./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3456532200

<...>
Warning: Permanently added '10.128.0.51' (ED25519) to the list of known hosts.
execve("./syz-executor3456532200", ["./syz-executor3456532200"], 0x7fffafa8f140 /* 10 vars */) = 0
brk(NULL)                               = 0x555563e9d000
brk(0x555563e9dd40)                     = 0x555563e9dd40
arch_prctl(ARCH_SET_FS, 0x555563e9d3c0) = 0
set_tid_address(0x555563e9d690)         = 272
set_robust_list(0x555563e9d6a0, 24)     = 0
rseq(0x555563e9dce0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3456532200", 4096) = 28
getrandom("\x67\x2d\x00\x6c\x27\x93\x9d\xdc", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555563e9dd40
brk(0x555563ebed40)                     = 0x555563ebed40
brk(0x555563ebf000)                     = 0x555563ebf000
mprotect(0x7fe6caeaa000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 273
./strace-static-x86_64: Process 273 attached
[pid   273] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   272] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   273] mkdir("./syzkaller.elTg4b", 0700 <unfinished ...>
[pid   272] <... clone resumed>, child_tidptr=0x555563e9d690) = 274
./strace-static-x86_64: Process 274 attached
[pid   272] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   274] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   272] <... clone resumed>, child_tidptr=0x555563e9d690) = 275
[pid   273] <... mkdir resumed>)        = 0
[pid   274] <... set_robust_list resumed>) = 0
[pid   273] chmod("./syzkaller.elTg4b", 0777) = 0
[pid   273] chdir("./syzkaller.elTg4b") = 0
[pid   272] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   273] mkdir("./0", 0777 <unfinished ...>
[pid   272] <... clone resumed>, child_tidptr=0x555563e9d690) = 276
[pid   273] <... mkdir resumed>)        = 0
[pid   272] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   273] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 276 attached
./strace-static-x86_64: Process 275 attached
 <unfinished ...>
[pid   274] mkdir("./syzkaller.KUnLZe", 0700./strace-static-x86_64: Process 277 attached
 <unfinished ...>
[pid   272] <... clone resumed>, child_tidptr=0x555563e9d690) = 277
[pid   276] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   275] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   274] <... mkdir resumed>)        = 0
[pid   273] <... openat resumed>)       = 3
[pid   274] chmod("./syzkaller.KUnLZe", 0777) = 0
[pid   274] chdir("./syzkaller.KUnLZe") = 0
[pid   274] mkdir("./0", 0777)          = 0
[pid   274] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3
[pid   274] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   274] close(3)                    = 0
[pid   274] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   275] <... set_robust_list resumed>) = 0
[pid   275] mkdir("./syzkaller.GoJjx1", 0700 <unfinished ...>
[pid   274] <... clone resumed>, child_tidptr=0x555563e9d690) = 278
[pid   275] <... mkdir resumed>)        = 0
[pid   275] chmod("./syzkaller.GoJjx1", 0777) = 0
[pid   275] chdir("./syzkaller.GoJjx1") = 0
[pid   275] mkdir("./0", 0777)          = 0
[pid   275] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3
[pid   275] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   275] close(3)                    = 0
[pid   275] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   276] <... set_robust_list resumed>) = 0
[pid   275] <... clone resumed>, child_tidptr=0x555563e9d690) = 280
[pid   276] mkdir("./syzkaller.Qy2GMe", 0700) = 0
[pid   276] chmod("./syzkaller.Qy2GMe", 0777) = 0
[pid   276] chdir("./syzkaller.Qy2GMe") = 0
[pid   276] mkdir("./0", 0777)          = 0
[pid   276] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3
[pid   276] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   276] close(3)                    = 0
[pid   276] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 281
[pid   277] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   273] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   277] <... set_robust_list resumed>) = 0
[pid   277] mkdir("./syzkaller.FBEIEw", 0700 <unfinished ...>
[pid   273] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   273] close(3)                    = 0
[pid   273] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   277] <... mkdir resumed>)        = 0
[pid   273] <... clone resumed>, child_tidptr=0x555563e9d690) = 283
[pid   277] chmod("./syzkaller.FBEIEw", 0777) = 0
[pid   277] chdir("./syzkaller.FBEIEw") = 0
[pid   277] mkdir("./0", 0777)          = 0
[pid   277] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3
[pid   277] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   277] close(3)                    = 0
[pid   277] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 284
./strace-static-x86_64: Process 280 attached
./strace-static-x86_64: Process 278 attached
[pid   280] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   278] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   280] <... set_robust_list resumed>) = 0
[pid   278] <... set_robust_list resumed>) = 0
[pid   278] chdir("./0" <unfinished ...>
[pid   280] chdir("./0" <unfinished ...>
[pid   278] <... chdir resumed>)        = 0
[pid   280] <... chdir resumed>)        = 0
[pid   278] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   280] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   278] <... prctl resumed>)        = 0
[pid   280] <... prctl resumed>)        = 0
[pid   278] setpgid(0, 0)               = 0
[pid   280] setpgid(0, 0)               = 0
[pid   278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
./strace-static-x86_64: Process 281 attached
[pid   280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   278] write(3, "1000", 4)         = 4
[pid   280] <... openat resumed>)       = 3
[pid   278] close(3./strace-static-x86_64: Process 283 attached
 <unfinished ...>
[pid   281] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   280] write(3, "1000", 4 <unfinished ...>
[pid   278] <... close resumed>)        = 0
[pid   283] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   281] <... set_robust_list resumed>) = 0
[pid   280] <... write resumed>)        = 4
[pid   278] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 284 attached
 <unfinished ...>
[pid   284] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   278] <... symlink resumed>)      = 0
[pid   280] close(3 <unfinished ...>
[pid   284] chdir("./0" <unfinished ...>
[pid   281] chdir("./0" <unfinished ...>
[pid   278] write(1, "executing program\n", 18 <unfinished ...>
[pid   283] <... set_robust_list resumed>) = 0
[pid   280] <... close resumed>)        = 0
executing program
[pid   283] chdir("./0" <unfinished ...>
[pid   281] <... chdir resumed>)        = 0
[pid   280] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   278] <... write resumed>)        = 18
[pid   278] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   281] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   280] <... symlink resumed>)      = 0
[pid   278] <... futex resumed>)        = 0
[pid   283] <... chdir resumed>)        = 0
[pid   281] <... prctl resumed>)        = 0
[pid   280] write(1, "executing program\n", 18 <unfinished ...>
[pid   283] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   278] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, executing program
 <unfinished ...>
[pid   283] <... prctl resumed>)        = 0
[pid   281] setpgid(0, 0 <unfinished ...>
[pid   280] <... write resumed>)        = 18
[pid   278] <... rt_sigaction resumed>NULL, 8) = 0
[pid   280] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   278] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   283] setpgid(0, 0 <unfinished ...>
[pid   281] <... setpgid resumed>)      = 0
[pid   280] <... futex resumed>)        = 0
[pid   278] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   278] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   283] <... setpgid resumed>)      = 0
[pid   281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   280] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   278] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   280] <... rt_sigaction resumed>NULL, 8) = 0
[pid   278] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   281] <... openat resumed>)       = 3
[pid   284] <... chdir resumed>)        = 0
[pid   283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   281] write(3, "1000", 4 <unfinished ...>
[pid   280] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   278] <... mprotect resumed>)     = 0
[pid   281] <... write resumed>)        = 4
[pid   280] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   278] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   283] <... openat resumed>)       = 3
[pid   281] close(3 <unfinished ...>
[pid   280] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   278] <... rt_sigprocmask resumed>[], 8) = 0
[pid   283] write(3, "1000", 4 <unfinished ...>
[pid   281] <... close resumed>)        = 0
[pid   280] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   278] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} <unfinished ...>
[pid   284] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   280] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   281] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   283] <... write resumed>)        = 4
[pid   280] <... mprotect resumed>)     = 0
[pid   278] <... clone3 resumed> => {parent_tid=[285]}, 88) = 285
[pid   281] <... symlink resumed>)      = 0
[pid   278] rt_sigprocmask(SIG_SETMASK, [], executing program
 <unfinished ...>
[pid   283] close(3 <unfinished ...>
[pid   281] write(1, "executing program\n", 18 <unfinished ...>
[pid   280] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   278] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   278] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   283] <... close resumed>)        = 0
[pid   281] <... write resumed>)        = 18
[pid   280] <... rt_sigprocmask resumed>[], 8) = 0
[pid   278] <... futex resumed>)        = 0
[pid   278] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   280] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} <unfinished ...>
[pid   283] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   281] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   284] <... prctl resumed>)        = 0
[pid   284] setpgid(0, 0)               = 0
[pid   284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   284] write(3, "1000", 4 <unfinished ...>
[pid   281] <... futex resumed>)        = 0
[pid   284] <... write resumed>)        = 4
[pid   283] <... symlink resumed>)      = 0
[pid   281] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   280] <... clone3 resumed> => {parent_tid=[286]}, 88) = 286
[pid   284] close(3)                    = 0
[pid   284] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   280] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   281] <... rt_sigaction resumed>NULL, 8) = 0
[pid   283] write(1, "executing program\n", 18 <unfinished ...>
[pid   281] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   280] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   283] <... write resumed>)        = 18
[pid   281] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   280] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   281] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   280] <... futex resumed>)        = 0
[pid   283] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   281] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   283] <... futex resumed>)        = 0
[pid   280] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   281] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   283] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   281] <... mprotect resumed>)     = 0
[pid   283] <... rt_sigaction resumed>NULL, 8) = 0
[pid   283] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   281] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   283] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   281] <... rt_sigprocmask resumed>[], 8) = 0
[pid   283] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   281] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} <unfinished ...>
[pid   283] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   284] write(1, "executing program\n", 18 <unfinished ...>
[pid   283] <... mprotect resumed>)     = 0
[pid   281] <... clone3 resumed> => {parent_tid=[287]}, 88) = 287
[pid   283] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   281] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   283] <... rt_sigprocmask resumed>[], 8) = 0
[pid   281] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   283] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} <unfinished ...>
[pid   281] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   283] <... clone3 resumed> => {parent_tid=[288]}, 88) = 288
[pid   281] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 286 attached
 <unfinished ...>
[pid   283] rt_sigprocmask(SIG_SETMASK, [], executing program
 <unfinished ...>
[pid   284] <... write resumed>)        = 18
[pid   286] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   283] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   284] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   283] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   286] <... set_robust_list resumed>) = 0
[pid   283] <... futex resumed>)        = 0
[pid   286] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   283] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   286] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   284] <... futex resumed>)        = 0
[pid   284] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   284] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   286] memfd_create("syzkaller", 0./strace-static-x86_64: Process 288 attached
 <unfinished ...>
[pid   284] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   286] <... memfd_create resumed>) = 3
[pid   288] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   288] <... set_robust_list resumed>) = 0
[pid   286] <... mmap resumed>)         = 0x7fe6c29c5000
[pid   288] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   284] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   284] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   284] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   284] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[289]}, 88) = 289
[pid   284] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   284] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   288] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   286] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   284] <... futex resumed>)        = 0
[pid   288] memfd_create("syzkaller", 0./strace-static-x86_64: Process 285 attached
) = 3
[pid   284] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   285] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   288] <... mmap resumed>)         = 0x7fe6c29c5000
[pid   285] <... set_robust_list resumed>) = 0
[pid   285] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   285] memfd_create("syzkaller", 0) = 3
[pid   285] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
./strace-static-x86_64: Process 287 attached
[pid   287] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   287] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   288] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   287] memfd_create("syzkaller", 0) = 3
[pid   287] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
./strace-static-x86_64: Process 289 attached
[pid   289] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   289] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   289] memfd_create("syzkaller", 0 <unfinished ...>
[pid   286] <... write resumed>)        = 524288
[pid   288] <... write resumed>)        = 524288
[pid   287] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   286] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   288] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   286] <... munmap resumed>)       = 0
[pid   285] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   288] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   286] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   289] <... memfd_create resumed>) = 3
[pid   288] <... openat resumed>)       = 4
[pid   286] <... openat resumed>)       = 4
[pid   289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   289] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   288] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   286] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid   288] <... ioctl resumed>)        = 0
[pid   286] close(3 <unfinished ...>
[pid   288] close(3 <unfinished ...>
[pid   286] <... close resumed>)        = 0
[pid   288] <... close resumed>)        = 0
[pid   286] close(4 <unfinished ...>
[   21.773363][   T24] audit: type=1400 audit(1747028816.550:80): avc:  denied  { execmem } for  pid=272 comm="syz-executor345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   21.781459][   T24] audit: type=1400 audit(1747028816.560:81): avc:  denied  { read write } for  pid=273 comm="syz-executor345" name="loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   21.785164][   T24] audit: type=1400 audit(1747028816.560:82): avc:  denied  { open } for  pid=273 comm="syz-executor345" path="/dev/loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   21.792383][   T24] audit: type=1400 audit(1747028816.560:83): avc:  denied  { ioctl } for  pid=274 comm="syz-executor345" path="/dev/loop1" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid   288] close(4 <unfinished ...>
[pid   289] <... write resumed>)        = 524288
[pid   285] <... write resumed>)        = 524288
[pid   287] <... write resumed>)        = 524288
[pid   285] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   289] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   287] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   285] <... munmap resumed>)       = 0
[pid   285] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   289] <... munmap resumed>)       = 0
[pid   289] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   287] <... munmap resumed>)       = 0
[pid   287] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   286] <... close resumed>)        = 0
[pid   286] mkdir("./file1", 0777)      = 0
[   21.894437][  T286] ======================================================
[   21.894437][  T286] WARNING: the mand mount option is being deprecated and
[   21.894437][  T286]          will be removed in v5.15!
[   21.894437][  T286] ======================================================
[   21.894560][   T24] audit: type=1400 audit(1747028816.670:84): avc:  denied  { mounton } for  pid=280 comm="syz-executor345" path="/root/syzkaller.GoJjx1/0/file1" dev="sda1" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[pid   286] mount("/dev/loop2", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   289] <... openat resumed>)       = 4
[pid   288] <... close resumed>)        = 0
[pid   287] <... openat resumed>)       = 4
[pid   285] <... openat resumed>)       = 4
[pid   289] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   287] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   285] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   288] mkdir("./file1", 0777)      = 0
[pid   288] mount("/dev/loop0", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   289] <... ioctl resumed>)        = 0
[pid   289] close(3)                    = 0
[pid   289] close(4 <unfinished ...>
[pid   285] <... ioctl resumed>)        = 0
[pid   285] close(3)                    = 0
[pid   285] close(4 <unfinished ...>
[pid   287] <... ioctl resumed>)        = 0
[pid   287] close(3)                    = 0
[pid   287] close(4 <unfinished ...>
[pid   289] <... close resumed>)        = 0
[pid   289] mkdir("./file1", 0777)      = 0
[   22.006963][  T286] EXT4-fs (loop2): Ignoring removed nobh option
[   22.013310][  T288] EXT4-fs (loop0): Ignoring removed nobh option
[   22.013464][  T286] EXT4-fs (loop2): Ignoring removed bh option
[   22.019645][  T288] EXT4-fs (loop0): Ignoring removed bh option
[   22.031902][  T286] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   22.032303][  T288] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   289] mount("/dev/loop4", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   288] <... mount resumed>)        = 0
[pid   286] <... mount resumed>)        = 0
[pid   286] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   286] chdir("./file1")            = 0
[pid   286] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   288] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   288] chdir("./file1")            = 0
[pid   288] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   287] <... close resumed>)        = 0
[pid   285] <... close resumed>)        = 0
[pid   287] mkdir("./file1", 0777)      = 0
[pid   287] mount("/dev/loop3", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   285] mkdir("./file1", 0777)      = 0
[   22.061107][  T286] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   22.061400][   T24] audit: type=1400 audit(1747028816.840:85): avc:  denied  { mount } for  pid=283 comm="syz-executor345" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[pid   285] mount("/dev/loop1", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   286] <... openat resumed>)       = 4
[pid   288] <... openat resumed>)       = 4
[pid   286] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   288] ioctl(4, LOOP_CLR_FD)       = 0
[pid   288] close(4)                    = 0
[pid   288] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   283] <... futex resumed>)        = 0
[pid   288] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   283] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   288] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   283] <... futex resumed>)        = 0
[pid   288] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   283] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   288] <... openat resumed>)       = 4
[pid   288] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   283] <... futex resumed>)        = 0
[pid   288] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   283] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   288] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   283] <... futex resumed>)        = 0
[   22.107142][  T289] EXT4-fs (loop4): Ignoring removed nobh option
[   22.113445][  T289] EXT4-fs (loop4): Ignoring removed bh option
[   22.119560][  T289] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   22.132633][  T285] EXT4-fs (loop1): Ignoring removed nobh option
[   22.139029][  T287] EXT4-fs (loop3): Ignoring removed nobh option
[pid   288] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   283] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   288] <... pwrite64 resumed>)     = 87490
[pid   286] <... ioctl resumed>)        = 0
[pid   286] close(4)                    = 0
[pid   286] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   280] <... futex resumed>)        = 0
[pid   280] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   280] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   286] <... futex resumed>)        = 1
[pid   286] openat(AT_FDCWD, "./file1", O_RDWR) = 4
[pid   286] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   280] <... futex resumed>)        = 0
[pid   280] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   286] <... futex resumed>)        = 1
[pid   280] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   286] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900) = 87490
[pid   288] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   283] <... futex resumed>)        = 0
[pid   288] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   283] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   288] <... openat resumed>)       = 5
[pid   283] <... futex resumed>)        = 0
[pid   288] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   283] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   288] <... futex resumed>)        = 0
[pid   283] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   288] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   283] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   283] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   283] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   283] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   283] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   283] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[300]}, 88) = 300
[pid   283] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   283] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   283] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   286] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   280] <... futex resumed>)        = 0
[pid   280] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   280] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   286] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   286] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   280] <... futex resumed>)        = 0
[pid   280] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   280] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   280] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   280] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   280] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   280] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[301]}, 88) = 301
[pid   280] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   280] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   280] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   286] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 300 attached
 <unfinished ...>
[pid   300] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   300] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   300] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 301 attached
 <unfinished ...>
[pid   301] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   22.146125][   T24] audit: type=1400 audit(1747028816.920:86): avc:  denied  { read write } for  pid=283 comm="syz-executor345" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   22.160149][  T285] EXT4-fs (loop1): Ignoring removed bh option
[   22.169438][  T287] EXT4-fs (loop3): Ignoring removed bh option
[   22.181437][  T287] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   22.195909][  T288] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   301] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   288] <... pwrite64 resumed>)     = 176128
[pid   283] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   283] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   283] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cad83000
[pid   283] mprotect(0x7fe6cad84000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   283] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   283] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cada3990, parent_tid=0x7fe6cada3990, exit_signal=0, stack=0x7fe6cad83000, stack_size=0x20300, tls=0x7fe6cada36c0} => {parent_tid=[303]}, 88) = 303
[pid   283] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   283] futex(0x7fe6caeb06e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   22.196259][  T289] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   22.210548][  T285] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   22.236420][  T300] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   283] futex(0x7fe6caeb06ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 303 attached
 <unfinished ...>
[pid   288] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   280] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   303] set_robust_list(0x7fe6cada39a0, 24 <unfinished ...>
[pid   288] <... futex resumed>)        = 0
[pid   280] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   303] <... set_robust_list resumed>) = 0
[pid   288] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   280] <... futex resumed>)        = 0
[pid   303] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   280] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   303] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   280] <... mmap resumed>)         = 0x7fe6cad83000
[pid   303] truncate("./file1", 1 <unfinished ...>
[pid   280] mprotect(0x7fe6cad84000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   280] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   280] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cada3990, parent_tid=0x7fe6cada3990, exit_signal=0, stack=0x7fe6cad83000, stack_size=0x20300, tls=0x7fe6cada36c0} => {parent_tid=[309]}, 88) = 309
[pid   280] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   280] futex(0x7fe6caeb06e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   280] futex(0x7fe6caeb06ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   303] <... truncate resumed>)     = 0
[pid   300] <... pwrite64 resumed>)     = 176128
[pid   286] <... pwrite64 resumed>)     = 176128
[pid   283] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
./strace-static-x86_64: Process 309 attached
[   22.254224][  T286] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   22.275786][  T301] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   309] set_robust_list(0x7fe6cada39a0, 24) = 0
[pid   303] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   301] <... pwrite64 resumed>)     = 176128
[pid   300] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   289] <... mount resumed>)        = 0
[pid   286] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   289] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   289] chdir("./file1")            = 0
[pid   289] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4
[pid   289] ioctl(4, LOOP_CLR_FD)       = 0
[pid   289] close(4)                    = 0
[pid   289] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   289] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   301] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   301] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   309] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   309] truncate("./file1", 1)      = 0
[pid   309] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   309] futex(0x7fe6caeb06e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   303] <... futex resumed>)        = 0
[pid   303] futex(0x7fe6caeb06e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   300] <... futex resumed>)        = 0
[pid   300] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   286] <... futex resumed>)        = 0
[pid   286] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   283] exit_group(0 <unfinished ...>
[pid   303] <... futex resumed>)        = ?
[pid   300] <... futex resumed>)        = ?
[pid   283] <... exit_group resumed>)   = ?
[pid   303] +++ exited with 0 +++
[pid   300] +++ exited with 0 +++
[pid   284] <... futex resumed>)        = 0
[pid   284] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   289] <... futex resumed>)        = 0
[pid   284] <... futex resumed>)        = 1
[pid   289] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   284] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   280] <... futex resumed>)        = 0
[pid   288] <... futex resumed>)        = ?
[pid   280] exit_group(0 <unfinished ...>
[pid   288] +++ exited with 0 +++
[pid   283] +++ exited with 0 +++
[pid   280] <... exit_group resumed>)   = ?
[pid   301] <... futex resumed>)        = ?
[pid   286] <... futex resumed>)        = ?
[pid   301] +++ exited with 0 +++
[pid   286] +++ exited with 0 +++
[pid   273] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=283, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   309] <... futex resumed>)        = ?
