./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1779888683

<...>
DUID 00:04:e3:38:52:80:67:3f:e9:c9:a2:47:22:a3:59:23:7d:1e
forked to background, child pid 3209
[   26.866192][ T3210] 8021q: adding VLAN 0 to HW filter on device bond0
[   26.883600][ T3210] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.15' (ECDSA) to the list of known hosts.
execve("./syz-executor1779888683", ["./syz-executor1779888683"], 0x7ffedbd286f0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555573f2000
brk(0x5555573f2c40)                     = 0x5555573f2c40
arch_prctl(ARCH_SET_FS, 0x5555573f2300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x5555573f25d0)         = 3630
set_robust_list(0x5555573f25e0, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7fd66b27c5e0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fd66b27ccb0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7fd66b27c680, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd66b27ccb0}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1779888683", 4096) = 28
brk(0x555557413c40)                     = 0x555557413c40
brk(0x555557414000)                     = 0x555557414000
mprotect(0x7fd66b33f000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("/syzcgroup", 0777)               = 0
mkdir("/syzcgroup/unified", 0777)       = 0
mount("none", "/syzcgroup/unified", "cgroup2", 0, NULL) = 0
chmod("/syzcgroup/unified", 0777)       = 0
openat(AT_FDCWD, "/syzcgroup/unified/cgroup.subtree_control", O_WRONLY) = 3
write(3, "+cpu", 4)                     = 4
write(3, "+memory", 7)                  = 7
write(3, "+io", 3)                      = 3
write(3, "+pids", 5)                    = 5
close(3)                                = 0
mkdir("/syzcgroup/net", 0777)           = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "net") = -1 EINVAL (Invalid argument)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "devices") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "blkio") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "freezer") = 0
umount2("/syzcgroup/net", 0)            = 0
syzkaller login: [   50.922106][ T3630] cgroup: Unknown subsys name 'net'
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = 0
chmod("/syzcgroup/net", 0777)           = 0
mkdir("/syzcgroup/cpu", 0777)           = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "hugetlb") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "rlimit") = -1 EINVAL (Invalid argument)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb") = ? ERESTARTNOINTR (To be restarted)
[   51.069428][ T3630] cgroup: Unknown subsys name 'rlimit'
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb") = 0
chmod("/syzcgroup/cpu", 0777)           = 0
openat(AT_FDCWD, "/syzcgroup/cpu/cgroup.clone_children", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/syzcgroup/cpu/cpuset.memory_pressure_enabled", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
sendto(4, [{nlmsg_len=36, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=680, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3630}, "\x01\x02\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00\x06\x00\x01\x00\x1c\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x25\x00\x00\x00\x48\x02\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x05\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00"...], 4096, 0, NULL, NULL) = 680
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3630}, {error=0, msg={nlmsg_len=36, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
access("/proc/net", R_OK)               = 0
access("/proc/net/unix", R_OK)          = 0
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5)                                = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x06\x00\x0a\x00\xa0\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3630}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5)                                = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0c\x00\x01\x00\x02\x00\xaa\xaa\xaa\xaa\xaa\xaa"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3630}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
sendto(3, [{nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, [[{nla_len=11, nla_type=IFLA_IFNAME}, "lowpan0"...], [{nla_len=16, nla_type=IFLA_LINKINFO}, [{nla_len=10, nla_type=IFLA_INFO_KIND}, "lowpan"...]], [{nla_len=8, nla_type=IFLA_LINK}, 11]]], 68, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 68
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3630}, {error=0, msg={nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5)                                = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x06\x00\x0a\x00\xa1\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3630}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5)                                = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wpan1"), ifi_flags=IFF_UP, ifi_change=0x1}, [{nla_len=12, nla_type=IFLA_ADDRESS}, 02:01:aa:aa:aa:aa:aa]], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3630}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
close(3)                                = 0
close(4)                                = 0
getpid()                                = 3630
mkdir("./syzkaller.7UU4UF", 0700)       = 0
chmod("./syzkaller.7UU4UF", 0777)       = 0
chdir("./syzkaller.7UU4UF")             = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 3632
./strace-static-x86_64: Process 3632 attached
[pid  3632] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3632] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  3632] socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI) = 3
[pid  3632] openat(AT_FDCWD, "/dev/vhci", O_RDWR) = 4
[pid  3632] dup2(4, 202)                = 202
[pid  3632] close(4)                    = 0
[pid  3632] write(202, "\xff\x00", 2)   = 2
[pid  3632] read(202, "\xff\x00\x00\x00", 4) = 4
[pid  3632] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd66aa69000
[pid  3632] mprotect(0x7fd66aa6a000, 8388608, PROT_READ|PROT_WRITE) = 0
[pid  3632] clone(child_stack=0x7fd66b2693f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3636 attached
, parent_tid=[2], tls=0x7fd66b269700, child_tidptr=0x7fd66b2699d0) = 2
[pid  3632] ioctl(3, HCIDEVUP <unfinished ...>
[pid  3636] set_robust_list(0x7fd66b2699e0, 24) = 0
[pid  3636] read(202, "\x01\x03\x0c\x00", 1024) = 4
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x03\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  3636] read(202, "\x01\x03\x10\x00", 1024) = 4
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x03\x10", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  3636] read(202, "\x01\x01\x10\x00", 1024) = 4
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x01\x10", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  3636] read(202, "\x01\x09\x10\x00", 1024) = 4
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\x0a", iov_len=2}, {iov_base="\x01\x09\x10", iov_len=3}, {iov_base="\x00\xaa\xaa\xaa\xaa\xaa\xaa", iov_len=7}], 4) = 13
[pid  3636] read(202, "\x01\x05\x10\x00", 1024) = 4
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\x0b", iov_len=2}, {iov_base="\x01\x05\x10", iov_len=3}, {iov_base="\x00\xfd\x03\x60\x04\x00\x06\x00", iov_len=8}], 4) = 14
[pid  3636] read(202, "\x01\x23\x0c\x00", 1024) = 4
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x23\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  3636] read(202, "\x01\x14\x0c\x00", 1024) = 4
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x14\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  3636] read(202, "\x01\x25\x0c\x00", 1024) = 4
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x25\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  3636] read(202, "\x01\x38\x0c\x00", 1024) = 4
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x38\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  3636] read(202, "\x01\x39\x0c\x00", 1024) = 4
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x39\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  3636] read(202, "\x01\x16\x0c\x02\x00\x7d", 1024) = 6
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x16\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  3636] read(202,  <unfinished ...>
[pid  3632] <... ioctl resumed>, 0)     = -1 EALREADY (Operation already in progress)
[   51.261927][ T3635] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   51.270342][ T3635] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   51.278278][ T3635] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   51.287657][ T3635] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   51.296095][ T3635] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   51.303955][ T3635] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[pid  3632] ioctl(3, HCISETSCAN <unfinished ...>
[pid  3636] <... read resumed>"\x01\x1a\x0c\x01\x02", 1024) = 5
[pid  3636] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\x04", iov_len=2}, {iov_base="\x01\x1a\x0c", iov_len=3}, {iov_base="\x00", iov_len=1}], 4) = 7
[pid  3636] madvise(0x7fd66aa69000, 8372224, MADV_DONTNEED <unfinished ...>
[pid  3632] <... ioctl resumed>, 0x7ffc4ff8ccd8) = 0
[pid  3636] <... madvise resumed>)      = 0
[pid  3636] exit(0 <unfinished ...>
[pid  3632] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x04\x0a", iov_len=2}, {iov_base="\xaa\xaa\xaa\xaa\xaa\x10\x00\x00\x00\x01", iov_len=10}], 3 <unfinished ...>
[pid  3636] <... exit resumed>)         = ?
[pid  3636] +++ exited with 0 +++
[pid  3632] <... writev resumed>)       = 13
[pid  3632] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x03\x0b", iov_len=2}, {iov_base="\x00\xc8\x00\xaa\xaa\xaa\xaa\xaa\x10\x01\x00", iov_len=11}], 3) = 14
[pid  3632] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\v\v", iov_len=2}, {iov_base="\x00\xc8\x00\x00\x00\x00\x00\x00\x00\x00\x00", iov_len=11}], 3) = 14
[pid  3632] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x3e\x13", iov_len=2}, {iov_base="\x01\x00\xc9\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\x11\x00\x00\x00\x00\x00\x00\x00", iov_len=19}], 3) = 22
[pid  3632] close(3)                    = 0
[pid  3632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3632] setsid()                    = 1
[pid  3632] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  3632] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  3632] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  3632] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  3632] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  3632] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  3632] unshare(CLONE_NEWNS)        = 0
[pid  3632] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  3632] unshare(CLONE_NEWIPC)       = 0
[pid  3632] unshare(CLONE_NEWCGROUP)    = 0
[pid  3632] unshare(CLONE_NEWUTS)       = 0
[pid  3632] unshare(CLONE_SYSVSEM)      = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "16777216", 8)     = 8
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "536870912", 9)    = 9
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1024", 4)         = 4
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "8192", 4)         = 4
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1024", 4)         = 4
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1024", 4)         = 4
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1024 1048576 500 1024", 21) = 21
[pid  3632] close(3)                    = 0
[pid  3632] getpid()                    = 1
[pid  3632] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  3632] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[   51.313274][ T3632] Bluetooth: hci0: HCI_REQ-0x0c1a
[pid  3632] unshare(CLONE_NEWNET)       = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "0 65535", 7)      = 7
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid  3632] dup2(3, 200)                = 200
[pid  3632] close(3)                    = 0
[pid  3632] ioctl(200, TUNSETIFF, 0x7ffc4ff8cda0) = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "0", 1)            = 1
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "0", 1)            = 1
[pid  3632] close(3)                    = 0
[pid  3632] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid  3632] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  3632] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  3632] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  3632] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  3632] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 60
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  3632] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/dev/rfkill", O_RDWR) = 3
[pid  3632] write(3, "\x00\x00\x00\x00\x00\x03\x00\x00", 8) = 8
[pid  3632] close(3)                    = 0
[pid  3632] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  3632] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  3632] recvfrom(3, [{nlmsg_len=224, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x28\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x19\x00\x00\x00\x7c\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 224
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] sendto(3, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  3632] recvfrom(3, [{nlmsg_len=2476, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x22\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x40\x01\x00\x00\xd8\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2476
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] sendto(3, [{nlmsg_len=36, nlmsg_type=0x28 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  3632] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=2, msg=[{nlmsg_len=36, nlmsg_type=0x28 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  3632] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  3632] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=12}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] sendto(3, [{nlmsg_len=36, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  3632] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  3632] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] sendto(3, [{nlmsg_len=64, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] sendto(3, [{nlmsg_len=36, nlmsg_type=0x28 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  3632] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=3, msg=[{nlmsg_len=36, nlmsg_type=0x28 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  3632] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  3632] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=13}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] sendto(3, [{nlmsg_len=36, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0d\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  3632] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  3632] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] sendto(3, [{nlmsg_len=64, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0d\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  3632] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  3632] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  3632] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=12}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  3632] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  3632] recvfrom(4, [{nlmsg_len=1412, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x30\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1412
[   51.438202][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   51.446424][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   51.464160][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   51.480093][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[pid  3632] close(4)                    = 0
[pid  3632] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  3632] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=13}) = 0
[pid  3632] close(4)                    = 0
[pid  3632] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  3632] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  3632] recvfrom(4, [{nlmsg_len=1412, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0d\x00\x00\x00\x43\x10\x00\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x00\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1412
[pid  3632] close(4)                    = 0
[pid  3632] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  3632] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  3632] recvfrom(4, [{nlmsg_len=1412, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0d\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1412
[pid  3632] close(4)                    = 0
[pid  3632] close(3)                    = 0
[pid  3632] mkdir("/dev/binderfs", 0777) = 0
[pid  3632] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  3632] getpid()                    = 1
[pid  3632] mkdir("/syzcgroup/unified/syz0", 0777) = 0
[pid  3632] openat(AT_FDCWD, "/syzcgroup/unified/syz0/pids.max", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "32", 2)           = 2
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/syzcgroup/unified/syz0/memory.low", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "312475648", 9)    = 9
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/syzcgroup/unified/syz0/memory.high", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "313524224", 9)    = 9
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/syzcgroup/unified/syz0/memory.max", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "314572800", 9)    = 9
[pid  3632] close(3)                    = 0
[pid  3632] openat(AT_FDCWD, "/syzcgroup/unified/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1", 1)            = 1
[pid  3632] close(3)                    = 0
[pid  3632] mkdir("/syzcgroup/cpu/syz0", 0777) = 0
[pid  3632] openat(AT_FDCWD, "/syzcgroup/cpu/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1", 1)            = 1
[pid  3632] close(3)                    = 0
[pid  3632] mkdir("/syzcgroup/net/syz0", 0777) = 0
[pid  3632] openat(AT_FDCWD, "/syzcgroup/net/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid  3632] write(3, "1", 1)            = 1
[pid  3632] close(3)                    = 0
[pid  3632] mkdir("./0", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 3
./strace-static-x86_64: Process 3637 attached
[pid  3637] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3637] chdir("./0")                = 0
[pid  3637] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3637] setpgid(0, 0)               = 0
[pid  3637] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3637] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3637] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[   51.488678][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   51.498211][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[pid  3637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3637] write(3, "1000", 4)         = 4
[pid  3637] close(3)                    = 0
[pid  3637] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  3637] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  3637] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3637] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3637] memfd_create("syzkaller", 0) = 3
[pid  3637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3637] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3637] munmap(0x7fd662669000, 2097152) = 0
[pid  3637] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3637] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3637] close(3)                    = 0
[pid  3637] mkdir("./file0", 0777)      = 0
[   51.582712][ T3637] loop0: detected capacity change from 0 to 4096
[   51.601234][ T3637] NILFS (loop0): invalid segment: Checksum error in segment payload
[   51.609382][ T3637] NILFS (loop0): trying rollback from an earlier position
[   51.625769][ T3637] NILFS (loop0): recovery complete
[pid  3637] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3637] chdir("./file0")            = 0
[pid  3637] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3637] close(4)                    = 0
[pid  3637] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3637] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3637] creat("./bus", 000)         = 4
[pid  3637] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3637] ftruncate(4, 2048)          = 0
[pid  3637] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3637] open("./bus", O_RDONLY)     = 5
[   51.633085][ T3638] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   51.649941][   T27] audit: type=1804 audit(1670457083.559:2): pid=3637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/0/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3637] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3637] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3637] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3637] open(".", O_RDONLY)         = 6
[pid  3637] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3637] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3637] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3637] close(3)                    = 0
[pid  3637] close(4)                    = 0
[pid  3637] close(5)                    = 0
[pid  3637] close(6)                    = 0
[pid  3637] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3637] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3637] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3637] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3637] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3637] exit_group(0)               = ?
[pid  3637] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./0/binderfs")      = 0
[pid  3632] umount2("./0/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./0/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./0/cgroup")        = 0
[pid  3632] umount2("./0/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./0/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./0/cgroup.net")    = 0
[pid  3632] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./0/file0")          = 0
[pid  3632] umount2("./0/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./0/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./0/cgroup.cpu")    = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./0")                = 0
[pid  3632] mkdir("./1", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3639 attached
 <unfinished ...>
[pid  3639] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 4
[pid  3639] chdir("./1")                = 0
[pid  3639] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3639] setpgid(0, 0)               = 0
[pid  3639] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3639] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3639] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3639] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3639] write(3, "1000", 4)         = 4
[pid  3639] close(3)                    = 0
[pid  3639] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3639] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3639] memfd_create("syzkaller", 0) = 3
[pid  3639] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3639] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3639] munmap(0x7fd662669000, 2097152) = 0
[pid  3639] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3639] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3639] close(3)                    = 0
[pid  3639] mkdir("./file0", 0777)      = 0
[   51.975146][ T3639] loop0: detected capacity change from 0 to 4096
[   51.990850][ T3639] NILFS (loop0): invalid segment: Checksum error in segment payload
[   51.999071][ T3639] NILFS (loop0): trying rollback from an earlier position
[   52.012440][ T3639] NILFS (loop0): recovery complete
[pid  3639] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3639] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3639] chdir("./file0")            = 0
[pid  3639] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3639] close(4)                    = 0
[pid  3639] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3639] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3639] creat("./bus", 000)         = 4
[pid  3639] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3639] ftruncate(4, 2048)          = 0
[pid  3639] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3639] open("./bus", O_RDONLY)     = 5
[   52.019091][ T3640] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   52.034979][   T27] audit: type=1804 audit(1670457083.939:3): pid=3639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/1/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3639] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3639] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3639] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3639] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3639] open(".", O_RDONLY)         = 6
[pid  3639] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3639] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3639] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3639] close(3)                    = 0
[pid  3639] close(4)                    = 0
[pid  3639] close(5)                    = 0
[pid  3639] close(6)                    = 0
[pid  3639] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3639] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3639] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3639] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3639] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3639] exit_group(0)               = ?
[pid  3639] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./1/binderfs")      = 0
[pid  3632] umount2("./1/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./1/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./1/cgroup")        = 0
[pid  3632] umount2("./1/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./1/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./1/cgroup.net")    = 0
[pid  3632] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./1/file0")          = 0
[pid  3632] umount2("./1/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./1/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./1/cgroup.cpu")    = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./1")                = 0
[pid  3632] mkdir("./2", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 5
./strace-static-x86_64: Process 3641 attached
[pid  3641] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3641] chdir("./2")                = 0
[pid  3641] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3641] setpgid(0, 0)               = 0
[pid  3641] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3641] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3641] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3641] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3641] write(3, "1000", 4)         = 4
[pid  3641] close(3)                    = 0
[pid  3641] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  3641] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3641] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3641] memfd_create("syzkaller", 0) = 3
[pid  3641] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3641] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3641] munmap(0x7fd662669000, 2097152) = 0
[pid  3641] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3641] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3641] close(3)                    = 0
[pid  3641] mkdir("./file0", 0777)      = 0
[   52.324304][ T3641] loop0: detected capacity change from 0 to 4096
[   52.339640][ T3641] NILFS (loop0): invalid segment: Checksum error in segment payload
[   52.347658][ T3641] NILFS (loop0): trying rollback from an earlier position
[   52.361029][ T3641] NILFS (loop0): recovery complete
[pid  3641] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3641] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3641] chdir("./file0")            = 0
[pid  3641] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3641] close(4)                    = 0
[pid  3641] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3641] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3641] creat("./bus", 000)         = 4
[pid  3641] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3641] ftruncate(4, 2048)          = 0
[pid  3641] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3641] open("./bus", O_RDONLY)     = 5
[   52.367628][ T3642] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   52.387762][   T27] audit: type=1804 audit(1670457084.289:4): pid=3641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/2/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3641] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3641] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3641] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3641] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3641] open(".", O_RDONLY)         = 6
[pid  3641] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3641] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3641] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3641] close(3)                    = 0
[pid  3641] close(4)                    = 0
[pid  3641] close(5)                    = 0
[pid  3641] close(6)                    = 0
[pid  3641] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3641] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3641] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3641] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3641] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3641] exit_group(0)               = ?
[pid  3641] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./2/binderfs")      = 0
[pid  3632] umount2("./2/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./2/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./2/cgroup")        = 0
[pid  3632] umount2("./2/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./2/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./2/cgroup.net")    = 0
[pid  3632] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./2/file0")          = 0
[pid  3632] umount2("./2/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./2/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./2/cgroup.cpu")    = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./2")                = 0
[pid  3632] mkdir("./3", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 6
./strace-static-x86_64: Process 3643 attached
[pid  3643] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3643] chdir("./3")                = 0
[pid  3643] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3643] setpgid(0, 0)               = 0
[pid  3643] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3643] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3643] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3643] write(3, "1000", 4)         = 4
[pid  3643] close(3)                    = 0
[pid  3643] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3643] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3643] memfd_create("syzkaller", 0) = 3
[pid  3643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3643] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3643] munmap(0x7fd662669000, 2097152) = 0
[pid  3643] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3643] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3643] close(3)                    = 0
[pid  3643] mkdir("./file0", 0777)      = 0
[   52.689313][ T3643] loop0: detected capacity change from 0 to 4096
[   52.704145][ T3643] NILFS (loop0): invalid segment: Checksum error in segment payload
[   52.712448][ T3643] NILFS (loop0): trying rollback from an earlier position
[   52.725881][ T3643] NILFS (loop0): recovery complete
[pid  3643] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3643] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3643] chdir("./file0")            = 0
[pid  3643] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3643] close(4)                    = 0
[pid  3643] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3643] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3643] creat("./bus", 000)         = 4
[pid  3643] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3643] ftruncate(4, 2048)          = 0
[pid  3643] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3643] open("./bus", O_RDONLY)     = 5
[   52.731814][ T3644] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   52.749932][   T27] audit: type=1804 audit(1670457084.659:5): pid=3643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/3/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3643] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3643] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3643] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3643] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3643] open(".", O_RDONLY)         = 6
[pid  3643] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3643] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3643] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3643] close(3)                    = 0
[pid  3643] close(4)                    = 0
[pid  3643] close(5)                    = 0
[pid  3643] close(6)                    = 0
[pid  3643] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3643] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3643] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3643] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3643] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3643] exit_group(0)               = ?
[pid  3643] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./3/binderfs")      = 0
[pid  3632] umount2("./3/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./3/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./3/cgroup")        = 0
[pid  3632] umount2("./3/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./3/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./3/cgroup.net")    = 0
[pid  3632] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./3/file0")          = 0
[pid  3632] umount2("./3/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./3/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./3/cgroup.cpu")    = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./3")                = 0
[pid  3632] mkdir("./4", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 7
./strace-static-x86_64: Process 3645 attached
[pid  3645] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3645] chdir("./4")                = 0
[pid  3645] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3645] setpgid(0, 0)               = 0
[pid  3645] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3645] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3645] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3645] write(3, "1000", 4)         = 4
[pid  3645] close(3)                    = 0
[pid  3645] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3645] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3645] memfd_create("syzkaller", 0) = 3
[pid  3645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3645] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3645] munmap(0x7fd662669000, 2097152) = 0
[pid  3645] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3645] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3645] close(3)                    = 0
[pid  3645] mkdir("./file0", 0777)      = 0
[pid  3645] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3645] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3645] chdir("./file0")            = 0
[pid  3645] ioctl(4, LOOP_CLR_FD)       = 0
[   53.057748][ T3645] loop0: detected capacity change from 0 to 4096
[   53.074561][ T3645] NILFS (loop0): invalid segment: Checksum error in segment payload
[   53.082626][ T3645] NILFS (loop0): trying rollback from an earlier position
[   53.097394][ T3645] NILFS (loop0): recovery complete
[pid  3645] close(4)                    = 0
[pid  3645] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3645] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3645] creat("./bus", 000)         = 4
[pid  3645] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3645] ftruncate(4, 2048)          = 0
[pid  3645] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3645] open("./bus", O_RDONLY)     = 5
[   53.104517][ T3646] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   53.126409][   T27] audit: type=1804 audit(1670457085.029:6): pid=3645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/4/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3645] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3645] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3645] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3645] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3645] open(".", O_RDONLY)         = 6
[pid  3645] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3645] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3645] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3645] close(3)                    = 0
[pid  3645] close(4)                    = 0
[pid  3645] close(5)                    = 0
[pid  3645] close(6)                    = 0
[pid  3645] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3645] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3645] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3645] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3645] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3645] exit_group(0)               = ?
