734] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   733] <... futex resumed>)        = 0
[pid   734] <... mmap resumed>)         = 0x7faa87550000
[pid   733] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   734] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   733] <... mmap resumed>)         = 0x7faa8752f000
[pid   733] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   733] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   733] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0} <unfinished ...>
[pid   734] <... write resumed>)        = 262144
[pid   734] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   733] <... clone3 resumed> => {parent_tid=[417]}, 88) = 417
./strace-static-x86_64: Process 735 attached
[pid   733] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   733] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   733] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   735] set_robust_list(0x7faa8754f9a0, 24 <unfinished ...>
[pid   734] <... munmap resumed>)       = 0
[pid   735] <... set_robust_list resumed>) = 0
[pid   735] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   735] creat("./bus", 000)         = 4
[pid   735] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   733] <... futex resumed>)        = 0
[pid   735] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   733] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   735] <... mount resumed>)        = 0
[pid   734] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   733] <... futex resumed>)        = 0
[pid   735] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   733] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   735] <... futex resumed>)        = 0
[pid   733] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   735] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   733] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   735] <... open resumed>)         = 5
[pid   733] <... futex resumed>)        = 0
[pid   735] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   733] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   735] <... futex resumed>)        = 0
[pid   733] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   735] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   733] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   735] <... mmap resumed>)         = 0x20000000
[pid   733] <... futex resumed>)        = 0
[pid   735] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   733] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   735] <... futex resumed>)        = 0
[pid   733] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   735] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   733] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   734] <... openat resumed>)       = ?
[   37.808375][  T731] loop0: detected capacity change from 0 to 512
[pid   734] +++ killed by SIGBUS (core dumped) +++
[pid   735] +++ killed by SIGBUS (core dumped) +++
[pid   733] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=415, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./134", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./134/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./134/core", {st_mode=S_IFREG|0600, st_size=18210816, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./134/core")        = 0
[pid   299] umount2("./134/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./134/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./134/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./134/bus")         = 0
[pid   299] umount2("./134/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./134/binderfs")    = 0
[pid   299] umount2("./134/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./134/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./134/cgroup.net")  = 0
[pid   299] umount2("./134/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./134/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./134/cgroup.cpu")  = 0
[pid   299] umount2("./134/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./134/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./134/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./134")              = 0
[pid   299] mkdir("./135", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 736 attached
 <unfinished ...>
[pid   736] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 418
[pid   736] <... set_robust_list resumed>) = 0
[pid   736] chdir("./135")              = 0
[pid   736] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   736] setpgid(0, 0)               = 0
[pid   736] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   736] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   736] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   736] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   736] write(3, "1000", 4)         = 4
[pid   736] close(3)                    = 0
[pid   736] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   736] write(1, "executing program\n", 18) = 18
[pid   736] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   736] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   736] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   736] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   736] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   736] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   736] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 737 attached
 => {parent_tid=[419]}, 88) = 419
[pid   736] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   737] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   736] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   736] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   736] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   736] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f92f000
[pid   736] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   736] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   736] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} <unfinished ...>
[pid   737] <... set_robust_list resumed>) = 0
./strace-static-x86_64: Process 738 attached
[pid   737] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   738] set_robust_list(0x7faa8f94f9a0, 24 <unfinished ...>
[pid   737] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   738] <... set_robust_list resumed>) = 0
[pid   736] <... clone3 resumed> => {parent_tid=[420]}, 88) = 420
[pid   737] memfd_create("syzkaller", 0 <unfinished ...>
[pid   736] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   738] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   737] <... memfd_create resumed>) = 3
[pid   738] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   737] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   738] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   737] <... mmap resumed>)         = 0x7faa8752f000
[pid   736] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   736] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   738] <... futex resumed>)        = 0
[pid   736] <... futex resumed>)        = 1
[pid   738] creat("./bus", 000 <unfinished ...>
[pid   736] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   738] <... creat resumed>)        = 4
[pid   738] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   736] <... futex resumed>)        = 0
[pid   738] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   736] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   738] <... mount resumed>)        = 0
[pid   736] <... futex resumed>)        = 0
[pid   738] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   736] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   738] <... futex resumed>)        = 0
[pid   736] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   738] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   736] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   738] <... open resumed>)         = 5
[pid   736] <... futex resumed>)        = 0
[pid   738] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   736] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   738] <... futex resumed>)        = 0
[pid   736] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   738] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   736] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   738] <... mmap resumed>)         = 0x20000000
[pid   736] <... futex resumed>)        = 0
[pid   738] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   736] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   738] <... futex resumed>)        = 0
[pid   736] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   738] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   736] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   737] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200012cf} ---
[pid   736] <... futex resumed>)        = ?