[pid   289] <... openat resumed>)       = 4
[pid   273] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   289] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   284] <... futex resumed>)        = 0
[pid   289] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   284] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   309] +++ exited with 0 +++
[pid   289] <... pwrite64 resumed>)     = 87490
[pid   284] <... futex resumed>)        = 0
[pid   280] +++ exited with 0 +++
[pid   273] <... restart_syscall resumed>) = 0
[pid   284] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   275] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=280, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   273] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   273] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   275] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   273] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   275] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   273] <... openat resumed>)       = 3
[pid   275] <... openat resumed>)       = 3
[pid   273] newfstatat(3, "",  <unfinished ...>
[pid   275] newfstatat(3, "",  <unfinished ...>
[pid   273] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] getdents64(3,  <unfinished ...>
[pid   275] getdents64(3,  <unfinished ...>
[pid   273] <... getdents64 resumed>0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   275] <... getdents64 resumed>0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   273] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   273] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   275] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   273] newfstatat(AT_FDCWD, "./0/binderfs",  <unfinished ...>
[pid   275] newfstatat(AT_FDCWD, "./0/binderfs",  <unfinished ...>
[pid   273] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] unlink("./0/binderfs" <unfinished ...>
[   22.289484][   T24] audit: type=1400 audit(1747028816.920:87): avc:  denied  { open } for  pid=283 comm="syz-executor345" path="/root/syzkaller.elTg4b/0/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   22.300443][  T287] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   275] unlink("./0/binderfs" <unfinished ...>
[pid   273] <... unlink resumed>)       = 0
[pid   275] <... unlink resumed>)       = 0
[pid   275] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   273] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   287] <... mount resumed>)        = 0
[pid   285] <... mount resumed>)        = 0
[pid   287] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   287] chdir("./file1")            = 0
[pid   289] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   287] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   289] <... futex resumed>)        = 1
[pid   287] <... openat resumed>)       = 4
[pid   289] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   287] ioctl(4, LOOP_CLR_FD)       = 0
[pid   287] close(4)                    = 0
[pid   287] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   287] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   285] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   285] chdir("./file1")            = 0
[pid   285] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4
[pid   285] ioctl(4, LOOP_CLR_FD)       = 0
[pid   285] close(4)                    = 0
[pid   285] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   278] <... futex resumed>)        = 0
[pid   278] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   278] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   285] <... futex resumed>)        = 1
[pid   285] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   284] <... futex resumed>)        = 0
[pid   284] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   289] <... futex resumed>)        = 0
[pid   284] <... futex resumed>)        = 1
[pid   289] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   284] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   289] <... openat resumed>)       = 5
[pid   289] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   284] <... futex resumed>)        = 0
[pid   289] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   284] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   284] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   284] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   284] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   284] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   284] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[312]}, 88) = 312
[pid   284] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   284] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   284] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 312 attached
 <unfinished ...>
[pid   281] <... futex resumed>)        = 0
[pid   281] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   281] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   312] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   312] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   312] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   287] <... futex resumed>)        = 0
[pid   287] openat(AT_FDCWD, "./file1", O_RDWR) = 4
[pid   285] <... openat resumed>)       = 4
[pid   287] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   285] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   287] <... futex resumed>)        = 1
[pid   285] <... futex resumed>)        = 1
[pid   278] <... futex resumed>)        = 0
[pid   287] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[   22.342546][  T285] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   22.355518][   T24] audit: type=1400 audit(1747028817.120:88): avc:  denied  { unmount } for  pid=275 comm="syz-executor345" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   22.383907][  T289] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   278] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   285] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   278] <... futex resumed>)        = 0
[pid   281] <... futex resumed>)        = 0
[pid   278] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   281] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   281] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   287] <... futex resumed>)        = 0
[pid   287] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900) = 87490
[pid   289] <... pwrite64 resumed>)     = 176128
[pid   289] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   289] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   287] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   281] <... futex resumed>)        = 0
[pid   312] <... pwrite64 resumed>)     = 176128
[pid   281] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   281] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   287] <... futex resumed>)        = 1
[pid   287] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   287] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   281] <... futex resumed>)        = 0
[pid   281] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   281] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   281] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   281] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   281] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   281] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[314]}, 88) = 314
[pid   281] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   281] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   285] <... pwrite64 resumed>)     = 87490
[pid   312] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   281] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   312] <... futex resumed>)        = 1
[pid   284] <... futex resumed>)        = 0
[pid   312] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   284] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   289] <... futex resumed>)        = 0
[pid   284] <... futex resumed>)        = 1
[pid   289] truncate("./file1", 1 <unfinished ...>
[pid   284] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 314 attached
 <unfinished ...>
[pid   287] <... futex resumed>)        = 1
[pid   285] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   278] <... futex resumed>)        = 0
[pid   285] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   278] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   285] <... openat resumed>)       = 5
[pid   278] <... futex resumed>)        = 0
[pid   285] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   278] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   285] <... futex resumed>)        = 0
[pid   278] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   285] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   278] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   314] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   289] <... truncate resumed>)     = 0
[pid   287] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   278] <... futex resumed>)        = 0
[pid   289] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   284] <... futex resumed>)        = 0
[pid   278] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   284] exit_group(0 <unfinished ...>
[pid   278] <... futex resumed>)        = 0
[pid   284] <... exit_group resumed>)   = ?
[pid   312] <... futex resumed>)        = ?
[pid   278] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   312] +++ exited with 0 +++
[pid   278] <... mmap resumed>)         = 0x7fe6cada4000
[pid   278] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   278] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   278] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[315]}, 88) = 315
[pid   278] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   278] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   278] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 315 attached
 <unfinished ...>
[pid   315] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   315] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   315] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   289] +++ exited with 0 +++
[pid   284] +++ exited with 0 +++
[pid   277] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=284, si_uid=0, si_status=0, si_utime=0, si_stime=10} ---
[pid   277] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   314] <... set_robust_list resumed>) = 0
[pid   277] <... restart_syscall resumed>) = 0
[pid   314] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   314] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   277] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   277] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   277] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   277] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   277] unlink("./0/binderfs")      = 0
[pid   277] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   285] <... pwrite64 resumed>)     = 176128
[pid   285] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   22.405932][  T312] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   22.432882][  T285] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   22.437035][  T287] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   285] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   275] <... umount2 resumed>)      = 0
[pid   275] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] newfstatat(AT_FDCWD, "./0/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   275] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   275] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   275] close(4)                    = 0
[pid   275] rmdir("./0/file1")          = 0
[pid   275] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   275] close(3)                    = 0
[pid   275] rmdir("./0")                = 0
[pid   275] mkdir("./1", 0777)          = 0
[pid   275] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3
[pid   275] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   275] close(3)                    = 0
[pid   275] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 316
./strace-static-x86_64: Process 316 attached
[pid   316] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   316] chdir("./1")                = 0
[pid   316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   316] setpgid(0, 0)               = 0
[pid   316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   316] write(3, "1000", 4)         = 4
[pid   316] close(3executing program
)                    = 0
[pid   316] symlink("/dev/binderfs", "./binderfs") = 0
[pid   316] write(1, "executing program\n", 18) = 18
[pid   316] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   316] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   316] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   316] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   316] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   316] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[317]}, 88) = 317
[pid   316] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   316] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 317 attached
 <unfinished ...>
[pid   317] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   317] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   317] memfd_create("syzkaller", 0) = 3
[pid   317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   281] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   317] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   287] <... pwrite64 resumed>)     = 176128
[pid   281] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   278] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   281] <... futex resumed>)        = 0
[pid   278] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   281] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   278] <... futex resumed>)        = 1
[pid   281] <... mmap resumed>)         = 0x7fe6cad83000
[pid   278] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   281] mprotect(0x7fe6cad84000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   281] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   281] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cada3990, parent_tid=0x7fe6cada3990, exit_signal=0, stack=0x7fe6cad83000, stack_size=0x20300, tls=0x7fe6cada36c0} => {parent_tid=[318]}, 88) = 318
[pid   281] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   281] futex(0x7fe6caeb06e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   281] futex(0x7fe6caeb06ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   317] <... write resumed>)        = 524288
[pid   317] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   317] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 318 attached
 <unfinished ...>
[pid   318] set_robust_list(0x7fe6cada39a0, 24) = 0
[pid   318] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   318] truncate("./file1", 1 <unfinished ...>
[pid   285] <... futex resumed>)        = 0
[pid   285] truncate("./file1", 1 <unfinished ...>
[pid   315] <... pwrite64 resumed>)     = 176128
[pid   315] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   315] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   285] <... truncate resumed>)     = 0
[pid   314] <... pwrite64 resumed>)     = 176128
[pid   287] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   287] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   318] <... truncate resumed>)     = 0
[pid   285] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   314] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   318] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   281] <... futex resumed>)        = 0
[pid   281] exit_group(0 <unfinished ...>
[pid   287] <... futex resumed>)        = ?
[pid   281] <... exit_group resumed>)   = ?
[pid   287] +++ exited with 0 +++
[pid   318] <... futex resumed>)        = ?
[pid   314] <... futex resumed>)        = ?
[pid   285] <... futex resumed>)        = 1
[pid   278] <... futex resumed>)        = 0
[pid   318] +++ exited with 0 +++
[pid   285] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   278] exit_group(0)               = ?
[pid   315] <... futex resumed>)        = ?
[pid   315] +++ exited with 0 +++
[pid   285] <... futex resumed>)        = ?
[pid   314] +++ exited with 0 +++
[pid   281] +++ exited with 0 +++
[pid   276] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=281, si_uid=0, si_status=0, si_utime=0, si_stime=10} ---
[pid   285] +++ exited with 0 +++
[pid   278] +++ exited with 0 +++
[pid   276] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   274] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=278, si_uid=0, si_status=0, si_utime=0, si_stime=7} ---
[pid   274] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   273] <... umount2 resumed>)      = 0
[pid   273] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] newfstatat(AT_FDCWD, "./0/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   273] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   273] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   273] close(4)                    = 0
[pid   273] rmdir("./0/file1" <unfinished ...>
[pid   276] <... restart_syscall resumed>) = 0
[pid   274] <... restart_syscall resumed>) = 0
[pid   273] <... rmdir resumed>)        = 0
[pid   276] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   273] getdents64(3,  <unfinished ...>
[pid   276] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   274] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   276] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   273] <... getdents64 resumed>0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   276] <... openat resumed>)       = 3
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   273] close(3 <unfinished ...>
[pid   276] newfstatat(3, "",  <unfinished ...>
[pid   274] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   276] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] <... close resumed>)        = 0
[pid   276] getdents64(3,  <unfinished ...>
[pid   274] <... openat resumed>)       = 3
[pid   273] rmdir("./0" <unfinished ...>
[pid   276] <... getdents64 resumed>0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   274] newfstatat(3, "",  <unfinished ...>
[pid   276] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] newfstatat(AT_FDCWD, "./0/binderfs",  <unfinished ...>
[pid   273] <... rmdir resumed>)        = 0
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] mkdir("./1", 0777 <unfinished ...>
[pid   276] unlink("./0/binderfs" <unfinished ...>
[pid   274] getdents64(3,  <unfinished ...>
[pid   276] <... unlink resumed>)       = 0
[pid   276] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   274] <... getdents64 resumed>0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   273] <... mkdir resumed>)        = 0
[pid   274] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   273] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   274] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   274] unlink("./0/binderfs")      = 0
[pid   274] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   317] <... openat resumed>)       = 4
[pid   277] <... umount2 resumed>)      = 0
[pid   317] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   277] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] newfstatat(AT_FDCWD, "./0/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   277] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   277] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   277] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   277] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   277] close(4)                    = 0
[pid   277] rmdir("./0/file1")          = 0
[pid   277] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   277] close(3)                    = 0
[pid   277] rmdir("./0")                = 0
[pid   277] mkdir("./1", 0777)          = 0
[   22.462655][  T315] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   22.482828][  T314] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   277] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   273] <... openat resumed>)       = 3
[pid   273] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   317] <... ioctl resumed>)        = 0
[pid   277] <... openat resumed>)       = 3
[pid   276] <... umount2 resumed>)      = 0
[pid   274] <... umount2 resumed>)      = 0
[pid   273] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   317] close(3 <unfinished ...>
[pid   277] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   276] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   274] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   273] close(3 <unfinished ...>
[pid   317] <... close resumed>)        = 0
[pid   277] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   317] close(4 <unfinished ...>
[pid   277] close(3 <unfinished ...>
[pid   273] <... close resumed>)        = 0
[pid   317] <... close resumed>)        = 0
[pid   277] <... close resumed>)        = 0
[pid   317] mkdir("./file1", 0777 <unfinished ...>
[pid   277] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   317] <... mkdir resumed>)        = 0
[pid   317] mount("/dev/loop2", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   277] <... clone resumed>, child_tidptr=0x555563e9d690) = 320
[pid   276] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   273] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   276] newfstatat(AT_FDCWD, "./0/file1",  <unfinished ...>
[pid   274] newfstatat(AT_FDCWD, "./0/file1",  <unfinished ...>
[pid   276] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] <... clone resumed>, child_tidptr=0x555563e9d690) = 321
[pid   276] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   274] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   276] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   276] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   276] <... openat resumed>)       = 4
[pid   274] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   276] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   274] <... openat resumed>)       = 4
[pid   276] getdents64(4,  <unfinished ...>
[pid   274] newfstatat(4, "",  <unfinished ...>
[pid   276] <... getdents64 resumed>0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] getdents64(4,  <unfinished ...>
[pid   274] getdents64(4,  <unfinished ...>
[pid   276] <... getdents64 resumed>0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   274] <... getdents64 resumed>0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   276] close(4 <unfinished ...>
[pid   274] getdents64(4,  <unfinished ...>
[pid   276] <... close resumed>)        = 0
[pid   274] <... getdents64 resumed>0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   276] rmdir("./0/file1" <unfinished ...>
[pid   274] close(4 <unfinished ...>
[pid   276] <... rmdir resumed>)        = 0
[pid   274] <... close resumed>)        = 0
[pid   276] getdents64(3,  <unfinished ...>
[pid   274] rmdir("./0/file1" <unfinished ...>
[pid   276] <... getdents64 resumed>0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   274] <... rmdir resumed>)        = 0
[pid   276] close(3 <unfinished ...>
[pid   274] getdents64(3,  <unfinished ...>
[pid   276] <... close resumed>)        = 0
[pid   274] <... getdents64 resumed>0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   276] rmdir("./0" <unfinished ...>
[pid   274] close(3 <unfinished ...>
[pid   276] <... rmdir resumed>)        = 0
[pid   274] <... close resumed>)        = 0
[pid   276] mkdir("./1", 0777 <unfinished ...>
[pid   274] rmdir("./0" <unfinished ...>
[pid   276] <... mkdir resumed>)        = 0
[pid   274] <... rmdir resumed>)        = 0
[pid   276] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   274] mkdir("./1", 0777 <unfinished ...>
[pid   276] <... openat resumed>)       = 3
[pid   274] <... mkdir resumed>)        = 0
[pid   276] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   274] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   276] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   274] <... openat resumed>)       = 3
./strace-static-x86_64: Process 321 attached
[pid   276] close(3 <unfinished ...>
[pid   274] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   321] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   276] <... close resumed>)        = 0
[pid   274] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   321] <... set_robust_list resumed>) = 0
[pid   276] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   274] close(3 <unfinished ...>
[pid   321] chdir("./1" <unfinished ...>
[pid   274] <... close resumed>)        = 0
[pid   321] <... chdir resumed>)        = 0
[pid   276] <... clone resumed>, child_tidptr=0x555563e9d690) = 322
[pid   274] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   274] <... clone resumed>, child_tidptr=0x555563e9d690) = 323
[pid   321] setpgid(0, 0./strace-static-x86_64: Process 323 attached
./strace-static-x86_64: Process 322 attached
./strace-static-x86_64: Process 320 attached
)               = 0
[pid   323] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   322] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   320] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   323] <... set_robust_list resumed>) = 0
[pid   322] <... set_robust_list resumed>) = 0
[pid   320] <... set_robust_list resumed>) = 0
[pid   323] chdir("./1" <unfinished ...>
[pid   322] chdir("./1" <unfinished ...>
[pid   321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   320] chdir("./1" <unfinished ...>
[pid   323] <... chdir resumed>)        = 0
[pid   322] <... chdir resumed>)        = 0
[pid   320] <... chdir resumed>)        = 0
[pid   323] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   322] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   320] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   321] <... openat resumed>)       = 3
[pid   323] <... prctl resumed>)        = 0
[pid   322] <... prctl resumed>)        = 0
[pid   321] write(3, "1000", 4 <unfinished ...>
[pid   320] <... prctl resumed>)        = 0
[pid   320] setpgid(0, 0)               = 0
executing program
executing program
executing program
[pid   323] setpgid(0, 0 <unfinished ...>
[pid   322] setpgid(0, 0 <unfinished ...>
[pid   321] <... write resumed>)        = 4
[pid   320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   322] <... setpgid resumed>)      = 0
[pid   322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   321] close(3)                    = 0
[pid   321] symlink("/dev/binderfs", "./binderfs") = 0
[pid   322] write(3, "1000", 4)         = 4
[pid   322] close(3)                    = 0
[pid   322] symlink("/dev/binderfs", "./binderfs") = 0
[pid   321] write(1, "executing program\n", 18) = 18
[pid   321] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   322] write(1, "executing program\n", 18) = 18
[pid   321] <... futex resumed>)        = 0
[pid   321] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   322] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   321] <... rt_sigaction resumed>NULL, 8) = 0
[pid   321] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   322] <... futex resumed>)        = 0
[pid   321] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   322] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   321] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   322] <... rt_sigaction resumed>NULL, 8) = 0
[pid   321] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   322] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   321] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   322] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   321] <... mprotect resumed>)     = 0
[pid   322] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   322] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   321] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   322] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   321] <... rt_sigprocmask resumed>[], 8) = 0
[pid   322] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} <unfinished ...>
[pid   321] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} <unfinished ...>
[pid   322] <... clone3 resumed> => {parent_tid=[327]}, 88) = 327
[pid   321] <... clone3 resumed> => {parent_tid=[326]}, 88) = 326
[pid   322] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   321] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   322] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   321] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   322] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   321] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   322] <... futex resumed>)        = 0
[pid   321] <... futex resumed>)        = 0
[pid   322] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   321] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   323] <... setpgid resumed>)      = 0
[pid   323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   323] write(3, "1000", 4)         = 4
[pid   323] close(3)                    = 0
[pid   323] symlink("/dev/binderfs", "./binderfs") = 0
[pid   323] write(1, "executing program\n", 18) = 18
[pid   323] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   323] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   323] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   323] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   323] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   323] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   323] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[328]}, 88) = 328
[pid   323] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   323] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   323] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 328 attached
 <unfinished ...>
[pid   328] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   328] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   328] memfd_create("syzkaller", 0) = 3
[pid   328] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   328] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid   328] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   328] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4
[pid   328] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   320] <... openat resumed>)       = 3
[pid   320] write(3, "1000", 4)         = 4
[pid   320] close(3)                    = 0
[pid   320] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   320] write(1, "executing program\n", 18) = 18
[pid   320] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   320] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   320] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   320] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   320] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[   22.605206][  T317] EXT4-fs (loop2): Ignoring removed nobh option
[   22.615250][  T317] EXT4-fs (loop2): Ignoring removed bh option
[   22.622200][  T317] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   320] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   320] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[330]}, 88) = 330
[pid   320] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   320] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   320] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 326 attached
 <unfinished ...>
[pid   326] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   326] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   326] memfd_create("syzkaller", 0) = 3
[pid   326] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   326] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   328] <... ioctl resumed>)        = 0
[pid   328] close(3)                    = 0
[pid   328] close(4./strace-static-x86_64: Process 327 attached
)                    = 0
[pid   328] mkdir("./file1", 0777 <unfinished ...>
[pid   327] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   326] <... write resumed>)        = 524288
[pid   328] <... mkdir resumed>)        = 0
[pid   327] <... set_robust_list resumed>) = 0
[pid   328] mount("/dev/loop1", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   327] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   326] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   327] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   327] memfd_create("syzkaller", 0./strace-static-x86_64: Process 330 attached
) = 3
[pid   326] <... munmap resumed>)       = 0
[pid   317] <... mount resumed>)        = 0
[pid   330] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   326] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   330] <... set_robust_list resumed>) = 0
[pid   326] <... openat resumed>)       = 4
[pid   330] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   326] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   330] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   330] memfd_create("syzkaller", 0) = 3
[pid   330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   330] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   326] <... ioctl resumed>)        = 0
[pid   330] <... write resumed>)        = 524288
[pid   330] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   330] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4
[pid   330] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   317] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   317] chdir("./file1")            = 0
[pid   317] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   326] close(3)                    = 0
[pid   326] close(4 <unfinished ...>
[pid   327] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid   330] <... ioctl resumed>)        = 0
[pid   330] close(3)                    = 0
[pid   330] close(4 <unfinished ...>
[pid   327] munmap(0x7fe6c29c5000, 138412032) = 0
[   22.641617][  T317] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   22.669633][  T328] EXT4-fs (loop1): Ignoring removed nobh option
[   22.676582][  T328] EXT4-fs (loop1): Ignoring removed bh option
[   22.684009][  T328] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   327] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   330] <... close resumed>)        = 0
[pid   317] <... openat resumed>)       = 4
[pid   330] mkdir("./file1", 0777 <unfinished ...>
[pid   317] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   330] <... mkdir resumed>)        = 0
[pid   317] <... ioctl resumed>)        = 0
[pid   317] close(4 <unfinished ...>
[pid   330] mount("/dev/loop4", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   317] <... close resumed>)        = 0
[pid   326] <... close resumed>)        = 0
[pid   317] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   326] mkdir("./file1", 0777 <unfinished ...>
[pid   317] <... futex resumed>)        = 1
[pid   316] <... futex resumed>)        = 0
[pid   317] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   316] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   326] <... mkdir resumed>)        = 0
[pid   326] mount("/dev/loop0", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   317] <... openat resumed>)       = 4
[pid   316] <... futex resumed>)        = 0
[pid   328] <... mount resumed>)        = 0
[pid   328] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   317] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   316] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   317] <... futex resumed>)        = 0
[pid   316] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   328] <... openat resumed>)       = 3
[pid   317] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   316] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   328] chdir("./file1" <unfinished ...>
[pid   317] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   316] <... futex resumed>)        = 0
[pid   316] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   317] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900) = 87490
[pid   317] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   316] <... futex resumed>)        = 0
[pid   316] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   317] <... futex resumed>)        = 1
[pid   317] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   317] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   316] <... futex resumed>)        = 0
[pid   316] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   316] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   316] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   316] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[335]}, 88) = 335
[pid   316] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   316] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   316] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   317] <... futex resumed>)        = 1
[pid   317] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 335 attached
[   22.700530][  T328] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   22.730135][  T330] EXT4-fs (loop4): Ignoring removed nobh option
[   22.737062][  T330] EXT4-fs (loop4): Ignoring removed bh option
 <unfinished ...>
[pid   335] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   328] <... chdir resumed>)        = 0
[pid   328] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   317] <... pwrite64 resumed>)     = 176128
[pid   317] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   317] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   335] <... set_robust_list resumed>) = 0
[pid   335] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   335] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   328] <... openat resumed>)       = 4
[pid   327] <... openat resumed>)       = 4
[pid   328] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   327] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid   328] <... ioctl resumed>)        = 0
[pid   316] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   335] <... pwrite64 resumed>)     = 176128
[pid   328] close(4 <unfinished ...>
[pid   327] close(3 <unfinished ...>
[pid   316] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   328] <... close resumed>)        = 0
[pid   327] <... close resumed>)        = 0
[pid   316] <... futex resumed>)        = 1
[pid   328] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   327] close(4 <unfinished ...>
[pid   316] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   328] <... futex resumed>)        = 1
[pid   328] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   317] <... futex resumed>)        = 0
[pid   317] truncate("./file1", 1)      = 0
[pid   317] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   316] <... futex resumed>)        = 0
[pid   317] <... futex resumed>)        = 1
[pid   317] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   335] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   335] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   323] <... futex resumed>)        = 0
[pid   323] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   328] <... futex resumed>)        = 0
[pid   323] <... futex resumed>)        = 1
[pid   316] exit_group(0 <unfinished ...>
[pid   328] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   316] <... exit_group resumed>)   = ?
[pid   328] <... openat resumed>)       = 4
[pid   328] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   328] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   335] <... futex resumed>)        = ?
[pid   335] +++ exited with 0 +++
[pid   317] <... futex resumed>)        = ?
[pid   317] +++ exited with 0 +++
[pid   316] +++ exited with 0 +++
[pid   275] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=316, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   275] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   323] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable)
[pid   323] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   328] <... futex resumed>)        = 0
[pid   323] <... futex resumed>)        = 1
[pid   328] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   323] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   328] <... pwrite64 resumed>)     = 87490
[pid   328] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   323] <... futex resumed>)        = 0
[pid   323] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   323] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   328] <... futex resumed>)        = 1
[pid   328] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   328] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   323] <... futex resumed>)        = 0
[pid   323] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   323] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   323] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   323] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   323] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   323] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[339]}, 88) = 339
[   22.742235][  T317] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   22.743558][  T330] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   22.760606][  T335] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   22.784302][  T326] EXT4-fs (loop0): Ignoring removed nobh option
[   22.790753][  T326] EXT4-fs (loop0): Ignoring removed bh option
[pid   323] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   275] <... restart_syscall resumed>) = 0
[pid   323] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   323] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   275] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   275] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   275] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] unlink("./1/binderfs")      = 0
[pid   275] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   328] <... futex resumed>)        = 1
[pid   328] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 339 attached
 <unfinished ...>
[pid   330] <... mount resumed>)        = 0
[pid   339] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   330] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   339] <... set_robust_list resumed>) = 0
[pid   330] <... openat resumed>)       = 3
[pid   339] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   330] chdir("./file1" <unfinished ...>
[pid   339] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   330] <... chdir resumed>)        = 0
[pid   339] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[   22.797748][  T326] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   22.811084][  T330] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   22.816898][  T328] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   330] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   328] <... pwrite64 resumed>)     = 176128
[pid   323] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   339] <... pwrite64 resumed>)     = 176128
[pid   328] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   323] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   328] <... futex resumed>)        = 0
[pid   328] truncate("./file1", 1 <unfinished ...>
[pid   339] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   323] <... futex resumed>)        = 0
[pid   339] <... futex resumed>)        = 0
[pid   339] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   323] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   328] <... truncate resumed>)     = 0
[pid   328] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   328] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   323] <... futex resumed>)        = 0
[pid   323] exit_group(0)               = ?