[pid  3645] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./4/binderfs")      = 0
[pid  3632] umount2("./4/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./4/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./4/cgroup")        = 0
[pid  3632] umount2("./4/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./4/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./4/cgroup.net")    = 0
[pid  3632] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./4/file0")          = 0
[pid  3632] umount2("./4/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./4/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./4/cgroup.cpu")    = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./4")                = 0
[pid  3632] mkdir("./5", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 8
./strace-static-x86_64: Process 3647 attached
[pid  3647] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3647] chdir("./5")                = 0
[pid  3647] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3647] setpgid(0, 0)               = 0
[pid  3647] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3647] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3647] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3647] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3647] write(3, "1000", 4)         = 4
[pid  3647] close(3)                    = 0
[pid  3647] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[   53.329700][ T3635] Bluetooth: hci0: command 0x0409 tx timeout
[pid  3647] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3647] memfd_create("syzkaller", 0) = 3
[pid  3647] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3647] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3647] munmap(0x7fd662669000, 2097152) = 0
[pid  3647] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3647] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3647] close(3)                    = 0
[pid  3647] mkdir("./file0", 0777)      = 0
[   53.425394][ T3647] loop0: detected capacity change from 0 to 4096
[   53.442865][ T3647] NILFS (loop0): invalid segment: Checksum error in segment payload
[   53.451291][ T3647] NILFS (loop0): trying rollback from an earlier position
[   53.465911][ T3647] NILFS (loop0): recovery complete
[pid  3647] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3647] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3647] chdir("./file0")            = 0
[pid  3647] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3647] close(4)                    = 0
[pid  3647] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3647] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3647] creat("./bus", 000)         = 4
[pid  3647] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3647] ftruncate(4, 2048)          = 0
[pid  3647] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3647] open("./bus", O_RDONLY)     = 5
[   53.472126][ T3648] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   53.487167][   T27] audit: type=1804 audit(1670457085.399:7): pid=3647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/5/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3647] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3647] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3647] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3647] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3647] open(".", O_RDONLY)         = 6
[pid  3647] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3647] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3647] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3647] close(3)                    = 0
[pid  3647] close(4)                    = 0
[pid  3647] close(5)                    = 0
[pid  3647] close(6)                    = 0
[pid  3647] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3647] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3647] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3647] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3647] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3647] exit_group(0)               = ?
[pid  3647] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./5/binderfs")      = 0
[pid  3632] umount2("./5/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./5/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./5/cgroup")        = 0
[pid  3632] umount2("./5/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./5/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./5/cgroup.net")    = 0
[pid  3632] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./5/file0")          = 0
[pid  3632] umount2("./5/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./5/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./5/cgroup.cpu")    = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./5")                = 0
[pid  3632] mkdir("./6", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 9
./strace-static-x86_64: Process 3649 attached
[pid  3649] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3649] chdir("./6")                = 0
[pid  3649] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3649] setpgid(0, 0)               = 0
[pid  3649] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3649] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3649] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3649] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3649] write(3, "1000", 4)         = 4
[pid  3649] close(3)                    = 0
[pid  3649] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3649] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3649] memfd_create("syzkaller", 0) = 3
[pid  3649] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3649] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3649] munmap(0x7fd662669000, 2097152) = 0
[pid  3649] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3649] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3649] close(3)                    = 0
[pid  3649] mkdir("./file0", 0777)      = 0
[pid  3649] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3649] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3649] chdir("./file0")            = 0
[pid  3649] ioctl(4, LOOP_CLR_FD)       = 0
[   53.793721][ T3649] loop0: detected capacity change from 0 to 4096
[   53.808651][ T3649] NILFS (loop0): invalid segment: Checksum error in segment payload
[   53.816851][ T3649] NILFS (loop0): trying rollback from an earlier position
[   53.831862][ T3649] NILFS (loop0): recovery complete
[pid  3649] close(4)                    = 0
[pid  3649] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3649] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3649] creat("./bus", 000)         = 4
[pid  3649] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3649] ftruncate(4, 2048)          = 0
[pid  3649] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3649] open("./bus", O_RDONLY)     = 5
[   53.838406][ T3650] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   53.864958][   T27] audit: type=1804 audit(1670457085.769:8): pid=3649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/6/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3649] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3649] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3649] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3649] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3649] open(".", O_RDONLY)         = 6
[pid  3649] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3649] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3649] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3649] close(3)                    = 0
[pid  3649] close(4)                    = 0
[pid  3649] close(5)                    = 0
[pid  3649] close(6)                    = 0
[pid  3649] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3649] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3649] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3649] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3649] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3649] exit_group(0)               = ?
[pid  3649] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=9, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./6/binderfs")      = 0
[pid  3632] umount2("./6/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./6/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./6/cgroup")        = 0
[pid  3632] umount2("./6/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./6/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./6/cgroup.net")    = 0
[pid  3632] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./6/file0")          = 0
[pid  3632] umount2("./6/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./6/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./6/cgroup.cpu")    = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./6")                = 0
[pid  3632] mkdir("./7", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3651 attached
, child_tidptr=0x5555573f25d0) = 10
[pid  3651] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3651] chdir("./7")                = 0
[pid  3651] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3651] setpgid(0, 0)               = 0
[pid  3651] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3651] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3651] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3651] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3651] write(3, "1000", 4)         = 4
[pid  3651] close(3)                    = 0
[pid  3651] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3651] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3651] memfd_create("syzkaller", 0) = 3
[pid  3651] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3651] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3651] munmap(0x7fd662669000, 2097152) = 0
[pid  3651] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3651] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3651] close(3)                    = 0
[pid  3651] mkdir("./file0", 0777)      = 0
[   54.182366][ T3651] loop0: detected capacity change from 0 to 4096
[   54.197811][ T3651] NILFS (loop0): invalid segment: Checksum error in segment payload
[   54.206867][ T3651] NILFS (loop0): trying rollback from an earlier position
[   54.223433][ T3651] NILFS (loop0): recovery complete
[pid  3651] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3651] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3651] chdir("./file0")            = 0
[pid  3651] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3651] close(4)                    = 0
[pid  3651] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3651] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3651] creat("./bus", 000)         = 4
[pid  3651] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3651] ftruncate(4, 2048)          = 0
[pid  3651] lseek(4, 132096, SEEK_SET)  = 132096
[   54.231853][ T3652] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3651] open("./bus", O_RDONLY)     = 5
[   54.272377][   T27] audit: type=1804 audit(1670457086.179:9): pid=3651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/7/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3651] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3651] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3651] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3651] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3651] open(".", O_RDONLY)         = 6
[pid  3651] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3651] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3651] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3651] close(3)                    = 0
[pid  3651] close(4)                    = 0
[pid  3651] close(5)                    = 0
[pid  3651] close(6)                    = 0
[pid  3651] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3651] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3651] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3651] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3651] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3651] exit_group(0)               = ?
[pid  3651] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./7/binderfs")      = 0
[pid  3632] umount2("./7/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./7/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./7/cgroup")        = 0
[pid  3632] umount2("./7/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./7/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./7/cgroup.net")    = 0
[pid  3632] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./7/file0")          = 0
[pid  3632] umount2("./7/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./7/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./7/cgroup.cpu")    = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./7")                = 0
[pid  3632] mkdir("./8", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 11
./strace-static-x86_64: Process 3653 attached
[pid  3653] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3653] chdir("./8")                = 0
[pid  3653] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3653] setpgid(0, 0)               = 0
[pid  3653] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3653] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3653] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3653] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3653] write(3, "1000", 4)         = 4
[pid  3653] close(3)                    = 0
[pid  3653] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3653] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3653] memfd_create("syzkaller", 0) = 3
[pid  3653] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3653] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3653] munmap(0x7fd662669000, 2097152) = 0
[pid  3653] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3653] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3653] close(3)                    = 0
[pid  3653] mkdir("./file0", 0777)      = 0
[   54.588213][ T3653] loop0: detected capacity change from 0 to 4096
[   54.605552][ T3653] NILFS (loop0): invalid segment: Checksum error in segment payload
[   54.613835][ T3653] NILFS (loop0): trying rollback from an earlier position
[   54.628874][ T3653] NILFS (loop0): recovery complete
[pid  3653] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3653] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3653] chdir("./file0")            = 0
[pid  3653] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3653] close(4)                    = 0
[pid  3653] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3653] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3653] creat("./bus", 000)         = 4
[pid  3653] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3653] ftruncate(4, 2048)          = 0
[pid  3653] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3653] open("./bus", O_RDONLY)     = 5
[   54.634879][ T3654] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   54.644237][   T27] audit: type=1804 audit(1670457086.549:10): pid=3653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/8/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3653] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3653] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3653] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3653] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3653] open(".", O_RDONLY)         = 6
[pid  3653] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3653] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3653] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3653] close(3)                    = 0
[pid  3653] close(4)                    = 0
[pid  3653] close(5)                    = 0
[pid  3653] close(6)                    = 0
[pid  3653] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3653] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3653] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3653] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3653] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3653] exit_group(0)               = ?
[pid  3653] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=11, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./8/binderfs")      = 0
[pid  3632] umount2("./8/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./8/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./8/cgroup")        = 0
[pid  3632] umount2("./8/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./8/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./8/cgroup.net")    = 0
[pid  3632] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./8/file0")          = 0
[pid  3632] umount2("./8/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./8/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./8/cgroup.cpu")    = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./8")                = 0
[pid  3632] mkdir("./9", 0777)          = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 12
./strace-static-x86_64: Process 3655 attached
[pid  3655] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3655] chdir("./9")                = 0
[pid  3655] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3655] setpgid(0, 0)               = 0
[pid  3655] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3655] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3655] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3655] write(3, "1000", 4)         = 4
[pid  3655] close(3)                    = 0
[pid  3655] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3655] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3655] memfd_create("syzkaller", 0) = 3
[pid  3655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3655] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3655] munmap(0x7fd662669000, 2097152) = 0
[pid  3655] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3655] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3655] close(3)                    = 0
[pid  3655] mkdir("./file0", 0777)      = 0
[pid  3655] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3655] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3655] chdir("./file0")            = 0
[pid  3655] ioctl(4, LOOP_CLR_FD)       = 0
[   54.950225][ T3655] loop0: detected capacity change from 0 to 4096
[   54.965742][ T3655] NILFS (loop0): invalid segment: Checksum error in segment payload
[   54.973953][ T3655] NILFS (loop0): trying rollback from an earlier position
[   54.988236][ T3655] NILFS (loop0): recovery complete
[pid  3655] close(4)                    = 0
[pid  3655] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3655] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3655] creat("./bus", 000)         = 4
[pid  3655] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3655] ftruncate(4, 2048)          = 0
[pid  3655] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3655] open("./bus", O_RDONLY)     = 5
[   54.994628][ T3656] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   55.010883][   T27] audit: type=1804 audit(1670457086.919:11): pid=3655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/9/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3655] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3655] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3655] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3655] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3655] open(".", O_RDONLY)         = 6
[pid  3655] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3655] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3655] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3655] close(3)                    = 0
[pid  3655] close(4)                    = 0
[pid  3655] close(5)                    = 0
[pid  3655] close(6)                    = 0
[pid  3655] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3655] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3655] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3655] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3655] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3655] exit_group(0)               = ?
[pid  3655] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./9/binderfs")      = 0
[pid  3632] umount2("./9/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./9/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./9/cgroup")        = 0
[pid  3632] umount2("./9/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./9/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./9/cgroup.net")    = 0
[pid  3632] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./9/file0")          = 0
[pid  3632] umount2("./9/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./9/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./9/cgroup.cpu")    = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./9")                = 0
[pid  3632] mkdir("./10", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 13
./strace-static-x86_64: Process 3657 attached
[pid  3657] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3657] chdir("./10")               = 0
[pid  3657] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3657] setpgid(0, 0)               = 0
[pid  3657] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3657] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3657] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3657] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3657] write(3, "1000", 4)         = 4
[pid  3657] close(3)                    = 0
[pid  3657] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3657] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3657] memfd_create("syzkaller", 0) = 3
[pid  3657] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3657] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3657] munmap(0x7fd662669000, 2097152) = 0
[pid  3657] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3657] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3657] close(3)                    = 0
[pid  3657] mkdir("./file0", 0777)      = 0
[   55.312682][ T3657] loop0: detected capacity change from 0 to 4096
[   55.338480][ T3657] NILFS (loop0): invalid segment: Checksum error in segment payload
[   55.346652][ T3657] NILFS (loop0): trying rollback from an earlier position
[pid  3657] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3657] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3657] chdir("./file0")            = 0
[pid  3657] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3657] close(4)                    = 0
[pid  3657] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3657] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3657] creat("./bus", 000)         = 4
[pid  3657] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3657] ftruncate(4, 2048)          = 0
[pid  3657] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3657] open("./bus", O_RDONLY)     = 5
[   55.358699][ T3657] NILFS (loop0): recovery complete
[   55.365142][ T3658] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   55.409019][ T3635] Bluetooth: hci0: command 0x041b tx timeout
[pid  3657] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3657] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3657] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3657] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3657] open(".", O_RDONLY)         = 6
[pid  3657] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3657] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3657] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3657] close(3)                    = 0
[pid  3657] close(4)                    = 0
[pid  3657] close(5)                    = 0
[pid  3657] close(6)                    = 0
[pid  3657] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3657] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3657] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3657] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3657] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3657] exit_group(0)               = ?
[pid  3657] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./10/binderfs")     = 0
[pid  3632] umount2("./10/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./10/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./10/cgroup")       = 0
[pid  3632] umount2("./10/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./10/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./10/cgroup.net")   = 0
[pid  3632] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./10/file0")         = 0
[pid  3632] umount2("./10/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./10/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./10/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./10")               = 0
[pid  3632] mkdir("./11", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 14
./strace-static-x86_64: Process 3659 attached
[pid  3659] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3659] chdir("./11")               = 0
[pid  3659] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3659] setpgid(0, 0)               = 0
[pid  3659] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3659] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3659] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3659] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3659] write(3, "1000", 4)         = 4
[pid  3659] close(3)                    = 0
[pid  3659] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3659] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3659] memfd_create("syzkaller", 0) = 3
[pid  3659] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3659] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3659] munmap(0x7fd662669000, 2097152) = 0
[pid  3659] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3659] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3659] close(3)                    = 0
[pid  3659] mkdir("./file0", 0777)      = 0
[pid  3659] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3659] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3659] chdir("./file0")            = 0
[pid  3659] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3659] close(4)                    = 0
[pid  3659] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3659] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3659] creat("./bus", 000)         = 4
[pid  3659] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3659] ftruncate(4, 2048)          = 0
[pid  3659] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3659] open("./bus", O_RDONLY)     = 5
[   55.671182][ T3659] loop0: detected capacity change from 0 to 4096
[   55.686136][ T3659] NILFS (loop0): invalid segment: Checksum error in segment payload
[   55.694345][ T3659] NILFS (loop0): trying rollback from an earlier position
[   55.707502][ T3659] NILFS (loop0): recovery complete
[   55.723045][ T3660] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3659] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3659] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3659] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3659] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3659] open(".", O_RDONLY)         = 6
[pid  3659] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3659] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3659] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3659] close(3)                    = 0
[pid  3659] close(4)                    = 0
[pid  3659] close(5)                    = 0
[pid  3659] close(6)                    = 0
[pid  3659] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3659] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3659] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3659] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3659] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3659] exit_group(0)               = ?
[pid  3659] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./11/binderfs")     = 0
[pid  3632] umount2("./11/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./11/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./11/cgroup")       = 0
[pid  3632] umount2("./11/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./11/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./11/cgroup.net")   = 0
[pid  3632] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./11/file0")         = 0
[pid  3632] umount2("./11/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./11/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./11/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./11")               = 0
[pid  3632] mkdir("./12", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 15
./strace-static-x86_64: Process 3661 attached
[pid  3661] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3661] chdir("./12")               = 0
[pid  3661] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3661] setpgid(0, 0)               = 0
[pid  3661] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3661] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3661] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3661] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3661] write(3, "1000", 4)         = 4
[pid  3661] close(3)                    = 0
[pid  3661] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3661] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3661] memfd_create("syzkaller", 0) = 3
[pid  3661] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3661] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3661] munmap(0x7fd662669000, 2097152) = 0
[pid  3661] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3661] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3661] close(3)                    = 0
[pid  3661] mkdir("./file0", 0777)      = 0
[   56.029444][ T3661] loop0: detected capacity change from 0 to 4096
[   56.046167][ T3661] NILFS (loop0): invalid segment: Checksum error in segment payload
[   56.055036][ T3661] NILFS (loop0): trying rollback from an earlier position
[   56.070371][ T3661] NILFS (loop0): recovery complete
[pid  3661] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3661] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3661] chdir("./file0")            = 0
[pid  3661] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3661] close(4)                    = 0
[pid  3661] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3661] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3661] creat("./bus", 000)         = 4
[pid  3661] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3661] ftruncate(4, 2048)          = 0
[pid  3661] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3661] open("./bus", O_RDONLY)     = 5
[   56.076882][ T3662] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3661] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3661] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3661] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3661] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3661] open(".", O_RDONLY)         = 6
[pid  3661] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3661] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3661] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3661] close(3)                    = 0
[pid  3661] close(4)                    = 0
[pid  3661] close(5)                    = 0
[pid  3661] close(6)                    = 0
[pid  3661] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3661] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3661] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3661] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3661] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3661] exit_group(0)               = ?
[pid  3661] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./12/binderfs")     = 0
[pid  3632] umount2("./12/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./12/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./12/cgroup")       = 0
[pid  3632] umount2("./12/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./12/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./12/cgroup.net")   = 0
[pid  3632] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./12/file0")         = 0
[pid  3632] umount2("./12/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./12/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./12/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./12")               = 0
[pid  3632] mkdir("./13", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 16
./strace-static-x86_64: Process 3663 attached
[pid  3663] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3663] chdir("./13")               = 0
[pid  3663] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3663] setpgid(0, 0)               = 0
[pid  3663] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3663] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3663] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3663] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3663] write(3, "1000", 4)         = 4
[pid  3663] close(3)                    = 0
[pid  3663] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3663] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3663] memfd_create("syzkaller", 0) = 3
[pid  3663] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3663] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3663] munmap(0x7fd662669000, 2097152) = 0
[pid  3663] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3663] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3663] close(3)                    = 0
[pid  3663] mkdir("./file0", 0777)      = 0
[pid  3663] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3663] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3663] chdir("./file0")            = 0
[pid  3663] ioctl(4, LOOP_CLR_FD)       = 0
[   56.381878][ T3663] loop0: detected capacity change from 0 to 4096
[   56.396856][ T3663] NILFS (loop0): invalid segment: Checksum error in segment payload
[   56.404998][ T3663] NILFS (loop0): trying rollback from an earlier position
[   56.419373][ T3663] NILFS (loop0): recovery complete
[pid  3663] close(4)                    = 0
[pid  3663] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3663] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3663] creat("./bus", 000)         = 4
[pid  3663] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3663] ftruncate(4, 2048)          = 0
[pid  3663] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3663] open("./bus", O_RDONLY)     = 5
[   56.425942][ T3664] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3663] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3663] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3663] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3663] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3663] open(".", O_RDONLY)         = 6
[pid  3663] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3663] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3663] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3663] close(3)                    = 0
[pid  3663] close(4)                    = 0
[pid  3663] close(5)                    = 0
[pid  3663] close(6)                    = 0
[pid  3663] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3663] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3663] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3663] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3663] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3663] exit_group(0)               = ?
[pid  3663] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./13/binderfs")     = 0
[pid  3632] umount2("./13/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./13/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./13/cgroup")       = 0
[pid  3632] umount2("./13/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./13/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./13/cgroup.net")   = 0
[pid  3632] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./13/file0")         = 0
[pid  3632] umount2("./13/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./13/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./13/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./13")               = 0
[pid  3632] mkdir("./14", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 17
./strace-static-x86_64: Process 3665 attached
[pid  3665] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3665] chdir("./14")               = 0
[pid  3665] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3665] setpgid(0, 0)               = 0
[pid  3665] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3665] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3665] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3665] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3665] write(3, "1000", 4)         = 4
[pid  3665] close(3)                    = 0
[pid  3665] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3665] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3665] memfd_create("syzkaller", 0) = 3
[pid  3665] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3665] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3665] munmap(0x7fd662669000, 2097152) = 0
[pid  3665] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3665] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3665] close(3)                    = 0
[pid  3665] mkdir("./file0", 0777)      = 0
[   56.730825][ T3665] loop0: detected capacity change from 0 to 4096
[   56.745914][ T3665] NILFS (loop0): invalid segment: Checksum error in segment payload
[   56.754007][ T3665] NILFS (loop0): trying rollback from an earlier position
[   56.767319][ T3665] NILFS (loop0): recovery complete
[pid  3665] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3665] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3665] chdir("./file0")            = 0
[pid  3665] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3665] close(4)                    = 0
[pid  3665] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3665] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3665] creat("./bus", 000)         = 4
[pid  3665] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3665] ftruncate(4, 2048)          = 0
[pid  3665] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3665] open("./bus", O_RDONLY)     = 5
[   56.773915][ T3666] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   56.797236][   T27] kauditd_printk_skb: 4 callbacks suppressed
[   56.797249][   T27] audit: type=1804 audit(1670457088.699:16): pid=3665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/14/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3665] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3665] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3665] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3665] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3665] open(".", O_RDONLY)         = 6
[pid  3665] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3665] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3665] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3665] close(3)                    = 0
[pid  3665] close(4)                    = 0
[pid  3665] close(5)                    = 0
[pid  3665] close(6)                    = 0
[pid  3665] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3665] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3665] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3665] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3665] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3665] exit_group(0)               = ?