[pid   737] +++ killed by SIGBUS (core dumped) +++
[pid   738] +++ killed by SIGBUS (core dumped) +++
[pid   736] +++ killed by SIGBUS (core dumped) +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=418, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./135", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=160, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 8 entries */, 32768) = 224
[pid   299] umount2("./135/core", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./135/core", {st_mode=S_IFREG|0600, st_size=16953344, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./135/core")        = 0
[pid   299] umount2("./135/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./135/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./135/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./135/bus")         = 0
[pid   299] umount2("./135/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./135/binderfs")    = 0
[pid   299] umount2("./135/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./135/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./135/cgroup.net")  = 0
[pid   299] umount2("./135/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./135/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./135/cgroup.cpu")  = 0
[pid   299] umount2("./135/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./135/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./135/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./135")              = 0
[pid   299] mkdir("./136", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 739 attached
 <unfinished ...>
[pid   739] set_robust_list(0x555579a076a0, 24) = 0
[pid   739] chdir("./136" <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 421
[pid   739] <... chdir resumed>)        = 0
[pid   739] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   739] setpgid(0, 0)               = 0
[pid   739] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   739] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   739] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   739] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   739] write(3, "1000", 4)         = 4
[pid   739] close(3)                    = 0
[pid   739] symlink("/dev/binderfs", "./binderfs") = 0
[pid   739] write(1, "executing program\n", 18) = 18
[pid   739] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000executing program
) = 0
[pid   739] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   739] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   739] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   739] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   739] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   739] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 740 attached
 <unfinished ...>
[pid   740] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   739] <... clone3 resumed> => {parent_tid=[422]}, 88) = 422
[pid   740] <... set_robust_list resumed>) = 0
[pid   739] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   740] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   739] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   740] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   739] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   740] memfd_create("syzkaller", 0 <unfinished ...>
[pid   739] <... futex resumed>)        = 0
[pid   740] <... memfd_create resumed>) = 3
[pid   739] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   740] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   739] <... futex resumed>)        = 0
[pid   740] <... mmap resumed>)         = 0x7faa87550000
[pid   739] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   740] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   739] <... mmap resumed>)         = 0x7faa8752f000
[pid   739] mprotect(0x7faa87530000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   739] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   740] <... write resumed>)        = 262144
[pid   740] munmap(0x7faa87550000, 138412032 <unfinished ...>
[pid   739] <... rt_sigprocmask resumed>[], 8) = 0
[pid   739] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8754f990, parent_tid=0x7faa8754f990, exit_signal=0, stack=0x7faa8752f000, stack_size=0x20300, tls=0x7faa8754f6c0}./strace-static-x86_64: Process 741 attached
 <unfinished ...>
[pid   740] <... munmap resumed>)       = 0
[pid   741] set_robust_list(0x7faa8754f9a0, 24) = 0
[pid   741] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   740] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   739] <... clone3 resumed> => {parent_tid=[423]}, 88) = 423
[pid   741] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   739] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   740] <... openat resumed>)       = 4
[pid   740] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   739] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   741] <... futex resumed>)        = 0
[pid   739] <... futex resumed>)        = 1
[pid   741] creat("./bus", 000)         = 5
[pid   741] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   741] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   739] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   739] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   741] <... futex resumed>)        = 0
[pid   739] <... futex resumed>)        = 1
[pid   741] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   739] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   741] <... mount resumed>)        = 0
[pid   741] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   739] <... futex resumed>)        = 0
[pid   741] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   739] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   741] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   739] <... futex resumed>)        = 0
[pid   741] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   739] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   741] <... open resumed>)         = 6
[pid   740] <... ioctl resumed>)        = 0
[pid   741] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   740] close(3 <unfinished ...>
[pid   741] <... futex resumed>)        = 1
[pid   739] <... futex resumed>)        = 0
[pid   740] <... close resumed>)        = 0
[pid   741] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   739] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   741] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   740] close(4 <unfinished ...>
[pid   741] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 6, 0 <unfinished ...>
[pid   739] <... futex resumed>)        = 0
[pid   740] <... close resumed>)        = 0
[pid   740] mkdir("./bus", 0777)        = -1 EEXIST (File exists)
[pid   740] mount("/dev/loop0", "./bus", "./bus", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOSYMFOLLOW|MS_LAZYTIME, "errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000032,inode_readahead_blks=0x000000"...) = -1 ENODEV (No such device)
[pid   740] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   740] ioctl(3, LOOP_CLR_FD)       = 0
[pid   740] close(3)                    = 0
[pid   740] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   740] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   739] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   741] <... mmap resumed>)         = 0x20000000
[pid   741] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   739] <... futex resumed>)        = 0
[pid   741] futex(0x7faa8fa3d6d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   739] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   740] <... futex resumed>)        = 0
[pid   739] <... futex resumed>)        = 1
[pid   740] bpf(BPF_PROG_LOAD, 0x20000680, 128 <unfinished ...>
[pid   739] futex(0x7faa8fa3d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid   740] <... bpf resumed>)          = 3
[pid   740] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   739] <... futex resumed>)        = 0
[pid   740] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   739] close(3)                    = 0
[pid   739] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   739] close(5)                    = 0
[pid   739] close(6)                    = 0
[pid   739] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   739] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   739] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   739] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   739] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   739] exit_group(0 <unfinished ...>
[pid   741] <... futex resumed>)        = ?