[pid   328] <... futex resumed>)        = ?
[pid   328] +++ exited with 0 +++
[pid   339] <... futex resumed>)        = ?
[pid   339] +++ exited with 0 +++
[pid   323] +++ exited with 0 +++
[pid   274] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=323, si_uid=0, si_status=0, si_utime=0, si_stime=6} ---
[pid   274] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   274] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   274] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   274] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   274] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   274] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   274] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   274] unlink("./1/binderfs")      = 0
[pid   274] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   327] <... close resumed>)        = 0
[pid   330] <... openat resumed>)       = 4
[pid   330] ioctl(4, LOOP_CLR_FD)       = 0
[pid   330] close(4)                    = 0
[pid   330] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   320] <... futex resumed>)        = 0
[pid   330] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   320] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   330] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   320] <... futex resumed>)        = 0
[pid   330] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   320] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   327] mkdir("./file1", 0777 <unfinished ...>
[pid   326] <... mount resumed>)        = 0
[pid   327] <... mkdir resumed>)        = 0
[pid   326] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   326] chdir("./file1")            = 0
[pid   326] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   330] <... openat resumed>)       = 4
[pid   327] mount("/dev/loop3", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   330] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   320] <... futex resumed>)        = 0
[pid   330] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   320] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   330] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   320] <... futex resumed>)        = 0
[pid   330] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   320] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   330] <... pwrite64 resumed>)     = 87490
[pid   330] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   330] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   320] <... futex resumed>)        = 0
[pid   320] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   330] <... futex resumed>)        = 0
[pid   320] <... futex resumed>)        = 1
[pid   330] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   320] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   330] <... openat resumed>)       = 5
[pid   330] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   320] <... futex resumed>)        = 0
[pid   330] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   320] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   320] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   320] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   320] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   320] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   320] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0}./strace-static-x86_64: Process 342 attached
 => {parent_tid=[342]}, 88) = 342
[pid   320] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   320] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   320] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   342] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   342] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   22.850506][  T339] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   22.868307][  T326] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   342] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   330] <... pwrite64 resumed>)     = 176128
[pid   330] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   330] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   275] <... umount2 resumed>)      = 0
[pid   275] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   275] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   275] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   275] close(4)                    = 0
[pid   275] rmdir("./1/file1")          = 0
[pid   275] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   275] close(3)                    = 0
[pid   275] rmdir("./1" <unfinished ...>
[pid   326] <... openat resumed>)       = 4
[pid   326] ioctl(4, LOOP_CLR_FD)       = 0
[pid   326] close(4)                    = 0
[pid   274] <... umount2 resumed>)      = 0
[pid   326] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   321] <... futex resumed>)        = 0
[pid   326] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   321] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   321] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   275] <... rmdir resumed>)        = 0
[pid   275] mkdir("./2", 0777)          = 0
[pid   275] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3
[pid   275] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   275] close(3)                    = 0
[pid   275] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   274] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   326] <... openat resumed>)       = 4
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   326] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   274] newfstatat(AT_FDCWD, "./1/file1",  <unfinished ...>
[pid   326] <... futex resumed>)        = 1
[pid   321] <... futex resumed>)        = 0
[pid   326] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   321] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   326] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   321] <... futex resumed>)        = 0
[pid   326] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   321] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   274] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] <... clone resumed>, child_tidptr=0x555563e9d690) = 343
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   274] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   274] newfstatat(4, "",  <unfinished ...>
[pid   342] <... pwrite64 resumed>)     = 176128
[pid   342] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   320] <... futex resumed>)        = 0
[pid   320] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   330] <... futex resumed>)        = 0
[pid   320] <... futex resumed>)        = 1
[pid   330] truncate("./file1", 1 <unfinished ...>
[pid   320] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   330] <... truncate resumed>)     = 0
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   330] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   320] <... futex resumed>)        = 0
[pid   320] exit_group(0)               = ?
[pid   330] <... futex resumed>)        = ?
[pid   330] +++ exited with 0 +++
[pid   342] <... futex resumed>)        = ?
[pid   342] +++ exited with 0 +++
[pid   320] +++ exited with 0 +++
[pid   277] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=320, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[   22.907951][  T330] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   22.922857][  T342] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   22.938911][  T327] EXT4-fs (loop3): Ignoring removed nobh option
[pid   277] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 343 attached
 <unfinished ...>
[pid   326] <... pwrite64 resumed>)     = 87490
[pid   274] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   274] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   274] close(4)                    = 0
[pid   274] rmdir("./1/file1")          = 0
[pid   274] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   274] close(3)                    = 0
[pid   274] rmdir("./1")                = 0
[pid   326] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   326] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   274] mkdir("./2", 0777)          = 0
[pid   274] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   343] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   321] <... futex resumed>)        = 0
[pid   321] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   326] <... futex resumed>)        = 0
[pid   321] <... futex resumed>)        = 1
[pid   321] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   326] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   326] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   326] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   343] chdir("./2")                = 0
[pid   343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   343] setpgid(0, 0)               = 0
[pid   343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   343] write(3, "1000", 4)         = 4
[pid   343] close(3)                    = 0
[pid   343] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   343] write(1, "executing program\n", 18) = 18
[pid   343] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   343] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   343] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   343] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   343] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   343] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   343] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[344]}, 88) = 344
[pid   343] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   343] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   343] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 344 attached
 <unfinished ...>
[pid   344] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   344] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   344] memfd_create("syzkaller", 0) = 3
[pid   344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   344] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   321] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   277] <... restart_syscall resumed>) = 0
[pid   344] <... write resumed>)        = 524288
[pid   344] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   321] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   326] <... futex resumed>)        = 0
[pid   321] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   277] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   326] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   321] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   277] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   321] <... mmap resumed>)         = 0x7fe6cada4000
[pid   344] <... munmap resumed>)       = 0
[pid   277] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   344] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   321] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   277] <... openat resumed>)       = 3
[pid   321] <... mprotect resumed>)     = 0
[pid   277] newfstatat(3, "",  <unfinished ...>
[pid   321] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   277] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   321] <... rt_sigprocmask resumed>[], 8) = 0
[pid   277] getdents64(3,  <unfinished ...>
[pid   321] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} <unfinished ...>
[pid   277] <... getdents64 resumed>0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   277] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   321] <... clone3 resumed> => {parent_tid=[345]}, 88) = 345
[pid   277] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   321] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   277] newfstatat(AT_FDCWD, "./1/binderfs",  <unfinished ...>
[pid   321] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   277] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   321] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] unlink("./1/binderfs" <unfinished ...>
[pid   321] <... futex resumed>)        = 0
[pid   277] <... unlink resumed>)       = 0
[pid   321] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   277] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 345 attached
 <unfinished ...>
[pid   344] <... openat resumed>)       = 4
[pid   274] <... openat resumed>)       = 3
[pid   274] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   274] close(3)                    = 0
[pid   274] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 346
[pid   345] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   344] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   345] <... set_robust_list resumed>) = 0
[pid   345] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   345] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 346 attached
 <unfinished ...>
[pid   326] <... pwrite64 resumed>)     = 176128
[   22.954226][  T327] EXT4-fs (loop3): Ignoring removed bh option
[   22.960692][  T327] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   22.980393][  T326] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   346] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   326] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   344] <... ioctl resumed>)        = 0
[pid   344] close(3)                    = 0
[pid   344] close(4 <unfinished ...>
[pid   346] <... set_robust_list resumed>) = 0
[pid   327] <... mount resumed>)        = 0
[pid   326] <... futex resumed>)        = 0
[pid   346] chdir("./2" <unfinished ...>
[pid   326] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   346] <... chdir resumed>)        = 0
[pid   346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   346] setpgid(0, 0)               = 0
[pid   346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   346] write(3, "1000", 4)         = 4
[pid   346] close(3)                    = 0
[pid   346] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   346] write(1, "executing program\n", 18) = 18
[pid   346] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   346] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   346] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   346] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   346] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   346] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   346] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[350]}, 88) = 350
[pid   346] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   346] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   346] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   327] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   327] chdir("./file1")            = 0
[pid   321] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   321] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   326] <... futex resumed>)        = 0
[pid   321] <... futex resumed>)        = 1
./strace-static-x86_64: Process 350 attached
[pid   321] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   350] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   345] <... pwrite64 resumed>)     = 176128
[pid   327] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   326] truncate("./file1", 1 <unfinished ...>
[pid   350] <... set_robust_list resumed>) = 0
[pid   350] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   350] memfd_create("syzkaller", 0) = 3
[pid   350] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   350] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   345] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   326] <... truncate resumed>)     = 0
[pid   345] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   326] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   321] <... futex resumed>)        = 0
[pid   321] exit_group(0)               = ?
[pid   350] <... write resumed>)        = 524288
[pid   345] <... futex resumed>)        = ?
[pid   326] <... futex resumed>)        = ?
[pid   345] +++ exited with 0 +++
[pid   350] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   350] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   326] +++ exited with 0 +++
[pid   321] +++ exited with 0 +++
[pid   273] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=321, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   273] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   273] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   273] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   273] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] unlink("./1/binderfs")      = 0
[pid   273] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   344] <... close resumed>)        = 0
[pid   327] <... openat resumed>)       = 4
[pid   344] mkdir("./file1", 0777)      = 0
[pid   327] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   344] mount("/dev/loop2", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   350] <... openat resumed>)       = 4
[pid   350] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   277] <... umount2 resumed>)      = 0
[pid   277] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   277] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   22.996697][  T327] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   22.997594][  T345] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   277] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   277] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   277] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   277] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   277] close(4)                    = 0
[pid   277] rmdir("./1/file1")          = 0
[pid   277] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   277] close(3)                    = 0
[pid   277] rmdir("./1")                = 0
[pid   277] mkdir("./2", 0777)          = 0
[pid   277] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   327] <... ioctl resumed>)        = 0
[pid   277] <... openat resumed>)       = 3
[pid   327] close(4 <unfinished ...>
[pid   277] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   327] <... close resumed>)        = 0
[pid   277] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   327] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] close(3 <unfinished ...>
[pid   327] <... futex resumed>)        = 1
[pid   322] <... futex resumed>)        = 0
[pid   277] <... close resumed>)        = 0
[pid   327] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   322] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   327] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   322] <... futex resumed>)        = 0
[pid   327] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   322] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   277] <... clone resumed>, child_tidptr=0x555563e9d690) = 351
[pid   327] <... openat resumed>)       = 4
./strace-static-x86_64: Process 351 attached
[pid   327] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   322] <... futex resumed>)        = 0
[pid   327] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   322] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   327] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   322] <... futex resumed>)        = 0
[pid   327] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   322] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   327] <... pwrite64 resumed>)     = 87490
[pid   327] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   322] <... futex resumed>)        = 0
[pid   327] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   322] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   327] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   322] <... futex resumed>)        = 0
[pid   327] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   322] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   327] <... openat resumed>)       = 5
[pid   327] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   322] <... futex resumed>)        = 0
[pid   351] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   327] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   322] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   351] <... set_robust_list resumed>) = 0
[pid   327] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   322] <... futex resumed>)        = 0
[pid   351] chdir("./2" <unfinished ...>
[pid   327] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864executing program
 <unfinished ...>
[pid   322] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   351] <... chdir resumed>)        = 0
[pid   350] <... ioctl resumed>)        = 0
[pid   327] <... pwrite64 resumed>)     = 176128
[pid   322] <... futex resumed>)        = 0
[pid   273] <... umount2 resumed>)      = 0
[pid   351] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   350] close(3 <unfinished ...>
[pid   327] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   322] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   351] <... prctl resumed>)        = 0
[pid   350] <... close resumed>)        = 0
[pid   327] <... futex resumed>)        = 0
[pid   322] <... mmap resumed>)         = 0x7fe6cada4000
[pid   351] setpgid(0, 0 <unfinished ...>
[pid   350] close(4 <unfinished ...>
[pid   327] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   322] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   351] <... setpgid resumed>)      = 0
[pid   322] <... mprotect resumed>)     = 0
[pid   351] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   322] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   351] <... openat resumed>)       = 3
[pid   322] <... rt_sigprocmask resumed>[], 8) = 0
[pid   351] write(3, "1000", 4 <unfinished ...>
[pid   322] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} <unfinished ...>
[pid   351] <... write resumed>)        = 4
[pid   351] close(3 <unfinished ...>
[pid   322] <... clone3 resumed> => {parent_tid=[353]}, 88) = 353
[pid   351] <... close resumed>)        = 0
[pid   322] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   351] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   322] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   351] <... symlink resumed>)      = 0
[pid   322] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   351] write(1, "executing program\n", 18 <unfinished ...>
[pid   322] <... futex resumed>)        = 0
[pid   351] <... write resumed>)        = 18
[pid   322] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   351] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   351] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   351] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   351] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   351] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   351] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   351] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[354]}, 88) = 354
[pid   351] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   351] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   351] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 354 attached
 <unfinished ...>
[pid   354] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   354] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   354] memfd_create("syzkaller", 0) = 3
[pid   354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   354] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid   354] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   354] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   273] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 353 attached
) = 4
[pid   353] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   353] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   353] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   273] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   273] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   273] close(4)                    = 0
[   23.143643][  T344] EXT4-fs (loop2): Ignoring removed nobh option
[   23.150596][  T344] EXT4-fs (loop2): Ignoring removed bh option
[   23.166706][  T327] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   23.167236][  T344] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   273] rmdir("./1/file1")          = 0
[pid   273] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   273] close(3)                    = 0
[pid   273] rmdir("./1")                = 0
[pid   273] mkdir("./2", 0777)          = 0
[pid   273] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   353] <... pwrite64 resumed>)     = 176128
[pid   353] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   353] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   322] <... futex resumed>)        = 0
[pid   322] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   322] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   327] <... futex resumed>)        = 0
[pid   327] truncate("./file1", 1)      = 0
[pid   327] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   322] <... futex resumed>)        = 0
[pid   322] exit_group(0)               = ?
[pid   327] <... futex resumed>)        = ?
[pid   327] +++ exited with 0 +++
[pid   353] <... futex resumed>)        = ?
[pid   353] +++ exited with 0 +++
[pid   322] +++ exited with 0 +++
[pid   276] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=322, si_uid=0, si_status=0, si_utime=0, si_stime=6} ---
[pid   276] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   276] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   276] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   276] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   276] unlink("./1/binderfs")      = 0
[pid   276] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   350] <... close resumed>)        = 0
[pid   350] mkdir("./file1", 0777 <unfinished ...>
[pid   344] <... mount resumed>)        = 0
[pid   344] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   350] <... mkdir resumed>)        = 0
[pid   344] <... openat resumed>)       = 3
[pid   350] mount("/dev/loop1", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   344] chdir("./file1")            = 0
[pid   344] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   354] <... openat resumed>)       = 4
[pid   273] <... openat resumed>)       = 3
[pid   354] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   273] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   354] <... ioctl resumed>)        = 0
[pid   354] close(3)                    = 0
[pid   354] close(4 <unfinished ...>
[pid   344] <... openat resumed>)       = 4
[pid   344] ioctl(4, LOOP_CLR_FD)       = 0
[pid   344] close(4)                    = 0
[pid   273] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   273] close(3 <unfinished ...>
[pid   344] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   343] <... futex resumed>)        = 0
[pid   343] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   343] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   344] <... futex resumed>)        = 1
[   23.194702][  T353] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   23.200489][  T344] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   344] openat(AT_FDCWD, "./file1", O_RDWR) = 4
[pid   344] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   343] <... futex resumed>)        = 0
[pid   343] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   343] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   344] <... futex resumed>)        = 1
[pid   344] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900) = 87490
[pid   344] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   343] <... futex resumed>)        = 0
[pid   343] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   343] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   344] <... futex resumed>)        = 1
[pid   344] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   344] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   343] <... futex resumed>)        = 0
[pid   343] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   343] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   343] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   343] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   343] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   343] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[358]}, 88) = 358
[pid   343] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   343] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   343] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   344] <... futex resumed>)        = 1
[pid   344] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 358 attached
 <unfinished ...>
[pid   358] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   358] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   358] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   344] <... pwrite64 resumed>)     = 176128
[pid   344] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   23.266178][  T350] EXT4-fs (loop1): Ignoring removed nobh option
[   23.272525][  T350] EXT4-fs (loop1): Ignoring removed bh option
[   23.278628][  T350] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   23.282748][  T344] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   344] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   358] <... pwrite64 resumed>)     = 176128
[pid   358] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   343] <... futex resumed>)        = 0
[pid   343] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   343] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   358] <... futex resumed>)        = 1
[pid   358] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   344] <... futex resumed>)        = 0
[pid   344] truncate("./file1", 1)      = 0
[pid   344] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   343] <... futex resumed>)        = 0
[pid   343] exit_group(0)               = ?
[pid   344] <... futex resumed>)        = ?
[pid   344] +++ exited with 0 +++
[pid   358] <... futex resumed>)        = ?
[pid   358] +++ exited with 0 +++
[pid   343] +++ exited with 0 +++
[pid   275] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=343, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   275] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   275] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   275] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   275] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] unlink("./2/binderfs")      = 0
[pid   275] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   354] <... close resumed>)        = 0
[pid   350] <... mount resumed>)        = 0
[pid   354] mkdir("./file1", 0777)      = 0
[pid   354] mount("/dev/loop4", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   350] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   350] chdir("./file1")            = 0
[pid   350] openat(AT_FDCWD, "/dev/loop1", O_RDWRexecuting program
 <unfinished ...>
[pid   273] <... close resumed>)        = 0
[pid   273] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 361
./strace-static-x86_64: Process 361 attached
[pid   361] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   361] chdir("./2")                = 0
[pid   361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   361] setpgid(0, 0)               = 0
[pid   276] <... umount2 resumed>)      = 0
[pid   361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   361] write(3, "1000", 4)         = 4
[pid   361] close(3)                    = 0
[pid   361] symlink("/dev/binderfs", "./binderfs") = 0
[pid   361] write(1, "executing program\n", 18) = 18
[pid   361] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   361] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   361] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   361] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   361] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   361] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   361] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[362]}, 88) = 362
[pid   361] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   361] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   361] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 362 attached
 <unfinished ...>
[pid   362] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   362] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   362] memfd_create("syzkaller", 0) = 3
[pid   362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[   23.305626][  T358] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   23.310790][  T350] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   362] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   350] <... openat resumed>)       = 4
[pid   350] ioctl(4, LOOP_CLR_FD)       = 0
[pid   350] close(4)                    = 0
[pid   350] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   346] <... futex resumed>)        = 0
[pid   346] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   346] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   350] <... futex resumed>)        = 1
[pid   350] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   362] <... write resumed>)        = 524288
[pid   350] <... openat resumed>)       = 4
[pid   350] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   276] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   346] <... futex resumed>)        = 0
[pid   346] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   346] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   350] <... futex resumed>)        = 1
[pid   350] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   362] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   362] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   276] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   350] <... pwrite64 resumed>)     = 87490
[pid   350] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   346] <... futex resumed>)        = 0
[pid   346] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   346] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   350] <... futex resumed>)        = 1
[pid   350] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   350] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   346] <... futex resumed>)        = 0
[pid   346] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   346] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   346] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   346] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   346] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   346] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[363]}, 88) = 363
[pid   346] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   346] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   346] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   350] <... futex resumed>)        = 1
[pid   350] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 363 attached
 <unfinished ...>
[pid   363] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   363] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   363] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   276] newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   276] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   276] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   276] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   276] close(4)                    = 0
[pid   276] rmdir("./1/file1")          = 0
[pid   276] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   276] close(3)                    = 0
[pid   276] rmdir("./1")                = 0
[pid   276] mkdir("./2", 0777)          = 0
[pid   276] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   350] <... pwrite64 resumed>)     = 176128
[pid   350] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   23.389261][  T354] EXT4-fs (loop4): Ignoring removed nobh option
[   23.399743][  T354] EXT4-fs (loop4): Ignoring removed bh option
[   23.405930][  T354] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   23.418510][  T350] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   350] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   354] <... mount resumed>)        = 0
[pid   354] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   354] chdir("./file1")            = 0
[pid   354] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   346] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   346] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   350] <... futex resumed>)        = 0
[pid   346] <... futex resumed>)        = 1
[pid   363] <... pwrite64 resumed>)     = 176128
[pid   350] truncate("./file1", 1 <unfinished ...>
[pid   346] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   363] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   363] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   350] <... truncate resumed>)     = 0
[pid   350] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   350] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   346] <... futex resumed>)        = 0
[pid   346] exit_group(0 <unfinished ...>
[pid   363] <... futex resumed>)        = ?
[pid   350] <... futex resumed>)        = ?
[pid   346] <... exit_group resumed>)   = ?