[pid  3665] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=17, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./14/binderfs")     = 0
[pid  3632] umount2("./14/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./14/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./14/cgroup")       = 0
[pid  3632] umount2("./14/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./14/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./14/cgroup.net")   = 0
[pid  3632] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./14/file0")         = 0
[pid  3632] umount2("./14/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./14/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./14/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./14")               = 0
[pid  3632] mkdir("./15", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 18
./strace-static-x86_64: Process 3667 attached
[pid  3667] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3667] chdir("./15")               = 0
[pid  3667] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3667] setpgid(0, 0)               = 0
[pid  3667] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3667] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3667] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3667] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3667] write(3, "1000", 4)         = 4
[pid  3667] close(3)                    = 0
[pid  3667] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3667] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3667] memfd_create("syzkaller", 0) = 3
[pid  3667] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3667] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3667] munmap(0x7fd662669000, 2097152) = 0
[pid  3667] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3667] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3667] close(3)                    = 0
[pid  3667] mkdir("./file0", 0777)      = 0
[pid  3667] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3667] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3667] chdir("./file0")            = 0
[pid  3667] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3667] close(4)                    = 0
[pid  3667] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3667] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3667] creat("./bus", 000)         = 4
[pid  3667] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3667] ftruncate(4, 2048)          = 0
[   57.075803][ T3667] loop0: detected capacity change from 0 to 4096
[   57.090405][ T3667] NILFS (loop0): invalid segment: Checksum error in segment payload
[   57.098493][ T3667] NILFS (loop0): trying rollback from an earlier position
[   57.112561][ T3667] NILFS (loop0): recovery complete
[pid  3667] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3667] open("./bus", O_RDONLY)     = 5
[   57.118613][ T3668] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   57.127222][   T27] audit: type=1804 audit(1670457089.029:17): pid=3667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/15/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3667] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3667] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3667] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3667] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3667] open(".", O_RDONLY)         = 6
[pid  3667] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3667] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3667] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3667] close(3)                    = 0
[pid  3667] close(4)                    = 0
[pid  3667] close(5)                    = 0
[pid  3667] close(6)                    = 0
[pid  3667] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3667] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3667] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3667] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3667] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3667] exit_group(0)               = ?
[pid  3667] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./15/binderfs")     = 0
[pid  3632] umount2("./15/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./15/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./15/cgroup")       = 0
[pid  3632] umount2("./15/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./15/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./15/cgroup.net")   = 0
[pid  3632] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./15/file0")         = 0
[pid  3632] umount2("./15/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./15/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./15/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./15")               = 0
[pid  3632] mkdir("./16", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 19
./strace-static-x86_64: Process 3669 attached
[pid  3669] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3669] chdir("./16")               = 0
[pid  3669] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3669] setpgid(0, 0)               = 0
[pid  3669] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3669] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3669] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3669] write(3, "1000", 4)         = 4
[pid  3669] close(3)                    = 0
[pid  3669] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3669] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3669] memfd_create("syzkaller", 0) = 3
[pid  3669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3669] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3669] munmap(0x7fd662669000, 2097152) = 0
[pid  3669] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3669] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3669] close(3)                    = 0
[pid  3669] mkdir("./file0", 0777)      = 0
[   57.414395][ T3669] loop0: detected capacity change from 0 to 4096
[   57.428958][ T3669] NILFS (loop0): invalid segment: Checksum error in segment payload
[   57.436972][ T3669] NILFS (loop0): trying rollback from an earlier position
[   57.450530][ T3669] NILFS (loop0): recovery complete
[pid  3669] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3669] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3669] chdir("./file0")            = 0
[pid  3669] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3669] close(4)                    = 0
[pid  3669] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3669] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3669] creat("./bus", 000)         = 4
[pid  3669] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3669] ftruncate(4, 2048)          = 0
[pid  3669] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3669] open("./bus", O_RDONLY)     = 5
[   57.456466][ T3670] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   57.461128][   T27] audit: type=1804 audit(1670457089.369:18): pid=3669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/16/file0/bus" dev="loop0" ino=12 res=1 errno=0
[   57.490118][ T3635] Bluetooth: hci0: command 0x040f tx timeout
[pid  3669] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3669] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3669] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3669] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3669] open(".", O_RDONLY)         = 6
[pid  3669] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3669] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3669] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3669] close(3)                    = 0
[pid  3669] close(4)                    = 0
[pid  3669] close(5)                    = 0
[pid  3669] close(6)                    = 0
[pid  3669] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3669] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3669] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3669] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3669] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3669] exit_group(0)               = ?
[pid  3669] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=19, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./16/binderfs")     = 0
[pid  3632] umount2("./16/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./16/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./16/cgroup")       = 0
[pid  3632] umount2("./16/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./16/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./16/cgroup.net")   = 0
[pid  3632] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./16/file0")         = 0
[pid  3632] umount2("./16/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./16/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./16/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./16")               = 0
[pid  3632] mkdir("./17", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3671 attached
 <unfinished ...>
[pid  3671] set_robust_list(0x5555573f25e0, 24 <unfinished ...>
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 20
[pid  3671] <... set_robust_list resumed>) = 0
[pid  3671] chdir("./17")               = 0
[pid  3671] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3671] setpgid(0, 0)               = 0
[pid  3671] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3671] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3671] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3671] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3671] write(3, "1000", 4)         = 4
[pid  3671] close(3)                    = 0
[pid  3671] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3671] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3671] memfd_create("syzkaller", 0) = 3
[pid  3671] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3671] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3671] munmap(0x7fd662669000, 2097152) = 0
[pid  3671] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3671] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3671] close(3)                    = 0
[pid  3671] mkdir("./file0", 0777)      = 0
[pid  3671] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3671] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3671] chdir("./file0")            = 0
[pid  3671] ioctl(4, LOOP_CLR_FD)       = 0
[   57.763664][ T3671] loop0: detected capacity change from 0 to 4096
[   57.779540][ T3671] NILFS (loop0): invalid segment: Checksum error in segment payload
[   57.787547][ T3671] NILFS (loop0): trying rollback from an earlier position
[   57.803198][ T3671] NILFS (loop0): recovery complete
[pid  3671] close(4)                    = 0
[pid  3671] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3671] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3671] creat("./bus", 000)         = 4
[pid  3671] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3671] ftruncate(4, 2048)          = 0
[pid  3671] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3671] open("./bus", O_RDONLY)     = 5
[   57.809427][ T3672] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   57.825851][   T27] audit: type=1804 audit(1670457089.729:19): pid=3671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/17/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3671] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3671] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3671] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3671] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3671] open(".", O_RDONLY)         = 6
[pid  3671] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3671] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3671] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3671] close(3)                    = 0
[pid  3671] close(4)                    = 0
[pid  3671] close(5)                    = 0
[pid  3671] close(6)                    = 0
[pid  3671] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3671] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3671] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3671] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3671] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3671] exit_group(0)               = ?
[pid  3671] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./17/binderfs")     = 0
[pid  3632] umount2("./17/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./17/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./17/cgroup")       = 0
[pid  3632] umount2("./17/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./17/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./17/cgroup.net")   = 0
[pid  3632] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./17/file0")         = 0
[pid  3632] umount2("./17/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./17/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./17/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./17")               = 0
[pid  3632] mkdir("./18", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 21
./strace-static-x86_64: Process 3673 attached
[pid  3673] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3673] chdir("./18")               = 0
[pid  3673] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3673] setpgid(0, 0)               = 0
[pid  3673] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3673] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3673] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3673] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3673] write(3, "1000", 4)         = 4
[pid  3673] close(3)                    = 0
[pid  3673] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3673] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3673] memfd_create("syzkaller", 0) = 3
[pid  3673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3673] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3673] munmap(0x7fd662669000, 2097152) = 0
[pid  3673] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3673] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3673] close(3)                    = 0
[pid  3673] mkdir("./file0", 0777)      = 0
[pid  3673] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3673] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3673] chdir("./file0")            = 0
[pid  3673] ioctl(4, LOOP_CLR_FD)       = 0
[   58.117634][ T3673] loop0: detected capacity change from 0 to 4096
[   58.134232][ T3673] NILFS (loop0): invalid segment: Checksum error in segment payload
[   58.142437][ T3673] NILFS (loop0): trying rollback from an earlier position
[   58.156104][ T3673] NILFS (loop0): recovery complete
[pid  3673] close(4)                    = 0
[pid  3673] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3673] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3673] creat("./bus", 000)         = 4
[pid  3673] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3673] ftruncate(4, 2048)          = 0
[pid  3673] lseek(4, 132096, SEEK_SET)  = 132096
[   58.162331][ T3674] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3673] open("./bus", O_RDONLY)     = 5
[   58.190510][   T27] audit: type=1804 audit(1670457090.099:20): pid=3673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/18/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3673] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3673] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3673] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3673] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3673] open(".", O_RDONLY)         = 6
[pid  3673] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3673] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3673] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3673] close(3)                    = 0
[pid  3673] close(4)                    = 0
[pid  3673] close(5)                    = 0
[pid  3673] close(6)                    = 0
[pid  3673] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3673] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3673] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3673] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3673] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3673] exit_group(0)               = ?
[pid  3673] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=21, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./18/binderfs")     = 0
[pid  3632] umount2("./18/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./18/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./18/cgroup")       = 0
[pid  3632] umount2("./18/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./18/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./18/cgroup.net")   = 0
[pid  3632] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./18/file0")         = 0
[pid  3632] umount2("./18/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./18/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./18/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./18")               = 0
[pid  3632] mkdir("./19", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 22
./strace-static-x86_64: Process 3675 attached
[pid  3675] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3675] chdir("./19")               = 0
[pid  3675] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3675] setpgid(0, 0)               = 0
[pid  3675] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3675] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3675] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3675] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3675] write(3, "1000", 4)         = 4
[pid  3675] close(3)                    = 0
[pid  3675] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3675] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3675] memfd_create("syzkaller", 0) = 3
[pid  3675] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3675] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3675] munmap(0x7fd662669000, 2097152) = 0
[pid  3675] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3675] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3675] close(3)                    = 0
[pid  3675] mkdir("./file0", 0777)      = 0
[   58.478364][ T3675] loop0: detected capacity change from 0 to 4096
[   58.493163][ T3675] NILFS (loop0): invalid segment: Checksum error in segment payload
[   58.501222][ T3675] NILFS (loop0): trying rollback from an earlier position
[   58.515739][ T3675] NILFS (loop0): recovery complete
[pid  3675] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3675] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3675] chdir("./file0")            = 0
[pid  3675] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3675] close(4)                    = 0
[pid  3675] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3675] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3675] creat("./bus", 000)         = 4
[pid  3675] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3675] ftruncate(4, 2048)          = 0
[pid  3675] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3675] open("./bus", O_RDONLY)     = 5
[   58.522033][ T3676] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   58.540743][   T27] audit: type=1804 audit(1670457090.449:21): pid=3675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/19/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3675] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3675] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3675] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3675] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3675] open(".", O_RDONLY)         = 6
[pid  3675] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3675] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3675] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3675] close(3)                    = 0
[pid  3675] close(4)                    = 0
[pid  3675] close(5)                    = 0
[pid  3675] close(6)                    = 0
[pid  3675] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3675] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3675] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3675] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3675] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3675] exit_group(0)               = ?
[pid  3675] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./19/binderfs")     = 0
[pid  3632] umount2("./19/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./19/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./19/cgroup")       = 0
[pid  3632] umount2("./19/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./19/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./19/cgroup.net")   = 0
[pid  3632] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./19/file0")         = 0
[pid  3632] umount2("./19/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./19/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./19/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./19")               = 0
[pid  3632] mkdir("./20", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 23
./strace-static-x86_64: Process 3677 attached
[pid  3677] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3677] chdir("./20")               = 0
[pid  3677] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3677] setpgid(0, 0)               = 0
[pid  3677] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3677] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3677] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3677] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3677] write(3, "1000", 4)         = 4
[pid  3677] close(3)                    = 0
[pid  3677] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3677] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3677] memfd_create("syzkaller", 0) = 3
[pid  3677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3677] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3677] munmap(0x7fd662669000, 2097152) = 0
[pid  3677] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3677] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3677] close(3)                    = 0
[pid  3677] mkdir("./file0", 0777)      = 0
[   58.845598][ T3677] loop0: detected capacity change from 0 to 4096
[   58.861358][ T3677] NILFS (loop0): invalid segment: Checksum error in segment payload
[   58.869436][ T3677] NILFS (loop0): trying rollback from an earlier position
[   58.883149][ T3677] NILFS (loop0): recovery complete
[pid  3677] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3677] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3677] chdir("./file0")            = 0
[pid  3677] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3677] close(4)                    = 0
[pid  3677] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3677] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3677] creat("./bus", 000)         = 4
[pid  3677] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3677] ftruncate(4, 2048)          = 0
[pid  3677] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3677] open("./bus", O_RDONLY)     = 5
[   58.889149][ T3678] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   58.908684][   T27] audit: type=1804 audit(1670457090.809:22): pid=3677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/20/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3677] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3677] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3677] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3677] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3677] open(".", O_RDONLY)         = 6
[pid  3677] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3677] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3677] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3677] close(3)                    = 0
[pid  3677] close(4)                    = 0
[pid  3677] close(5)                    = 0
[pid  3677] close(6)                    = 0
[pid  3677] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3677] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3677] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3677] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3677] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3677] exit_group(0)               = ?
[pid  3677] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=23, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./20/binderfs")     = 0
[pid  3632] umount2("./20/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./20/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./20/cgroup")       = 0
[pid  3632] umount2("./20/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./20/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./20/cgroup.net")   = 0
[pid  3632] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./20/file0")         = 0
[pid  3632] umount2("./20/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./20/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./20/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./20")               = 0
[pid  3632] mkdir("./21", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 24
./strace-static-x86_64: Process 3679 attached
[pid  3679] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3679] chdir("./21")               = 0
[pid  3679] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3679] setpgid(0, 0)               = 0
[pid  3679] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3679] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3679] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3679] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3679] write(3, "1000", 4)         = 4
[pid  3679] close(3)                    = 0
[pid  3679] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3679] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3679] memfd_create("syzkaller", 0) = 3
[pid  3679] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3679] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3679] munmap(0x7fd662669000, 2097152) = 0
[pid  3679] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3679] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3679] close(3)                    = 0
[pid  3679] mkdir("./file0", 0777)      = 0
[pid  3679] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3679] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3679] chdir("./file0")            = 0
[pid  3679] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3679] close(4)                    = 0
[pid  3679] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3679] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3679] creat("./bus", 000)         = 4
[pid  3679] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3679] ftruncate(4, 2048)          = 0
[pid  3679] lseek(4, 132096, SEEK_SET)  = 132096
[   59.186962][ T3679] loop0: detected capacity change from 0 to 4096
[   59.202852][ T3679] NILFS (loop0): invalid segment: Checksum error in segment payload
[   59.210968][ T3679] NILFS (loop0): trying rollback from an earlier position
[   59.223913][ T3679] NILFS (loop0): recovery complete
[pid  3679] open("./bus", O_RDONLY)     = 5
[   59.241009][   T27] audit: type=1804 audit(1670457091.149:23): pid=3679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/21/file0/bus" dev="loop0" ino=12 res=1 errno=0
[   59.242435][ T3680] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3679] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3679] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3679] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3679] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3679] open(".", O_RDONLY)         = 6
[pid  3679] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3679] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3679] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3679] close(3)                    = 0
[pid  3679] close(4)                    = 0
[pid  3679] close(5)                    = 0
[pid  3679] close(6)                    = 0
[pid  3679] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3679] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3679] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3679] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3679] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3679] exit_group(0)               = ?
[pid  3679] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./21/binderfs")     = 0
[pid  3632] umount2("./21/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./21/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./21/cgroup")       = 0
[pid  3632] umount2("./21/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./21/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./21/cgroup.net")   = 0
[pid  3632] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./21/file0")         = 0
[pid  3632] umount2("./21/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./21/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./21/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./21")               = 0
[pid  3632] mkdir("./22", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 25
./strace-static-x86_64: Process 3681 attached
[pid  3681] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3681] chdir("./22")               = 0
[pid  3681] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3681] setpgid(0, 0)               = 0
[pid  3681] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3681] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3681] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3681] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3681] write(3, "1000", 4)         = 4
[pid  3681] close(3)                    = 0
[pid  3681] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3681] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3681] memfd_create("syzkaller", 0) = 3
[pid  3681] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3681] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3681] munmap(0x7fd662669000, 2097152) = 0
[pid  3681] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3681] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3681] close(3)                    = 0
[pid  3681] mkdir("./file0", 0777)      = 0
[   59.568888][ T3635] Bluetooth: hci0: command 0x0419 tx timeout
[   59.595128][ T3681] loop0: detected capacity change from 0 to 4096
[   59.610724][ T3681] NILFS (loop0): invalid segment: Checksum error in segment payload
[pid  3681] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3681] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3681] chdir("./file0")            = 0
[pid  3681] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3681] close(4)                    = 0
[pid  3681] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3681] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3681] creat("./bus", 000)         = 4
[pid  3681] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3681] ftruncate(4, 2048)          = 0
[pid  3681] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3681] open("./bus", O_RDONLY)     = 5
[   59.618731][ T3681] NILFS (loop0): trying rollback from an earlier position
[   59.631687][ T3681] NILFS (loop0): recovery complete
[   59.637763][ T3682] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   59.655544][   T27] audit: type=1804 audit(1670457091.559:24): pid=3681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/22/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3681] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3681] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3681] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3681] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3681] open(".", O_RDONLY)         = 6
[pid  3681] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3681] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3681] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3681] close(3)                    = 0
[pid  3681] close(4)                    = 0
[pid  3681] close(5)                    = 0
[pid  3681] close(6)                    = 0
[pid  3681] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3681] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3681] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3681] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3681] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3681] exit_group(0)               = ?
[pid  3681] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=25, si_uid=0, si_status=0, si_utime=0, si_stime=9} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./22/binderfs")     = 0
[pid  3632] umount2("./22/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./22/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./22/cgroup")       = 0
[pid  3632] umount2("./22/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./22/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./22/cgroup.net")   = 0
[pid  3632] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./22/file0")         = 0
[pid  3632] umount2("./22/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./22/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./22/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./22")               = 0
[pid  3632] mkdir("./23", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 26
./strace-static-x86_64: Process 3683 attached
[pid  3683] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3683] chdir("./23")               = 0
[pid  3683] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3683] setpgid(0, 0)               = 0
[pid  3683] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3683] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3683] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3683] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3683] write(3, "1000", 4)         = 4
[pid  3683] close(3)                    = 0
[pid  3683] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3683] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3683] memfd_create("syzkaller", 0) = 3
[pid  3683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3683] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3683] munmap(0x7fd662669000, 2097152) = 0
[pid  3683] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3683] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3683] close(3)                    = 0
[pid  3683] mkdir("./file0", 0777)      = 0
[pid  3683] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3683] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3683] chdir("./file0")            = 0
[pid  3683] ioctl(4, LOOP_CLR_FD)       = 0
[   59.961617][ T3683] loop0: detected capacity change from 0 to 4096
[   59.977977][ T3683] NILFS (loop0): invalid segment: Checksum error in segment payload
[   59.986264][ T3683] NILFS (loop0): trying rollback from an earlier position
[   60.000080][ T3683] NILFS (loop0): recovery complete
[pid  3683] close(4)                    = 0
[pid  3683] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3683] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3683] creat("./bus", 000)         = 4
[pid  3683] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3683] ftruncate(4, 2048)          = 0
[pid  3683] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3683] open("./bus", O_RDONLY)     = 5
[   60.006081][ T3684] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   60.024146][   T27] audit: type=1804 audit(1670457091.929:25): pid=3683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/23/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3683] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3683] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3683] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3683] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3683] open(".", O_RDONLY)         = 6
[pid  3683] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3683] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3683] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3683] close(3)                    = 0
[pid  3683] close(4)                    = 0
[pid  3683] close(5)                    = 0
[pid  3683] close(6)                    = 0
[pid  3683] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3683] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3683] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3683] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3683] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3683] exit_group(0)               = ?
[pid  3683] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=26, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./23/binderfs")     = 0
[pid  3632] umount2("./23/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./23/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./23/cgroup")       = 0
[pid  3632] umount2("./23/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./23/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./23/cgroup.net")   = 0
[pid  3632] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./23/file0")         = 0
[pid  3632] umount2("./23/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./23/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./23/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./23")               = 0
[pid  3632] mkdir("./24", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 27
./strace-static-x86_64: Process 3685 attached
[pid  3685] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3685] chdir("./24")               = 0
[pid  3685] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3685] setpgid(0, 0)               = 0
[pid  3685] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3685] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3685] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3685] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3685] write(3, "1000", 4)         = 4
[pid  3685] close(3)                    = 0
[pid  3685] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3685] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3685] memfd_create("syzkaller", 0) = 3
[pid  3685] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3685] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3685] munmap(0x7fd662669000, 2097152) = 0
[pid  3685] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3685] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3685] close(3)                    = 0
[pid  3685] mkdir("./file0", 0777)      = 0
[   60.304257][ T3685] loop0: detected capacity change from 0 to 4096
[   60.318909][ T3685] NILFS (loop0): invalid segment: Checksum error in segment payload
[   60.326935][ T3685] NILFS (loop0): trying rollback from an earlier position
[   60.340557][ T3685] NILFS (loop0): recovery complete
[pid  3685] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3685] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3685] chdir("./file0")            = 0
[pid  3685] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3685] close(4)                    = 0
[pid  3685] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3685] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3685] creat("./bus", 000)         = 4
[pid  3685] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3685] ftruncate(4, 2048)          = 0
[pid  3685] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3685] open("./bus", O_RDONLY)     = 5
[   60.346514][ T3686] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3685] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3685] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3685] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3685] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3685] open(".", O_RDONLY)         = 6
[pid  3685] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3685] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3685] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3685] close(3)                    = 0
[pid  3685] close(4)                    = 0
[pid  3685] close(5)                    = 0
[pid  3685] close(6)                    = 0
[pid  3685] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3685] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3685] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3685] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3685] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3685] exit_group(0)               = ?