[pid   740] <... futex resumed>)        = ?
[pid   739] <... exit_group resumed>)   = ?
[pid   741] +++ exited with 0 +++
[pid   740] +++ exited with 0 +++
[pid   739] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=421, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[   37.959963][  T740] loop0: detected capacity change from 0 to 512
[pid   299] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   299] umount2("./136", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x555579a08730 /* 7 entries */, 32768) = 200
[pid   299] umount2("./136/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid   299] umount2("./136/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./136/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./136/bus")         = 0
[pid   299] umount2("./136/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./136/binderfs")    = 0
[pid   299] umount2("./136/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./136/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./136/cgroup.net")  = 0
[pid   299] umount2("./136/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./136/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./136/cgroup.cpu")  = 0
[pid   299] umount2("./136/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./136/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./136/cgroup")      = 0
[pid   299] getdents64(3, 0x555579a08730 /* 0 entries */, 32768) = 0
[pid   299] close(3)                    = 0
[pid   299] rmdir("./136")              = 0
[pid   299] mkdir("./137", 0777)        = 0
[pid   299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   299] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   299] close(3)                    = 0
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 742 attached
 <unfinished ...>
[pid   742] set_robust_list(0x555579a076a0, 24 <unfinished ...>
[pid   299] <... clone resumed>, child_tidptr=0x555579a07690) = 424
[pid   742] <... set_robust_list resumed>) = 0
[pid   742] chdir("./137")              = 0
[pid   742] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   742] setpgid(0, 0)               = 0
[pid   742] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid   742] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid   742] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid   742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   742] write(3, "1000", 4)         = 4
[pid   742] close(3)                    = 0
[pid   742] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   742] write(1, "executing program\n", 18) = 18
[pid   742] futex(0x7faa8fa3d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   742] rt_sigaction(SIGRT_1, {sa_handler=0x7faa8f9db0e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faa8f9cc290}, NULL, 8) = 0
[pid   742] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   742] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7faa8f950000
[pid   742] mprotect(0x7faa8f951000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   742] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   742] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f970990, parent_tid=0x7faa8f970990, exit_signal=0, stack=0x7faa8f950000, stack_size=0x20300, tls=0x7faa8f9706c0}./strace-static-x86_64: Process 743 attached
 <unfinished ...>
[pid   743] set_robust_list(0x7faa8f9709a0, 24 <unfinished ...>
[pid   742] <... clone3 resumed> => {parent_tid=[425]}, 88) = 425
[pid   743] <... set_robust_list resumed>) = 0
[pid   743] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   742] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   743] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   742] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   743] futex(0x7faa8fa3d6c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   742] futex(0x7faa8fa3d6c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   743] <... futex resumed>)        = 0
[pid   742] <... futex resumed>)        = 1
[pid   742] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   743] memfd_create("syzkaller", 0 <unfinished ...>
[pid   742] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   743] <... memfd_create resumed>) = 3
[pid   743] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   742] <... mmap resumed>)         = 0x7faa8f92f000
[pid   743] <... mmap resumed>)         = 0x7faa8752f000
[pid   742] mprotect(0x7faa8f930000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   742] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   742] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7faa8f94f990, parent_tid=0x7faa8f94f990, exit_signal=0, stack=0x7faa8f92f000, stack_size=0x20300, tls=0x7faa8f94f6c0} => {parent_tid=[426]}, 88) = 426
[pid   742] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   742] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   742] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 744 attached
 <unfinished ...>
[pid   744] set_robust_list(0x7faa8f94f9a0, 24) = 0
[pid   744] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   744] creat("./bus", 000)         = 4
[pid   744] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   742] <... futex resumed>)        = 0
[pid   744] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   743] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   742] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   744] <... mount resumed>)        = 0
[pid   742] <... futex resumed>)        = 0
[pid   744] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   742] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   744] <... futex resumed>)        = 0
[pid   742] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   744] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_DIRECT|O_NOATIME|FASYNC, 000 <unfinished ...>
[pid   742] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   744] <... open resumed>)         = 5
[pid   742] <... futex resumed>)        = 0
[pid   744] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   742] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   744] <... futex resumed>)        = 0
[pid   742] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   744] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP|0x8088e3ad102bc190, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0 <unfinished ...>
[pid   743] <... write resumed>)        = 262144
[pid   742] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   743] munmap(0x7faa8752f000, 138412032) = 0
[pid   742] <... futex resumed>)        = 0
[pid   742] futex(0x7faa8fa3d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   744] <... mmap resumed>)         = 0x20000000
[pid   743] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6
[pid   744] futex(0x7faa8fa3d6dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   743] ioctl(6, LOOP_SET_FD, 3 <unfinished ...>
[pid   744] <... futex resumed>)        = 1
[pid   742] <... futex resumed>)        = 0
[pid   744] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000388} ---
[pid   742] futex(0x7faa8fa3d6d8, FUTEX_WAKE_PRIVATE, 1000000) = ?
[pid   743] <... ioctl resumed>)        = ?