[pid   350] +++ exited with 0 +++
[pid   363] +++ exited with 0 +++
[pid   346] +++ exited with 0 +++
[pid   274] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=346, si_uid=0, si_status=0, si_utime=0, si_stime=7} ---
[pid   274] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   362] <... openat resumed>)       = 4
[pid   276] <... openat resumed>)       = 3
[pid   275] <... umount2 resumed>)      = 0
[pid   274] <... restart_syscall resumed>) = 0
[pid   275] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] newfstatat(AT_FDCWD, "./2/file1",  <unfinished ...>
[pid   274] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   275] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   274] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   275] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   274] <... openat resumed>)       = 3
[pid   275] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   274] newfstatat(3, "",  <unfinished ...>
[pid   275] <... openat resumed>)       = 4
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] newfstatat(4, "",  <unfinished ...>
[pid   274] getdents64(3,  <unfinished ...>
[pid   275] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   274] <... getdents64 resumed>0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   275] getdents64(4,  <unfinished ...>
[pid   274] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] <... getdents64 resumed>0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   275] getdents64(4,  <unfinished ...>
[pid   274] newfstatat(AT_FDCWD, "./2/binderfs",  <unfinished ...>
[pid   275] <... getdents64 resumed>0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   274] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] close(4 <unfinished ...>
[pid   274] unlink("./2/binderfs" <unfinished ...>
[pid   275] <... close resumed>)        = 0
[pid   274] <... unlink resumed>)       = 0
[pid   275] rmdir("./2/file1" <unfinished ...>
[pid   274] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   362] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   276] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   275] <... rmdir resumed>)        = 0
[pid   275] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   275] close(3)                    = 0
[pid   275] rmdir("./2")                = 0
[pid   275] mkdir("./3", 0777)          = 0
[pid   275] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   362] <... ioctl resumed>)        = 0
[pid   276] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   362] close(3 <unfinished ...>
[pid   276] close(3 <unfinished ...>
[pid   362] <... close resumed>)        = 0
[pid   362] close(4 <unfinished ...>
[pid   276] <... close resumed>)        = 0
[pid   276] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 367 attached
[   23.434152][  T354] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   23.434566][  T363] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
, child_tidptr=0x555563e9d690) = 367
[pid   367] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   367] chdir("./2")                = 0
[pid   367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   367] setpgid(0, 0)               = 0
[pid   367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   367] write(3, "1000", 4)         = 4
[pid   367] close(3)                    = 0
[pid   367] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   367] write(1, "executing program\n", 18) = 18
[pid   367] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   367] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   367] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   367] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   367] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   367] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   367] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[368]}, 88) = 368
[pid   367] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   367] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   367] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 368 attached
 <unfinished ...>
[pid   368] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   368] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   368] memfd_create("syzkaller", 0) = 3
[pid   368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid   368] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   368] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   362] <... close resumed>)        = 0
[pid   362] mkdir("./file1", 0777 <unfinished ...>
[pid   354] <... openat resumed>)       = 4
[pid   275] <... openat resumed>)       = 3
[pid   274] <... umount2 resumed>)      = 0
[pid   362] <... mkdir resumed>)        = 0
[pid   354] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   275] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   274] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   362] mount("/dev/loop0", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   354] <... ioctl resumed>)        = 0
[pid   275] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   354] close(4 <unfinished ...>
[pid   275] close(3 <unfinished ...>
[pid   274] newfstatat(AT_FDCWD, "./2/file1",  <unfinished ...>
[pid   354] <... close resumed>)        = 0
[pid   275] <... close resumed>)        = 0
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   354] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   275] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   274] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   354] <... futex resumed>)        = 1
[pid   351] <... futex resumed>)        = 0
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   354] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   351] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   275] <... clone resumed>, child_tidptr=0x555563e9d690) = 369
[pid   274] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   351] <... futex resumed>)        = 0
[pid   274] <... openat resumed>)       = 4
[pid   354] <... openat resumed>)       = 4
[pid   351] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   354] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   351] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   274] newfstatat(4, "",  <unfinished ...>
[pid   354] <... futex resumed>)        = 0
[pid   351] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   354] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   351] <... futex resumed>)        = 0
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   351] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   274] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   274] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   274] close(4)                    = 0
[pid   274] rmdir("./2/file1")          = 0
[pid   274] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   274] close(3)                    = 0
[pid   274] rmdir("./2")                = 0
[pid   274] mkdir("./3", 0777)          = 0
[pid   274] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3
[pid   274] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   274] close(3)                    = 0
[pid   274] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 370
[pid   368] <... openat resumed>)       = 4
[pid   368] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 370 attached
./strace-static-x86_64: Process 369 attached
 <unfinished ...>
[pid   354] <... pwrite64 resumed>)     = 87490
[pid   354] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   351] <... futex resumed>)        = 0
[pid   354] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   351] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   354] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   351] <... futex resumed>)        = 0
[pid   354] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   351] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   354] <... openat resumed>)       = 5
[pid   354] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   351] <... futex resumed>)        = 0
[pid   354] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   351] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   369] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   354] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   351] <... futex resumed>)        = 0
executing program
[pid   369] <... set_robust_list resumed>) = 0
[pid   354] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   351] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   370] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   370] chdir("./3")                = 0
[pid   370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   370] setpgid(0, 0)               = 0
[pid   370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   370] write(3, "1000", 4)         = 4
[pid   370] close(3)                    = 0
[pid   370] symlink("/dev/binderfs", "./binderfs") = 0
[pid   370] write(1, "executing program\n", 18) = 18
[pid   370] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   370] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   370] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   370] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   370] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   370] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   370] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[372]}, 88) = 372
[pid   370] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   370] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   370] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   369] chdir("./3")                = 0
[pid   369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   369] setpgid(0, 0)               = 0
[pid   369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   369] write(3, "1000", 4)         = 4
[pid   369] close(3)                    = 0
[pid   369] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   369] write(1, "executing program\n", 18) = 18
[pid   369] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   369] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   369] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   369] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   369] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   369] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   369] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[373]}, 88) = 373
[pid   369] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   369] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   369] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   368] <... ioctl resumed>)        = 0
[pid   368] close(3)                    = 0
[pid   368] close(4 <unfinished ...>
[pid   351] <... futex resumed>)        = 0
[pid   351] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   351] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   351] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   351] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[374]}, 88) = 374
[pid   351] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   351] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   351] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   368] <... close resumed>)        = 0
[pid   368] mkdir("./file1", 0777)      = 0
[pid   368] mount("/dev/loop3", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"..../strace-static-x86_64: Process 374 attached
 <unfinished ...>
[pid   374] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   374] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   23.581452][  T362] EXT4-fs (loop0): Ignoring removed nobh option
[   23.593017][  T362] EXT4-fs (loop0): Ignoring removed bh option
[   23.599512][  T362] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   23.604195][  T354] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   374] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 373 attached
./strace-static-x86_64: Process 372 attached
 <unfinished ...>
[pid   354] <... pwrite64 resumed>)     = 176128
[pid   373] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   372] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   354] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   372] <... set_robust_list resumed>) = 0
[pid   373] <... set_robust_list resumed>) = 0
[pid   354] <... futex resumed>)        = 0
[pid   373] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   372] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   354] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   351] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   351] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   23.633744][  T362] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   23.647388][  T368] EXT4-fs (loop3): Ignoring removed nobh option
[   23.664370][  T368] EXT4-fs (loop3): Ignoring removed bh option
[pid   351] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   373] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   372] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   354] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   362] <... mount resumed>)        = 0
[pid   362] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   373] memfd_create("syzkaller", 0 <unfinished ...>
[pid   372] memfd_create("syzkaller", 0 <unfinished ...>
[pid   354] truncate("./file1", 1 <unfinished ...>
[pid   373] <... memfd_create resumed>) = 3
[pid   372] <... memfd_create resumed>) = 3
[pid   373] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   373] <... mmap resumed>)         = 0x7fe6c29c5000
[pid   372] <... mmap resumed>)         = 0x7fe6c29c5000
[pid   373] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   354] <... truncate resumed>)     = 0
[pid   354] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   351] <... futex resumed>)        = 0
[pid   354] <... futex resumed>)        = 1
[pid   354] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   374] <... pwrite64 resumed>)     = 176128
[pid   374] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   374] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   351] exit_group(0)               = ?
[pid   354] <... futex resumed>)        = ?
[pid   354] +++ exited with 0 +++
[pid   374] <... futex resumed>)        = ?
[pid   372] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   374] +++ exited with 0 +++
[pid   351] +++ exited with 0 +++
[pid   277] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=351, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   277] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   362] <... openat resumed>)       = 3
[pid   362] chdir("./file1")            = 0
[pid   362] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   362] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   372] <... write resumed>)        = 524288
[pid   362] <... ioctl resumed>)        = 0
[pid   277] <... restart_syscall resumed>) = 0
[pid   277] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   373] <... write resumed>)        = 524288
[pid   372] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   277] newfstatat(3, "",  <unfinished ...>
[pid   373] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   277] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   277] getdents64(3,  <unfinished ...>
[pid   373] <... munmap resumed>)       = 0
[pid   372] <... munmap resumed>)       = 0
[pid   373] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   372] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   362] close(4 <unfinished ...>
[pid   277] <... getdents64 resumed>0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   277] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   372] <... openat resumed>)       = 4
[pid   373] <... openat resumed>)       = 4
[pid   372] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   277] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   373] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   277] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   277] unlink("./2/binderfs")      = 0
[   23.665430][  T374] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   23.670675][  T368] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   277] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   372] <... ioctl resumed>)        = 0
[pid   372] close(3)                    = 0
[pid   372] close(4 <unfinished ...>
[pid   368] <... mount resumed>)        = 0
[pid   373] <... ioctl resumed>)        = 0
[pid   368] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   373] close(3 <unfinished ...>
[pid   368] chdir("./file1")            = 0
[pid   368] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   373] <... close resumed>)        = 0
[pid   373] close(4 <unfinished ...>
[pid   362] <... close resumed>)        = 0
[pid   362] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   372] <... close resumed>)        = 0
[pid   362] <... futex resumed>)        = 1
[pid   361] <... futex resumed>)        = 0
[pid   362] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   361] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   372] mkdir("./file1", 0777 <unfinished ...>
[pid   361] <... futex resumed>)        = 0
[pid   362] <... openat resumed>)       = 4
[pid   361] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   372] <... mkdir resumed>)        = 0
[pid   362] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   361] <... futex resumed>)        = 0
[pid   362] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   361] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   372] mount("/dev/loop1", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   361] <... futex resumed>)        = 0
[pid   361] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   362] <... pwrite64 resumed>)     = 87490
[pid   362] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   361] <... futex resumed>)        = 0
[pid   361] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   361] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   362] <... futex resumed>)        = 1
[pid   362] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   362] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   361] <... futex resumed>)        = 0
[pid   361] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   361] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   361] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   361] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   361] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   361] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} <unfinished ...>
[pid   362] <... futex resumed>)        = 1
[pid   362] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   361] <... clone3 resumed> => {parent_tid=[381]}, 88) = 381
./strace-static-x86_64: Process 381 attached
[pid   361] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   381] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   361] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   381] <... set_robust_list resumed>) = 0
[pid   361] <... futex resumed>)        = 0
[pid   381] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   361] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   381] <... rt_sigprocmask resumed>NULL, 8) = 0
[   23.711075][  T368] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   381] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   362] <... pwrite64 resumed>)     = 176128
[pid   362] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   362] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   381] <... pwrite64 resumed>)     = 176128
[pid   381] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   361] <... futex resumed>)        = 0
[pid   361] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   361] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   362] <... futex resumed>)        = 0
[pid   362] truncate("./file1", 1 <unfinished ...>
[pid   381] <... futex resumed>)        = 1
[pid   381] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   362] <... truncate resumed>)     = 0
[pid   362] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   361] <... futex resumed>)        = 0
[pid   361] exit_group(0)               = ?
[pid   381] <... futex resumed>)        = ?
[pid   381] +++ exited with 0 +++
[pid   362] <... futex resumed>)        = ?
[pid   362] +++ exited with 0 +++
[pid   361] +++ exited with 0 +++
[pid   273] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=361, si_uid=0, si_status=0, si_utime=0, si_stime=6} ---
[pid   273] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   273] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   273] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   273] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] unlink("./2/binderfs" <unfinished ...>
[pid   368] <... openat resumed>)       = 4
[pid   273] <... unlink resumed>)       = 0
[pid   368] ioctl(4, LOOP_CLR_FD <unfinished ...>
[   23.767295][  T362] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   23.782259][  T381] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   273] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   373] <... close resumed>)        = 0
[pid   373] mkdir("./file1", 0777 <unfinished ...>
[pid   277] <... umount2 resumed>)      = 0
[pid   373] <... mkdir resumed>)        = 0
[pid   373] mount("/dev/loop2", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   277] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] newfstatat(AT_FDCWD, "./2/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   277] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   277] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   277] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   277] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   277] close(4)                    = 0
[pid   277] rmdir("./2/file1")          = 0
[pid   277] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   277] close(3)                    = 0
[pid   277] rmdir("./2")                = 0
[pid   277] mkdir("./3", 0777)          = 0
[   23.861774][  T372] EXT4-fs (loop1): Ignoring removed nobh option
[   23.869240][  T372] EXT4-fs (loop1): Ignoring removed bh option
[   23.875421][  T372] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   277] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   372] <... mount resumed>)        = 0
[pid   372] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   372] chdir("./file1")            = 0
[pid   372] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   368] <... ioctl resumed>)        = 0
[   23.890219][  T372] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   368] close(4)                    = 0
[pid   277] <... openat resumed>)       = 3
[pid   273] <... umount2 resumed>)      = 0
[pid   277] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   277] close(3)                    = 0
[pid   277] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 384
[pid   368] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   273] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 384 attached
 <unfinished ...>
[pid   372] <... openat resumed>)       = 4
[pid   368] <... futex resumed>)        = 1
[pid   367] <... futex resumed>)        = 0
[pid   273] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   384] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   372] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   368] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   367] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   273] newfstatat(AT_FDCWD, "./2/file1",  <unfinished ...>
[pid   384] <... set_robust_list resumed>) = 0
[pid   372] <... ioctl resumed>)        = 0
[pid   368] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   367] <... futex resumed>)        = 0
[pid   273] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   384] chdir("./3" <unfinished ...>
[pid   372] close(4 <unfinished ...>
[pid   368] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   367] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   273] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   384] <... chdir resumed>)        = 0
[pid   372] <... close resumed>)        = 0
[pid   368] <... openat resumed>)       = 4
[pid   368] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000executing program
 <unfinished ...>
[pid   273] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   384] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   372] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   368] <... futex resumed>)        = 1
[pid   367] <... futex resumed>)        = 0
[pid   273] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   384] <... prctl resumed>)        = 0
[pid   372] <... futex resumed>)        = 1
[pid   370] <... futex resumed>)        = 0
[pid   273] <... openat resumed>)       = 4
[pid   384] setpgid(0, 0 <unfinished ...>
[pid   372] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   370] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   273] newfstatat(4, "",  <unfinished ...>
[pid   384] <... setpgid resumed>)      = 0
[pid   372] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   370] <... futex resumed>)        = 0
[pid   273] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   384] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   372] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   370] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   273] getdents64(4,  <unfinished ...>
[pid   384] <... openat resumed>)       = 3
[pid   273] <... getdents64 resumed>0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   384] write(3, "1000", 4 <unfinished ...>
[pid   273] getdents64(4,  <unfinished ...>
[pid   384] <... write resumed>)        = 4
[pid   273] <... getdents64 resumed>0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   384] close(3 <unfinished ...>
[pid   273] close(4 <unfinished ...>
[pid   384] <... close resumed>)        = 0
[pid   273] <... close resumed>)        = 0
[pid   384] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   273] rmdir("./2/file1" <unfinished ...>
[pid   384] <... symlink resumed>)      = 0
[pid   273] <... rmdir resumed>)        = 0
[pid   384] write(1, "executing program\n", 18 <unfinished ...>
[pid   273] getdents64(3,  <unfinished ...>
[pid   384] <... write resumed>)        = 18
[pid   273] <... getdents64 resumed>0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   384] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   273] close(3 <unfinished ...>
[pid   384] <... futex resumed>)        = 0
[pid   273] <... close resumed>)        = 0
[pid   384] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   273] rmdir("./2" <unfinished ...>
[pid   384] <... rt_sigaction resumed>NULL, 8) = 0
[pid   273] <... rmdir resumed>)        = 0
[pid   384] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   273] mkdir("./3", 0777 <unfinished ...>
[pid   384] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   273] <... mkdir resumed>)        = 0
[pid   384] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   273] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   384] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   273] <... openat resumed>)       = 3
[pid   384] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   273] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   384] <... mprotect resumed>)     = 0
[pid   273] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   384] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   273] close(3 <unfinished ...>
[pid   384] <... rt_sigprocmask resumed>[], 8) = 0
[pid   273] <... close resumed>)        = 0
[pid   384] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} <unfinished ...>
[pid   273] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   384] <... clone3 resumed> => {parent_tid=[387]}, 88) = 387
[pid   273] <... clone resumed>, child_tidptr=0x555563e9d690) = 388
[pid   384] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   384] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   384] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[   23.952657][  T373] EXT4-fs (loop2): Ignoring removed nobh option
[   23.969601][  T373] EXT4-fs (loop2): Ignoring removed bh option
[   23.976027][  T373] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   368] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   367] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   368] <... futex resumed>)        = 0
[pid   367] <... futex resumed>)        = 1
[pid   368] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   367] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   368] <... pwrite64 resumed>)     = 87490
[pid   368] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   367] <... futex resumed>)        = 0
[pid   368] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   367] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   368] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   367] <... futex resumed>)        = 0
[pid   368] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   367] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   368] <... openat resumed>)       = 5
[pid   368] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   367] <... futex resumed>)        = 0
[pid   368] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   367] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   368] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   367] <... futex resumed>)        = 0
[pid   368] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   367] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 388 attached
./strace-static-x86_64: Process 387 attached
 <unfinished ...>
[pid   373] <... mount resumed>)        = 0
[pid   372] <... openat resumed>)       = 4
[pid   367] <... futex resumed>)        = 0
[pid   388] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   387] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   373] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   372] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   367] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   388] <... set_robust_list resumed>) = 0
[pid   387] <... set_robust_list resumed>) = 0
[pid   373] <... openat resumed>)       = 3
[pid   372] <... futex resumed>)        = 1
[pid   370] <... futex resumed>)        = 0
[pid   388] chdir("./3" <unfinished ...>
[pid   387] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   373] chdir("./file1" <unfinished ...>
[pid   372] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   370] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   367] <... mmap resumed>)         = 0x7fe6cada4000
[pid   388] <... chdir resumed>)        = 0
[pid   387] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   373] <... chdir resumed>)        = 0
[pid   372] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   370] <... futex resumed>)        = 0
[pid   367] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   388] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   387] memfd_create("syzkaller", 0 <unfinished ...>
[pid   373] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   372] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   370] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   388] <... prctl resumed>)        = 0
[pid   387] <... memfd_create resumed>) = 3
[pid   367] <... mprotect resumed>)     = 0
[pid   367] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   367] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[389]}, 88) = 389
[pid   367] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   367] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   372] <... pwrite64 resumed>)     = 87490
[pid   367] <... futex resumed>)        = 0
[pid   388] setpgid(0, 0 <unfinished ...>
[pid   387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   372] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   367] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   388] <... setpgid resumed>)      = 0
[pid   387] <... mmap resumed>)         = 0x7fe6c29c5000
[pid   372] <... futex resumed>)        = 1
[pid   370] <... futex resumed>)        = 0
[pid   388] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   370] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   370] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   373] <... openat resumed>)       = 4
[pid   373] ioctl(4, LOOP_CLR_FD)       = 0
[pid   373] close(4 <unfinished ...>
[pid   388] <... openat resumed>)       = 3
[pid   387] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   373] <... close resumed>)        = 0
[pid   372] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   373] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   369] <... futex resumed>)        = 0
[pid   373] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   369] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   369] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 389 attached
 <unfinished ...>
[pid   389] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   389] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   389] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   388] write(3, "1000", 4 <unfinished ...>
[pid   372] <... openat resumed>)       = 5
[pid   388] <... write resumed>)        = 4
[pid   373] <... openat resumed>)       = 4
[pid   372] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   370] <... futex resumed>)        = 0
[pid   372] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   370] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   388] close(3 <unfinished ...>
[pid   387] <... write resumed>)        = 524288
[pid   373] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   370] <... futex resumed>)        = 0
[pid   368] <... pwrite64 resumed>)     = 176128
[pid   388] <... close resumed>)        = 0
[pid   373] <... futex resumed>)        = 1
[pid   388] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   373] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULLexecuting program
 <unfinished ...>
[pid   388] <... symlink resumed>)      = 0
[pid   388] write(1, "executing program\n", 18) = 18
[pid   388] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   388] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   388] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   388] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   388] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   388] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   388] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[390]}, 88) = 390
[pid   388] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   388] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   388] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   387] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   387] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4
[pid   387] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   368] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   368] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 390 attached
 <unfinished ...>
[pid   387] <... ioctl resumed>)        = 0
[pid   387] close(3)                    = 0
[pid   387] close(4 <unfinished ...>
[pid   390] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   390] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   390] memfd_create("syzkaller", 0) = 3
[pid   390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[   23.992573][  T373] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   24.028757][  T368] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid   390] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   390] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   370] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   369] <... futex resumed>)        = 0
[pid   370] <... futex resumed>)        = 0
[pid   369] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   370] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   369] <... futex resumed>)        = 1
[pid   370] <... mmap resumed>)         = 0x7fe6cada4000
[pid   369] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   370] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   370] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   370] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[392]}, 88) = 392
[pid   370] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   370] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   370] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 392 attached
 <unfinished ...>
[pid   392] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   392] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   392] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   367] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   367] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} <unfinished ...>
[pid   389] <... pwrite64 resumed>)     = 176128
[pid   367] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   389] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   367] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} <unfinished ...>
[pid   389] <... futex resumed>)        = 0
[pid   367] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   389] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   367] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   367] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   373] <... futex resumed>)        = 0
[pid   373] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900) = 87490
[pid   373] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   369] <... futex resumed>)        = 0
[pid   369] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   369] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   373] <... futex resumed>)        = 1
[pid   373] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   373] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   368] <... futex resumed>)        = 0
[pid   368] truncate("./file1", 1 <unfinished ...>
[pid   373] <... futex resumed>)        = 1
[pid   372] <... pwrite64 resumed>)     = 176128
[pid   373] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   372] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   372] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   369] <... futex resumed>)        = 0
[pid   368] <... truncate resumed>)     = 0
[pid   369] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   369] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   369] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   369] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   369] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   369] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[393]}, 88) = 393
[pid   369] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   369] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   369] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   368] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   367] <... futex resumed>)        = 0
[pid   367] exit_group(0 <unfinished ...>
[pid   389] <... futex resumed>)        = ?
[pid   367] <... exit_group resumed>)   = ?
[pid   389] +++ exited with 0 +++
[pid   368] <... futex resumed>)        = ?
[pid   368] +++ exited with 0 +++
[pid   367] +++ exited with 0 +++
[pid   276] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=367, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   276] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 393 attached
 <unfinished ...>
[pid   393] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   393] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   393] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   392] <... pwrite64 resumed>)     = 176128
[pid   373] <... futex resumed>)        = 0
[pid   276] <... restart_syscall resumed>) = 0
[   24.052278][  T389] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   24.060199][  T372] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   24.082665][  T392] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   373] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   390] <... openat resumed>)       = 4
[pid   387] <... close resumed>)        = 0
[pid   390] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   387] mkdir("./file1", 0777 <unfinished ...>
[pid   276] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   387] <... mkdir resumed>)        = 0
[pid   276] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   387] mount("/dev/loop4", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   276] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   276] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   276] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   276] unlink("./2/binderfs" <unfinished ...>
[pid   392] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   276] <... unlink resumed>)       = 0
[pid   390] <... ioctl resumed>)        = 0
[pid   276] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   392] <... futex resumed>)        = 1
[pid   390] close(3 <unfinished ...>
[pid   370] <... futex resumed>)        = 0
[pid   392] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   390] <... close resumed>)        = 0
[pid   370] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   390] close(4 <unfinished ...>
[pid   372] <... futex resumed>)        = 0
[pid   370] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   393] <... pwrite64 resumed>)     = 176128
[pid   372] truncate("./file1", 1)      = 0
[pid   393] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   369] <... futex resumed>)        = 0
[pid   372] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   372] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   373] <... pwrite64 resumed>)     = 176128
[pid   373] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   373] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   393] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   369] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   369] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   373] <... futex resumed>)        = 0
[pid   373] truncate("./file1", 1 <unfinished ...>
[pid   370] <... futex resumed>)        = 0
[pid   370] exit_group(0)               = ?
[pid   392] <... futex resumed>)        = 231
[pid   372] <... futex resumed>)        = ?
[pid   372] +++ exited with 0 +++
[pid   392] +++ exited with 0 +++
[pid   370] +++ exited with 0 +++
[pid   274] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=370, si_uid=0, si_status=0, si_utime=0, si_stime=7} ---
[pid   274] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   373] <... truncate resumed>)     = 0
[pid   373] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   373] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   369] <... futex resumed>)        = 0
[pid   369] exit_group(0)               = ?
[pid   393] <... futex resumed>)        = ?
[pid   373] <... futex resumed>)        = ?