[pid  3685] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=27, si_uid=0, si_status=0, si_utime=0, si_stime=13} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./24/binderfs")     = 0
[pid  3632] umount2("./24/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./24/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./24/cgroup")       = 0
[pid  3632] umount2("./24/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./24/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./24/cgroup.net")   = 0
[pid  3632] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./24/file0")         = 0
[pid  3632] umount2("./24/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./24/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./24/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./24")               = 0
[pid  3632] mkdir("./25", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3687 attached
, child_tidptr=0x5555573f25d0) = 28
[pid  3687] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3687] chdir("./25")               = 0
[pid  3687] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3687] setpgid(0, 0)               = 0
[pid  3687] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3687] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3687] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3687] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3687] write(3, "1000", 4)         = 4
[pid  3687] close(3)                    = 0
[pid  3687] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3687] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3687] memfd_create("syzkaller", 0) = 3
[pid  3687] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3687] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3687] munmap(0x7fd662669000, 2097152) = 0
[pid  3687] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3687] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3687] close(3)                    = 0
[pid  3687] mkdir("./file0", 0777)      = 0
[pid  3687] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3687] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3687] chdir("./file0")            = 0
[pid  3687] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3687] close(4)                    = 0
[pid  3687] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[   60.641385][ T3687] loop0: detected capacity change from 0 to 4096
[   60.657044][ T3687] NILFS (loop0): invalid segment: Checksum error in segment payload
[   60.665131][ T3687] NILFS (loop0): trying rollback from an earlier position
[   60.679785][ T3687] NILFS (loop0): recovery complete
[pid  3687] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3687] creat("./bus", 000)         = 4
[pid  3687] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3687] ftruncate(4, 2048)          = 0
[pid  3687] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3687] open("./bus", O_RDONLY)     = 5
[   60.685991][ T3688] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3687] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3687] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3687] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3687] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3687] open(".", O_RDONLY)         = 6
[pid  3687] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3687] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3687] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3687] close(3)                    = 0
[pid  3687] close(4)                    = 0
[pid  3687] close(5)                    = 0
[pid  3687] close(6)                    = 0
[pid  3687] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3687] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3687] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3687] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3687] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3687] exit_group(0)               = ?
[pid  3687] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=28, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./25/binderfs")     = 0
[pid  3632] umount2("./25/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./25/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./25/cgroup")       = 0
[pid  3632] umount2("./25/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./25/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./25/cgroup.net")   = 0
[pid  3632] umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./25/file0")         = 0
[pid  3632] umount2("./25/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./25/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./25/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./25")               = 0
[pid  3632] mkdir("./26", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 29
./strace-static-x86_64: Process 3689 attached
[pid  3689] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3689] chdir("./26")               = 0
[pid  3689] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3689] setpgid(0, 0)               = 0
[pid  3689] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3689] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3689] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3689] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3689] write(3, "1000", 4)         = 4
[pid  3689] close(3)                    = 0
[pid  3689] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3689] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3689] memfd_create("syzkaller", 0) = 3
[pid  3689] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3689] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3689] munmap(0x7fd662669000, 2097152) = 0
[pid  3689] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3689] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3689] close(3)                    = 0
[pid  3689] mkdir("./file0", 0777)      = 0
[   60.979964][ T3689] loop0: detected capacity change from 0 to 4096
[   60.995761][ T3689] NILFS (loop0): invalid segment: Checksum error in segment payload
[   61.003878][ T3689] NILFS (loop0): trying rollback from an earlier position
[   61.017007][ T3689] NILFS (loop0): recovery complete
[pid  3689] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3689] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3689] chdir("./file0")            = 0
[pid  3689] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3689] close(4)                    = 0
[pid  3689] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3689] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3689] creat("./bus", 000)         = 4
[pid  3689] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3689] ftruncate(4, 2048)          = 0
[pid  3689] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3689] open("./bus", O_RDONLY)     = 5
[   61.023163][ T3690] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3689] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3689] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3689] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3689] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3689] open(".", O_RDONLY)         = 6
[pid  3689] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3689] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3689] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3689] close(3)                    = 0
[pid  3689] close(4)                    = 0
[pid  3689] close(5)                    = 0
[pid  3689] close(6)                    = 0
[pid  3689] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3689] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3689] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3689] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3689] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3689] exit_group(0)               = ?
[pid  3689] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=29, si_uid=0, si_status=0, si_utime=0, si_stime=11} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./26/binderfs")     = 0
[pid  3632] umount2("./26/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./26/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./26/cgroup")       = 0
[pid  3632] umount2("./26/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./26/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./26/cgroup.net")   = 0
[pid  3632] umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./26/file0")         = 0
[pid  3632] umount2("./26/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./26/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./26/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./26")               = 0
[pid  3632] mkdir("./27", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 30
./strace-static-x86_64: Process 3691 attached
[pid  3691] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3691] chdir("./27")               = 0
[pid  3691] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3691] setpgid(0, 0)               = 0
[pid  3691] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3691] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3691] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3691] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3691] write(3, "1000", 4)         = 4
[pid  3691] close(3)                    = 0
[pid  3691] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3691] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3691] memfd_create("syzkaller", 0) = 3
[pid  3691] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3691] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3691] munmap(0x7fd662669000, 2097152) = 0
[pid  3691] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3691] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3691] close(3)                    = 0
[pid  3691] mkdir("./file0", 0777)      = 0
[   61.326744][ T3691] loop0: detected capacity change from 0 to 4096
[   61.342194][ T3691] NILFS (loop0): invalid segment: Checksum error in segment payload
[   61.350284][ T3691] NILFS (loop0): trying rollback from an earlier position
[   61.364267][ T3691] NILFS (loop0): recovery complete
[pid  3691] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3691] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3691] chdir("./file0")            = 0
[pid  3691] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3691] close(4)                    = 0
[pid  3691] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3691] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3691] creat("./bus", 000)         = 4
[pid  3691] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3691] ftruncate(4, 2048)          = 0
[pid  3691] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3691] open("./bus", O_RDONLY)     = 5
[   61.370796][ T3692] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3691] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3691] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3691] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3691] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3691] open(".", O_RDONLY)         = 6
[pid  3691] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3691] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3691] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3691] close(3)                    = 0
[pid  3691] close(4)                    = 0
[pid  3691] close(5)                    = 0
[pid  3691] close(6)                    = 0
[pid  3691] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3691] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3691] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3691] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3691] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3691] exit_group(0)               = ?
[pid  3691] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=30, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./27/binderfs")     = 0
[pid  3632] umount2("./27/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./27/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./27/cgroup")       = 0
[pid  3632] umount2("./27/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./27/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./27/cgroup.net")   = 0
[pid  3632] umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./27/file0")         = 0
[pid  3632] umount2("./27/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./27/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./27/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./27")               = 0
[pid  3632] mkdir("./28", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3693 attached
 <unfinished ...>
[pid  3693] set_robust_list(0x5555573f25e0, 24 <unfinished ...>
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 31
[pid  3693] <... set_robust_list resumed>) = 0
[pid  3693] chdir("./28")               = 0
[pid  3693] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3693] setpgid(0, 0)               = 0
[pid  3693] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3693] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3693] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3693] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3693] write(3, "1000", 4)         = 4
[pid  3693] close(3)                    = 0
[pid  3693] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3693] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3693] memfd_create("syzkaller", 0) = 3
[pid  3693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3693] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3693] munmap(0x7fd662669000, 2097152) = 0
[pid  3693] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3693] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3693] close(3)                    = 0
[pid  3693] mkdir("./file0", 0777)      = 0
[   61.667186][ T3693] loop0: detected capacity change from 0 to 4096
[   61.683310][ T3693] NILFS (loop0): invalid segment: Checksum error in segment payload
[   61.691904][ T3693] NILFS (loop0): trying rollback from an earlier position
[   61.704948][ T3693] NILFS (loop0): recovery complete
[pid  3693] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3693] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3693] chdir("./file0")            = 0
[pid  3693] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3693] close(4)                    = 0
[pid  3693] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3693] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3693] creat("./bus", 000)         = 4
[pid  3693] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3693] ftruncate(4, 2048)          = 0
[pid  3693] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3693] open("./bus", O_RDONLY)     = 5
[   61.710899][ T3694] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3693] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3693] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3693] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3693] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3693] open(".", O_RDONLY)         = 6
[pid  3693] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3693] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3693] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3693] close(3)                    = 0
[pid  3693] close(4)                    = 0
[pid  3693] close(5)                    = 0
[pid  3693] close(6)                    = 0
[pid  3693] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3693] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3693] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3693] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3693] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3693] exit_group(0)               = ?
[pid  3693] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=31, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./28/binderfs")     = 0
[pid  3632] umount2("./28/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./28/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./28/cgroup")       = 0
[pid  3632] umount2("./28/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./28/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./28/cgroup.net")   = 0
[pid  3632] umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./28/file0")         = 0
[pid  3632] umount2("./28/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./28/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./28/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./28")               = 0
[pid  3632] mkdir("./29", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 32
./strace-static-x86_64: Process 3695 attached
[pid  3695] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3695] chdir("./29")               = 0
[pid  3695] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3695] setpgid(0, 0)               = 0
[pid  3695] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3695] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3695] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3695] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3695] write(3, "1000", 4)         = 4
[pid  3695] close(3)                    = 0
[pid  3695] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3695] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3695] memfd_create("syzkaller", 0) = 3
[pid  3695] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3695] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3695] munmap(0x7fd662669000, 2097152) = 0
[pid  3695] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3695] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3695] close(3)                    = 0
[pid  3695] mkdir("./file0", 0777)      = 0
[   61.997890][ T3695] loop0: detected capacity change from 0 to 4096
[   62.013349][ T3695] NILFS (loop0): invalid segment: Checksum error in segment payload
[   62.021740][ T3695] NILFS (loop0): trying rollback from an earlier position
[   62.036060][ T3695] NILFS (loop0): recovery complete
[pid  3695] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3695] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3695] chdir("./file0")            = 0
[pid  3695] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3695] close(4)                    = 0
[pid  3695] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3695] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3695] creat("./bus", 000)         = 4
[pid  3695] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3695] ftruncate(4, 2048)          = 0
[pid  3695] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3695] open("./bus", O_RDONLY)     = 5
[   62.041992][ T3696] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   62.061881][   T27] kauditd_printk_skb: 5 callbacks suppressed
[   62.061893][   T27] audit: type=1804 audit(1670457093.969:31): pid=3695 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/29/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3695] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3695] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3695] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3695] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3695] open(".", O_RDONLY)         = 6
[pid  3695] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3695] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3695] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3695] close(3)                    = 0
[pid  3695] close(4)                    = 0
[pid  3695] close(5)                    = 0
[pid  3695] close(6)                    = 0
[pid  3695] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3695] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3695] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3695] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3695] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3695] exit_group(0)               = ?
[pid  3695] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=32, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./29/binderfs")     = 0
[pid  3632] umount2("./29/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./29/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./29/cgroup")       = 0
[pid  3632] umount2("./29/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./29/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./29/cgroup.net")   = 0
[pid  3632] umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./29/file0")         = 0
[pid  3632] umount2("./29/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./29/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./29/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./29")               = 0
[pid  3632] mkdir("./30", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 33
./strace-static-x86_64: Process 3697 attached
[pid  3697] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3697] chdir("./30")               = 0
[pid  3697] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3697] setpgid(0, 0)               = 0
[pid  3697] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3697] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3697] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3697] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3697] write(3, "1000", 4)         = 4
[pid  3697] close(3)                    = 0
[pid  3697] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3697] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3697] memfd_create("syzkaller", 0) = 3
[pid  3697] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3697] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3697] munmap(0x7fd662669000, 2097152) = 0
[pid  3697] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3697] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3697] close(3)                    = 0
[pid  3697] mkdir("./file0", 0777)      = 0
[   62.354475][ T3697] loop0: detected capacity change from 0 to 4096
[   62.370207][ T3697] NILFS (loop0): invalid segment: Checksum error in segment payload
[   62.378259][ T3697] NILFS (loop0): trying rollback from an earlier position
[   62.391666][ T3697] NILFS (loop0): recovery complete
[pid  3697] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3697] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3697] chdir("./file0")            = 0
[pid  3697] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3697] close(4)                    = 0
[pid  3697] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3697] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3697] creat("./bus", 000)         = 4
[pid  3697] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3697] ftruncate(4, 2048)          = 0
[pid  3697] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3697] open("./bus", O_RDONLY)     = 5
[   62.397745][ T3698] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   62.413597][   T27] audit: type=1804 audit(1670457094.319:32): pid=3697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/30/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3697] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3697] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3697] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3697] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3697] open(".", O_RDONLY)         = 6
[pid  3697] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3697] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3697] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3697] close(3)                    = 0
[pid  3697] close(4)                    = 0
[pid  3697] close(5)                    = 0
[pid  3697] close(6)                    = 0
[pid  3697] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3697] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3697] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3697] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3697] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3697] exit_group(0)               = ?
[pid  3697] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=33, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./30/binderfs")     = 0
[pid  3632] umount2("./30/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./30/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./30/cgroup")       = 0
[pid  3632] umount2("./30/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./30/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./30/cgroup.net")   = 0
[pid  3632] umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./30/file0")         = 0
[pid  3632] umount2("./30/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./30/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./30/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./30")               = 0
[pid  3632] mkdir("./31", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 34
./strace-static-x86_64: Process 3699 attached
[pid  3699] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3699] chdir("./31")               = 0
[pid  3699] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3699] setpgid(0, 0)               = 0
[pid  3699] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3699] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3699] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3699] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3699] write(3, "1000", 4)         = 4
[pid  3699] close(3)                    = 0
[pid  3699] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3699] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3699] memfd_create("syzkaller", 0) = 3
[pid  3699] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3699] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3699] munmap(0x7fd662669000, 2097152) = 0
[pid  3699] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3699] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3699] close(3)                    = 0
[pid  3699] mkdir("./file0", 0777)      = 0
[   62.705621][ T3699] loop0: detected capacity change from 0 to 4096
[   62.720984][ T3699] NILFS (loop0): invalid segment: Checksum error in segment payload
[   62.729060][ T3699] NILFS (loop0): trying rollback from an earlier position
[   62.743641][ T3699] NILFS (loop0): recovery complete
[pid  3699] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3699] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3699] chdir("./file0")            = 0
[pid  3699] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3699] close(4)                    = 0
[pid  3699] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3699] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3699] creat("./bus", 000)         = 4
[pid  3699] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3699] ftruncate(4, 2048)          = 0
[pid  3699] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3699] open("./bus", O_RDONLY)     = 5
[   62.750055][ T3700] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   62.758428][   T27] audit: type=1804 audit(1670457094.659:33): pid=3699 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/31/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3699] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3699] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3699] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3699] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3699] open(".", O_RDONLY)         = 6
[pid  3699] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3699] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3699] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3699] close(3)                    = 0
[pid  3699] close(4)                    = 0
[pid  3699] close(5)                    = 0
[pid  3699] close(6)                    = 0
[pid  3699] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3699] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3699] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3699] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3699] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3699] exit_group(0)               = ?
[pid  3699] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=34, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./31/binderfs")     = 0
[pid  3632] umount2("./31/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./31/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./31/cgroup")       = 0
[pid  3632] umount2("./31/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./31/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./31/cgroup.net")   = 0
[pid  3632] umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./31/file0")         = 0
[pid  3632] umount2("./31/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./31/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./31/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./31")               = 0
[pid  3632] mkdir("./32", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 35
./strace-static-x86_64: Process 3701 attached
[pid  3701] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3701] chdir("./32")               = 0
[pid  3701] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3701] setpgid(0, 0)               = 0
[pid  3701] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3701] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3701] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3701] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3701] write(3, "1000", 4)         = 4
[pid  3701] close(3)                    = 0
[pid  3701] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3701] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3701] memfd_create("syzkaller", 0) = 3
[pid  3701] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3701] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3701] munmap(0x7fd662669000, 2097152) = 0
[pid  3701] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3701] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3701] close(3)                    = 0
[pid  3701] mkdir("./file0", 0777)      = 0
[   63.054896][ T3701] loop0: detected capacity change from 0 to 4096
[   63.070693][ T3701] NILFS (loop0): invalid segment: Checksum error in segment payload
[   63.078834][ T3701] NILFS (loop0): trying rollback from an earlier position
[   63.092926][ T3701] NILFS (loop0): recovery complete
[pid  3701] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3701] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3701] chdir("./file0")            = 0
[pid  3701] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3701] close(4)                    = 0
[pid  3701] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3701] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3701] creat("./bus", 000)         = 4
[pid  3701] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3701] ftruncate(4, 2048)          = 0
[pid  3701] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3701] open("./bus", O_RDONLY)     = 5
[   63.099060][ T3702] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   63.122217][   T27] audit: type=1804 audit(1670457095.029:34): pid=3701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/32/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3701] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3701] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3701] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3701] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3701] open(".", O_RDONLY)         = 6
[pid  3701] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3701] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3701] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3701] close(3)                    = 0
[pid  3701] close(4)                    = 0
[pid  3701] close(5)                    = 0
[pid  3701] close(6)                    = 0
[pid  3701] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3701] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3701] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3701] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3701] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3701] exit_group(0)               = ?
[pid  3701] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=35, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./32/binderfs")     = 0
[pid  3632] umount2("./32/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./32/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./32/cgroup")       = 0
[pid  3632] umount2("./32/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./32/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./32/cgroup.net")   = 0
[pid  3632] umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./32/file0")         = 0
[pid  3632] umount2("./32/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./32/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./32/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./32")               = 0
[pid  3632] mkdir("./33", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3703 attached
, child_tidptr=0x5555573f25d0) = 36
[pid  3703] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3703] chdir("./33")               = 0
[pid  3703] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3703] setpgid(0, 0)               = 0
[pid  3703] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3703] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3703] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3703] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3703] write(3, "1000", 4)         = 4
[pid  3703] close(3)                    = 0
[pid  3703] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3703] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3703] memfd_create("syzkaller", 0) = 3
[pid  3703] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3703] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3703] munmap(0x7fd662669000, 2097152) = 0
[pid  3703] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3703] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3703] close(3)                    = 0
[pid  3703] mkdir("./file0", 0777)      = 0
[pid  3703] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3703] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3703] chdir("./file0")            = 0
[pid  3703] ioctl(4, LOOP_CLR_FD)       = 0
[   63.404311][ T3703] loop0: detected capacity change from 0 to 4096
[   63.420188][ T3703] NILFS (loop0): invalid segment: Checksum error in segment payload
[   63.428434][ T3703] NILFS (loop0): trying rollback from an earlier position
[   63.443008][ T3703] NILFS (loop0): recovery complete
[pid  3703] close(4)                    = 0
[pid  3703] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3703] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3703] creat("./bus", 000)         = 4
[pid  3703] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3703] ftruncate(4, 2048)          = 0
[pid  3703] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3703] open("./bus", O_RDONLY)     = 5
[   63.450064][ T3704] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   63.466064][   T27] audit: type=1804 audit(1670457095.379:35): pid=3703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/33/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3703] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3703] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3703] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3703] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3703] open(".", O_RDONLY)         = 6
[pid  3703] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3703] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3703] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3703] close(3)                    = 0
[pid  3703] close(4)                    = 0
[pid  3703] close(5)                    = 0
[pid  3703] close(6)                    = 0
[pid  3703] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3703] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3703] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3703] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3703] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3703] exit_group(0)               = ?
[pid  3703] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=36, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./33/binderfs")     = 0
[pid  3632] umount2("./33/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./33/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./33/cgroup")       = 0
[pid  3632] umount2("./33/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./33/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./33/cgroup.net")   = 0
[pid  3632] umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./33/file0")         = 0
[pid  3632] umount2("./33/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./33/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./33/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./33")               = 0
[pid  3632] mkdir("./34", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 37
./strace-static-x86_64: Process 3705 attached
[pid  3705] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3705] chdir("./34")               = 0
[pid  3705] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3705] setpgid(0, 0)               = 0
[pid  3705] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3705] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3705] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3705] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3705] write(3, "1000", 4)         = 4
[pid  3705] close(3)                    = 0
[pid  3705] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3705] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3705] memfd_create("syzkaller", 0) = 3
[pid  3705] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3705] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3705] munmap(0x7fd662669000, 2097152) = 0
[pid  3705] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3705] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3705] close(3)                    = 0
[pid  3705] mkdir("./file0", 0777)      = 0
[   63.759758][ T3705] loop0: detected capacity change from 0 to 4096
[   63.776198][ T3705] NILFS (loop0): invalid segment: Checksum error in segment payload
[   63.784363][ T3705] NILFS (loop0): trying rollback from an earlier position
[   63.797966][ T3705] NILFS (loop0): recovery complete
[pid  3705] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3705] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3705] chdir("./file0")            = 0
[pid  3705] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3705] close(4)                    = 0
[pid  3705] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3705] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3705] creat("./bus", 000)         = 4
[pid  3705] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3705] ftruncate(4, 2048)          = 0
[pid  3705] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3705] open("./bus", O_RDONLY)     = 5
[   63.804163][ T3706] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   63.813205][   T27] audit: type=1804 audit(1670457095.719:36): pid=3705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/34/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3705] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3705] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3705] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3705] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3705] open(".", O_RDONLY)         = 6
[pid  3705] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3705] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3705] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3705] close(3)                    = 0
[pid  3705] close(4)                    = 0
[pid  3705] close(5)                    = 0
[pid  3705] close(6)                    = 0
[pid  3705] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3705] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3705] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3705] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3705] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3705] exit_group(0)               = ?