[pid   393] +++ exited with 0 +++
[pid   373] +++ exited with 0 +++
[pid   369] +++ exited with 0 +++
[pid   275] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=369, si_uid=0, si_status=0, si_utime=0, si_stime=7} ---
[pid   275] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   274] <... restart_syscall resumed>) = 0
[pid   274] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   274] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   274] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   274] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   274] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   274] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   274] unlink("./3/binderfs")      = 0
[pid   274] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] <... restart_syscall resumed>) = 0
[pid   275] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   275] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   275] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] unlink("./3/binderfs")      = 0
[pid   275] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   390] <... close resumed>)        = 0
[pid   390] mkdir("./file1", 0777)      = 0
[   24.091787][  T393] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   24.115140][  T373] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   390] mount("/dev/loop0", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"...) = 0
[pid   390] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   390] chdir("./file1")            = 0
[   24.173325][  T390] EXT4-fs (loop0): Ignoring removed nobh option
[   24.179633][  T390] EXT4-fs (loop0): Ignoring removed bh option
[   24.185717][  T390] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   24.200282][  T390] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   390] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   276] <... umount2 resumed>)      = 0
[pid   275] <... umount2 resumed>)      = 0
[pid   274] <... umount2 resumed>)      = 0
[pid   275] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] newfstatat(AT_FDCWD, "./3/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   275] newfstatat(4, "",  <unfinished ...>
[pid   276] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   274] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   275] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   275] close(4)                    = 0
[pid   275] rmdir("./3/file1")          = 0
[pid   275] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   275] close(3)                    = 0
[pid   275] rmdir("./3")                = 0
[pid   275] mkdir("./4", 0777 <unfinished ...>
[pid   276] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   275] <... mkdir resumed>)        = 0
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   390] <... openat resumed>)       = 4
[pid   276] newfstatat(AT_FDCWD, "./2/file1",  <unfinished ...>
[pid   275] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   274] newfstatat(AT_FDCWD, "./3/file1",  <unfinished ...>
[pid   276] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] <... openat resumed>)       = 3
[pid   276] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   276] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   275] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   274] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   276] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   275] close(3 <unfinished ...>
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   276] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] <... close resumed>)        = 0
[pid   274] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   276] getdents64(4,  <unfinished ...>
[pid   275] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   274] <... openat resumed>)       = 4
[pid   276] <... getdents64 resumed>0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   274] newfstatat(4, "",  <unfinished ...>
[pid   390] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   275] <... clone resumed>, child_tidptr=0x555563e9d690) = 397
[pid   274] getdents64(4,  <unfinished ...>
[pid   276] close(4 <unfinished ...>
[pid   390] <... ioctl resumed>)        = 0
[pid   274] <... getdents64 resumed>0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   276] <... close resumed>)        = 0
[pid   276] rmdir("./2/file1" <unfinished ...>
[pid   274] getdents64(4,  <unfinished ...>
[pid   390] close(4)                    = 0
[pid   390] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   276] <... rmdir resumed>)        = 0
[pid   274] <... getdents64 resumed>0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   276] getdents64(3,  <unfinished ...>
[pid   274] close(4 <unfinished ...>
[pid   276] <... getdents64 resumed>0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   274] <... close resumed>)        = 0
[pid   276] close(3 <unfinished ...>
[pid   274] rmdir("./3/file1" <unfinished ...>
[pid   388] <... futex resumed>)        = 0
[pid   276] <... close resumed>)        = 0
[pid   388] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   390] <... futex resumed>)        = 1
[pid   388] <... futex resumed>)        = 0
[pid   390] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   388] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   276] rmdir("./2" <unfinished ...>
[pid   274] <... rmdir resumed>)        = 0
[pid   276] <... rmdir resumed>)        = 0
[pid   274] getdents64(3,  <unfinished ...>
[pid   390] <... openat resumed>)       = 4
[pid   276] mkdir("./3", 0777 <unfinished ...>
[pid   274] <... getdents64 resumed>0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   390] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   388] <... futex resumed>)        = 0
[pid   390] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   388] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   390] <... pwrite64 resumed>)     = 87490
[pid   388] <... futex resumed>)        = 0
[pid   276] <... mkdir resumed>)        = 0
[pid   274] close(3 <unfinished ...>
[pid   388] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   276] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   274] <... close resumed>)        = 0
[pid   276] <... openat resumed>)       = 3
[pid   274] rmdir("./3" <unfinished ...>
[pid   276] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   390] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   388] <... futex resumed>)        = 0
[pid   388] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   276] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   274] <... rmdir resumed>)        = 0
[pid   388] <... futex resumed>)        = 0
[pid   388] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   276] close(3 <unfinished ...>
[pid   274] mkdir("./4", 0777 <unfinished ...>
[pid   276] <... close resumed>)        = 0
[pid   390] <... futex resumed>)        = 1
[pid   390] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   274] <... mkdir resumed>)        = 0
[pid   276] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   274] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   390] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   388] <... futex resumed>)        = 0
[pid   388] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   276] <... clone resumed>, child_tidptr=0x555563e9d690) = 398
[pid   274] <... openat resumed>)       = 3
[pid   388] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   274] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   388] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   274] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   388] <... mmap resumed>)         = 0x7fe6cada4000
[pid   274] close(3 <unfinished ...>
[pid   388] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   274] <... close resumed>)        = 0
[pid   388] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   274] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   388] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[399]}, 88) = 399
[pid   388] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   388] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   388] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   274] <... clone resumed>, child_tidptr=0x555563e9d690) = 400
[pid   390] <... futex resumed>)        = 1
[   24.319718][  T387] EXT4-fs (loop4): Ignoring removed nobh option
[   24.332592][  T387] EXT4-fs (loop4): Ignoring removed bh option
[pid   390] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 400 attached
./strace-static-x86_64: Process 398 attached
./strace-static-x86_64: Process 397 attached
) = 176128
[pid   390] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   390] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 399 attached
 <unfinished ...>
[pid   399] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   399] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   399] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   400] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   398] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   397] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   400] <... set_robust_list resumed>) = 0
[pid   398] <... set_robust_list resumed>) = 0
[pid   397] <... set_robust_list resumed>) = 0
[pid   400] chdir("./4" <unfinished ...>
[pid   398] chdir("./3" <unfinished ...>
[pid   397] chdir("./4" <unfinished ...>
[pid   400] <... chdir resumed>)        = 0
[pid   398] <... chdir resumed>)        = 0
[pid   397] <... chdir resumed>)        = 0
[pid   400] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   398] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   397] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   400] <... prctl resumed>)        = 0
[pid   398] <... prctl resumed>)        = 0
[pid   397] <... prctl resumed>)        = 0
[pid   400] setpgid(0, 0 <unfinished ...>
[pid   398] setpgid(0, 0 <unfinished ...>
[pid   397] setpgid(0, 0 <unfinished ...>
[pid   400] <... setpgid resumed>)      = 0
[pid   398] <... setpgid resumed>)      = 0
[pid   397] <... setpgid resumed>)      = 0
[pid   400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   400] <... openat resumed>)       = 3
[pid   398] <... openat resumed>)       = 3
[pid   397] <... openat resumed>)       = 3
[pid   400] write(3, "1000", 4 <unfinished ...>
[pid   398] write(3, "1000", 4 <unfinished ...>
[pid   397] write(3, "1000", 4 <unfinished ...>
[pid   400] <... write resumed>)        = 4
[pid   398] <... write resumed>)        = 4
[pid   397] <... write resumed>)        = 4
[pid   400] close(3 <unfinished ...>
[pid   398] close(3 <unfinished ...>
[pid   397] close(3 <unfinished ...>
[pid   400] <... close resumed>)        = 0
[pid   398] <... close resumed>)        = 0
[pid   397] <... close resumed>)        = 0
[pid   400] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   398] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   397] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   400] <... symlink resumed>)      = 0
[pid   398] <... symlink resumed>)      = 0
[pid   397] <... symlink resumed>)      = 0
executing program
executing program
executing program
[pid   400] write(1, "executing program\n", 18 <unfinished ...>
[pid   398] write(1, "executing program\n", 18 <unfinished ...>
[pid   397] write(1, "executing program\n", 18 <unfinished ...>
[pid   400] <... write resumed>)        = 18
[pid   399] <... pwrite64 resumed>)     = 176128
[pid   398] <... write resumed>)        = 18
[pid   397] <... write resumed>)        = 18
[pid   399] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   388] <... futex resumed>)        = 0
[pid   388] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   390] <... futex resumed>)        = 0
[pid   388] <... futex resumed>)        = 1
[pid   390] truncate("./file1", 1 <unfinished ...>
[pid   388] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   400] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   399] <... futex resumed>)        = 1
[pid   398] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   397] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   400] <... futex resumed>)        = 0
[pid   398] <... futex resumed>)        = 0
[pid   397] <... futex resumed>)        = 0
[pid   400] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   398] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   397] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   400] <... rt_sigaction resumed>NULL, 8) = 0
[pid   398] <... rt_sigaction resumed>NULL, 8) = 0
[pid   397] <... rt_sigaction resumed>NULL, 8) = 0
[pid   400] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   398] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   397] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   400] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   398] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   397] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   400] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   398] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   397] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   400] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   399] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   398] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   397] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   390] <... truncate resumed>)     = 0
[pid   390] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   388] <... futex resumed>)        = 0
[pid   400] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   398] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   397] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   390] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   388] exit_group(0 <unfinished ...>
[pid   400] <... mprotect resumed>)     = 0
[pid   398] <... mprotect resumed>)     = 0
[pid   397] <... mprotect resumed>)     = 0
[pid   390] <... futex resumed>)        = ?
[pid   388] <... exit_group resumed>)   = ?
[pid   400] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   390] +++ exited with 0 +++
[pid   398] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   397] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   400] <... rt_sigprocmask resumed>[], 8) = 0
[pid   397] <... rt_sigprocmask resumed>[], 8) = 0
[pid   398] <... rt_sigprocmask resumed>[], 8) = 0
[pid   399] <... futex resumed>)        = ?
[pid   399] +++ exited with 0 +++
[pid   388] +++ exited with 0 +++
[pid   400] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[403]}, 88) = 403
[pid   400] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   400] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   400] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   397] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[404]}, 88) = 404
[pid   397] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   397] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   397] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   398] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[405]}, 88) = 405
[pid   398] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   398] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   398] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   273] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=388, si_uid=0, si_status=0, si_utime=0, si_stime=7} ---
[   24.364465][  T390] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   24.366438][  T387] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   24.381583][  T399] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   273] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 403 attached
 <unfinished ...>
[pid   403] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   403] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   403] memfd_create("syzkaller", 0) = 3
[pid   403] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   403] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   273] <... restart_syscall resumed>) = 0
[pid   273] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   273] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   273] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] unlink("./3/binderfs")      = 0
[pid   273] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   403] <... write resumed>)        = 524288
[pid   403] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   403] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4
[pid   403] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 404 attached
 <unfinished ...>
[pid   404] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   404] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   404] memfd_create("syzkaller", 0) = 3
[pid   404] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   404] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid   404] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   404] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 405 attached
 <unfinished ...>
[pid   405] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   405] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   405] memfd_create("syzkaller", 0) = 3
[pid   405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   387] <... mount resumed>)        = 0
[pid   405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   403] <... ioctl resumed>)        = 0
[pid   387] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   403] close(3)                    = 0
[pid   403] close(4)                    = 0
[pid   403] mkdir("./file1", 0777)      = 0
[pid   403] mount("/dev/loop1", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   404] <... openat resumed>)       = 4
[pid   404] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   405] <... write resumed>)        = 524288
[pid   387] <... openat resumed>)       = 3
[pid   387] chdir("./file1")            = 0
[pid   387] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   405] munmap(0x7fe6c29c5000, 138412032) = 0
[   24.412315][  T387] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   24.443009][  T403] EXT4-fs (loop1): Ignoring removed nobh option
[   24.449409][  T403] EXT4-fs (loop1): Ignoring removed bh option
[pid   405] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   403] <... mount resumed>)        = 0
[pid   403] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   403] chdir("./file1")            = 0
[pid   403] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   404] <... ioctl resumed>)        = 0
[pid   404] close(3)                    = 0
[pid   404] close(4 <unfinished ...>
[pid   273] <... umount2 resumed>)      = 0
[pid   273] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] newfstatat(AT_FDCWD, "./3/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   273] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   273] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   273] close(4)                    = 0
[pid   273] rmdir("./3/file1")          = 0
[pid   273] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   273] close(3)                    = 0
[pid   273] rmdir("./3")                = 0
[pid   273] mkdir("./4", 0777)          = 0
[pid   273] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   404] <... close resumed>)        = 0
[pid   403] <... openat resumed>)       = 4
[pid   404] mkdir("./file1", 0777 <unfinished ...>
[pid   403] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   404] <... mkdir resumed>)        = 0
[   24.455492][  T403] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   24.470554][  T403] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   404] mount("/dev/loop2", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   405] <... openat resumed>)       = 4
[pid   387] <... openat resumed>)       = 4
[pid   405] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   387] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   405] <... ioctl resumed>)        = 0
[pid   403] <... ioctl resumed>)        = 0
[pid   403] close(4)                    = 0
[pid   387] <... ioctl resumed>)        = 0
[pid   273] <... openat resumed>)       = 3
[pid   403] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   405] close(3 <unfinished ...>
[pid   403] <... futex resumed>)        = 1
[pid   400] <... futex resumed>)        = 0
[pid   387] close(4 <unfinished ...>
[pid   273] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   403] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   400] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   403] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   273] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   400] <... futex resumed>)        = 0
[pid   403] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   400] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   273] close(3 <unfinished ...>
[pid   405] <... close resumed>)        = 0
[pid   387] <... close resumed>)        = 0
[pid   405] close(4 <unfinished ...>
[pid   403] <... openat resumed>)       = 4
[pid   387] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   273] <... close resumed>)        = 0
[pid   403] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   273] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   403] <... futex resumed>)        = 1
[pid   400] <... futex resumed>)        = 0
[pid   403] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   400] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   403] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   400] <... futex resumed>)        = 0
[pid   403] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   400] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   405] <... close resumed>)        = 0
[pid   387] <... futex resumed>)        = 1
[pid   384] <... futex resumed>)        = 0
[pid   405] mkdir("./file1", 0777 <unfinished ...>
[pid   387] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   384] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   405] <... mkdir resumed>)        = 0
[pid   387] <... openat resumed>)       = 4
[pid   384] <... futex resumed>)        = 0
[pid   405] mount("/dev/loop3", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   387] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   384] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   387] <... futex resumed>)        = 0
[pid   384] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   387] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   384] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   403] <... pwrite64 resumed>)     = 87490
[pid   387] <... pwrite64 resumed>)     = 87490
[pid   384] <... futex resumed>)        = 0
[pid   403] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   384] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   273] <... clone resumed>, child_tidptr=0x555563e9d690) = 411
[pid   403] <... futex resumed>)        = 1
[pid   400] <... futex resumed>)        = 0
[pid   387] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   384] <... futex resumed>)        = 0
[pid   384] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   384] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   387] <... futex resumed>)        = 1
[pid   387] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   387] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   384] <... futex resumed>)        = 0
[pid   384] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   384] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   384] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   384] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   384] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   384] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[412]}, 88) = 412
[pid   384] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   384] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   400] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   384] <... futex resumed>)        = 0
[pid   403] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   400] <... futex resumed>)        = 0
[pid   387] <... futex resumed>)        = 1
[pid   384] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   403] <... openat resumed>)       = 5
[pid   400] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   387] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   403] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   400] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   403] <... futex resumed>)        = 0
[pid   400] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   403] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   400] <... futex resumed>)        = 0
[   24.577472][  T404] EXT4-fs (loop2): Ignoring removed nobh option
[   24.588912][  T404] EXT4-fs (loop2): Ignoring removed bh option
[   24.590158][  T405] EXT4-fs (loop3): Ignoring removed nobh option
[   24.601105][  T403] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   400] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 412 attached
./strace-static-x86_64: Process 411 attached
) = 0
[pid   387] <... pwrite64 resumed>)     = 176128
[pid   387] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   387] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULLexecuting program
 <unfinished ...>
[pid   412] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   411] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   400] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   384] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   412] <... set_robust_list resumed>) = 0
[pid   411] <... set_robust_list resumed>) = 0
[pid   400] <... mmap resumed>)         = 0x7fe6cada4000
[pid   384] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   412] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   411] chdir("./4" <unfinished ...>
[pid   400] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   384] <... futex resumed>)        = 1
[pid   412] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   411] <... chdir resumed>)        = 0
[pid   400] <... mprotect resumed>)     = 0
[pid   384] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   412] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   411] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   400] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   411] <... prctl resumed>)        = 0
[pid   400] <... rt_sigprocmask resumed>[], 8) = 0
[pid   411] setpgid(0, 0 <unfinished ...>
[pid   400] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} <unfinished ...>
[pid   411] <... setpgid resumed>)      = 0
[pid   411] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   400] <... clone3 resumed> => {parent_tid=[413]}, 88) = 413
[pid   411] <... openat resumed>)       = 3
[pid   400] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   411] write(3, "1000", 4 <unfinished ...>
[pid   400] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   411] <... write resumed>)        = 4
[pid   400] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   411] close(3 <unfinished ...>
[pid   400] <... futex resumed>)        = 0
[pid   411] <... close resumed>)        = 0
[pid   400] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   411] symlink("/dev/binderfs", "./binderfs") = 0
[pid   411] write(1, "executing program\n", 18) = 18
[pid   411] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   411] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   411] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   411] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   411] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   411] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   411] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[414]}, 88) = 414
[pid   411] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   411] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   411] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   403] <... pwrite64 resumed>)     = 176128
[pid   403] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   403] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   387] <... futex resumed>)        = 0
[pid   387] truncate("./file1", 1 <unfinished ...>
[pid   412] <... pwrite64 resumed>)     = 176128
[pid   387] <... truncate resumed>)     = 0
[pid   412] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   412] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   387] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   384] <... futex resumed>)        = 0
[pid   387] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   384] exit_group(0 <unfinished ...>
[pid   412] <... futex resumed>)        = ?
[pid   387] <... futex resumed>)        = ?
[pid   384] <... exit_group resumed>)   = ?
[pid   412] +++ exited with 0 +++
[pid   387] +++ exited with 0 +++
[pid   384] +++ exited with 0 +++
[pid   277] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=384, si_uid=0, si_status=0, si_utime=0, si_stime=4} ---
[pid   277] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 413 attached
 <unfinished ...>
[pid   413] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   413] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   413] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 414 attached
 <unfinished ...>
[pid   277] <... restart_syscall resumed>) = 0
[pid   277] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   277] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[   24.604193][  T387] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   24.624248][  T404] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   24.632291][  T405] EXT4-fs (loop3): Ignoring removed bh option
[   24.647895][  T412] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   24.660680][  T413] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   277] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   277] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   277] unlink("./3/binderfs")      = 0
[pid   277] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   413] <... pwrite64 resumed>)     = 176128
[pid   413] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   400] <... futex resumed>)        = 0
[pid   400] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   403] <... futex resumed>)        = 0
[pid   400] <... futex resumed>)        = 1
[pid   403] truncate("./file1", 1 <unfinished ...>
[pid   400] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   403] <... truncate resumed>)     = 0
[pid   403] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   400] <... futex resumed>)        = 0
[pid   400] exit_group(0)               = ?
[pid   403] <... futex resumed>)        = ?
[pid   403] +++ exited with 0 +++
[pid   413] <... futex resumed>)        = ?
[pid   413] +++ exited with 0 +++
[pid   400] +++ exited with 0 +++
[pid   274] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=400, si_uid=0, si_status=0, si_utime=0, si_stime=6} ---
[pid   274] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   414] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   414] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   414] memfd_create("syzkaller", 0) = 3
[pid   414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   274] <... restart_syscall resumed>) = 0
[pid   414] <... write resumed>)        = 524288
[pid   414] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   414] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   274] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   274] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   274] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   274] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   274] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   274] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   274] unlink("./4/binderfs")      = 0
[pid   274] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   414] <... ioctl resumed>)        = 0
[pid   414] close(3)                    = 0
[pid   414] close(4 <unfinished ...>
[pid   404] <... mount resumed>)        = 0
[pid   404] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   404] chdir("./file1")            = 0
[   24.663007][  T405] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   24.690437][  T404] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   404] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   405] <... mount resumed>)        = 0
[pid   414] <... close resumed>)        = 0
[pid   404] <... openat resumed>)       = 4
[pid   414] mkdir("./file1", 0777 <unfinished ...>
[pid   405] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   404] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   405] <... openat resumed>)       = 3
[pid   414] <... mkdir resumed>)        = 0
[pid   405] chdir("./file1")            = 0
[pid   405] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[   24.720348][  T405] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   414] mount("/dev/loop0", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   404] <... ioctl resumed>)        = 0
[pid   404] close(4)                    = 0
[pid   277] <... umount2 resumed>)      = 0
[pid   274] <... umount2 resumed>)      = 0
[pid   404] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   274] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   404] <... futex resumed>)        = 1
[pid   397] <... futex resumed>)        = 0
[pid   277] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   404] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   397] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] newfstatat(AT_FDCWD, "./3/file1",  <unfinished ...>
[pid   274] newfstatat(AT_FDCWD, "./4/file1",  <unfinished ...>
[pid   404] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   397] <... futex resumed>)        = 0
[pid   277] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   404] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   397] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   277] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   274] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   404] <... openat resumed>)       = 4
[pid   277] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   404] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   274] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   404] <... futex resumed>)        = 1
[pid   397] <... futex resumed>)        = 0
[pid   277] <... openat resumed>)       = 4
[pid   274] <... openat resumed>)       = 4
[pid   404] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   397] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] newfstatat(4, "",  <unfinished ...>
[pid   274] newfstatat(4, "",  <unfinished ...>
[pid   404] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   397] <... futex resumed>)        = 0
[pid   277] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   405] <... openat resumed>)       = 4
[pid   404] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   397] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   277] getdents64(4,  <unfinished ...>
[pid   274] getdents64(4,  <unfinished ...>
[pid   405] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   404] <... pwrite64 resumed>)     = 87490
[pid   277] <... getdents64 resumed>0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   274] <... getdents64 resumed>0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   405] <... ioctl resumed>)        = 0
[pid   404] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] getdents64(4,  <unfinished ...>
[pid   274] getdents64(4,  <unfinished ...>
[pid   405] close(4 <unfinished ...>
[pid   404] <... futex resumed>)        = 1
[pid   397] <... futex resumed>)        = 0
[pid   277] <... getdents64 resumed>0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   274] <... getdents64 resumed>0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   405] <... close resumed>)        = 0
[pid   404] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   397] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] close(4 <unfinished ...>
[pid   274] close(4 <unfinished ...>
[pid   405] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   404] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   397] <... futex resumed>)        = 0
[pid   277] <... close resumed>)        = 0
[pid   274] <... close resumed>)        = 0
[pid   405] <... futex resumed>)        = 1
[pid   404] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   398] <... futex resumed>)        = 0
[pid   397] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   277] rmdir("./3/file1" <unfinished ...>
[pid   274] rmdir("./4/file1" <unfinished ...>
[pid   405] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   404] <... openat resumed>)       = 5
[pid   398] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] <... rmdir resumed>)        = 0
[pid   274] <... rmdir resumed>)        = 0
[pid   405] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   404] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   398] <... futex resumed>)        = 0
[pid   277] getdents64(3,  <unfinished ...>
[pid   274] getdents64(3,  <unfinished ...>
[pid   405] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   404] <... futex resumed>)        = 1
[pid   398] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   397] <... futex resumed>)        = 0
[pid   277] <... getdents64 resumed>0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   274] <... getdents64 resumed>0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   405] <... openat resumed>)       = 4
[pid   404] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   397] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] close(3 <unfinished ...>
[pid   274] close(3 <unfinished ...>
[pid   405] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   404] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   397] <... futex resumed>)        = 0
[pid   277] <... close resumed>)        = 0
[pid   274] <... close resumed>)        = 0
[pid   405] <... futex resumed>)        = 1
[pid   404] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   398] <... futex resumed>)        = 0
[pid   397] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   277] rmdir("./3" <unfinished ...>
[pid   274] rmdir("./4" <unfinished ...>
[pid   405] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   398] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   397] <... futex resumed>)        = 0
[pid   277] <... rmdir resumed>)        = 0
[pid   274] <... rmdir resumed>)        = 0
[pid   405] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   398] <... futex resumed>)        = 0
[pid   397] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   277] mkdir("./4", 0777 <unfinished ...>
[pid   274] mkdir("./5", 0777 <unfinished ...>
[pid   405] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   398] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   397] <... mmap resumed>)         = 0x7fe6cada4000
[pid   277] <... mkdir resumed>)        = 0
[pid   274] <... mkdir resumed>)        = 0
[pid   405] <... pwrite64 resumed>)     = 87490
[pid   397] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   397] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   397] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[421]}, 88) = 421
[pid   397] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   397] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   397] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   277] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3
[pid   277] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   277] close(3)                    = 0
[pid   277] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 422
[   24.855138][  T414] EXT4-fs (loop0): Ignoring removed nobh option
[   24.875235][  T414] EXT4-fs (loop0): Ignoring removed bh option
[   24.881668][  T414] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   274] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3
[pid   274] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
./strace-static-x86_64: Process 422 attached
./strace-static-x86_64: Process 421 attached
[pid   405] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   404] <... pwrite64 resumed>)     = 176128
[pid   274] close(3 <unfinished ...>
[pid   422] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   274] <... close resumed>)        = 0
[pid   422] <... set_robust_list resumed>) = 0
[pid   421] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   405] <... futex resumed>)        = 1
[pid   398] <... futex resumed>)        = 0
[pid   274] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   422] chdir("./4" <unfinished ...>
[pid   421] <... set_robust_list resumed>) = 0
[pid   405] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   404] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   398] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   274] <... clone resumed>, child_tidptr=0x555563e9d690) = 424
[pid   422] <... chdir resumed>)        = 0
[pid   421] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   405] <... openat resumed>)       = 5
[pid   404] <... futex resumed>)        = 0
[pid   398] <... futex resumed>)        = 0
[pid   422] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   421] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   405] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   398] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 424 attached
 <unfinished ...>
[pid   422] <... prctl resumed>)        = 0
[pid   421] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   405] <... futex resumed>)        = 0
[pid   404] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   398] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[   24.887879][  T404] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   24.912008][  T414] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   24.916086][  T421] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
executing program
[pid   424] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   422] setpgid(0, 0 <unfinished ...>
[pid   414] <... mount resumed>)        = 0
[pid   405] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   398] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   405] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   398] <... futex resumed>)        = 0
[pid   405] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   398] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   424] <... set_robust_list resumed>) = 0
[pid   421] <... pwrite64 resumed>)     = 176128
[pid   414] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   398] <... futex resumed>)        = 0
[pid   414] <... openat resumed>)       = 3
[pid   421] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   424] chdir("./5" <unfinished ...>
[pid   421] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   414] chdir("./file1")            = 0
[pid   414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   424] <... chdir resumed>)        = 0
[pid   424] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   414] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   424] setpgid(0, 0 <unfinished ...>
[pid   414] <... ioctl resumed>)        = 0
[pid   414] close(4 <unfinished ...>
[pid   424] <... setpgid resumed>)      = 0
[pid   424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   414] <... close resumed>)        = 0
[pid   414] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   411] <... futex resumed>)        = 0
[pid   411] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   411] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   414] <... futex resumed>)        = 1
[pid   414] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   424] <... openat resumed>)       = 3
[pid   424] write(3, "1000", 4)         = 4
[pid   424] close(3)                    = 0
[pid   424] symlink("/dev/binderfs", "./binderfs") = 0
[pid   424] write(1, "executing program\n", 18) = 18
[pid   424] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   424] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   424] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   424] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   424] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   424] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[426]}, 88) = 426
[pid   424] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   424] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 426 attached
 <unfinished ...>
[pid   426] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   426] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   426] memfd_create("syzkaller", 0) = 3
[pid   426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   397] <... futex resumed>)        = 0
[pid   414] <... openat resumed>)       = 4
[pid   397] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   398] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   422] <... setpgid resumed>)      = 0
[pid   414] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   411] <... futex resumed>)        = 0
[pid   414] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   411] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   426] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   411] <... futex resumed>)        = 0
[pid   405] <... pwrite64 resumed>)     = 176128
[pid   404] <... futex resumed>)        = 0
[pid   398] <... mmap resumed>)         = 0x7fe6cada4000
[pid   397] <... futex resumed>)        = 1
[pid   422] <... openat resumed>)       = 3
[pid   404] truncate("./file1", 1 <unfinished ...>
[pid   398] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   397] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   426] <... write resumed>)        = 524288
[pid   422] write(3, "1000", 4 <unfinished ...>
[pid   414] <... pwrite64 resumed>)     = 87490
[pid   411] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   405] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   404] <... truncate resumed>)     = 0
[pid   398] <... mprotect resumed>)     = 0
[pid   422] <... write resumed>)        = 4
[pid   398] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   426] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   414] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   405] <... futex resumed>)        = 0
[pid   404] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   422] close(3 <unfinished ...>
[pid   398] <... rt_sigprocmask resumed>[], 8) = 0
[pid   422] <... close resumed>)        = 0
[pid   414] <... futex resumed>)        = 1
[pid   411] <... futex resumed>)        = 0
[pid   405] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   404] <... futex resumed>)        = 1
[pid   398] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} <unfinished ...>
[pid   426] <... munmap resumed>)       = 0
[pid   426] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   422] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   414] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   411] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   404] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   397] <... futex resumed>)        = 0
./strace-static-x86_64: Process 427 attached
[pid   426] <... openat resumed>)       = 4
[pid   422] <... symlink resumed>)      = 0
[pid   414] <... openat resumed>)       = 5
[pid   411] <... futex resumed>)        = 0
[pid   397] exit_group(0 <unfinished ...>
[pid   422] write(1, "executing program\n", 18 <unfinished ...>
[pid   414] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   411] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}executing program
 <unfinished ...>
[pid   422] <... write resumed>)        = 18
[pid   414] <... futex resumed>)        = 0
[pid   411] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   422] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   414] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   411] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   427] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   426] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   422] <... futex resumed>)        = 0
[pid   421] <... futex resumed>)        = ?