[pid  3705] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=37, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./34/binderfs")     = 0
[pid  3632] umount2("./34/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./34/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./34/cgroup")       = 0
[pid  3632] umount2("./34/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./34/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./34/cgroup.net")   = 0
[pid  3632] umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./34/file0")         = 0
[pid  3632] umount2("./34/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./34/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./34/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./34")               = 0
[pid  3632] mkdir("./35", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 38
./strace-static-x86_64: Process 3707 attached
[pid  3707] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3707] chdir("./35")               = 0
[pid  3707] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3707] setpgid(0, 0)               = 0
[pid  3707] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3707] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3707] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3707] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3707] write(3, "1000", 4)         = 4
[pid  3707] close(3)                    = 0
[pid  3707] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3707] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3707] memfd_create("syzkaller", 0) = 3
[pid  3707] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3707] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3707] munmap(0x7fd662669000, 2097152) = 0
[pid  3707] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3707] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3707] close(3)                    = 0
[pid  3707] mkdir("./file0", 0777)      = 0
[   64.108380][ T3707] loop0: detected capacity change from 0 to 4096
[   64.122684][ T3707] NILFS (loop0): invalid segment: Checksum error in segment payload
[   64.131028][ T3707] NILFS (loop0): trying rollback from an earlier position
[   64.145643][ T3707] NILFS (loop0): recovery complete
[pid  3707] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3707] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3707] chdir("./file0")            = 0
[pid  3707] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3707] close(4)                    = 0
[pid  3707] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3707] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3707] creat("./bus", 000)         = 4
[pid  3707] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3707] ftruncate(4, 2048)          = 0
[pid  3707] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3707] open("./bus", O_RDONLY)     = 5
[   64.151894][ T3708] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   64.161978][   T27] audit: type=1804 audit(1670457096.069:37): pid=3707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/35/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3707] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3707] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3707] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3707] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3707] open(".", O_RDONLY)         = 6
[pid  3707] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3707] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3707] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3707] close(3)                    = 0
[pid  3707] close(4)                    = 0
[pid  3707] close(5)                    = 0
[pid  3707] close(6)                    = 0
[pid  3707] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3707] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3707] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3707] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3707] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3707] exit_group(0)               = ?
[pid  3707] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=38, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./35/binderfs")     = 0
[pid  3632] umount2("./35/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./35/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./35/cgroup")       = 0
[pid  3632] umount2("./35/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./35/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./35/cgroup.net")   = 0
[pid  3632] umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./35/file0")         = 0
[pid  3632] umount2("./35/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./35/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./35/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./35")               = 0
[pid  3632] mkdir("./36", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 39
./strace-static-x86_64: Process 3709 attached
[pid  3709] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3709] chdir("./36")               = 0
[pid  3709] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3709] setpgid(0, 0)               = 0
[pid  3709] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3709] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3709] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3709] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3709] write(3, "1000", 4)         = 4
[pid  3709] close(3)                    = 0
[pid  3709] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3709] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3709] memfd_create("syzkaller", 0) = 3
[pid  3709] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3709] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3709] munmap(0x7fd662669000, 2097152) = 0
[pid  3709] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3709] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3709] close(3)                    = 0
[pid  3709] mkdir("./file0", 0777)      = 0
[pid  3709] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3709] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3709] chdir("./file0")            = 0
[pid  3709] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3709] close(4)                    = 0
[   64.456826][ T3709] loop0: detected capacity change from 0 to 4096
[   64.473156][ T3709] NILFS (loop0): invalid segment: Checksum error in segment payload
[   64.481601][ T3709] NILFS (loop0): trying rollback from an earlier position
[   64.496671][ T3709] NILFS (loop0): recovery complete
[pid  3709] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3709] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3709] creat("./bus", 000)         = 4
[pid  3709] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3709] ftruncate(4, 2048)          = 0
[pid  3709] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3709] open("./bus", O_RDONLY)     = 5
[   64.503357][ T3710] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   64.512147][   T27] audit: type=1804 audit(1670457096.419:38): pid=3709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/36/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3709] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3709] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3709] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3709] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3709] open(".", O_RDONLY)         = 6
[pid  3709] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3709] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3709] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3709] close(3)                    = 0
[pid  3709] close(4)                    = 0
[pid  3709] close(5)                    = 0
[pid  3709] close(6)                    = 0
[pid  3709] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3709] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3709] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3709] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3709] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3709] exit_group(0)               = ?
[pid  3709] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=39, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./36/binderfs")     = 0
[pid  3632] umount2("./36/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./36/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./36/cgroup")       = 0
[pid  3632] umount2("./36/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./36/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./36/cgroup.net")   = 0
[pid  3632] umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./36/file0")         = 0
[pid  3632] umount2("./36/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./36/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./36/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./36")               = 0
[pid  3632] mkdir("./37", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 40
./strace-static-x86_64: Process 3711 attached
[pid  3711] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3711] chdir("./37")               = 0
[pid  3711] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3711] setpgid(0, 0)               = 0
[pid  3711] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3711] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3711] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3711] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3711] write(3, "1000", 4)         = 4
[pid  3711] close(3)                    = 0
[pid  3711] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3711] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3711] memfd_create("syzkaller", 0) = 3
[pid  3711] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3711] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3711] munmap(0x7fd662669000, 2097152) = 0
[pid  3711] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3711] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3711] close(3)                    = 0
[pid  3711] mkdir("./file0", 0777)      = 0
[   64.806172][ T3711] loop0: detected capacity change from 0 to 4096
[   64.821849][ T3711] NILFS (loop0): invalid segment: Checksum error in segment payload
[   64.830132][ T3711] NILFS (loop0): trying rollback from an earlier position
[   64.844678][ T3711] NILFS (loop0): recovery complete
[pid  3711] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3711] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3711] chdir("./file0")            = 0
[pid  3711] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3711] close(4)                    = 0
[pid  3711] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3711] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3711] creat("./bus", 000)         = 4
[pid  3711] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3711] ftruncate(4, 2048)          = 0
[pid  3711] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3711] open("./bus", O_RDONLY)     = 5
[   64.851014][ T3712] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   64.857302][   T27] audit: type=1804 audit(1670457096.759:39): pid=3711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/37/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3711] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3711] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3711] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3711] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3711] open(".", O_RDONLY)         = 6
[pid  3711] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3711] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3711] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3711] close(3)                    = 0
[pid  3711] close(4)                    = 0
[pid  3711] close(5)                    = 0
[pid  3711] close(6)                    = 0
[pid  3711] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3711] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3711] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3711] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3711] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3711] exit_group(0)               = ?
[pid  3711] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=40, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./37/binderfs")     = 0
[pid  3632] umount2("./37/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./37/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./37/cgroup")       = 0
[pid  3632] umount2("./37/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./37/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./37/cgroup.net")   = 0
[pid  3632] umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./37/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./37/file0")         = 0
[pid  3632] umount2("./37/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./37/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./37/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./37")               = 0
[pid  3632] mkdir("./38", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 41
./strace-static-x86_64: Process 3713 attached
[pid  3713] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3713] chdir("./38")               = 0
[pid  3713] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3713] setpgid(0, 0)               = 0
[pid  3713] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3713] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3713] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3713] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3713] write(3, "1000", 4)         = 4
[pid  3713] close(3)                    = 0
[pid  3713] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3713] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3713] memfd_create("syzkaller", 0) = 3
[pid  3713] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3713] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3713] munmap(0x7fd662669000, 2097152) = 0
[pid  3713] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3713] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3713] close(3)                    = 0
[pid  3713] mkdir("./file0", 0777)      = 0
[   65.153992][ T3713] loop0: detected capacity change from 0 to 4096
[   65.170288][ T3713] NILFS (loop0): invalid segment: Checksum error in segment payload
[   65.178582][ T3713] NILFS (loop0): trying rollback from an earlier position
[   65.194132][ T3713] NILFS (loop0): recovery complete
[pid  3713] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3713] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3713] chdir("./file0")            = 0
[pid  3713] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3713] close(4)                    = 0
[pid  3713] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3713] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3713] creat("./bus", 000)         = 4
[pid  3713] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3713] ftruncate(4, 2048)          = 0
[pid  3713] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3713] open("./bus", O_RDONLY)     = 5
[   65.200784][ T3714] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   65.216717][   T27] audit: type=1804 audit(1670457097.119:40): pid=3713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/38/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3713] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3713] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3713] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3713] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3713] open(".", O_RDONLY)         = 6
[pid  3713] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3713] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3713] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3713] close(3)                    = 0
[pid  3713] close(4)                    = 0
[pid  3713] close(5)                    = 0
[pid  3713] close(6)                    = 0
[pid  3713] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3713] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3713] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3713] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3713] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3713] exit_group(0)               = ?
[pid  3713] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=41, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./38/binderfs")     = 0
[pid  3632] umount2("./38/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./38/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./38/cgroup")       = 0
[pid  3632] umount2("./38/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./38/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./38/cgroup.net")   = 0
[pid  3632] umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./38/file0")         = 0
[pid  3632] umount2("./38/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./38/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./38/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./38")               = 0
[pid  3632] mkdir("./39", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 42
./strace-static-x86_64: Process 3715 attached
[pid  3715] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3715] chdir("./39")               = 0
[pid  3715] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3715] setpgid(0, 0)               = 0
[pid  3715] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3715] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3715] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3715] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3715] write(3, "1000", 4)         = 4
[pid  3715] close(3)                    = 0
[pid  3715] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3715] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3715] memfd_create("syzkaller", 0) = 3
[pid  3715] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3715] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3715] munmap(0x7fd662669000, 2097152) = 0
[pid  3715] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3715] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3715] close(3)                    = 0
[pid  3715] mkdir("./file0", 0777)      = 0
[   65.520915][ T3715] loop0: detected capacity change from 0 to 4096
[   65.536159][ T3715] NILFS (loop0): invalid segment: Checksum error in segment payload
[   65.545562][ T3715] NILFS (loop0): trying rollback from an earlier position
[   65.558015][ T3715] NILFS (loop0): recovery complete
[pid  3715] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3715] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3715] chdir("./file0")            = 0
[pid  3715] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3715] close(4)                    = 0
[pid  3715] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3715] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3715] creat("./bus", 000)         = 4
[pid  3715] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3715] ftruncate(4, 2048)          = 0
[pid  3715] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3715] open("./bus", O_RDONLY)     = 5
[   65.564332][ T3716] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3715] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3715] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3715] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3715] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3715] open(".", O_RDONLY)         = 6
[pid  3715] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3715] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3715] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3715] close(3)                    = 0
[pid  3715] close(4)                    = 0
[pid  3715] close(5)                    = 0
[pid  3715] close(6)                    = 0
[pid  3715] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3715] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3715] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3715] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3715] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3715] exit_group(0)               = ?
[pid  3715] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=42, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./39/binderfs")     = 0
[pid  3632] umount2("./39/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./39/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./39/cgroup")       = 0
[pid  3632] umount2("./39/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./39/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./39/cgroup.net")   = 0
[pid  3632] umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./39/file0")         = 0
[pid  3632] umount2("./39/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./39/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./39/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./39")               = 0
[pid  3632] mkdir("./40", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 43
./strace-static-x86_64: Process 3717 attached
[pid  3717] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3717] chdir("./40")               = 0
[pid  3717] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3717] setpgid(0, 0)               = 0
[pid  3717] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3717] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3717] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3717] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3717] write(3, "1000", 4)         = 4
[pid  3717] close(3)                    = 0
[pid  3717] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3717] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3717] memfd_create("syzkaller", 0) = 3
[pid  3717] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3717] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3717] munmap(0x7fd662669000, 2097152) = 0
[pid  3717] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3717] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3717] close(3)                    = 0
[pid  3717] mkdir("./file0", 0777)      = 0
[   65.851094][ T3717] loop0: detected capacity change from 0 to 4096
[   65.866064][ T3717] NILFS (loop0): invalid segment: Checksum error in segment payload
[   65.874226][ T3717] NILFS (loop0): trying rollback from an earlier position
[   65.887418][ T3717] NILFS (loop0): recovery complete
[pid  3717] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3717] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3717] chdir("./file0")            = 0
[pid  3717] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3717] close(4)                    = 0
[pid  3717] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3717] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3717] creat("./bus", 000)         = 4
[pid  3717] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3717] ftruncate(4, 2048)          = 0
[pid  3717] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3717] open("./bus", O_RDONLY)     = 5
[   65.893314][ T3718] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3717] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3717] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3717] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3717] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3717] open(".", O_RDONLY)         = 6
[pid  3717] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3717] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3717] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3717] close(3)                    = 0
[pid  3717] close(4)                    = 0
[pid  3717] close(5)                    = 0
[pid  3717] close(6)                    = 0
[pid  3717] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3717] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3717] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3717] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3717] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3717] exit_group(0)               = ?
[pid  3717] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=43, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./40/binderfs")     = 0
[pid  3632] umount2("./40/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./40/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./40/cgroup")       = 0
[pid  3632] umount2("./40/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./40/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./40/cgroup.net")   = 0
[pid  3632] umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./40/file0")         = 0
[pid  3632] umount2("./40/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./40/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./40/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./40")               = 0
[pid  3632] mkdir("./41", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3719 attached
, child_tidptr=0x5555573f25d0) = 44
[pid  3719] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3719] chdir("./41")               = 0
[pid  3719] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3719] setpgid(0, 0)               = 0
[pid  3719] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3719] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3719] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3719] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3719] write(3, "1000", 4)         = 4
[pid  3719] close(3)                    = 0
[pid  3719] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3719] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3719] memfd_create("syzkaller", 0) = 3
[pid  3719] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3719] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3719] munmap(0x7fd662669000, 2097152) = 0
[pid  3719] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3719] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3719] close(3)                    = 0
[pid  3719] mkdir("./file0", 0777)      = 0
[pid  3719] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3719] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3719] chdir("./file0")            = 0
[   66.199879][ T3719] loop0: detected capacity change from 0 to 4096
[   66.215741][ T3719] NILFS (loop0): invalid segment: Checksum error in segment payload
[   66.224339][ T3719] NILFS (loop0): trying rollback from an earlier position
[   66.239676][ T3719] NILFS (loop0): recovery complete
[pid  3719] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3719] close(4)                    = 0
[pid  3719] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3719] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3719] creat("./bus", 000)         = 4
[pid  3719] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3719] ftruncate(4, 2048)          = 0
[pid  3719] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3719] open("./bus", O_RDONLY)     = 5
[   66.249125][ T3720] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3719] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3719] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3719] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3719] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3719] open(".", O_RDONLY)         = 6
[pid  3719] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3719] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3719] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3719] close(3)                    = 0
[pid  3719] close(4)                    = 0
[pid  3719] close(5)                    = 0
[pid  3719] close(6)                    = 0
[pid  3719] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3719] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3719] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3719] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3719] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3719] exit_group(0)               = ?
[pid  3719] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=44, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./41/binderfs")     = 0
[pid  3632] umount2("./41/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./41/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./41/cgroup")       = 0
[pid  3632] umount2("./41/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./41/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./41/cgroup.net")   = 0
[pid  3632] umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./41/file0")         = 0
[pid  3632] umount2("./41/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./41/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./41/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./41")               = 0
[pid  3632] mkdir("./42", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 45
./strace-static-x86_64: Process 3721 attached
[pid  3721] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3721] chdir("./42")               = 0
[pid  3721] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3721] setpgid(0, 0)               = 0
[pid  3721] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3721] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3721] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3721] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3721] write(3, "1000", 4)         = 4
[pid  3721] close(3)                    = 0
[pid  3721] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3721] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3721] memfd_create("syzkaller", 0) = 3
[pid  3721] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3721] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3721] munmap(0x7fd662669000, 2097152) = 0
[pid  3721] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3721] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3721] close(3)                    = 0
[pid  3721] mkdir("./file0", 0777)      = 0
[pid  3721] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3721] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3721] chdir("./file0")            = 0
[pid  3721] ioctl(4, LOOP_CLR_FD)       = 0
[   66.536773][ T3721] loop0: detected capacity change from 0 to 4096
[   66.552737][ T3721] NILFS (loop0): invalid segment: Checksum error in segment payload
[   66.561002][ T3721] NILFS (loop0): trying rollback from an earlier position
[   66.573892][ T3721] NILFS (loop0): recovery complete
[pid  3721] close(4)                    = 0
[pid  3721] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3721] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3721] creat("./bus", 000)         = 4
[pid  3721] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3721] ftruncate(4, 2048)          = 0
[pid  3721] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3721] open("./bus", O_RDONLY)     = 5
[   66.580210][ T3722] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3721] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3721] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3721] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3721] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3721] open(".", O_RDONLY)         = 6
[pid  3721] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3721] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3721] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3721] close(3)                    = 0
[pid  3721] close(4)                    = 0
[pid  3721] close(5)                    = 0
[pid  3721] close(6)                    = 0
[pid  3721] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3721] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3721] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3721] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3721] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3721] exit_group(0)               = ?
[pid  3721] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=45, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./42/binderfs")     = 0
[pid  3632] umount2("./42/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./42/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./42/cgroup")       = 0
[pid  3632] umount2("./42/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./42/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./42/cgroup.net")   = 0
[pid  3632] umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./42/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./42/file0")         = 0
[pid  3632] umount2("./42/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./42/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./42/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./42")               = 0
[pid  3632] mkdir("./43", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 46
./strace-static-x86_64: Process 3723 attached
[pid  3723] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3723] chdir("./43")               = 0
[pid  3723] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3723] setpgid(0, 0)               = 0
[pid  3723] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3723] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3723] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3723] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3723] write(3, "1000", 4)         = 4
[pid  3723] close(3)                    = 0
[pid  3723] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3723] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3723] memfd_create("syzkaller", 0) = 3
[pid  3723] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3723] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3723] munmap(0x7fd662669000, 2097152) = 0
[pid  3723] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3723] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3723] close(3)                    = 0
[pid  3723] mkdir("./file0", 0777)      = 0
[   66.881615][ T3723] loop0: detected capacity change from 0 to 4096
[   66.896179][ T3723] NILFS (loop0): invalid segment: Checksum error in segment payload
[   66.904332][ T3723] NILFS (loop0): trying rollback from an earlier position
[   66.918087][ T3723] NILFS (loop0): recovery complete
[pid  3723] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3723] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3723] chdir("./file0")            = 0
[pid  3723] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3723] close(4)                    = 0
[pid  3723] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3723] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3723] creat("./bus", 000)         = 4
[pid  3723] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3723] ftruncate(4, 2048)          = 0
[pid  3723] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3723] open("./bus", O_RDONLY)     = 5
[   66.924350][ T3724] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3723] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3723] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3723] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3723] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3723] open(".", O_RDONLY)         = 6
[pid  3723] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3723] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3723] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3723] close(3)                    = 0
[pid  3723] close(4)                    = 0
[pid  3723] close(5)                    = 0
[pid  3723] close(6)                    = 0
[pid  3723] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3723] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3723] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3723] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3723] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3723] exit_group(0)               = ?
[pid  3723] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=46, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./43/binderfs")     = 0
[pid  3632] umount2("./43/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./43/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./43/cgroup")       = 0
[pid  3632] umount2("./43/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./43/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./43/cgroup.net")   = 0
[pid  3632] umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./43/file0")         = 0
[pid  3632] umount2("./43/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./43/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./43/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./43")               = 0
[pid  3632] mkdir("./44", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 47
./strace-static-x86_64: Process 3725 attached
[pid  3725] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3725] chdir("./44")               = 0
[pid  3725] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3725] setpgid(0, 0)               = 0
[pid  3725] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3725] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3725] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3725] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3725] write(3, "1000", 4)         = 4
[pid  3725] close(3)                    = 0
[pid  3725] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3725] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3725] memfd_create("syzkaller", 0) = 3
[pid  3725] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3725] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3725] munmap(0x7fd662669000, 2097152) = 0
[pid  3725] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3725] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3725] close(3)                    = 0
[pid  3725] mkdir("./file0", 0777)      = 0
[pid  3725] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3725] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3725] chdir("./file0")            = 0
[pid  3725] ioctl(4, LOOP_CLR_FD)       = 0
[   67.212433][ T3725] loop0: detected capacity change from 0 to 4096
[   67.228046][ T3725] NILFS (loop0): invalid segment: Checksum error in segment payload
[   67.236235][ T3725] NILFS (loop0): trying rollback from an earlier position
[   67.249735][ T3725] NILFS (loop0): recovery complete
[pid  3725] close(4)                    = 0
[pid  3725] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3725] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3725] creat("./bus", 000)         = 4
[pid  3725] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3725] ftruncate(4, 2048)          = 0
[pid  3725] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3725] open("./bus", O_RDONLY)     = 5
[   67.255861][ T3726] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   67.277370][   T27] kauditd_printk_skb: 5 callbacks suppressed
[   67.277383][   T27] audit: type=1804 audit(1670457099.179:46): pid=3725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/44/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3725] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3725] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3725] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3725] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3725] open(".", O_RDONLY)         = 6
[pid  3725] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3725] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3725] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3725] close(3)                    = 0
[pid  3725] close(4)                    = 0
[pid  3725] close(5)                    = 0
[pid  3725] close(6)                    = 0
[pid  3725] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3725] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3725] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3725] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3725] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3725] exit_group(0)               = ?
[pid  3725] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=47, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./44/binderfs")     = 0
[pid  3632] umount2("./44/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./44/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./44/cgroup")       = 0
[pid  3632] umount2("./44/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./44/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./44/cgroup.net")   = 0
[pid  3632] umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./44/file0")         = 0
[pid  3632] umount2("./44/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./44/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./44/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./44")               = 0
[pid  3632] mkdir("./45", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 48
./strace-static-x86_64: Process 3727 attached
[pid  3727] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3727] chdir("./45")               = 0
[pid  3727] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3727] setpgid(0, 0)               = 0
[pid  3727] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3727] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3727] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3727] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3727] write(3, "1000", 4)         = 4
[pid  3727] close(3)                    = 0
[pid  3727] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3727] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3727] memfd_create("syzkaller", 0) = 3
[pid  3727] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3727] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3727] munmap(0x7fd662669000, 2097152) = 0
[pid  3727] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3727] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3727] close(3)                    = 0
[pid  3727] mkdir("./file0", 0777)      = 0
[   67.567960][ T3727] loop0: detected capacity change from 0 to 4096
[   67.584159][ T3727] NILFS (loop0): invalid segment: Checksum error in segment payload
[   67.592240][ T3727] NILFS (loop0): trying rollback from an earlier position
[   67.605834][ T3727] NILFS (loop0): recovery complete
[pid  3727] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3727] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3727] chdir("./file0")            = 0
[pid  3727] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3727] close(4)                    = 0
[pid  3727] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3727] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3727] creat("./bus", 000)         = 4
[pid  3727] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3727] ftruncate(4, 2048)          = 0
[pid  3727] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3727] open("./bus", O_RDONLY)     = 5
[   67.611927][ T3728] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   67.630320][   T27] audit: type=1804 audit(1670457099.539:47): pid=3727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/45/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3727] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3727] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3727] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3727] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3727] open(".", O_RDONLY)         = 6
[pid  3727] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3727] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3727] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3727] close(3)                    = 0
[pid  3727] close(4)                    = 0
[pid  3727] close(5)                    = 0
[pid  3727] close(6)                    = 0
[pid  3727] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3727] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3727] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3727] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3727] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3727] exit_group(0)               = ?