[pid   411] <... futex resumed>)        = 0
[pid   404] <... futex resumed>)        = ?
[pid   398] <... clone3 resumed> => {parent_tid=[427]}, 88) = 427
[pid   397] <... exit_group resumed>)   = ?
[pid   421] +++ exited with 0 +++
[pid   398] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   398] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   398] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   404] +++ exited with 0 +++
[pid   397] +++ exited with 0 +++
[pid   275] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=397, si_uid=0, si_status=0, si_utime=0, si_stime=11} ---
[pid   275] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   275] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   275] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   275] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] unlink("./4/binderfs" <unfinished ...>
[pid   422] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   411] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   275] <... unlink resumed>)       = 0
[pid   422] <... rt_sigaction resumed>NULL, 8) = 0
[pid   411] <... futex resumed>)        = 0
[pid   275] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   422] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   411] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   422] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   411] <... mmap resumed>)         = 0x7fe6cada4000
[pid   422] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   411] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   422] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   411] <... mprotect resumed>)     = 0
[pid   422] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   411] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   422] <... mprotect resumed>)     = 0
[pid   411] <... rt_sigprocmask resumed>[], 8) = 0
[pid   422] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   411] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} <unfinished ...>
[pid   422] <... rt_sigprocmask resumed>[], 8) = 0
[pid   422] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} <unfinished ...>
[pid   411] <... clone3 resumed> => {parent_tid=[428]}, 88) = 428
[pid   411] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   422] <... clone3 resumed> => {parent_tid=[429]}, 88) = 429
[pid   411] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   422] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   411] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   422] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   411] <... futex resumed>)        = 0
[pid   422] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   411] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   422] <... futex resumed>)        = 0
[pid   422] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   427] <... set_robust_list resumed>) = 0
[pid   427] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   427] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 429 attached
./strace-static-x86_64: Process 428 attached
 <unfinished ...>
[pid   428] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   428] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   428] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   429] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   429] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   429] memfd_create("syzkaller", 0) = 3
[pid   429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   429] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid   429] munmap(0x7fe6c29c5000, 138412032) = 0
[   24.942591][  T405] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   24.977816][  T414] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   429] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   427] <... pwrite64 resumed>)     = 176128
[pid   414] <... pwrite64 resumed>)     = 176128
[pid   427] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   398] <... futex resumed>)        = 0
[pid   398] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   398] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   426] <... ioctl resumed>)        = 0
[pid   414] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   405] <... futex resumed>)        = 0
[pid   426] close(3 <unfinished ...>
[pid   414] <... futex resumed>)        = 0
[pid   405] truncate("./file1", 1 <unfinished ...>
[pid   429] <... openat resumed>)       = 4
[pid   427] <... futex resumed>)        = 1
[pid   426] <... close resumed>)        = 0
[pid   414] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   428] <... pwrite64 resumed>)     = 176128
[pid   426] close(4 <unfinished ...>
[pid   429] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   427] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   428] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   405] <... truncate resumed>)     = 0
[pid   405] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   405] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   411] <... futex resumed>)        = 0
[pid   411] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   411] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   428] <... futex resumed>)        = 1
[pid   428] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   398] <... futex resumed>)        = 0
[pid   398] exit_group(0 <unfinished ...>
[pid   427] <... futex resumed>)        = ?
[pid   398] <... exit_group resumed>)   = ?
[pid   427] +++ exited with 0 +++
[pid   405] <... futex resumed>)        = ?
[pid   414] <... futex resumed>)        = 0
[pid   414] truncate("./file1", 1 <unfinished ...>
[pid   405] +++ exited with 0 +++
[pid   398] +++ exited with 0 +++
[pid   276] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=398, si_uid=0, si_status=0, si_utime=0, si_stime=11} ---
[pid   276] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   414] <... truncate resumed>)     = 0
[pid   414] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   411] <... futex resumed>)        = 0
[pid   414] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   411] exit_group(0 <unfinished ...>
[pid   414] <... futex resumed>)        = ?
[pid   411] <... exit_group resumed>)   = ?
[pid   414] +++ exited with 0 +++
[pid   428] <... futex resumed>)        = ?
[pid   428] +++ exited with 0 +++
[pid   411] +++ exited with 0 +++
[pid   273] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=411, si_uid=0, si_status=0, si_utime=0, si_stime=6} ---
[pid   273] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   276] <... restart_syscall resumed>) = 0
[pid   273] <... restart_syscall resumed>) = 0
[pid   276] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   276] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   273] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   276] <... openat resumed>)       = 3
[pid   273] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   276] newfstatat(3, "",  <unfinished ...>
[pid   273] <... openat resumed>)       = 3
[pid   276] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] newfstatat(3, "",  <unfinished ...>
[pid   276] getdents64(3,  <unfinished ...>
[pid   273] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] <... getdents64 resumed>0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   273] getdents64(3,  <unfinished ...>
[pid   276] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   273] <... getdents64 resumed>0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   276] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   273] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   276] newfstatat(AT_FDCWD, "./3/binderfs",  <unfinished ...>
[pid   273] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   276] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] newfstatat(AT_FDCWD, "./4/binderfs",  <unfinished ...>
[pid   276] unlink("./3/binderfs" <unfinished ...>
[pid   273] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   276] <... unlink resumed>)       = 0
[pid   273] unlink("./4/binderfs" <unfinished ...>
[pid   276] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   273] <... unlink resumed>)       = 0
[pid   273] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] <... umount2 resumed>)      = 0
[pid   275] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] newfstatat(AT_FDCWD, "./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   275] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   275] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   429] <... ioctl resumed>)        = 0
[pid   275] close(4 <unfinished ...>
[pid   429] close(3 <unfinished ...>
[pid   275] <... close resumed>)        = 0
[pid   429] <... close resumed>)        = 0
[pid   429] close(4 <unfinished ...>
[pid   275] rmdir("./4/file1")          = 0
[pid   275] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   275] close(3)                    = 0
[pid   275] rmdir("./4")                = 0
[pid   275] mkdir("./5", 0777)          = 0
[pid   275] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   429] <... close resumed>)        = 0
[pid   429] mkdir("./file1", 0777)      = 0
[   24.985217][  T427] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   25.000290][  T428] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   429] mount("/dev/loop4", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"...executing program
 <unfinished ...>
[pid   275] <... openat resumed>)       = 3
[pid   275] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   275] close(3)                    = 0
[pid   275] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 432
./strace-static-x86_64: Process 432 attached
[pid   432] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   432] chdir("./5")                = 0
[pid   432] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   432] setpgid(0, 0)               = 0
[pid   432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   432] write(3, "1000", 4)         = 4
[pid   432] close(3)                    = 0
[pid   432] symlink("/dev/binderfs", "./binderfs") = 0
[pid   432] write(1, "executing program\n", 18) = 18
[pid   432] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   432] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   432] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   432] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   432] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   432] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   432] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[433]}, 88) = 433
[pid   432] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   432] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   432] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 433 attached
 <unfinished ...>
[pid   433] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   433] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   433] memfd_create("syzkaller", 0) = 3
[pid   433] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   276] <... umount2 resumed>)      = 0
[pid   433] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid   433] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   433] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   276] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] newfstatat(AT_FDCWD, "./3/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   276] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   276] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   276] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   276] close(4)                    = 0
[pid   276] rmdir("./3/file1")          = 0
[pid   276] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   276] close(3)                    = 0
[pid   276] rmdir("./3")                = 0
[pid   276] mkdir("./4", 0777)          = 0
[pid   276] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   426] <... close resumed>)        = 0
[pid   426] mkdir("./file1", 0777 <unfinished ...>
[pid   273] <... umount2 resumed>)      = 0
[pid   276] <... openat resumed>)       = 3
[pid   276] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   276] close(3)                    = 0
[pid   276] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   426] <... mkdir resumed>)        = 0
[pid   273] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   426] mount("/dev/loop1", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   273] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   276] <... clone resumed>, child_tidptr=0x555563e9d690) = 434
[pid   273] newfstatat(AT_FDCWD, "./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   273] newfstatat(4, "",  <unfinished ...>
[pid   433] <... openat resumed>)       = 4
[pid   273] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   433] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 434 attached
 <unfinished ...>
[pid   434] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   434] chdir("./4")                = 0
[pid   434] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   434] setpgid(0, 0)               = 0
[pid   434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   434] write(3, "1000", 4)         = 4
[pid   434] close(3)                    = 0
[pid   434] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   434] write(1, "executing program\n", 18) = 18
[pid   434] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   434] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   434] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   434] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   434] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   434] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   434] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[436]}, 88) = 436
[pid   434] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   434] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   434] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 436 attached
 <unfinished ...>
[pid   436] set_robust_list(0x7fe6cade59a0, 24) = 0
[   25.154242][  T429] EXT4-fs (loop4): Ignoring removed nobh option
[   25.160723][  T429] EXT4-fs (loop4): Ignoring removed bh option
[   25.166885][  T429] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   25.183278][  T426] EXT4-fs (loop1): Ignoring removed nobh option
[   25.190178][  T426] EXT4-fs (loop1): Ignoring removed bh option
[pid   436] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   436] memfd_create("syzkaller", 0) = 3
[pid   436] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   436] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   273] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   273] close(4 <unfinished ...>
[pid   433] <... ioctl resumed>)        = 0
[pid   433] close(3 <unfinished ...>
[pid   273] <... close resumed>)        = 0
[pid   433] <... close resumed>)        = 0
[pid   273] rmdir("./4/file1" <unfinished ...>
[pid   433] close(4)                    = 0
[pid   273] <... rmdir resumed>)        = 0
[pid   433] mkdir("./file1", 0777 <unfinished ...>
[pid   273] getdents64(3,  <unfinished ...>
[pid   436] <... write resumed>)        = 524288
[pid   436] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   433] <... mkdir resumed>)        = 0
[pid   273] <... getdents64 resumed>0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   273] close(3 <unfinished ...>
[pid   433] mount("/dev/loop2", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   273] <... close resumed>)        = 0
[pid   273] rmdir("./4" <unfinished ...>
[pid   436] <... munmap resumed>)       = 0
[pid   436] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4
[pid   436] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   429] <... mount resumed>)        = 0
[pid   273] <... rmdir resumed>)        = 0
[pid   429] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   273] mkdir("./5", 0777 <unfinished ...>
[pid   429] <... openat resumed>)       = 3
[pid   429] chdir("./file1" <unfinished ...>
[pid   273] <... mkdir resumed>)        = 0
[pid   436] <... ioctl resumed>)        = 0
[pid   436] close(3)                    = 0
[pid   436] close(4)                    = 0
[pid   436] mkdir("./file1", 0777)      = 0
[pid   436] mount("/dev/loop3", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   429] <... chdir resumed>)        = 0
[pid   273] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   429] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   273] <... openat resumed>)       = 3
[   25.198332][  T426] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   25.214840][  T429] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   25.243592][  T433] EXT4-fs (loop2): Ignoring removed nobh option
[pid   429] <... openat resumed>)       = 4
[pid   273] ioctl(3, LOOP_CLR_FDexecuting program
 <unfinished ...>
[pid   429] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   426] <... mount resumed>)        = 0
[pid   273] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   429] <... ioctl resumed>)        = 0
[pid   273] close(3 <unfinished ...>
[pid   429] close(4 <unfinished ...>
[pid   273] <... close resumed>)        = 0
[pid   429] <... close resumed>)        = 0
[pid   273] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   429] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   422] <... futex resumed>)        = 0
[pid   273] <... clone resumed>, child_tidptr=0x555563e9d690) = 442
[pid   429] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   422] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   422] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   426] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   426] chdir("./file1")            = 0
[pid   426] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4
[pid   426] ioctl(4, LOOP_CLR_FD)       = 0
[pid   426] close(4)                    = 0
[pid   426] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   424] <... futex resumed>)        = 0
[pid   424] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   426] <... futex resumed>)        = 1
[pid   426] openat(AT_FDCWD, "./file1", O_RDWR./strace-static-x86_64: Process 442 attached
 <unfinished ...>
[pid   442] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   442] chdir("./5")                = 0
[pid   442] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   442] setpgid(0, 0)               = 0
[pid   442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   442] write(3, "1000", 4)         = 4
[pid   442] close(3)                    = 0
[pid   442] symlink("/dev/binderfs", "./binderfs") = 0
[pid   442] write(1, "executing program\n", 18) = 18
[pid   442] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   442] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   442] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   442] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   442] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   442] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   442] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[443]}, 88) = 443
[pid   442] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   442] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   442] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 443 attached
 <unfinished ...>
[pid   429] <... openat resumed>)       = 4
[pid   426] <... openat resumed>)       = 4
[pid   429] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   426] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   429] <... futex resumed>)        = 1
[pid   426] <... futex resumed>)        = 1
[pid   424] <... futex resumed>)        = 0
[pid   422] <... futex resumed>)        = 0
[pid   429] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   426] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   424] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   422] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   429] <... pwrite64 resumed>)     = 87490
[pid   426] <... pwrite64 resumed>)     = 87490
[pid   424] <... futex resumed>)        = 0
[pid   422] <... futex resumed>)        = 0
[pid   424] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   422] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   426] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   424] <... futex resumed>)        = 0
[pid   424] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   426] <... futex resumed>)        = 1
[pid   426] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   426] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   424] <... futex resumed>)        = 0
[pid   424] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   424] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   424] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   424] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[445]}, 88) = 445
[pid   424] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   424] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   426] <... futex resumed>)        = 1
[pid   426] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   443] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   429] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   422] <... futex resumed>)        = 0
[pid   422] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   422] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   429] <... futex resumed>)        = 1
[pid   429] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[   25.250489][  T433] EXT4-fs (loop2): Ignoring removed bh option
[   25.255817][  T426] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   25.256838][  T433] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   25.282063][  T436] EXT4-fs (loop3): Ignoring removed nobh option
[pid   429] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   422] <... futex resumed>)        = 0
[pid   422] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   422] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   422] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   422] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   422] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   422] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[446]}, 88) = 446
[pid   422] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   422] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   422] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   429] <... futex resumed>)        = 1
[pid   429] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   443] <... set_robust_list resumed>) = 0
./strace-static-x86_64: Process 446 attached
./strace-static-x86_64: Process 445 attached
[pid   443] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   443] memfd_create("syzkaller", 0) = 3
[pid   443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   443] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid   443] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   443] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   443] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   429] <... pwrite64 resumed>)     = 176128
[pid   429] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   429] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   443] <... ioctl resumed>)        = 0
[pid   443] close(3 <unfinished ...>
[pid   446] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   445] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   443] <... close resumed>)        = 0
[pid   424] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   443] close(4 <unfinished ...>
[pid   424] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   443] <... close resumed>)        = 0
[pid   424] <... futex resumed>)        = 0
[pid   443] mkdir("./file1", 0777 <unfinished ...>
[pid   424] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   446] <... set_robust_list resumed>) = 0
[pid   445] <... set_robust_list resumed>) = 0
[pid   443] <... mkdir resumed>)        = 0
[pid   424] <... mmap resumed>)         = 0x7fe6cad83000
[pid   446] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   445] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   446] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   445] <... rt_sigprocmask resumed>NULL, 8) = 0
[   25.312872][  T436] EXT4-fs (loop3): Ignoring removed bh option
[   25.319171][  T436] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   25.322714][  T429] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   25.333979][  T426] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   446] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   445] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   443] mount("/dev/loop0", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[   25.362819][  T446] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   25.378292][  T436] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   424] mprotect(0x7fe6cad84000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   422] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   436] <... mount resumed>)        = 0
[pid   436] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   436] chdir("./file1")            = 0
[pid   436] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4
[pid   436] ioctl(4, LOOP_CLR_FD)       = 0
[pid   436] close(4)                    = 0
[pid   436] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   434] <... futex resumed>)        = 0
[pid   434] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   434] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   436] <... futex resumed>)        = 1
[pid   436] openat(AT_FDCWD, "./file1", O_RDWR) = 4
[pid   436] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   434] <... futex resumed>)        = 0
[pid   434] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   434] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   436] <... futex resumed>)        = 1
[pid   436] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   446] <... pwrite64 resumed>)     = 176128
[pid   436] <... pwrite64 resumed>)     = 87490
[pid   433] <... mount resumed>)        = 0
[pid   426] <... pwrite64 resumed>)     = 176128
[pid   424] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   422] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   429] <... futex resumed>)        = 0
[pid   424] <... rt_sigprocmask resumed>[], 8) = 0
[pid   422] <... futex resumed>)        = 1
[pid   429] truncate("./file1", 1 <unfinished ...>
[pid   424] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cada3990, parent_tid=0x7fe6cada3990, exit_signal=0, stack=0x7fe6cad83000, stack_size=0x20300, tls=0x7fe6cada36c0} <unfinished ...>
[pid   422] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   429] <... truncate resumed>)     = 0
[pid   424] <... clone3 resumed> => {parent_tid=[451]}, 88) = 451
[pid   424] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   424] futex(0x7fe6caeb06e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7fe6caeb06ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   429] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   422] <... futex resumed>)        = 0
[pid   429] <... futex resumed>)        = 1
[pid   429] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   433] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   433] chdir("./file1")            = 0
[pid   433] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4
[pid   433] ioctl(4, LOOP_CLR_FD)       = 0
[pid   433] close(4)                    = 0
[pid   436] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   436] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   433] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   433] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   446] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   434] <... futex resumed>)        = 0
[pid   432] <... futex resumed>)        = 0
[pid   426] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 451 attached
 <unfinished ...>
[pid   451] set_robust_list(0x7fe6cada39a0, 24) = 0
[pid   451] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   451] truncate("./file1", 1 <unfinished ...>
[pid   446] <... futex resumed>)        = 0
[pid   434] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   432] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   426] <... futex resumed>)        = 0
[pid   422] exit_group(0 <unfinished ...>
[pid   432] <... futex resumed>)        = 1
[pid   434] <... futex resumed>)        = 1
[pid   426] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   432] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   422] <... exit_group resumed>)   = ?
[pid   436] <... futex resumed>)        = 0
[pid   434] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   433] <... futex resumed>)        = 0
[pid   446] +++ exited with 0 +++
[pid   436] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   433] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   436] <... openat resumed>)       = 5
[pid   429] <... futex resumed>)        = ?
[pid   436] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   433] <... openat resumed>)       = 4
[pid   429] +++ exited with 0 +++
[pid   422] +++ exited with 0 +++
[pid   277] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=422, si_uid=0, si_status=0, si_utime=0, si_stime=6} ---
[pid   277] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   277] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   277] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   277] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   277] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   277] unlink("./4/binderfs")      = 0
[pid   277] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   451] <... truncate resumed>)     = 0
[pid   451] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   424] <... futex resumed>)        = 0
[   25.378474][  T433] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   25.427309][  T445] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   25.441919][  T443] EXT4-fs (loop0): Ignoring removed nobh option
[   25.448362][  T443] EXT4-fs (loop0): Ignoring removed bh option
[pid   451] <... futex resumed>)        = 1
[pid   451] futex(0x7fe6caeb06e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   445] <... pwrite64 resumed>)     = 176128
[pid   445] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] exit_group(0)               = ?
[pid   451] <... futex resumed>)        = ?
[pid   436] <... futex resumed>)        = 1
[pid   434] <... futex resumed>)        = 0
[pid   433] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   426] <... futex resumed>)        = ?
[pid   436] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   434] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   433] <... futex resumed>)        = 1
[pid   432] <... futex resumed>)        = 0
[pid   426] +++ exited with 0 +++
[pid   434] <... futex resumed>)        = 0
[pid   433] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   436] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   432] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   434] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   433] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   436] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   432] <... futex resumed>)        = 0
[pid   434] <... futex resumed>)        = 0
[pid   433] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   432] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   451] +++ exited with 0 +++
[pid   445] +++ exited with 0 +++
[pid   424] +++ exited with 0 +++
[pid   274] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=424, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   274] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   434] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   274] <... restart_syscall resumed>) = 0
[pid   274] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   274] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   274] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   274] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   274] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   274] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   274] unlink("./5/binderfs")      = 0
[pid   433] <... pwrite64 resumed>)     = 87490
[pid   274] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   434] <... mmap resumed>)         = 0x7fe6cada4000
[pid   434] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   434] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   434] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[452]}, 88) = 452
[pid   434] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   433] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   434] <... rt_sigprocmask resumed>NULL, 8) = 0
./strace-static-x86_64: Process 452 attached
[pid   434] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   433] <... futex resumed>)        = 1
[pid   432] <... futex resumed>)        = 0
[pid   452] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   434] <... futex resumed>)        = 0
[pid   433] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   432] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   434] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   433] <... openat resumed>)       = 5
[pid   432] <... futex resumed>)        = 0
[pid   433] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   432] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   433] <... futex resumed>)        = 0
[pid   432] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   433] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   432] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   433] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   433] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   432] <... futex resumed>)        = 0
[pid   452] <... set_robust_list resumed>) = 0
[pid   452] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   452] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   432] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   432] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   432] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   432] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   432] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[453]}, 88) = 453
[pid   432] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   432] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   432] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 453 attached
 <unfinished ...>
[pid   453] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   453] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   25.455100][  T443] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   25.483343][  T433] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   25.483725][  T436] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   453] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   434] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   433] <... pwrite64 resumed>)     = 176128
[pid   274] <... umount2 resumed>)      = 0
[pid   434] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   274] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   434] <... futex resumed>)        = 0
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   434] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   274] newfstatat(AT_FDCWD, "./5/file1",  <unfinished ...>
[pid   434] <... mmap resumed>)         = 0x7fe6cad83000
[pid   274] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   434] mprotect(0x7fe6cad84000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   274] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   434] <... mprotect resumed>)     = 0
[pid   274] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   434] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   274] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   434] <... rt_sigprocmask resumed>[], 8) = 0
[pid   274] <... openat resumed>)       = 4
[pid   434] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cada3990, parent_tid=0x7fe6cada3990, exit_signal=0, stack=0x7fe6cad83000, stack_size=0x20300, tls=0x7fe6cada36c0} <unfinished ...>
[pid   274] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   434] <... clone3 resumed> => {parent_tid=[455]}, 88) = 455
[pid   274] getdents64(4,  <unfinished ...>
[pid   434] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   274] <... getdents64 resumed>0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   434] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   274] getdents64(4,  <unfinished ...>
[pid   434] futex(0x7fe6caeb06e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   274] <... getdents64 resumed>0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   434] <... futex resumed>)        = 0
[pid   274] close(4 <unfinished ...>
[pid   434] futex(0x7fe6caeb06ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   274] <... close resumed>)        = 0
[pid   274] rmdir("./5/file1")          = 0
[pid   274] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   274] close(3)                    = 0
[pid   274] rmdir("./5")                = 0
[pid   274] mkdir("./6", 0777)          = 0
[pid   274] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 455 attached
 <unfinished ...>
[pid   455] set_robust_list(0x7fe6cada39a0, 24) = 0
[pid   455] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   432] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   432] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   432] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cad83000
[pid   432] mprotect(0x7fe6cad84000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   432] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   432] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cada3990, parent_tid=0x7fe6cada3990, exit_signal=0, stack=0x7fe6cad83000, stack_size=0x20300, tls=0x7fe6cada36c0} => {parent_tid=[456]}, 88) = 456
[pid   432] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   432] futex(0x7fe6caeb06e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   432] futex(0x7fe6caeb06ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 456 attached
 <unfinished ...>
[pid   456] set_robust_list(0x7fe6cada39a0, 24) = 0
[pid   456] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   456] truncate("./file1", 1 <unfinished ...>
[pid   455] truncate("./file1", 1 <unfinished ...>
[pid   456] <... truncate resumed>)     = 0
[pid   453] <... pwrite64 resumed>)     = 176128
[pid   452] <... pwrite64 resumed>)     = 176128
[pid   436] <... pwrite64 resumed>)     = 176128
[pid   433] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   455] <... truncate resumed>)     = 0
[pid   456] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   432] <... futex resumed>)        = 0
[pid   456] <... futex resumed>)        = 1
[pid   456] futex(0x7fe6caeb06e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   455] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   434] <... futex resumed>)        = 0
[pid   455] <... futex resumed>)        = 1
[pid   455] futex(0x7fe6caeb06e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   453] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   453] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   432] exit_group(0)               = ?
[pid   456] <... futex resumed>)        = ?
[pid   456] +++ exited with 0 +++
[pid   452] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   452] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   453] <... futex resumed>)        = ?
[pid   453] +++ exited with 0 +++
[pid   436] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   434] exit_group(0)               = ?
[pid   436] +++ exited with 0 +++
[pid   455] <... futex resumed>)        = ?
[pid   455] +++ exited with 0 +++
[pid   452] <... futex resumed>)        = ?
[pid   452] +++ exited with 0 +++
[pid   434] +++ exited with 0 +++
[pid   433] <... futex resumed>)        = ?
[pid   433] +++ exited with 0 +++
[pid   432] +++ exited with 0 +++
[pid   276] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=434, si_uid=0, si_status=0, si_utime=0, si_stime=10} ---
[pid   276] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   276] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   276] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   276] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   276] unlink("./4/binderfs")      = 0
[pid   276] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   275] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=432, si_uid=0, si_status=0, si_utime=0, si_stime=10} ---
[pid   275] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   275] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   275] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   275] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   275] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   275] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   275] unlink("./5/binderfs")      = 0
[   25.499087][  T453] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   25.513559][  T452] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   275] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   443] <... mount resumed>)        = 0
[pid   443] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   443] chdir("./file1")            = 0
[pid   443] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   277] <... umount2 resumed>)      = 0
[pid   274] <... openat resumed>)       = 3
[pid   443] <... openat resumed>)       = 4
[pid   277] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   274] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   277] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   277] newfstatat(AT_FDCWD, "./4/file1",  <unfinished ...>
[pid   443] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   277] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   277] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   277] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   277] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   277] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   277] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   277] close(4)                    = 0
[pid   277] rmdir("./4/file1")          = 0
[pid   277] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   277] close(3)                    = 0
[pid   277] rmdir("./4")                = 0
[pid   277] mkdir("./5", 0777)          = 0
[   25.544045][  T443] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   277] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3
[pid   276] <... umount2 resumed>)      = 0
[pid   275] <... umount2 resumed>)      = 0
[pid   274] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   277] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   275] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   274] close(3 <unfinished ...>
[pid   277] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   275] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   277] close(3 <unfinished ...>
[pid   275] newfstatat(AT_FDCWD, "./5/file1",  <unfinished ...>
[pid   274] <... close resumed>)        = 0
[pid   277] <... close resumed>)        = 0
[pid   275] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   443] <... ioctl resumed>)        = 0
[pid   277] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   275] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   443] close(4 <unfinished ...>
[pid   275] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   443] <... close resumed>)        = 0
[pid   277] <... clone resumed>, child_tidptr=0x555563e9d690) = 458
[pid   275] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   443] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   275] <... openat resumed>)       = 4
[pid   443] <... futex resumed>)        = 1
[pid   442] <... futex resumed>)        = 0
[pid   275] newfstatat(4, "",  <unfinished ...>
[pid   443] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   442] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   275] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   443] <... openat resumed>)       = 4
[pid   442] <... futex resumed>)        = 0
[pid   275] getdents64(4,  <unfinished ...>
[pid   443] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   442] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   275] <... getdents64 resumed>0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   443] <... futex resumed>)        = 0
[pid   442] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   275] getdents64(4,  <unfinished ...>
[pid   443] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   442] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   275] <... getdents64 resumed>0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   443] <... pwrite64 resumed>)     = 87490
[pid   442] <... futex resumed>)        = 0
[pid   275] close(4 <unfinished ...>
[pid   274] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   442] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   275] <... close resumed>)        = 0
[pid   275] rmdir("./5/file1")          = 0
[pid   275] getdents64(3,  <unfinished ...>
[pid   274] <... clone resumed>, child_tidptr=0x555563e9d690) = 459
[pid   275] <... getdents64 resumed>0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   275] close(3)                    = 0
[pid   275] rmdir("./5")                = 0
[pid   275] mkdir("./6", 0777)          = 0
[pid   275] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3
[pid   275] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   275] close(3)                    = 0
[pid   275] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 460
./strace-static-x86_64: Process 459 attached
[pid   459] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   459] chdir("./6")                = 0
[pid   459] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   459] setpgid(0, 0./strace-static-x86_64: Process 458 attached
)               = 0
[pid   458] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   459] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   458] <... set_robust_list resumed>) = 0
[pid   458] chdir("./5" <unfinished ...>
[pid   443] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   442] <... futex resumed>)        = 0
[pid   442] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   442] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   443] <... futex resumed>)        = 1
[pid   443] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   458] <... chdir resumed>)        = 0
[pid   459] <... openat resumed>)       = 3
[pid   443] <... openat resumed>)       = 5
[pid   458] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   443] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   458] setpgid(0, 0 <unfinished ...>
[pid   442] <... futex resumed>)        = 0
[pid   442] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   442] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   442] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   442] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   442] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   442] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[461]}, 88) = 461
[pid   442] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   443] <... futex resumed>)        = 1
[pid   442] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   459] write(3, "1000", 4 <unfinished ...>
[pid   458] <... setpgid resumed>)      = 0
[pid   443] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   442] <... futex resumed>)        = 0
[pid   459] <... write resumed>)        = 4
[pid   458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   442] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   459] close(3 <unfinished ...>
[pid   458] <... openat resumed>)       = 3
[pid   459] <... close resumed>)        = 0
[pid   458] write(3, "1000", 4./strace-static-x86_64: Process 460 attached
 <unfinished ...>
[pid   459] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   458] <... write resumed>)        = 4
[pid   460] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   459] <... symlink resumed>)      = 0
[pid   458] close(3./strace-static-x86_64: Process 461 attached
 <unfinished ...>
[pid   460] <... set_robust_list resumed>) = 0
[pid   459] write(1, "executing program\n", 18 <unfinished ...>
[pid   458] <... close resumed>)        = 0
[pid   276] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   461] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   276] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   461] <... set_robust_list resumed>) = 0
[pid   276] newfstatat(AT_FDCWD, "./4/file1",  <unfinished ...>
[pid   461] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   276] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   461] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   276] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   461] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   276] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   276] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   276] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   276] getdents64(4, executing program
 <unfinished ...>
[pid   460] chdir("./6" <unfinished ...>
[pid   459] <... write resumed>)        = 18
[pid   458] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   276] <... getdents64 resumed>0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   443] <... pwrite64 resumed>)     = 176128
[pid   276] close(4)                    = 0
[pid   276] rmdir("./4/file1")          = 0
[pid   276] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   276] close(3)                    = 0
[pid   276] rmdir("./4")                = 0
[pid   276] mkdir("./5", 0777)          = 0
[pid   276] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3
[pid   276] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   276] close(3)                    = 0
[pid   276] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555563e9d690) = 462
./strace-static-x86_64: Process 462 attached
[pid   462] set_robust_list(0x555563e9d6a0, 24) = 0
[pid   462] chdir("./5")                = 0
[pid   462] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   462] setpgid(0, 0)               = 0
[pid   462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   462] write(3, "1000", 4)         = 4
[pid   462] close(3)                    = 0
[pid   462] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   462] write(1, "executing program\n", 18) = 18
[pid   462] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   460] <... chdir resumed>)        = 0
[pid   459] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   458] <... symlink resumed>)      = 0
[pid   443] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000executing program
 <unfinished ...>
[pid   460] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   459] <... futex resumed>)        = 0
[pid   458] write(1, "executing program\n", 18 <unfinished ...>
[pid   443] <... futex resumed>)        = 0
[pid   460] <... prctl resumed>)        = 0
[pid   459] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   458] <... write resumed>)        = 18
[pid   443] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   460] setpgid(0, 0 <unfinished ...>
[pid   459] <... rt_sigaction resumed>NULL, 8) = 0
[pid   458] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   460] <... setpgid resumed>)      = 0
[pid   459] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   458] <... futex resumed>)        = 0
[pid   462] <... futex resumed>)        = 0
[pid   461] <... pwrite64 resumed>)     = 176128
[pid   462] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   461] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   460] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   459] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   458] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   462] <... rt_sigaction resumed>NULL, 8) = 0
[pid   460] <... openat resumed>)       = 3
[pid   459] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   461] <... futex resumed>)        = 1
[pid   460] write(3, "1000", 4 <unfinished ...>
[pid   458] <... rt_sigaction resumed>NULL, 8) = 0
[pid   442] <... futex resumed>)        = 0
[pid   459] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   458] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   442] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000executing program
 <unfinished ...>
[pid   460] <... write resumed>)        = 4
[pid   459] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   458] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   443] <... futex resumed>)        = 0
[pid   442] <... futex resumed>)        = 1
[pid   460] close(3 <unfinished ...>
[pid   459] <... mprotect resumed>)     = 0
[pid   458] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   443] truncate("./file1", 1 <unfinished ...>
[pid   460] <... close resumed>)        = 0
[pid   458] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   442] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   462] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   462] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   462] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   462] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   462] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[463]}, 88) = 463
[pid   462] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   462] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   462] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 463 attached
 <unfinished ...>
[pid   463] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   463] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   463] memfd_create("syzkaller", 0) = 3
[pid   463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   443] <... truncate resumed>)     = 0
[pid   458] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   460] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid   459] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   458] <... mprotect resumed>)     = 0
[pid   460] <... symlink resumed>)      = 0
[pid   458] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   460] write(1, "executing program\n", 18 <unfinished ...>
[pid   459] <... rt_sigprocmask resumed>[], 8) = 0
[pid   443] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   460] <... write resumed>)        = 18
[pid   459] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} <unfinished ...>
[pid   458] <... rt_sigprocmask resumed>[], 8) = 0
[pid   460] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   442] <... futex resumed>)        = 0
[pid   442] exit_group(0 <unfinished ...>
[pid   458] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} <unfinished ...>
[pid   460] <... futex resumed>)        = 0
[pid   459] <... clone3 resumed> => {parent_tid=[464]}, 88) = 464
[pid   443] <... futex resumed>)        = ?
[pid   442] <... exit_group resumed>)   = ?
[pid   458] <... clone3 resumed> => {parent_tid=[465]}, 88) = 465
[pid   460] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450},  <unfinished ...>
[pid   459] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   458] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   443] +++ exited with 0 +++
[pid   460] <... rt_sigaction resumed>NULL, 8) = 0
[pid   459] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   460] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   458] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   460] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   459] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   458] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   460] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   458] <... futex resumed>)        = 0
[pid   460] <... mmap resumed>)         = 0x7fe6cadc5000
[pid   459] <... futex resumed>)        = 0
[pid   460] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   458] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   459] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   460] <... mprotect resumed>)     = 0
[pid   460] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   460] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[466]}, 88) = 466
[pid   460] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   460] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 464 attached
./strace-static-x86_64: Process 466 attached
./strace-static-x86_64: Process 465 attached
 <unfinished ...>
[pid   463] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   461] +++ exited with 0 +++
[pid   442] +++ exited with 0 +++
[pid   464] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   465] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   466] set_robust_list(0x7fe6cade59a0, 24 <unfinished ...>
[pid   273] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=442, si_uid=0, si_status=0, si_utime=0, si_stime=9} ---
[pid   465] <... set_robust_list resumed>) = 0
[pid   464] <... set_robust_list resumed>) = 0
[pid   466] <... set_robust_list resumed>) = 0
[pid   273] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   464] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   466] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   465] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   464] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   466] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   464] memfd_create("syzkaller", 0) = 3
[pid   464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   465] memfd_create("syzkaller", 0 <unfinished ...>
[pid   463] <... write resumed>)        = 524288
[pid   463] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   463] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4
[pid   463] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   466] memfd_create("syzkaller", 0) = 3
[pid   466] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   273] <... restart_syscall resumed>) = 0
[pid   273] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   465] <... memfd_create resumed>) = 3
[pid   273] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   464] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   273] <... openat resumed>)       = 3
[pid   463] <... ioctl resumed>)        = 0
[pid   463] close(3)                    = 0
[pid   463] close(4)                    = 0
[pid   463] mkdir("./file1", 0777 <unfinished ...>
[pid   273] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   463] <... mkdir resumed>)        = 0
[pid   273] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   463] mount("/dev/loop3", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   273] <... umount2 resumed>)      = -1 EINVAL (Invalid argument)
[pid   273] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] unlink("./5/binderfs")      = 0
[pid   273] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   465] <... mmap resumed>)         = 0x7fe6c29c5000
[pid   464] <... write resumed>)        = 524288
[   25.650248][  T443] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   25.666567][  T461] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   466] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   465] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   464] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   465] <... write resumed>)        = 524288
[pid   465] munmap(0x7fe6c29c5000, 138412032 <unfinished ...>
[pid   464] <... munmap resumed>)       = 0
[pid   466] <... write resumed>)        = 524288
[pid   466] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   466] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4
[pid   466] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   465] <... munmap resumed>)       = 0
[pid   465] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   464] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   466] <... ioctl resumed>)        = 0
[pid   466] close(3)                    = 0
[   25.714031][  T463] EXT4-fs (loop3): Ignoring removed nobh option
[   25.720587][  T463] EXT4-fs (loop3): Ignoring removed bh option
[   25.727058][  T463] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   466] close(4 <unfinished ...>
[pid   465] <... openat resumed>)       = 4
[pid   464] <... openat resumed>)       = 4
[pid   465] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   464] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid   466] <... close resumed>)        = 0
[pid   273] <... umount2 resumed>)      = 0
[pid   466] mkdir("./file1", 0777)      = 0
[pid   464] close(3)                    = 0
[pid   464] close(4 <unfinished ...>
[pid   466] mount("/dev/loop2", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   465] <... ioctl resumed>)        = 0
[pid   463] <... mount resumed>)        = 0
[pid   465] close(3)                    = 0
[pid   465] close(4 <unfinished ...>
[pid   273] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] newfstatat(AT_FDCWD, "./5/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   273] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   273] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid   463] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   273] <... openat resumed>)       = 4
[pid   463] <... openat resumed>)       = 3
[pid   273] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   273] getdents64(4, 0x555563ea6770 /* 2 entries */, 32768) = 48
[pid   463] chdir("./file1" <unfinished ...>
[pid   273] getdents64(4, 0x555563ea6770 /* 0 entries */, 32768) = 0
[pid   273] close(4)                    = 0
[pid   273] rmdir("./5/file1" <unfinished ...>
[pid   463] <... chdir resumed>)        = 0
[pid   273] <... rmdir resumed>)        = 0
[pid   273] getdents64(3, 0x555563e9e730 /* 0 entries */, 32768) = 0
[pid   273] close(3)                    = 0
[pid   463] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   273] rmdir("./5")                = 0
[pid   273] mkdir("./6", 0777)          = 0
[pid   273] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   464] <... close resumed>)        = 0
[pid   464] mkdir("./file1", 0777)      = 0
[   25.750668][  T463] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   25.823210][  T466] EXT4-fs (loop2): Ignoring removed nobh option
[   25.829660][  T466] EXT4-fs (loop2): Ignoring removed bh option
[   25.835726][  T466] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   464] mount("/dev/loop1", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   466] <... mount resumed>)        = 0
[pid   466] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   466] chdir("./file1")            = 0
[   25.850569][  T466] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[pid   466] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   465] <... close resumed>)        = 0
[pid   273] <... openat resumed>)       = 3
[pid   465] mkdir("./file1", 0777 <unfinished ...>
[pid   273] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   465] <... mkdir resumed>)        = 0
[pid   463] <... openat resumed>)       = 4
[pid   273] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   463] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   465] mount("/dev/loop4", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[   25.929477][  T464] EXT4-fs (loop1): Ignoring removed nobh option
[   25.935901][  T464] EXT4-fs (loop1): Ignoring removed bh option
[   25.942015][  T464] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   273] close(3 <unfinished ...>
[pid   464] <... mount resumed>)        = 0
[pid   464] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid   464] chdir("./file1")            = 0
[pid   464] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   466] <... openat resumed>)       = 4
[pid   463] <... ioctl resumed>)        = 0
[pid   273] <... close resumed>)        = 0
[pid   464] <... openat resumed>)       = 4
[pid   464] ioctl(4, LOOP_CLR_FD)       = 0
[pid   464] close(4)                    = 0
[pid   466] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   463] close(4 <unfinished ...>
[pid   273] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   463] <... close resumed>)        = 0
[pid   466] <... ioctl resumed>)        = 0
[pid   463] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   273] <... clone resumed>, child_tidptr=0x555563e9d690) = 477
[pid   466] close(4 <unfinished ...>
[pid   463] <... futex resumed>)        = 1
[pid   462] <... futex resumed>)        = 0
[pid   466] <... close resumed>)        = 0
[pid   462] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   463] openat(AT_FDCWD, "./file1", O_RDWR./strace-static-x86_64: Process 477 attached
 <unfinished ...>
[pid   477] set_robust_list(0x555563e9d6a0, 24 <unfinished ...>
[pid   462] <... futex resumed>)        = 0
[pid   466] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   462] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   466] <... futex resumed>)        = 1
[pid   463] <... openat resumed>)       = 4
[pid   460] <... futex resumed>)        = 0
[pid   466] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   463] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   460] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   477] <... set_robust_list resumed>) = 0
[pid   466] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   463] <... futex resumed>)        = 1
[pid   462] <... futex resumed>)        = 0
[pid   466] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   463] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   462] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   477] chdir("./6" <unfinished ...>
[pid   466] <... openat resumed>)       = 4
[pid   462] <... futex resumed>)        = 0
[pid   464] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   463] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   466] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   464] <... futex resumed>)        = 1
[pid   463] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   462] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   459] <... futex resumed>)        = 0
[pid   459] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   459] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   477] <... chdir resumed>)        = 0
[pid   477] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   477] setpgid(0, 0)               = 0
[pid   477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   477] write(3, "1000", 4)         = 4
[pid   477] close(3)                    = 0
[pid   477] symlink("/dev/binderfs", "./binderfs") = 0
[pid   477] write(1, "executing program\n", 18) = 18
[pid   477] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   477] rt_sigaction(SIGRT_1, {sa_handler=0x7fe6cae4f2a0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe6cae40450}, NULL, 8) = 0
[pid   477] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   477] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cadc5000
[pid   477] mprotect(0x7fe6cadc6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   477] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   477] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cade5990, parent_tid=0x7fe6cade5990, exit_signal=0, stack=0x7fe6cadc5000, stack_size=0x20300, tls=0x7fe6cade56c0} => {parent_tid=[478]}, 88) = 478
[pid   477] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   477] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   477] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid   466] <... futex resumed>)        = 1
[pid   464] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   460] <... futex resumed>)        = 0
[pid   460] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   463] <... pwrite64 resumed>)     = 87490
[pid   466] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   464] <... openat resumed>)       = 4
[pid   463] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 478 attached
 <unfinished ...>
[pid   478] set_robust_list(0x7fe6cade59a0, 24) = 0
[pid   478] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   478] memfd_create("syzkaller", 0) = 3
[pid   478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe6c29c5000
[pid   464] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   463] <... futex resumed>)        = 1
[pid   459] <... futex resumed>)        = 0
[pid   462] <... futex resumed>)        = 0
[pid   459] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   459] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   462] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   464] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[pid   463] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   462] <... futex resumed>)        = 0
[pid   462] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   478] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 <unfinished ...>
[pid   463] <... openat resumed>)       = 5
[pid   463] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   462] <... futex resumed>)        = 0
[pid   462] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   463] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   462] <... futex resumed>)        = 0
[   25.960578][  T464] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   25.985811][  T465] EXT4-fs (loop4): Ignoring removed nobh option
[   25.993952][  T465] EXT4-fs (loop4): Ignoring removed bh option
[   26.003057][  T465] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[pid   462] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   478] <... write resumed>)        = 524288
[pid   478] munmap(0x7fe6c29c5000, 138412032) = 0
[pid   478] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   478] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   466] <... pwrite64 resumed>)     = 87490
[pid   466] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   460] <... futex resumed>)        = 0
[pid   460] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   466] <... futex resumed>)        = 1
[pid   466] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   466] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   460] <... futex resumed>)        = 0
[pid   460] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   460] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   460] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   460] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[479]}, 88) = 479
[pid   460] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   460] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   460] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   466] <... futex resumed>)        = 1
[   26.038953][  T463] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   26.043164][  T466] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[pid   466] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864./strace-static-x86_64: Process 479 attached
 <unfinished ...>
[pid   478] <... ioctl resumed>)        = 0
[pid   466] <... pwrite64 resumed>)     = 176128
[pid   464] <... pwrite64 resumed>)     = 87490
[pid   463] <... pwrite64 resumed>)     = 176128
[pid   462] <... futex resumed>)        = 0
[pid   478] close(3 <unfinished ...>
[pid   466] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   478] <... close resumed>)        = 0
[pid   466] <... futex resumed>)        = 0
[pid   478] close(4 <unfinished ...>
[pid   466] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   478] <... close resumed>)        = 0
[pid   478] mkdir("./file1", 0777)      = 0
[pid   478] mount("/dev/loop0", "./file1", "ext4", MS_NOSUID|MS_NODEV|MS_MANDLOCK|MS_STRICTATIME|MS_LAZYTIME, "delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00"... <unfinished ...>
[pid   460] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   459] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   460] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   466] <... futex resumed>)        = 0
[pid   460] <... futex resumed>)        = 1
[pid   466] truncate("./file1", 1 <unfinished ...>
[pid   460] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   479] set_robust_list(0x7fe6cadc49a0, 24 <unfinished ...>
[pid   466] <... truncate resumed>)     = 0
[pid   465] <... mount resumed>)        = 0
[pid   464] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   463] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   462] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid   459] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   459] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   466] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   460] <... futex resumed>)        = 0
[pid   466] <... futex resumed>)        = 1
[pid   466] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   479] <... set_robust_list resumed>) = 0
[pid   479] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   479] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   465] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   464] <... futex resumed>)        = 1
[pid   463] <... futex resumed>)        = 0
[pid   462] <... mmap resumed>)         = 0x7fe6cada4000
[pid   459] <... futex resumed>)        = 0
[pid   459] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=33000000} <unfinished ...>
[pid   465] <... openat resumed>)       = 3
[pid   464] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 <unfinished ...>
[pid   463] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   462] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   465] chdir("./file1" <unfinished ...>
[pid   464] <... openat resumed>)       = 5
[pid   462] <... mprotect resumed>)     = 0
[pid   465] <... chdir resumed>)        = 0
[pid   464] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   462] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   465] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   464] <... futex resumed>)        = 1
[pid   462] <... rt_sigprocmask resumed>[], 8) = 0
[pid   465] <... openat resumed>)       = 4
[pid   464] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[   26.056348][  T465] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   26.092819][  T478] EXT4-fs (loop0): Ignoring removed nobh option
[   26.099663][  T478] EXT4-fs (loop0): Ignoring removed bh option
[   26.102434][  T479] ------------[ cut here ]------------
[   26.105745][  T478] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   26.112719][  T479] kernel BUG at fs/ext4/extents.c:1014!