[pid  3727] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=48, si_uid=0, si_status=0, si_utime=0, si_stime=21} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./45/binderfs")     = 0
[pid  3632] umount2("./45/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./45/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./45/cgroup")       = 0
[pid  3632] umount2("./45/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./45/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./45/cgroup.net")   = 0
[pid  3632] umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./45/file0")         = 0
[pid  3632] umount2("./45/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./45/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./45/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./45")               = 0
[pid  3632] mkdir("./46", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3729 attached
 <unfinished ...>
[pid  3729] set_robust_list(0x5555573f25e0, 24 <unfinished ...>
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 49
[pid  3729] <... set_robust_list resumed>) = 0
[pid  3729] chdir("./46")               = 0
[pid  3729] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3729] setpgid(0, 0)               = 0
[pid  3729] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3729] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3729] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3729] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3729] write(3, "1000", 4)         = 4
[pid  3729] close(3)                    = 0
[pid  3729] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3729] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3729] memfd_create("syzkaller", 0) = 3
[pid  3729] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3729] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3729] munmap(0x7fd662669000, 2097152) = 0
[pid  3729] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3729] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3729] close(3)                    = 0
[pid  3729] mkdir("./file0", 0777)      = 0
[   67.923182][ T3729] loop0: detected capacity change from 0 to 4096
[   67.938226][ T3729] NILFS (loop0): invalid segment: Checksum error in segment payload
[   67.946311][ T3729] NILFS (loop0): trying rollback from an earlier position
[   67.960515][ T3729] NILFS (loop0): recovery complete
[pid  3729] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3729] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3729] chdir("./file0")            = 0
[pid  3729] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3729] close(4)                    = 0
[pid  3729] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3729] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3729] creat("./bus", 000)         = 4
[pid  3729] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3729] ftruncate(4, 2048)          = 0
[pid  3729] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3729] open("./bus", O_RDONLY)     = 5
[   67.966942][ T3730] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   67.974049][   T27] audit: type=1804 audit(1670457099.869:48): pid=3729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/46/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3729] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3729] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3729] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3729] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3729] open(".", O_RDONLY)         = 6
[pid  3729] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3729] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3729] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3729] close(3)                    = 0
[pid  3729] close(4)                    = 0
[pid  3729] close(5)                    = 0
[pid  3729] close(6)                    = 0
[pid  3729] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3729] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3729] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3729] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3729] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3729] exit_group(0)               = ?
[pid  3729] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./46/binderfs")     = 0
[pid  3632] umount2("./46/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./46/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./46/cgroup")       = 0
[pid  3632] umount2("./46/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./46/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./46/cgroup.net")   = 0
[pid  3632] umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./46/file0")         = 0
[pid  3632] umount2("./46/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./46/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./46/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./46")               = 0
[pid  3632] mkdir("./47", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 50
./strace-static-x86_64: Process 3731 attached
[pid  3731] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3731] chdir("./47")               = 0
[pid  3731] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3731] setpgid(0, 0)               = 0
[pid  3731] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3731] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3731] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3731] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3731] write(3, "1000", 4)         = 4
[pid  3731] close(3)                    = 0
[pid  3731] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3731] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3731] memfd_create("syzkaller", 0) = 3
[pid  3731] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3731] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3731] munmap(0x7fd662669000, 2097152) = 0
[pid  3731] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3731] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3731] close(3)                    = 0
[pid  3731] mkdir("./file0", 0777)      = 0
[   68.285262][ T3731] loop0: detected capacity change from 0 to 4096
[   68.300064][ T3731] NILFS (loop0): invalid segment: Checksum error in segment payload
[   68.308379][ T3731] NILFS (loop0): trying rollback from an earlier position
[   68.322546][ T3731] NILFS (loop0): recovery complete
[pid  3731] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3731] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3731] chdir("./file0")            = 0
[pid  3731] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3731] close(4)                    = 0
[pid  3731] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3731] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3731] creat("./bus", 000)         = 4
[pid  3731] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3731] ftruncate(4, 2048)          = 0
[pid  3731] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3731] open("./bus", O_RDONLY)     = 5
[   68.328676][ T3732] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   68.343367][   T27] audit: type=1804 audit(1670457100.249:49): pid=3731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/47/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3731] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3731] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3731] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3731] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3731] open(".", O_RDONLY)         = 6
[pid  3731] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3731] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3731] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3731] close(3)                    = 0
[pid  3731] close(4)                    = 0
[pid  3731] close(5)                    = 0
[pid  3731] close(6)                    = 0
[pid  3731] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3731] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3731] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3731] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3731] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3731] exit_group(0)               = ?
[pid  3731] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=50, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./47/binderfs")     = 0
[pid  3632] umount2("./47/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./47/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./47/cgroup")       = 0
[pid  3632] umount2("./47/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./47/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./47/cgroup.net")   = 0
[pid  3632] umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./47/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./47/file0")         = 0
[pid  3632] umount2("./47/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./47/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./47/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./47")               = 0
[pid  3632] mkdir("./48", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 51
./strace-static-x86_64: Process 3733 attached
[pid  3733] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3733] chdir("./48")               = 0
[pid  3733] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3733] setpgid(0, 0)               = 0
[pid  3733] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3733] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3733] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3733] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3733] write(3, "1000", 4)         = 4
[pid  3733] close(3)                    = 0
[pid  3733] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3733] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3733] memfd_create("syzkaller", 0) = 3
[pid  3733] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3733] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3733] munmap(0x7fd662669000, 2097152) = 0
[pid  3733] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3733] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3733] close(3)                    = 0
[pid  3733] mkdir("./file0", 0777)      = 0
[pid  3733] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3733] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3733] chdir("./file0")            = 0
[pid  3733] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3733] close(4)                    = 0
[pid  3733] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3733] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[   68.633049][ T3733] loop0: detected capacity change from 0 to 4096
[   68.649503][ T3733] NILFS (loop0): invalid segment: Checksum error in segment payload
[   68.657519][ T3733] NILFS (loop0): trying rollback from an earlier position
[   68.671161][ T3733] NILFS (loop0): recovery complete
[pid  3733] creat("./bus", 000)         = 4
[pid  3733] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3733] ftruncate(4, 2048)          = 0
[pid  3733] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3733] open("./bus", O_RDONLY)     = 5
[   68.677665][ T3734] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   68.699797][   T27] audit: type=1804 audit(1670457100.589:50): pid=3733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/48/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3733] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3733] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3733] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3733] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3733] open(".", O_RDONLY)         = 6
[pid  3733] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3733] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3733] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3733] close(3)                    = 0
[pid  3733] close(4)                    = 0
[pid  3733] close(5)                    = 0
[pid  3733] close(6)                    = 0
[pid  3733] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3733] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3733] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3733] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3733] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3733] exit_group(0)               = ?
[pid  3733] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=51, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./48/binderfs")     = 0
[pid  3632] umount2("./48/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./48/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./48/cgroup")       = 0
[pid  3632] umount2("./48/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./48/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./48/cgroup.net")   = 0
[pid  3632] umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./48/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./48/file0")         = 0
[pid  3632] umount2("./48/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./48/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./48/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./48")               = 0
[pid  3632] mkdir("./49", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 52
./strace-static-x86_64: Process 3735 attached
[pid  3735] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3735] chdir("./49")               = 0
[pid  3735] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3735] setpgid(0, 0)               = 0
[pid  3735] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3735] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3735] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3735] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3735] write(3, "1000", 4)         = 4
[pid  3735] close(3)                    = 0
[pid  3735] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3735] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3735] memfd_create("syzkaller", 0) = 3
[pid  3735] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3735] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3735] munmap(0x7fd662669000, 2097152) = 0
[pid  3735] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3735] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3735] close(3)                    = 0
[pid  3735] mkdir("./file0", 0777)      = 0
[pid  3735] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3735] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3735] chdir("./file0")            = 0
[pid  3735] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3735] close(4)                    = 0
[pid  3735] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3735] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3735] creat("./bus", 000)         = 4
[pid  3735] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3735] ftruncate(4, 2048)          = 0
[pid  3735] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3735] open("./bus", O_RDONLY)     = 5
[   68.984286][ T3735] loop0: detected capacity change from 0 to 4096
[   68.998677][ T3735] NILFS (loop0): invalid segment: Checksum error in segment payload
[   69.007054][ T3735] NILFS (loop0): trying rollback from an earlier position
[   69.021433][ T3735] NILFS (loop0): recovery complete
[   69.027537][ T3736] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.038194][   T27] audit: type=1804 audit(1670457100.939:51): pid=3735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/49/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3735] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3735] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3735] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3735] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3735] open(".", O_RDONLY)         = 6
[pid  3735] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3735] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3735] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3735] close(3)                    = 0
[pid  3735] close(4)                    = 0
[pid  3735] close(5)                    = 0
[pid  3735] close(6)                    = 0
[pid  3735] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3735] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3735] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3735] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3735] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3735] exit_group(0)               = ?
[pid  3735] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=52, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./49/binderfs")     = 0
[pid  3632] umount2("./49/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./49/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./49/cgroup")       = 0
[pid  3632] umount2("./49/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./49/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./49/cgroup.net")   = 0
[pid  3632] umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./49/file0")         = 0
[pid  3632] umount2("./49/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./49/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./49/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./49")               = 0
[pid  3632] mkdir("./50", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 53
./strace-static-x86_64: Process 3737 attached
[pid  3737] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3737] chdir("./50")               = 0
[pid  3737] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3737] setpgid(0, 0)               = 0
[pid  3737] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3737] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3737] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3737] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3737] write(3, "1000", 4)         = 4
[pid  3737] close(3)                    = 0
[pid  3737] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3737] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3737] memfd_create("syzkaller", 0) = 3
[pid  3737] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3737] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3737] munmap(0x7fd662669000, 2097152) = 0
[pid  3737] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3737] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3737] close(3)                    = 0
[pid  3737] mkdir("./file0", 0777)      = 0
[   69.331823][ T3737] loop0: detected capacity change from 0 to 4096
[   69.348133][ T3737] NILFS (loop0): invalid segment: Checksum error in segment payload
[   69.356620][ T3737] NILFS (loop0): trying rollback from an earlier position
[   69.371260][ T3737] NILFS (loop0): recovery complete
[pid  3737] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3737] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3737] chdir("./file0")            = 0
[pid  3737] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3737] close(4)                    = 0
[pid  3737] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3737] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3737] creat("./bus", 000)         = 4
[pid  3737] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3737] ftruncate(4, 2048)          = 0
[pid  3737] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3737] open("./bus", O_RDONLY)     = 5
[   69.377246][ T3738] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.383032][   T27] audit: type=1804 audit(1670457101.279:52): pid=3737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/50/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3737] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3737] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3737] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3737] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3737] open(".", O_RDONLY)         = 6
[pid  3737] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3737] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3737] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3737] close(3)                    = 0
[pid  3737] close(4)                    = 0
[pid  3737] close(5)                    = 0
[pid  3737] close(6)                    = 0
[pid  3737] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3737] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3737] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3737] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3737] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3737] exit_group(0)               = ?
[pid  3737] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=53, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./50/binderfs")     = 0
[pid  3632] umount2("./50/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./50/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./50/cgroup")       = 0
[pid  3632] umount2("./50/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./50/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./50/cgroup.net")   = 0
[pid  3632] umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./50/file0")         = 0
[pid  3632] umount2("./50/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./50/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./50/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./50")               = 0
[pid  3632] mkdir("./51", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 54
./strace-static-x86_64: Process 3739 attached
[pid  3739] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3739] chdir("./51")               = 0
[pid  3739] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3739] setpgid(0, 0)               = 0
[pid  3739] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3739] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3739] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3739] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3739] write(3, "1000", 4)         = 4
[pid  3739] close(3)                    = 0
[pid  3739] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3739] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3739] memfd_create("syzkaller", 0) = 3
[pid  3739] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3739] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3739] munmap(0x7fd662669000, 2097152) = 0
[pid  3739] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3739] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3739] close(3)                    = 0
[pid  3739] mkdir("./file0", 0777)      = 0
[   69.702471][ T3739] loop0: detected capacity change from 0 to 4096
[   69.716793][ T3739] NILFS (loop0): invalid segment: Checksum error in segment payload
[   69.725142][ T3739] NILFS (loop0): trying rollback from an earlier position
[   69.738827][ T3739] NILFS (loop0): recovery complete
[pid  3739] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3739] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3739] chdir("./file0")            = 0
[pid  3739] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3739] close(4)                    = 0
[pid  3739] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3739] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3739] creat("./bus", 000)         = 4
[pid  3739] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3739] ftruncate(4, 2048)          = 0
[pid  3739] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3739] open("./bus", O_RDONLY)     = 5
[   69.745030][ T3740] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.755674][   T27] audit: type=1804 audit(1670457101.649:53): pid=3739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/51/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3739] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3739] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3739] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3739] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3739] open(".", O_RDONLY)         = 6
[pid  3739] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3739] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3739] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3739] close(3)                    = 0
[pid  3739] close(4)                    = 0
[pid  3739] close(5)                    = 0
[pid  3739] close(6)                    = 0
[pid  3739] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3739] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3739] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3739] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3739] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3739] exit_group(0)               = ?
[pid  3739] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=54, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./51/binderfs")     = 0
[pid  3632] umount2("./51/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./51/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./51/cgroup")       = 0
[pid  3632] umount2("./51/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./51/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./51/cgroup.net")   = 0
[pid  3632] umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./51/file0")         = 0
[pid  3632] umount2("./51/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./51/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./51/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./51")               = 0
[pid  3632] mkdir("./52", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 55
./strace-static-x86_64: Process 3741 attached
[pid  3741] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3741] chdir("./52")               = 0
[pid  3741] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3741] setpgid(0, 0)               = 0
[pid  3741] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3741] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3741] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3741] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3741] write(3, "1000", 4)         = 4
[pid  3741] close(3)                    = 0
[pid  3741] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3741] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3741] memfd_create("syzkaller", 0) = 3
[pid  3741] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3741] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3741] munmap(0x7fd662669000, 2097152) = 0
[pid  3741] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3741] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3741] close(3)                    = 0
[pid  3741] mkdir("./file0", 0777)      = 0
[pid  3741] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3741] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3741] chdir("./file0")            = 0
[pid  3741] ioctl(4, LOOP_CLR_FD)       = 0
[   70.043866][ T3741] loop0: detected capacity change from 0 to 4096
[   70.058250][ T3741] NILFS (loop0): invalid segment: Checksum error in segment payload
[   70.066442][ T3741] NILFS (loop0): trying rollback from an earlier position
[   70.079669][ T3741] NILFS (loop0): recovery complete
[pid  3741] close(4)                    = 0
[pid  3741] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3741] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3741] creat("./bus", 000)         = 4
[pid  3741] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3741] ftruncate(4, 2048)          = 0
[pid  3741] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3741] open("./bus", O_RDONLY)     = 5
[   70.085649][ T3742] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.110990][   T27] audit: type=1804 audit(1670457102.019:54): pid=3741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/52/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3741] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3741] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3741] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3741] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3741] open(".", O_RDONLY)         = 6
[pid  3741] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3741] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3741] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3741] close(3)                    = 0
[pid  3741] close(4)                    = 0
[pid  3741] close(5)                    = 0
[pid  3741] close(6)                    = 0
[pid  3741] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3741] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3741] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3741] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3741] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3741] exit_group(0)               = ?
[pid  3741] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=55, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./52/binderfs")     = 0
[pid  3632] umount2("./52/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./52/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./52/cgroup")       = 0
[pid  3632] umount2("./52/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./52/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./52/cgroup.net")   = 0
[pid  3632] umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./52/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./52/file0")         = 0
[pid  3632] umount2("./52/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./52/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./52/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./52")               = 0
[pid  3632] mkdir("./53", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 56
./strace-static-x86_64: Process 3743 attached
[pid  3743] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3743] chdir("./53")               = 0
[pid  3743] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3743] setpgid(0, 0)               = 0
[pid  3743] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3743] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3743] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3743] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3743] write(3, "1000", 4)         = 4
[pid  3743] close(3)                    = 0
[pid  3743] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3743] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3743] memfd_create("syzkaller", 0) = 3
[pid  3743] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3743] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3743] munmap(0x7fd662669000, 2097152) = 0
[pid  3743] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3743] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3743] close(3)                    = 0
[pid  3743] mkdir("./file0", 0777)      = 0
[pid  3743] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3743] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3743] chdir("./file0")            = 0
[pid  3743] ioctl(4, LOOP_CLR_FD)       = 0
[   70.405384][ T3743] loop0: detected capacity change from 0 to 4096
[   70.419136][ T3743] NILFS (loop0): invalid segment: Checksum error in segment payload
[   70.427241][ T3743] NILFS (loop0): trying rollback from an earlier position
[   70.440847][ T3743] NILFS (loop0): recovery complete
[pid  3743] close(4)                    = 0
[pid  3743] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3743] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3743] creat("./bus", 000)         = 4
[pid  3743] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3743] ftruncate(4, 2048)          = 0
[pid  3743] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3743] open("./bus", O_RDONLY)     = 5
[   70.447364][ T3744] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.462901][   T27] audit: type=1804 audit(1670457102.369:55): pid=3743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/53/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3743] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3743] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3743] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3743] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3743] open(".", O_RDONLY)         = 6
[pid  3743] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3743] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3743] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3743] close(3)                    = 0
[pid  3743] close(4)                    = 0
[pid  3743] close(5)                    = 0
[pid  3743] close(6)                    = 0
[pid  3743] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3743] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3743] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3743] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3743] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3743] exit_group(0)               = ?
[pid  3743] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=56, si_uid=0, si_status=0, si_utime=0, si_stime=13} ---
[pid  3632] umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./53/binderfs")     = 0
[pid  3632] umount2("./53/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./53/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./53/cgroup")       = 0
[pid  3632] umount2("./53/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./53/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./53/cgroup.net")   = 0
[pid  3632] umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./53/file0")         = 0
[pid  3632] umount2("./53/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./53/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./53/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./53")               = 0
[pid  3632] mkdir("./54", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 57
./strace-static-x86_64: Process 3745 attached
[pid  3745] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3745] chdir("./54")               = 0
[pid  3745] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3745] setpgid(0, 0)               = 0
[pid  3745] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3745] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3745] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3745] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3745] write(3, "1000", 4)         = 4
[pid  3745] close(3)                    = 0
[pid  3745] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3745] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3745] memfd_create("syzkaller", 0) = 3
[pid  3745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3745] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3745] munmap(0x7fd662669000, 2097152) = 0
[pid  3745] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3745] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3745] close(3)                    = 0
[pid  3745] mkdir("./file0", 0777)      = 0
[pid  3745] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3745] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3745] chdir("./file0")            = 0
[pid  3745] ioctl(4, LOOP_CLR_FD)       = 0
[   70.759379][ T3745] loop0: detected capacity change from 0 to 4096
[   70.774616][ T3745] NILFS (loop0): invalid segment: Checksum error in segment payload
[   70.782738][ T3745] NILFS (loop0): trying rollback from an earlier position
[   70.796647][ T3745] NILFS (loop0): recovery complete
[pid  3745] close(4)                    = 0
[pid  3745] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3745] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3745] creat("./bus", 000)         = 4
[pid  3745] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3745] ftruncate(4, 2048)          = 0
[pid  3745] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3745] open("./bus", O_RDONLY)     = 5
[   70.803470][ T3746] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3745] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3745] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3745] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3745] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3745] open(".", O_RDONLY)         = 6
[pid  3745] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3745] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3745] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3745] close(3)                    = 0
[pid  3745] close(4)                    = 0
[pid  3745] close(5)                    = 0
[pid  3745] close(6)                    = 0
[pid  3745] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3745] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3745] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3745] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3745] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3745] exit_group(0)               = ?
[pid  3745] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=57, si_uid=0, si_status=0, si_utime=0, si_stime=11} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./54/binderfs")     = 0
[pid  3632] umount2("./54/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./54/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./54/cgroup")       = 0
[pid  3632] umount2("./54/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./54/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./54/cgroup.net")   = 0
[pid  3632] umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./54/file0")         = 0
[pid  3632] umount2("./54/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./54/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./54/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./54")               = 0
[pid  3632] mkdir("./55", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 58
./strace-static-x86_64: Process 3747 attached
[pid  3747] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3747] chdir("./55")               = 0
[pid  3747] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3747] setpgid(0, 0)               = 0
[pid  3747] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3747] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3747] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3747] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3747] write(3, "1000", 4)         = 4
[pid  3747] close(3)                    = 0
[pid  3747] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3747] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3747] memfd_create("syzkaller", 0) = 3
[pid  3747] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3747] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3747] munmap(0x7fd662669000, 2097152) = 0
[pid  3747] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3747] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3747] close(3)                    = 0
[pid  3747] mkdir("./file0", 0777)      = 0
[   71.091788][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[   71.092642][    T7] cfg80211: failed to load regulatory.db
[   71.098247][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[   71.123959][ T3747] loop0: detected capacity change from 0 to 4096
[pid  3747] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3747] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3747] chdir("./file0")            = 0
[pid  3747] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3747] close(4)                    = 0
[pid  3747] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3747] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3747] creat("./bus", 000)         = 4
[pid  3747] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3747] ftruncate(4, 2048)          = 0
[pid  3747] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3747] open("./bus", O_RDONLY)     = 5
[   71.146535][ T3747] NILFS (loop0): invalid segment: Checksum error in segment payload
[   71.154652][ T3747] NILFS (loop0): trying rollback from an earlier position
[   71.173160][ T3747] NILFS (loop0): recovery complete
[   71.185352][ T3748] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3747] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3747] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3747] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3747] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3747] open(".", O_RDONLY)         = 6
[pid  3747] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3747] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3747] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3747] close(3)                    = 0
[pid  3747] close(4)                    = 0
[pid  3747] close(5)                    = 0
[pid  3747] close(6)                    = 0
[pid  3747] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3747] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3747] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3747] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3747] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3747] exit_group(0)               = ?
[pid  3747] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=58, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
[pid  3632] umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./55/binderfs")     = 0
[pid  3632] umount2("./55/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./55/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./55/cgroup")       = 0
[pid  3632] umount2("./55/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./55/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./55/cgroup.net")   = 0
[pid  3632] umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./55/file0")         = 0
[pid  3632] umount2("./55/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./55/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./55/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./55")               = 0
[pid  3632] mkdir("./56", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 59
./strace-static-x86_64: Process 3749 attached
[pid  3749] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3749] chdir("./56")               = 0
[pid  3749] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3749] setpgid(0, 0)               = 0
[pid  3749] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3749] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3749] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3749] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3749] write(3, "1000", 4)         = 4
[pid  3749] close(3)                    = 0
[pid  3749] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3749] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3749] memfd_create("syzkaller", 0) = 3
[pid  3749] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3749] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3749] munmap(0x7fd662669000, 2097152) = 0
[pid  3749] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3749] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3749] close(3)                    = 0
[pid  3749] mkdir("./file0", 0777)      = 0
[pid  3749] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3749] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3749] chdir("./file0")            = 0
[pid  3749] ioctl(4, LOOP_CLR_FD)       = 0
[   71.694269][ T3749] loop0: detected capacity change from 0 to 4096
[   71.709721][ T3749] NILFS (loop0): invalid segment: Checksum error in segment payload
[   71.717959][ T3749] NILFS (loop0): trying rollback from an earlier position
[   71.731844][ T3749] NILFS (loop0): recovery complete
[pid  3749] close(4)                    = 0
[pid  3749] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3749] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3749] creat("./bus", 000)         = 4
[pid  3749] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3749] ftruncate(4, 2048)          = 0
[pid  3749] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3749] open("./bus", O_RDONLY)     = 5
[   71.737875][ T3750] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3749] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3749] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3749] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3749] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3749] open(".", O_RDONLY)         = 6
[pid  3749] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3749] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3749] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3749] close(3)                    = 0
[pid  3749] close(4)                    = 0
[pid  3749] close(5)                    = 0
[pid  3749] close(6)                    = 0
[pid  3749] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3749] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3749] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3749] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3749] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3749] exit_group(0)               = ?
[pid  3749] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=59, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./56/binderfs")     = 0
[pid  3632] umount2("./56/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./56/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./56/cgroup")       = 0
[pid  3632] umount2("./56/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./56/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./56/cgroup.net")   = 0
[pid  3632] umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./56/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./56/file0")         = 0
[pid  3632] umount2("./56/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./56/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./56/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./56")               = 0
[pid  3632] mkdir("./57", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 60
./strace-static-x86_64: Process 3751 attached
[pid  3751] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3751] chdir("./57")               = 0
[pid  3751] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3751] setpgid(0, 0)               = 0
[pid  3751] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3751] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3751] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3751] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3751] write(3, "1000", 4)         = 4
[pid  3751] close(3)                    = 0
[pid  3751] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3751] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3751] memfd_create("syzkaller", 0) = 3
[pid  3751] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3751] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3751] munmap(0x7fd662669000, 2097152) = 0
[pid  3751] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3751] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3751] close(3)                    = 0
[pid  3751] mkdir("./file0", 0777)      = 0
[   72.044961][ T3751] loop0: detected capacity change from 0 to 4096
[   72.060514][ T3751] NILFS (loop0): invalid segment: Checksum error in segment payload
[   72.068564][ T3751] NILFS (loop0): trying rollback from an earlier position
[   72.082701][ T3751] NILFS (loop0): recovery complete
[pid  3751] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3751] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3751] chdir("./file0")            = 0
[pid  3751] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3751] close(4)                    = 0
[pid  3751] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3751] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3751] creat("./bus", 000)         = 4
[pid  3751] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3751] ftruncate(4, 2048)          = 0
[pid  3751] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3751] open("./bus", O_RDONLY)     = 5
[   72.088504][ T3752] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3751] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3751] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3751] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3751] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3751] open(".", O_RDONLY)         = 6
[pid  3751] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3751] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3751] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3751] close(3)                    = 0
[pid  3751] close(4)                    = 0
[pid  3751] close(5)                    = 0
[pid  3751] close(6)                    = 0
[pid  3751] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3751] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3751] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3751] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3751] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3751] exit_group(0)               = ?
[pid  3751] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=60, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./57/binderfs")     = 0
[pid  3632] umount2("./57/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./57/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./57/cgroup")       = 0
[pid  3632] umount2("./57/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./57/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./57/cgroup.net")   = 0
[pid  3632] umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./57/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./57/file0")         = 0
[pid  3632] umount2("./57/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./57/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./57/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./57")               = 0
[pid  3632] mkdir("./58", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3753 attached
 <unfinished ...>
[pid  3753] set_robust_list(0x5555573f25e0, 24 <unfinished ...>
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 61
[pid  3753] <... set_robust_list resumed>) = 0
[pid  3753] chdir("./58")               = 0
[pid  3753] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3753] setpgid(0, 0)               = 0
[pid  3753] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3753] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3753] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3753] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3753] write(3, "1000", 4)         = 4
[pid  3753] close(3)                    = 0
[pid  3753] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3753] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3753] memfd_create("syzkaller", 0) = 3
[pid  3753] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3753] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3753] munmap(0x7fd662669000, 2097152) = 0
[pid  3753] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3753] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3753] close(3)                    = 0
[pid  3753] mkdir("./file0", 0777)      = 0
[pid  3753] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3753] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3753] chdir("./file0")            = 0
[   72.391794][ T3753] loop0: detected capacity change from 0 to 4096
[   72.407673][ T3753] NILFS (loop0): invalid segment: Checksum error in segment payload
[   72.416328][ T3753] NILFS (loop0): trying rollback from an earlier position
[   72.429956][ T3753] NILFS (loop0): recovery complete
[pid  3753] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3753] close(4)                    = 0
[pid  3753] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3753] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3753] creat("./bus", 000)         = 4
[pid  3753] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3753] ftruncate(4, 2048)          = 0
[pid  3753] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3753] open("./bus", O_RDONLY)     = 5
[   72.436128][ T3754] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   72.451708][   T27] kauditd_printk_skb: 4 callbacks suppressed
[   72.451720][   T27] audit: type=1804 audit(1670457104.359:60): pid=3753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/58/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3753] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3753] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3753] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3753] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3753] open(".", O_RDONLY)         = 6
[pid  3753] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3753] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3753] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3753] close(3)                    = 0
[pid  3753] close(4)                    = 0
[pid  3753] close(5)                    = 0
[pid  3753] close(6)                    = 0
[pid  3753] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3753] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3753] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3753] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3753] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3753] exit_group(0)               = ?
[pid  3753] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=61, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./58/binderfs")     = 0
[pid  3632] umount2("./58/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./58/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./58/cgroup")       = 0
[pid  3632] umount2("./58/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./58/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./58/cgroup.net")   = 0
[pid  3632] umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./58/file0")         = 0
[pid  3632] umount2("./58/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./58/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./58/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./58")               = 0
[pid  3632] mkdir("./59", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 62
./strace-static-x86_64: Process 3755 attached
[pid  3755] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3755] chdir("./59")               = 0
[pid  3755] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3755] setpgid(0, 0)               = 0
[pid  3755] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3755] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3755] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3755] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3755] write(3, "1000", 4)         = 4
[pid  3755] close(3)                    = 0
[pid  3755] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3755] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3755] memfd_create("syzkaller", 0) = 3
[pid  3755] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3755] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3755] munmap(0x7fd662669000, 2097152) = 0
[pid  3755] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3755] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3755] close(3)                    = 0
[pid  3755] mkdir("./file0", 0777)      = 0
[   72.738700][ T3755] loop0: detected capacity change from 0 to 4096
[   72.753554][ T3755] NILFS (loop0): invalid segment: Checksum error in segment payload
[   72.761725][ T3755] NILFS (loop0): trying rollback from an earlier position
[   72.775025][ T3755] NILFS (loop0): recovery complete
[pid  3755] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3755] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3755] chdir("./file0")            = 0
[pid  3755] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3755] close(4)                    = 0
[pid  3755] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3755] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3755] creat("./bus", 000)         = 4
[pid  3755] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3755] ftruncate(4, 2048)          = 0
[pid  3755] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3755] open("./bus", O_RDONLY)     = 5
[   72.781489][ T3756] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   72.806681][   T27] audit: type=1804 audit(1670457104.709:61): pid=3755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/59/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3755] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3755] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3755] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3755] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3755] open(".", O_RDONLY)         = 6
[pid  3755] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3755] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3755] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3755] close(3)                    = 0
[pid  3755] close(4)                    = 0
[pid  3755] close(5)                    = 0
[pid  3755] close(6)                    = 0
[pid  3755] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3755] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3755] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3755] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3755] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3755] exit_group(0)               = ?
[pid  3755] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=62, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./59/binderfs")     = 0
[pid  3632] umount2("./59/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./59/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./59/cgroup")       = 0
[pid  3632] umount2("./59/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./59/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./59/cgroup.net")   = 0
[pid  3632] umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./59/file0")         = 0
[pid  3632] umount2("./59/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./59/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./59/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./59")               = 0
[pid  3632] mkdir("./60", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 63
./strace-static-x86_64: Process 3757 attached
[pid  3757] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3757] chdir("./60")               = 0
[pid  3757] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3757] setpgid(0, 0)               = 0
[pid  3757] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3757] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3757] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3757] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3757] write(3, "1000", 4)         = 4
[pid  3757] close(3)                    = 0
[pid  3757] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3757] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3757] memfd_create("syzkaller", 0) = 3
[pid  3757] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3757] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3757] munmap(0x7fd662669000, 2097152) = 0
[pid  3757] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3757] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3757] close(3)                    = 0
[pid  3757] mkdir("./file0", 0777)      = 0
[   73.089823][ T3757] loop0: detected capacity change from 0 to 4096
[   73.104846][ T3757] NILFS (loop0): invalid segment: Checksum error in segment payload
[   73.112934][ T3757] NILFS (loop0): trying rollback from an earlier position
[   73.126843][ T3757] NILFS (loop0): recovery complete
[pid  3757] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3757] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3757] chdir("./file0")            = 0
[pid  3757] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3757] close(4)                    = 0
[pid  3757] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3757] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3757] creat("./bus", 000)         = 4
[pid  3757] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3757] ftruncate(4, 2048)          = 0
[pid  3757] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3757] open("./bus", O_RDONLY)     = 5
[   73.132984][ T3758] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   73.138681][   T27] audit: type=1804 audit(1670457105.039:62): pid=3757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/60/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3757] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3757] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3757] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3757] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3757] open(".", O_RDONLY)         = 6
[pid  3757] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3757] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3757] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3757] close(3)                    = 0
[pid  3757] close(4)                    = 0
[pid  3757] close(5)                    = 0
[pid  3757] close(6)                    = 0
[pid  3757] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3757] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3757] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3757] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3757] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3757] exit_group(0)               = ?
[pid  3757] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=63, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./60/binderfs")     = 0
[pid  3632] umount2("./60/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./60/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./60/cgroup")       = 0
[pid  3632] umount2("./60/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./60/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./60/cgroup.net")   = 0
[pid  3632] umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./60/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./60/file0")         = 0
[pid  3632] umount2("./60/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./60/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./60/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./60")               = 0
[pid  3632] mkdir("./61", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 64
./strace-static-x86_64: Process 3759 attached
[pid  3759] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3759] chdir("./61")               = 0
[pid  3759] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3759] setpgid(0, 0)               = 0
[pid  3759] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3759] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3759] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3759] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3759] write(3, "1000", 4)         = 4
[pid  3759] close(3)                    = 0
[pid  3759] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3759] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3759] memfd_create("syzkaller", 0) = 3
[pid  3759] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3759] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3759] munmap(0x7fd662669000, 2097152) = 0
[pid  3759] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3759] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3759] close(3)                    = 0
[pid  3759] mkdir("./file0", 0777)      = 0
[pid  3759] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3759] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3759] chdir("./file0")            = 0
[pid  3759] ioctl(4, LOOP_CLR_FD)       = 0
[   73.437298][ T3759] loop0: detected capacity change from 0 to 4096
[   73.452250][ T3759] NILFS (loop0): invalid segment: Checksum error in segment payload
[   73.460363][ T3759] NILFS (loop0): trying rollback from an earlier position
[   73.473979][ T3759] NILFS (loop0): recovery complete
[pid  3759] close(4)                    = 0
[pid  3759] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3759] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3759] creat("./bus", 000)         = 4
[pid  3759] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3759] ftruncate(4, 2048)          = 0
[pid  3759] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3759] open("./bus", O_RDONLY)     = 5
[   73.479948][ T3760] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   73.499225][   T27] audit: type=1804 audit(1670457105.409:63): pid=3759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/61/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3759] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3759] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3759] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3759] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3759] open(".", O_RDONLY)         = 6
[pid  3759] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3759] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3759] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3759] close(3)                    = 0
[pid  3759] close(4)                    = 0
[pid  3759] close(5)                    = 0
[pid  3759] close(6)                    = 0
[pid  3759] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3759] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3759] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3759] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3759] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3759] exit_group(0)               = ?
[pid  3759] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=64, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./61/binderfs")     = 0
[pid  3632] umount2("./61/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./61/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./61/cgroup")       = 0
[pid  3632] umount2("./61/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./61/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./61/cgroup.net")   = 0
[pid  3632] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./61/file0")         = 0
[pid  3632] umount2("./61/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./61/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./61/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./61")               = 0
[pid  3632] mkdir("./62", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 65
./strace-static-x86_64: Process 3761 attached
[pid  3761] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3761] chdir("./62")               = 0
[pid  3761] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3761] setpgid(0, 0)               = 0
[pid  3761] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3761] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3761] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3761] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3761] write(3, "1000", 4)         = 4
[pid  3761] close(3)                    = 0
[pid  3761] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3761] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3761] memfd_create("syzkaller", 0) = 3
[pid  3761] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3761] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3761] munmap(0x7fd662669000, 2097152) = 0
[pid  3761] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3761] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3761] close(3)                    = 0
[pid  3761] mkdir("./file0", 0777)      = 0
[   73.777369][ T3761] loop0: detected capacity change from 0 to 4096
[   73.793452][ T3761] NILFS (loop0): invalid segment: Checksum error in segment payload
[   73.801755][ T3761] NILFS (loop0): trying rollback from an earlier position
[   73.815991][ T3761] NILFS (loop0): recovery complete
[pid  3761] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3761] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3761] chdir("./file0")            = 0
[pid  3761] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3761] close(4)                    = 0
[pid  3761] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3761] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3761] creat("./bus", 000)         = 4
[pid  3761] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3761] ftruncate(4, 2048)          = 0
[pid  3761] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3761] open("./bus", O_RDONLY)     = 5
[   73.822491][ T3762] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   73.829647][   T27] audit: type=1804 audit(1670457105.739:64): pid=3761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/62/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3761] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3761] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3761] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3761] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3761] open(".", O_RDONLY)         = 6
[pid  3761] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3761] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3761] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3761] close(3)                    = 0
[pid  3761] close(4)                    = 0
[pid  3761] close(5)                    = 0
[pid  3761] close(6)                    = 0
[pid  3761] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3761] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3761] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3761] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3761] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3761] exit_group(0)               = ?
[pid  3761] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=65, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./62/binderfs")     = 0
[pid  3632] umount2("./62/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./62/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./62/cgroup")       = 0
[pid  3632] umount2("./62/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./62/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./62/cgroup.net")   = 0
[pid  3632] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./62/file0")         = 0
[pid  3632] umount2("./62/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./62/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./62/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./62")               = 0
[pid  3632] mkdir("./63", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 66
./strace-static-x86_64: Process 3763 attached
[pid  3763] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3763] chdir("./63")               = 0
[pid  3763] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3763] setpgid(0, 0)               = 0
[pid  3763] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3763] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3763] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3763] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3763] write(3, "1000", 4)         = 4
[pid  3763] close(3)                    = 0
[pid  3763] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3763] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3763] memfd_create("syzkaller", 0) = 3
[pid  3763] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3763] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3763] munmap(0x7fd662669000, 2097152) = 0
[pid  3763] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3763] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3763] close(3)                    = 0
[pid  3763] mkdir("./file0", 0777)      = 0
[   74.118314][ T3763] loop0: detected capacity change from 0 to 4096
[   74.133488][ T3763] NILFS (loop0): invalid segment: Checksum error in segment payload
[   74.141615][ T3763] NILFS (loop0): trying rollback from an earlier position
[   74.154810][ T3763] NILFS (loop0): recovery complete
[pid  3763] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3763] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3763] chdir("./file0")            = 0
[pid  3763] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3763] close(4)                    = 0
[pid  3763] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3763] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3763] creat("./bus", 000)         = 4
[pid  3763] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3763] ftruncate(4, 2048)          = 0
[pid  3763] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3763] open("./bus", O_RDONLY)     = 5
[   74.161093][ T3764] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   74.185097][   T27] audit: type=1804 audit(1670457106.089:65): pid=3763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/63/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3763] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3763] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3763] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3763] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3763] open(".", O_RDONLY)         = 6
[pid  3763] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3763] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3763] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3763] close(3)                    = 0
[pid  3763] close(4)                    = 0
[pid  3763] close(5)                    = 0
[pid  3763] close(6)                    = 0
[pid  3763] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3763] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3763] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3763] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3763] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3763] exit_group(0)               = ?
[pid  3763] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=66, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./63/binderfs")     = 0
[pid  3632] umount2("./63/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./63/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./63/cgroup")       = 0
[pid  3632] umount2("./63/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./63/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./63/cgroup.net")   = 0
[pid  3632] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./63/file0")         = 0
[pid  3632] umount2("./63/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./63/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./63/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./63")               = 0
[pid  3632] mkdir("./64", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3765 attached
 <unfinished ...>
[pid  3765] set_robust_list(0x5555573f25e0, 24 <unfinished ...>
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 67
[pid  3765] <... set_robust_list resumed>) = 0
[pid  3765] chdir("./64")               = 0
[pid  3765] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3765] setpgid(0, 0)               = 0
[pid  3765] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3765] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3765] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3765] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3765] write(3, "1000", 4)         = 4
[pid  3765] close(3)                    = 0
[pid  3765] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3765] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3765] memfd_create("syzkaller", 0) = 3
[pid  3765] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3765] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3765] munmap(0x7fd662669000, 2097152) = 0
[pid  3765] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3765] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3765] close(3)                    = 0
[pid  3765] mkdir("./file0", 0777)      = 0
[pid  3765] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3765] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3765] chdir("./file0")            = 0
[pid  3765] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3765] close(4)                    = 0
[pid  3765] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3765] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[   74.472610][ T3765] loop0: detected capacity change from 0 to 4096
[   74.488657][ T3765] NILFS (loop0): invalid segment: Checksum error in segment payload
[   74.496785][ T3765] NILFS (loop0): trying rollback from an earlier position
[   74.510404][ T3765] NILFS (loop0): recovery complete
[pid  3765] creat("./bus", 000)         = 4
[pid  3765] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3765] ftruncate(4, 2048)          = 0
[pid  3765] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3765] open("./bus", O_RDONLY)     = 5
[   74.516577][ T3766] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   74.526432][   T27] audit: type=1804 audit(1670457106.429:66): pid=3765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/64/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3765] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3765] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3765] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3765] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3765] open(".", O_RDONLY)         = 6
[pid  3765] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3765] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3765] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3765] close(3)                    = 0
[pid  3765] close(4)                    = 0
[pid  3765] close(5)                    = 0
[pid  3765] close(6)                    = 0
[pid  3765] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3765] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3765] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3765] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3765] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3765] exit_group(0)               = ?
[pid  3765] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=67, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./64/binderfs")     = 0
[pid  3632] umount2("./64/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./64/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./64/cgroup")       = 0
[pid  3632] umount2("./64/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./64/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./64/cgroup.net")   = 0
[pid  3632] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./64/file0")         = 0
[pid  3632] umount2("./64/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./64/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./64/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./64")               = 0
[pid  3632] mkdir("./65", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 68
./strace-static-x86_64: Process 3767 attached
[pid  3767] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3767] chdir("./65")               = 0
[pid  3767] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3767] setpgid(0, 0)               = 0
[pid  3767] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3767] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3767] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3767] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3767] write(3, "1000", 4)         = 4
[pid  3767] close(3)                    = 0
[pid  3767] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3767] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3767] memfd_create("syzkaller", 0) = 3
[pid  3767] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3767] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3767] munmap(0x7fd662669000, 2097152) = 0
[pid  3767] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3767] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3767] close(3)                    = 0
[pid  3767] mkdir("./file0", 0777)      = 0
[   74.837317][ T3767] loop0: detected capacity change from 0 to 4096
[   74.852705][ T3767] NILFS (loop0): invalid segment: Checksum error in segment payload
[   74.860993][ T3767] NILFS (loop0): trying rollback from an earlier position
[   74.873772][ T3767] NILFS (loop0): recovery complete
[pid  3767] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3767] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3767] chdir("./file0")            = 0
[pid  3767] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3767] close(4)                    = 0
[pid  3767] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3767] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3767] creat("./bus", 000)         = 4
[pid  3767] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3767] ftruncate(4, 2048)          = 0
[pid  3767] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3767] open("./bus", O_RDONLY)     = 5
[   74.879581][ T3768] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   74.896485][   T27] audit: type=1804 audit(1670457106.799:67): pid=3767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/65/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3767] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3767] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3767] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3767] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3767] open(".", O_RDONLY)         = 6
[pid  3767] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3767] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3767] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3767] close(3)                    = 0
[pid  3767] close(4)                    = 0
[pid  3767] close(5)                    = 0
[pid  3767] close(6)                    = 0
[pid  3767] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3767] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3767] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3767] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3767] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3767] exit_group(0)               = ?