[   26.129621][  T479] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[pid   462] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} <unfinished ...>
[pid   465] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   459] <... futex resumed>)        = 0
[pid   465] <... ioctl resumed>)        = 0
[pid   462] <... clone3 resumed> => {parent_tid=[483]}, 88) = 483
[pid   465] close(4 <unfinished ...>
[pid   462] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   465] <... close resumed>)        = 0
[pid   462] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   465] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   462] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   465] <... futex resumed>)        = 1
[pid   462] <... futex resumed>)        = 0
[pid   465] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   462] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 483 attached
 <unfinished ...>
[pid   483] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   483] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   483] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   459] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   464] <... futex resumed>)        = 0
[pid   459] <... futex resumed>)        = 1
[pid   464] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   459] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   459] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   459] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   459] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   459] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[485]}, 88) = 485
[pid   459] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   459] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   459] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   458] <... futex resumed>)        = 0
[pid   458] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   465] <... futex resumed>)        = 0
[pid   458] <... futex resumed>)        = 1
[pid   465] openat(AT_FDCWD, "./file1", O_RDWR <unfinished ...>
[pid   462] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   458] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   465] <... openat resumed>)       = 4
[pid   462] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   465] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   463] <... futex resumed>)        = 0
[pid   462] <... futex resumed>)        = 1
[pid   465] <... futex resumed>)        = 1
[pid   463] truncate("./file1", 1 <unfinished ...>
[pid   462] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   458] <... futex resumed>)        = 0
[pid   465] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 87490, 134220900 <unfinished ...>
[   26.134148][  T483] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   26.135722][  T479] CPU: 0 PID: 479 Comm: syz-executor345 Not tainted 5.10.237-syzkaller-00309-g7e2543346ff7 #0
[   26.156679][  T464] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   26.160138][  T479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[pid   458] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   465] <... pwrite64 resumed>)     = 87490
[pid   458] <... futex resumed>)        = 0
[pid   458] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   465] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   458] <... futex resumed>)        = 0
[pid   458] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   458] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   465] <... futex resumed>)        = 1
[pid   465] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 5
[pid   465] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   458] <... futex resumed>)        = 0
[pid   458] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   458] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   458] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cada4000
[pid   458] mprotect(0x7fe6cada5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   458] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   458] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cadc4990, parent_tid=0x7fe6cadc4990, exit_signal=0, stack=0x7fe6cada4000, stack_size=0x20300, tls=0x7fe6cadc46c0} => {parent_tid=[486]}, 88) = 486
[pid   458] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   458] futex(0x7fe6caeb06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   458] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   465] <... futex resumed>)        = 1
[pid   465] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   483] <... pwrite64 resumed>)     = 176128
[pid   463] <... truncate resumed>)     = 0
[pid   483] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   483] futex(0x7fe6caeb06d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   463] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   462] <... futex resumed>)        = 0
[pid   462] exit_group(0 <unfinished ...>
[pid   483] <... futex resumed>)        = ?
[pid   462] <... exit_group resumed>)   = ?
[pid   483] +++ exited with 0 +++
[pid   463] <... futex resumed>)        = ?
[pid   463] +++ exited with 0 +++
[pid   462] +++ exited with 0 +++
[pid   276] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=462, si_uid=0, si_status=0, si_utime=0, si_stime=8} ---
[pid   276] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   464] <... pwrite64 resumed>)     = 176128
[pid   464] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   464] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   276] <... restart_syscall resumed>) = 0
[pid   276] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   276] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   276] getdents64(3, 0x555563e9e730 /* 4 entries */, 32768) = 112
[pid   276] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   276] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   276] unlink("./5/binderfs" <unfinished ...>
[pid   459] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   276] <... unlink resumed>)       = 0
[pid   459] futex(0x7fe6caeb06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid   276] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   459] futex(0x7fe6caeb06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   459] futex(0x7fe6caeb06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   464] <... futex resumed>)        = 0
[pid   464] truncate("./file1", 1)      = 0
./strace-static-x86_64: Process 486 attached
[pid   486] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   486] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   26.160177][  T479] RIP: 0010:ext4_ext_insert_index+0x52d/0x530
[   26.160196][  T479] Code: 4c 89 fa e9 ca fd ff ff 44 89 f1 80 e1 07 fe c1 38 c1 0f 8c dd fd ff ff 4c 89 f7 e8 6d a2 d3 ff e9 d0 fd ff ff e8 e3 b2 99 ff <0f> 0b 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 81 ec c0 00 00
[   26.206320][  T465] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   26.210086][  T479] RSP: 0018:ffffc900013a6b20 EFLAGS: 00010293
[   26.210100][  T479] RAX: ffffffff81c9e01d RBX: ffff888120de0424 RCX: ffff888114d0e2c0
[pid   486] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   464] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   459] <... futex resumed>)        = 0
[pid   464] <... futex resumed>)        = 1
[pid   464] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 485 attached
 <unfinished ...>
[pid   485] set_robust_list(0x7fe6cadc49a0, 24) = 0
[pid   485] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   485] pwrite64(5, "\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 536871105, 36864 <unfinished ...>
[pid   458] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   458] futex(0x7fe6caeb06ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   458] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe6cad83000
[pid   458] mprotect(0x7fe6cad84000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   458] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   458] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe6cada3990, parent_tid=0x7fe6cada3990, exit_signal=0, stack=0x7fe6cad83000, stack_size=0x20300, tls=0x7fe6cada36c0} => {parent_tid=[488]}, 88) = 488
[pid   458] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   458] futex(0x7fe6caeb06e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   26.210107][  T479] RDX: 0000000000000000 RSI: 00000000fffffffe RDI: 0000000000000000
[   26.210124][  T479] RBP: ffffc900013a6b90 R08: dffffc0000000000 R09: ffffed10242c0990
[   26.241813][  T485] ------------[ cut here ]------------
[   26.246625][  T479] R10: ffffed10242c0990 R11: 1ffff110242c098f R12: 0000000000000000
[   26.246633][  T479] R13: 00000000000000cb R14: 00000000fffffffe R15: 0000000000000054
[   26.246643][  T479] FS:  00007fe6cadc46c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   26.246652][  T479] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   26.246659][  T479] CR2: 0000200000002000 CR3: 0000000114035000 CR4: 00000000003506b0
[   26.246675][  T479] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   26.258640][  T486] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz-executor345: Allocating blocks 497-513 which overlap fs metadata
[   26.260071][  T479] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   26.260076][  T479] Call Trace:
[   26.260095][  T479]  ext4_ext_insert_extent+0x38c3/0x4530
[   26.260115][  T479]  ? ext4_ext_next_allocated_block+0x2e0/0x2e0
[   26.270389][  T485] kernel BUG at fs/ext4/extents.c:1014!
[   26.276039][  T479]  ? get_implied_cluster_alloc+0x526/0x940
[   26.276058][  T479]  ext4_ext_map_blocks+0x148c/0x5d40
[   26.360998][  T479]  ? _raw_write_trylock+0x140/0x140
[   26.366176][  T479]  ? _raw_write_unlock+0x2b/0x60
[   26.371090][  T479]  ? ext4_ext_release+0x10/0x10
[   26.375918][  T479]  ? ext4_fc_track_template+0xb5/0x600
[   26.381350][  T479]  ? ext4_fc_track_range+0x250/0x250
[   26.386610][  T479]  ? ext4_es_lookup_extent+0x32d/0x8c0
[   26.392047][  T479]  ext4_map_blocks+0x978/0x1bc0
[   26.396873][  T479]  ? __kasan_slab_alloc+0xbd/0xf0
[   26.401875][  T479]  ? slab_post_alloc_hook+0x5d/0x2f0
[   26.407134][  T479]  ? kmem_cache_alloc+0x165/0x2e0
[   26.412135][  T479]  ? ext4_issue_zeroout+0x1a0/0x1a0
[   26.417366][  T479]  _ext4_get_block+0x1bb/0x4b0
[   26.422134][  T479]  ? ext4_get_block+0x50/0x50
[   26.426792][  T479]  ? slab_post_alloc_hook+0x7d/0x2f0
[   26.432053][  T479]  ext4_get_block_unwritten+0x2a/0x40
[   26.437401][  T479]  ext4_block_write_begin+0x567/0x1330
[   26.442840][  T479]  ? alloc_page_buffers+0x3aa/0x4a0
[   26.448013][  T479]  ? _ext4_get_block+0x4b0/0x4b0
[   26.452924][  T479]  ? ext4_print_free_blocks+0x2c0/0x2c0
[   26.458445][  T479]  ? __kasan_check_read+0x11/0x20
[   26.463447][  T479]  ? ext4_inode_journal_mode+0x19a/0x480
[   26.469055][  T479]  ext4_write_begin+0x651/0x1550
[   26.473971][  T479]  ? ext4_readahead+0x110/0x110
[   26.478799][  T479]  ? domain_dirty_limits+0x28f/0x3c0
[   26.484061][  T479]  ? ext4_get_group_desc+0x25f/0x2b0
[   26.489320][  T479]  ? __kasan_check_read+0x11/0x20
[   26.494319][  T479]  ? mark_buffer_dirty+0x1cc/0x330
[   26.499406][  T479]  ? __ext4_handle_dirty_metadata+0x2eb/0x7f0
[   26.505447][  T479]  ? __kasan_check_write+0x14/0x20
[   26.510536][  T479]  ext4_da_write_begin+0x455/0xe80
[   26.515625][  T479]  ? ext4_set_page_dirty+0x1a0/0x1a0
[   26.520886][  T479]  ? down_read_killable+0xe0/0xe0
[   26.525890][  T479]  ? __ext4_journal_stop+0x36/0x1a0
[   26.531060][  T479]  ? ext4_write_end+0xa00/0xed0
[   26.535892][  T479]  ? iov_iter_advance+0x1f7/0x750
[   26.540895][  T479]  generic_perform_write+0x2be/0x510
[   26.546159][  T479]  ? grab_cache_page_write_begin+0xb0/0xb0
[   26.551956][  T479]  ? down_write+0xac/0x110
[   26.556356][  T479]  ? down_read_killable+0xe0/0xe0
[   26.561362][  T479]  ? __switch_to+0x50f/0xfc0
[   26.565936][  T479]  ? generic_write_checks+0x3d4/0x480
[   26.571295][  T479]  ext4_buffered_write_iter+0x4b8/0x640
[   26.576839][  T479]  ext4_file_write_iter+0x536/0x1980
[   26.582101][  T479]  ? _raw_spin_unlock_irq+0x4e/0x70
[   26.587287][  T479]  ? finish_task_switch+0x12e/0x5a0
[   26.592460][  T479]  ? avc_policy_seqno+0x1b/0x70
[   26.597289][  T479]  ? selinux_file_permission+0x2a5/0x510
[   26.602896][  T479]  ? ext4_file_read_iter+0x530/0x530
[   26.608158][  T479]  ? security_file_permission+0x83/0xa0
[   26.613678][  T479]  ? iov_iter_init+0x3f/0x120
[   26.618333][  T479]  vfs_write+0x725/0xd60
[   26.622554][  T479]  ? kernel_write+0x3c0/0x3c0
[   26.627208][  T479]  ? ptrace_stop+0x69f/0x9c0
[   26.631773][  T479]  ? __fget_files+0x2c4/0x320
[   26.636427][  T479]  ? __fdget+0x1a1/0x230
[   26.640643][  T479]  ? __x64_sys_pwrite64+0xec/0x220
[   26.645729][  T479]  __x64_sys_pwrite64+0x191/0x220
[   26.650728][  T479]  ? ksys_pwrite64+0x1b0/0x1b0
[   26.655466][  T479]  ? syscall_trace_enter+0x4b/0x170
[   26.660641][  T479]  do_syscall_64+0x31/0x40
[   26.665034][  T479]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   26.670912][  T479] RIP: 0033:0x7fe6cae28e89
[   26.675309][  T479] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   26.694888][  T479] RSP: 002b:00007fe6cadc4218 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   26.703305][  T479] RAX: ffffffffffffffda RBX: 00007fe6caeb06d8 RCX: 00007fe6cae28e89
[   26.711270][  T479] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000005
[   26.719218][  T479] RBP: 00007fe6caeb06d0 R08: 00007ffe3428a097 R09: 0000000000000000
[   26.727172][  T479] R10: 0000000000009000 R11: 0000000000000246 R12: 00007fe6cae7d614
[pid   458] futex(0x7fe6caeb06ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   465] <... pwrite64 resumed>)     = 176128
[pid   465] futex(0x7fe6caeb06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   465] futex(0x7fe6caeb06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   486] <... pwrite64 resumed>)     = 176128
[pid   486] futex(0x7fe6caeb06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   26.735124][  T479] R13: 0031656c69662f2e R14: 00007ffe34289fb0 R15: 00007ffe3428a098
[   26.743073][  T479] Modules linked in:
[   26.747017][  T485] invalid opcode: 0000 [#2] PREEMPT SMP KASAN
[   26.748322][  T479] ---[ end trace 8582299b87a171af ]---
[   26.753086][  T485] CPU: 1 PID: 485 Comm: syz-executor345 Tainted: G      D           5.10.237-syzkaller-00309-g7e2543346ff7 #0
[   26.753092][  T485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   26.753108][  T485] RIP: 0010:ext4_ext_insert_index+0x52d/0x530
[   26.753119][  T485] Code: 4c 89 fa e9 ca fd ff ff 44 89 f1 80 e1 07 fe c1 38 c1 0f 8c dd fd ff ff 4c 89 f7 e8 6d a2 d3 ff e9 d0 fd ff ff e8 e3 b2 99 ff <0f> 0b 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 81 ec c0 00 00
[   26.753126][  T485] RSP: 0018:ffffc90001406b20 EFLAGS: 00010293
[   26.753138][  T485] RAX: ffffffff81c9e01d RBX: ffff888120556424 RCX: ffff8881155dcf00
[   26.753145][  T485] RDX: 0000000000000000 RSI: 00000000fffffffe RDI: 0000000000000000
[   26.753154][  T485] RBP: ffffc90001406b90 R08: dffffc0000000000 R09: ffffed10242ceba5
[   26.753161][  T485] R10: ffffed10242ceba5 R11: 1ffff110242ceba4 R12: 0000000000000000
[   26.753168][  T485] R13: 00000000000000cb R14: 00000000fffffffe R15: 0000000000000054
[   26.753177][  T485] FS:  00007fe6cadc46c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   26.753184][  T485] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   26.753192][  T485] CR2: 00007fe6cada3d58 CR3: 000000010e973000 CR4: 00000000003506a0
[   26.753202][  T485] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   26.753208][  T485] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   26.753211][  T485] Call Trace:
[   26.753224][  T485]  ext4_ext_insert_extent+0x38c3/0x4530
[   26.753240][  T485]  ? ext4_ext_next_allocated_block+0x2e0/0x2e0
[   26.753250][  T485]  ? get_implied_cluster_alloc+0x526/0x940
[   26.753261][  T485]  ext4_ext_map_blocks+0x148c/0x5d40
[   26.753277][  T485]  ? _raw_write_trylock+0x140/0x140
[   26.753295][  T485]  ? _raw_write_unlock+0x2b/0x60
[   26.758735][  T479] RIP: 0010:ext4_ext_insert_index+0x52d/0x530
[   26.770323][  T485]  ? ext4_ext_release+0x10/0x10
[   26.770333][  T485]  ? ext4_fc_track_template+0xb5/0x600
[   26.770344][  T485]  ? ext4_fc_track_range+0x250/0x250
[   26.770355][  T485]  ? ext4_es_lookup_extent+0x32d/0x8c0
[   26.770374][  T485]  ext4_map_blocks+0x978/0x1bc0
[   26.780443][  T479] Code: 4c 89 fa e9 ca fd ff ff 44 89 f1 80 e1 07 fe c1 38 c1 0f 8c dd fd ff ff 4c 89 f7 e8 6d a2 d3 ff e9 d0 fd ff ff e8 e3 b2 99 ff <0f> 0b 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 81 ec c0 00 00
[   26.786463][  T485]  ? __kasan_slab_alloc+0xbd/0xf0
[   26.806122][  T479] RSP: 0018:ffffc900013a6b20 EFLAGS: 00010293
[   26.812087][  T485]  ? slab_post_alloc_hook+0x5d/0x2f0
[   26.812107][  T485]  ? kmem_cache_alloc+0x165/0x2e0
[   26.820080][  T479] 
[   26.828018][  T485]  ? ext4_issue_zeroout+0x1a0/0x1a0
[   26.835988][  T479] RAX: ffffffff81c9e01d RBX: ffff888120de0424 RCX: ffff888114d0e2c0
[   26.843930][  T485]  _ext4_get_block+0x1bb/0x4b0
[   26.843941][  T485]  ? ext4_get_block+0x50/0x50
[   26.843963][  T485]  ? slab_post_alloc_hook+0x7d/0x2f0
[   26.851940][  T479] RDX: 0000000000000000 RSI: 00000000fffffffe RDI: 0000000000000000
[   26.860817][  T485]  ext4_get_block_unwritten+0x2a/0x40
[   26.860827][  T485]  ext4_block_write_begin+0x567/0x1330
[   26.860848][  T485]  ? alloc_page_buffers+0x3aa/0x4a0
[   26.867410][  T479] RBP: ffffc900013a6b90 R08: dffffc0000000000 R09: ffffed10242c0990
[   26.875357][  T485]  ? _ext4_get_block+0x4b0/0x4b0
[   26.875367][  T485]  ? ext4_print_free_blocks+0x2c0/0x2c0
[   26.875378][  T485]  ? __kasan_check_read+0x11/0x20
[   26.875398][  T485]  ? ext4_inode_journal_mode+0x19a/0x480
[   26.883400][  T479] R10: ffffed10242c0990 R11: 1ffff110242c098f R12: 0000000000000000
[   26.891301][  T485]  ext4_write_begin+0x651/0x1550
[   26.891322][  T485]  ? _raw_spin_lock+0x8e/0xe0
[   26.894584][  T479] R13: 00000000000000cb R14: 00000000fffffffe R15: 0000000000000054
[   26.900106][  T485]  ? ext4_readahead+0x110/0x110
[   26.900117][  T485]  ? domain_dirty_limits+0x28f/0x3c0
[   26.900137][  T485]  ? ext4_get_group_desc+0x25f/0x2b0
[   26.906276][  T479] FS:  00007fe6cadc46c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   26.912048][  T485]  ? __kasan_check_read+0x11/0x20
[   26.912069][  T485]  ? mark_buffer_dirty+0x1cc/0x330
[   26.917336][  T479] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   26.922508][  T485]  ? __ext4_handle_dirty_metadata+0x2eb/0x7f0
[   26.922520][  T485]  ? __kasan_check_write+0x14/0x20
[   26.922530][  T485]  ext4_da_write_begin+0x455/0xe80
[   26.922548][  T485]  ? ext4_set_page_dirty+0x1a0/0x1a0
[   26.927470][  T479] CR2: 0000200000002000 CR3: 0000000114035000 CR4: 00000000003506b0
[   26.933506][  T485]  ? down_read_killable+0xe0/0xe0
[   26.933518][  T485]  ? __ext4_journal_stop+0x36/0x1a0
[   26.933536][  T485]  ? ext4_write_end+0xa00/0xed0
[   26.938364][  T479] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   26.943806][  T485]  ? iov_iter_advance+0x1f7/0x750
[   26.943820][  T485]  generic_perform_write+0x2be/0x510
[   26.943841][  T485]  ? grab_cache_page_write_begin+0xb0/0xb0
[   26.949129][  T479] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   26.954545][  T485]  ? down_write+0xac/0x110
[   26.959384][  T479] Kernel panic - not syncing: Fatal exception
[   26.978957][  T485]  ? down_read_killable+0xe0/0xe0
[   27.241537][  T485]  ? __switch_to+0x50f/0xfc0
[   27.246118][  T485]  ? generic_write_checks+0x3d4/0x480
[   27.251477][  T485]  ext4_buffered_write_iter+0x4b8/0x640
[   27.257008][  T485]  ext4_file_write_iter+0x536/0x1980
[   27.262284][  T485]  ? _raw_spin_unlock_irq+0x4e/0x70
[   27.267470][  T485]  ? finish_task_switch+0x12e/0x5a0
[   27.272656][  T485]  ? avc_policy_seqno+0x1b/0x70
[   27.277496][  T485]  ? selinux_file_permission+0x2a5/0x510
[   27.283115][  T485]  ? ext4_file_read_iter+0x530/0x530
[   27.288387][  T485]  ? security_file_permission+0x83/0xa0
[   27.293928][  T485]  ? iov_iter_init+0x3f/0x120
[   27.298592][  T485]  vfs_write+0x725/0xd60
[   27.302825][  T485]  ? kernel_write+0x3c0/0x3c0
[   27.307489][  T485]  ? ptrace_stop+0x69f/0x9c0
[   27.312064][  T485]  ? __fget_files+0x2c4/0x320
[   27.316726][  T485]  ? __fdget+0x1a1/0x230
[   27.320952][  T485]  ? __x64_sys_pwrite64+0xec/0x220
[   27.326053][  T485]  __x64_sys_pwrite64+0x191/0x220
[   27.331065][  T485]  ? ksys_pwrite64+0x1b0/0x1b0
[   27.335818][  T485]  ? syscall_trace_enter+0x4b/0x170
[   27.341003][  T485]  do_syscall_64+0x31/0x40
[   27.345414][  T485]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   27.351289][  T485] RIP: 0033:0x7fe6cae28e89
[   27.355691][  T485] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   27.375285][  T485] RSP: 002b:00007fe6cadc4218 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   27.383687][  T485] RAX: ffffffffffffffda RBX: 00007fe6caeb06d8 RCX: 00007fe6cae28e89
[   27.391646][  T485] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000005
[   27.399608][  T485] RBP: 00007fe6caeb06d0 R08: 00007ffe3428a097 R09: 0000000000000000
[   27.407565][  T485] R10: 0000000000009000 R11: 0000000000000246 R12: 00007fe6cae7d614
[   27.415525][  T485] R13: 0031656c69662f2e R14: 00007ffe34289fb0 R15: 00007ffe3428a098
[   27.423482][  T485] Modules linked in:
[   27.427598][  T479] Kernel Offset: disabled
[   27.431928][  T479] Rebooting in 86400 seconds..