[pid  3767] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=68, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./65/binderfs")     = 0
[pid  3632] umount2("./65/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./65/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./65/cgroup")       = 0
[pid  3632] umount2("./65/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./65/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./65/cgroup.net")   = 0
[pid  3632] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./65/file0")         = 0
[pid  3632] umount2("./65/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./65/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./65/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./65")               = 0
[pid  3632] mkdir("./66", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 69
./strace-static-x86_64: Process 3769 attached
[pid  3769] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3769] chdir("./66")               = 0
[pid  3769] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3769] setpgid(0, 0)               = 0
[pid  3769] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3769] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3769] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3769] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3769] write(3, "1000", 4)         = 4
[pid  3769] close(3)                    = 0
[pid  3769] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3769] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3769] memfd_create("syzkaller", 0) = 3
[pid  3769] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3769] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3769] munmap(0x7fd662669000, 2097152) = 0
[pid  3769] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3769] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3769] close(3)                    = 0
[pid  3769] mkdir("./file0", 0777)      = 0
[   75.184975][ T3769] loop0: detected capacity change from 0 to 4096
[   75.201040][ T3769] NILFS (loop0): invalid segment: Checksum error in segment payload
[   75.209199][ T3769] NILFS (loop0): trying rollback from an earlier position
[   75.222539][ T3769] NILFS (loop0): recovery complete
[pid  3769] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3769] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3769] chdir("./file0")            = 0
[pid  3769] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3769] close(4)                    = 0
[pid  3769] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3769] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3769] creat("./bus", 000)         = 4
[pid  3769] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3769] ftruncate(4, 2048)          = 0
[pid  3769] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3769] open("./bus", O_RDONLY)     = 5
[   75.229183][ T3770] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   75.243660][   T27] audit: type=1804 audit(1670457107.149:68): pid=3769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/66/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3769] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3769] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3769] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3769] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3769] open(".", O_RDONLY)         = 6
[pid  3769] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3769] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3769] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3769] close(3)                    = 0
[pid  3769] close(4)                    = 0
[pid  3769] close(5)                    = 0
[pid  3769] close(6)                    = 0
[pid  3769] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3769] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3769] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3769] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3769] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3769] exit_group(0)               = ?
[pid  3769] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=69, si_uid=0, si_status=0, si_utime=0, si_stime=13} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./66/binderfs")     = 0
[pid  3632] umount2("./66/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./66/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./66/cgroup")       = 0
[pid  3632] umount2("./66/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./66/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./66/cgroup.net")   = 0
[pid  3632] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./66/file0")         = 0
[pid  3632] umount2("./66/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./66/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./66/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./66")               = 0
[pid  3632] mkdir("./67", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 70
./strace-static-x86_64: Process 3771 attached
[pid  3771] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3771] chdir("./67")               = 0
[pid  3771] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3771] setpgid(0, 0)               = 0
[pid  3771] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3771] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3771] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3771] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3771] write(3, "1000", 4)         = 4
[pid  3771] close(3)                    = 0
[pid  3771] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3771] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3771] memfd_create("syzkaller", 0) = 3
[pid  3771] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3771] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3771] munmap(0x7fd662669000, 2097152) = 0
[pid  3771] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3771] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3771] close(3)                    = 0
[pid  3771] mkdir("./file0", 0777)      = 0
[pid  3771] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3771] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3771] chdir("./file0")            = 0
[pid  3771] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3771] close(4)                    = 0
[pid  3771] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3771] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[   75.539343][ T3771] loop0: detected capacity change from 0 to 4096
[   75.555115][ T3771] NILFS (loop0): invalid segment: Checksum error in segment payload
[   75.563415][ T3771] NILFS (loop0): trying rollback from an earlier position
[   75.577190][ T3771] NILFS (loop0): recovery complete
[pid  3771] creat("./bus", 000)         = 4
[pid  3771] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3771] ftruncate(4, 2048)          = 0
[pid  3771] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3771] open("./bus", O_RDONLY)     = 5
[   75.583576][ T3772] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   75.599863][   T27] audit: type=1804 audit(1670457107.499:69): pid=3771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/67/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3771] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3771] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3771] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3771] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3771] open(".", O_RDONLY)         = 6
[pid  3771] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3771] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3771] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3771] close(3)                    = 0
[pid  3771] close(4)                    = 0
[pid  3771] close(5)                    = 0
[pid  3771] close(6)                    = 0
[pid  3771] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3771] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3771] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3771] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3771] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3771] exit_group(0)               = ?
[pid  3771] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=70, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./67/binderfs")     = 0
[pid  3632] umount2("./67/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./67/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./67/cgroup")       = 0
[pid  3632] umount2("./67/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./67/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./67/cgroup.net")   = 0
[pid  3632] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./67/file0")         = 0
[pid  3632] umount2("./67/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./67/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./67/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./67")               = 0
[pid  3632] mkdir("./68", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 71
./strace-static-x86_64: Process 3773 attached
[pid  3773] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3773] chdir("./68")               = 0
[pid  3773] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3773] setpgid(0, 0)               = 0
[pid  3773] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3773] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3773] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3773] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3773] write(3, "1000", 4)         = 4
[pid  3773] close(3)                    = 0
[pid  3773] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3773] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3773] memfd_create("syzkaller", 0) = 3
[pid  3773] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3773] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3773] munmap(0x7fd662669000, 2097152) = 0
[pid  3773] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3773] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3773] close(3)                    = 0
[pid  3773] mkdir("./file0", 0777)      = 0
[   75.888311][ T3773] loop0: detected capacity change from 0 to 4096
[   75.903231][ T3773] NILFS (loop0): invalid segment: Checksum error in segment payload
[   75.911362][ T3773] NILFS (loop0): trying rollback from an earlier position
[   75.925229][ T3773] NILFS (loop0): recovery complete
[pid  3773] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3773] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3773] chdir("./file0")            = 0
[pid  3773] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3773] close(4)                    = 0
[pid  3773] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3773] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3773] creat("./bus", 000)         = 4
[pid  3773] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3773] ftruncate(4, 2048)          = 0
[pid  3773] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3773] open("./bus", O_RDONLY)     = 5
[   75.931136][ T3774] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3773] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3773] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3773] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3773] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3773] open(".", O_RDONLY)         = 6
[pid  3773] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3773] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3773] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3773] close(3)                    = 0
[pid  3773] close(4)                    = 0
[pid  3773] close(5)                    = 0
[pid  3773] close(6)                    = 0
[pid  3773] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3773] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3773] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3773] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3773] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3773] exit_group(0)               = ?
[pid  3773] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=71, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./68/binderfs")     = 0
[pid  3632] umount2("./68/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./68/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./68/cgroup")       = 0
[pid  3632] umount2("./68/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./68/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./68/cgroup.net")   = 0
[pid  3632] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./68/file0")         = 0
[pid  3632] umount2("./68/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./68/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./68/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./68")               = 0
[pid  3632] mkdir("./69", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 72
./strace-static-x86_64: Process 3775 attached
[pid  3775] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3775] chdir("./69")               = 0
[pid  3775] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3775] setpgid(0, 0)               = 0
[pid  3775] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3775] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3775] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3775] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3775] write(3, "1000", 4)         = 4
[pid  3775] close(3)                    = 0
[pid  3775] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3775] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3775] memfd_create("syzkaller", 0) = 3
[pid  3775] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3775] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3775] munmap(0x7fd662669000, 2097152) = 0
[pid  3775] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3775] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3775] close(3)                    = 0
[pid  3775] mkdir("./file0", 0777)      = 0
[   76.216708][ T3775] loop0: detected capacity change from 0 to 4096
[   76.231487][ T3775] NILFS (loop0): invalid segment: Checksum error in segment payload
[   76.239553][ T3775] NILFS (loop0): trying rollback from an earlier position
[   76.252752][ T3775] NILFS (loop0): recovery complete
[pid  3775] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3775] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3775] chdir("./file0")            = 0
[pid  3775] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3775] close(4)                    = 0
[pid  3775] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3775] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3775] creat("./bus", 000)         = 4
[pid  3775] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3775] ftruncate(4, 2048)          = 0
[pid  3775] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3775] open("./bus", O_RDONLY)     = 5
[   76.259762][ T3776] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3775] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3775] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3775] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3775] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3775] open(".", O_RDONLY)         = 6
[pid  3775] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3775] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3775] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3775] close(3)                    = 0
[pid  3775] close(4)                    = 0
[pid  3775] close(5)                    = 0
[pid  3775] close(6)                    = 0
[pid  3775] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3775] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3775] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3775] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3775] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3775] exit_group(0)               = ?
[pid  3775] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=72, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./69/binderfs")     = 0
[pid  3632] umount2("./69/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./69/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./69/cgroup")       = 0
[pid  3632] umount2("./69/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./69/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./69/cgroup.net")   = 0
[pid  3632] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./69/file0")         = 0
[pid  3632] umount2("./69/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./69/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./69/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./69")               = 0
[pid  3632] mkdir("./70", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 73
./strace-static-x86_64: Process 3777 attached
[pid  3777] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3777] chdir("./70")               = 0
[pid  3777] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3777] setpgid(0, 0)               = 0
[pid  3777] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3777] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3777] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3777] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3777] write(3, "1000", 4)         = 4
[pid  3777] close(3)                    = 0
[pid  3777] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3777] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3777] memfd_create("syzkaller", 0) = 3
[pid  3777] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3777] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3777] munmap(0x7fd662669000, 2097152) = 0
[pid  3777] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3777] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3777] close(3)                    = 0
[pid  3777] mkdir("./file0", 0777)      = 0
[   76.559454][ T3777] loop0: detected capacity change from 0 to 4096
[   76.574143][ T3777] NILFS (loop0): invalid segment: Checksum error in segment payload
[   76.582211][ T3777] NILFS (loop0): trying rollback from an earlier position
[   76.595671][ T3777] NILFS (loop0): recovery complete
[pid  3777] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3777] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3777] chdir("./file0")            = 0
[pid  3777] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3777] close(4)                    = 0
[pid  3777] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3777] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3777] creat("./bus", 000)         = 4
[pid  3777] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3777] ftruncate(4, 2048)          = 0
[pid  3777] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3777] open("./bus", O_RDONLY)     = 5
[   76.602021][ T3778] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3777] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3777] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3777] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3777] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3777] open(".", O_RDONLY)         = 6
[pid  3777] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3777] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3777] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3777] close(3)                    = 0
[pid  3777] close(4)                    = 0
[pid  3777] close(5)                    = 0
[pid  3777] close(6)                    = 0
[pid  3777] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3777] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3777] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3777] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3777] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3777] exit_group(0)               = ?
[pid  3777] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=73, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./70/binderfs")     = 0
[pid  3632] umount2("./70/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./70/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./70/cgroup")       = 0
[pid  3632] umount2("./70/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./70/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./70/cgroup.net")   = 0
[pid  3632] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./70/file0")         = 0
[pid  3632] umount2("./70/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./70/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./70/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./70")               = 0
[pid  3632] mkdir("./71", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 74
./strace-static-x86_64: Process 3779 attached
[pid  3779] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3779] chdir("./71")               = 0
[pid  3779] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3779] setpgid(0, 0)               = 0
[pid  3779] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3779] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3779] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3779] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3779] write(3, "1000", 4)         = 4
[pid  3779] close(3)                    = 0
[pid  3779] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3779] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3779] memfd_create("syzkaller", 0) = 3
[pid  3779] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3779] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3779] munmap(0x7fd662669000, 2097152) = 0
[pid  3779] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3779] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3779] close(3)                    = 0
[pid  3779] mkdir("./file0", 0777)      = 0
[   76.901699][ T3779] loop0: detected capacity change from 0 to 4096
[   76.916227][ T3779] NILFS (loop0): invalid segment: Checksum error in segment payload
[   76.924335][ T3779] NILFS (loop0): trying rollback from an earlier position
[   76.938031][ T3779] NILFS (loop0): recovery complete
[pid  3779] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3779] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3779] chdir("./file0")            = 0
[pid  3779] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3779] close(4)                    = 0
[pid  3779] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3779] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3779] creat("./bus", 000)         = 4
[pid  3779] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3779] ftruncate(4, 2048)          = 0
[pid  3779] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3779] open("./bus", O_RDONLY)     = 5
[   76.944204][ T3780] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3779] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3779] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3779] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3779] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3779] open(".", O_RDONLY)         = 6
[pid  3779] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3779] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3779] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3779] close(3)                    = 0
[pid  3779] close(4)                    = 0
[pid  3779] close(5)                    = 0
[pid  3779] close(6)                    = 0
[pid  3779] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3779] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3779] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3779] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3779] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3779] exit_group(0)               = ?
[pid  3779] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=74, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./71/binderfs")     = 0
[pid  3632] umount2("./71/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./71/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./71/cgroup")       = 0
[pid  3632] umount2("./71/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./71/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./71/cgroup.net")   = 0
[pid  3632] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./71/file0")         = 0
[pid  3632] umount2("./71/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./71/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./71/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./71")               = 0
[pid  3632] mkdir("./72", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 75
./strace-static-x86_64: Process 3781 attached
[pid  3781] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3781] chdir("./72")               = 0
[pid  3781] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3781] setpgid(0, 0)               = 0
[pid  3781] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3781] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3781] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3781] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3781] write(3, "1000", 4)         = 4
[pid  3781] close(3)                    = 0
[pid  3781] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3781] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3781] memfd_create("syzkaller", 0) = 3
[pid  3781] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3781] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3781] munmap(0x7fd662669000, 2097152) = 0
[pid  3781] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3781] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3781] close(3)                    = 0
[pid  3781] mkdir("./file0", 0777)      = 0
[   77.236264][ T3781] loop0: detected capacity change from 0 to 4096
[   77.250792][ T3781] NILFS (loop0): invalid segment: Checksum error in segment payload
[   77.258919][ T3781] NILFS (loop0): trying rollback from an earlier position
[   77.272190][ T3781] NILFS (loop0): recovery complete
[pid  3781] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3781] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3781] chdir("./file0")            = 0
[pid  3781] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3781] close(4)                    = 0
[pid  3781] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3781] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3781] creat("./bus", 000)         = 4
[pid  3781] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3781] ftruncate(4, 2048)          = 0
[pid  3781] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3781] open("./bus", O_RDONLY)     = 5
[   77.277954][ T3782] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3781] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3781] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3781] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3781] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3781] open(".", O_RDONLY)         = 6
[pid  3781] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3781] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3781] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3781] close(3)                    = 0
[pid  3781] close(4)                    = 0
[pid  3781] close(5)                    = 0
[pid  3781] close(6)                    = 0
[pid  3781] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3781] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3781] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3781] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3781] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3781] exit_group(0)               = ?
[pid  3781] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=75, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./72/binderfs")     = 0
[pid  3632] umount2("./72/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./72/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./72/cgroup")       = 0
[pid  3632] umount2("./72/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./72/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./72/cgroup.net")   = 0
[pid  3632] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./72/file0")         = 0
[pid  3632] umount2("./72/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./72/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./72/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./72")               = 0
[pid  3632] mkdir("./73", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 76
./strace-static-x86_64: Process 3783 attached
[pid  3783] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3783] chdir("./73")               = 0
[pid  3783] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3783] setpgid(0, 0)               = 0
[pid  3783] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3783] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3783] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3783] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3783] write(3, "1000", 4)         = 4
[pid  3783] close(3)                    = 0
[pid  3783] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3783] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3783] memfd_create("syzkaller", 0) = 3
[pid  3783] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3783] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3783] munmap(0x7fd662669000, 2097152) = 0
[pid  3783] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3783] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3783] close(3)                    = 0
[pid  3783] mkdir("./file0", 0777)      = 0
[   77.577400][ T3783] loop0: detected capacity change from 0 to 4096
[   77.591578][ T3783] NILFS (loop0): invalid segment: Checksum error in segment payload
[   77.599800][ T3783] NILFS (loop0): trying rollback from an earlier position
[   77.612565][ T3783] NILFS (loop0): recovery complete
[pid  3783] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3783] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3783] chdir("./file0")            = 0
[pid  3783] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3783] close(4)                    = 0
[pid  3783] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3783] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3783] creat("./bus", 000)         = 4
[pid  3783] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3783] ftruncate(4, 2048)          = 0
[pid  3783] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3783] open("./bus", O_RDONLY)     = 5
[   77.618406][ T3784] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   77.643574][   T27] kauditd_printk_skb: 5 callbacks suppressed
[   77.643587][   T27] audit: type=1804 audit(1670457109.549:75): pid=3783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/73/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3783] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3783] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3783] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3783] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3783] open(".", O_RDONLY)         = 6
[pid  3783] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3783] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3783] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3783] close(3)                    = 0
[pid  3783] close(4)                    = 0
[pid  3783] close(5)                    = 0
[pid  3783] close(6)                    = 0
[pid  3783] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3783] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3783] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3783] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3783] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3783] exit_group(0)               = ?
[pid  3783] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=76, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./73/binderfs")     = 0
[pid  3632] umount2("./73/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./73/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./73/cgroup")       = 0
[pid  3632] umount2("./73/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./73/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./73/cgroup.net")   = 0
[pid  3632] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./73/file0")         = 0
[pid  3632] umount2("./73/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./73/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./73/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./73")               = 0
[pid  3632] mkdir("./74", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 77
./strace-static-x86_64: Process 3785 attached
[pid  3785] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3785] chdir("./74")               = 0
[pid  3785] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3785] setpgid(0, 0)               = 0
[pid  3785] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3785] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3785] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3785] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3785] write(3, "1000", 4)         = 4
[pid  3785] close(3)                    = 0
[pid  3785] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3785] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3785] memfd_create("syzkaller", 0) = 3
[pid  3785] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3785] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3785] munmap(0x7fd662669000, 2097152) = 0
[pid  3785] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3785] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3785] close(3)                    = 0
[pid  3785] mkdir("./file0", 0777)      = 0
[pid  3785] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3785] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3785] chdir("./file0")            = 0
[pid  3785] ioctl(4, LOOP_CLR_FD)       = 0
[   77.920175][ T3785] loop0: detected capacity change from 0 to 4096
[   77.936065][ T3785] NILFS (loop0): invalid segment: Checksum error in segment payload
[   77.944174][ T3785] NILFS (loop0): trying rollback from an earlier position
[   77.957403][ T3785] NILFS (loop0): recovery complete
[pid  3785] close(4)                    = 0
[pid  3785] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3785] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3785] creat("./bus", 000)         = 4
[pid  3785] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3785] ftruncate(4, 2048)          = 0
[pid  3785] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3785] open("./bus", O_RDONLY)     = 5
[   77.963382][ T3786] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   77.978315][   T27] audit: type=1804 audit(1670457109.889:76): pid=3785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/74/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3785] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3785] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3785] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3785] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3785] open(".", O_RDONLY)         = 6
[pid  3785] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3785] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3785] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3785] close(3)                    = 0
[pid  3785] close(4)                    = 0
[pid  3785] close(5)                    = 0
[pid  3785] close(6)                    = 0
[pid  3785] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3785] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3785] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3785] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3785] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3785] exit_group(0)               = ?
[pid  3785] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=77, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./74/binderfs")     = 0
[pid  3632] umount2("./74/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./74/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./74/cgroup")       = 0
[pid  3632] umount2("./74/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./74/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./74/cgroup.net")   = 0
[pid  3632] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./74/file0")         = 0
[pid  3632] umount2("./74/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./74/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./74/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./74")               = 0
[pid  3632] mkdir("./75", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 78
./strace-static-x86_64: Process 3787 attached
[pid  3787] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3787] chdir("./75")               = 0
[pid  3787] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3787] setpgid(0, 0)               = 0
[pid  3787] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3787] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3787] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3787] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3787] write(3, "1000", 4)         = 4
[pid  3787] close(3)                    = 0
[pid  3787] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3787] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3787] memfd_create("syzkaller", 0) = 3
[pid  3787] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3787] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3787] munmap(0x7fd662669000, 2097152) = 0
[pid  3787] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3787] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3787] close(3)                    = 0
[pid  3787] mkdir("./file0", 0777)      = 0
[   78.251408][ T3787] loop0: detected capacity change from 0 to 4096
[   78.266079][ T3787] NILFS (loop0): invalid segment: Checksum error in segment payload
[   78.274285][ T3787] NILFS (loop0): trying rollback from an earlier position
[   78.288098][ T3787] NILFS (loop0): recovery complete
[pid  3787] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3787] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3787] chdir("./file0")            = 0
[pid  3787] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3787] close(4)                    = 0
[pid  3787] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3787] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3787] creat("./bus", 000)         = 4
[pid  3787] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3787] ftruncate(4, 2048)          = 0
[pid  3787] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3787] open("./bus", O_RDONLY)     = 5
[   78.294878][ T3788] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   78.299463][   T27] audit: type=1804 audit(1670457110.209:77): pid=3787 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/75/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3787] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3787] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3787] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3787] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3787] open(".", O_RDONLY)         = 6
[pid  3787] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3787] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3787] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3787] close(3)                    = 0
[pid  3787] close(4)                    = 0
[pid  3787] close(5)                    = 0
[pid  3787] close(6)                    = 0
[pid  3787] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3787] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3787] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3787] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3787] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3787] exit_group(0)               = ?
[pid  3787] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=78, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./75/binderfs")     = 0
[pid  3632] umount2("./75/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./75/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./75/cgroup")       = 0
[pid  3632] umount2("./75/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./75/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./75/cgroup.net")   = 0
[pid  3632] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./75/file0")         = 0
[pid  3632] umount2("./75/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./75/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./75/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./75")               = 0
[pid  3632] mkdir("./76", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 79
./strace-static-x86_64: Process 3789 attached
[pid  3789] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3789] chdir("./76")               = 0
[pid  3789] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3789] setpgid(0, 0)               = 0
[pid  3789] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3789] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3789] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3789] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3789] write(3, "1000", 4)         = 4
[pid  3789] close(3)                    = 0
[pid  3789] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3789] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3789] memfd_create("syzkaller", 0) = 3
[pid  3789] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3789] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3789] munmap(0x7fd662669000, 2097152) = 0
[pid  3789] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3789] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3789] close(3)                    = 0
[pid  3789] mkdir("./file0", 0777)      = 0
[   78.603144][ T3789] loop0: detected capacity change from 0 to 4096
[   78.619283][ T3789] NILFS (loop0): invalid segment: Checksum error in segment payload
[   78.627288][ T3789] NILFS (loop0): trying rollback from an earlier position
[   78.640651][ T3789] NILFS (loop0): recovery complete
[pid  3789] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3789] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3789] chdir("./file0")            = 0
[pid  3789] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3789] close(4)                    = 0
[pid  3789] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3789] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3789] creat("./bus", 000)         = 4
[pid  3789] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3789] ftruncate(4, 2048)          = 0
[pid  3789] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3789] open("./bus", O_RDONLY)     = 5
[   78.646643][ T3790] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   78.665227][   T27] audit: type=1804 audit(1670457110.569:78): pid=3789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/76/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3789] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3789] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3789] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3789] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3789] open(".", O_RDONLY)         = 6
[pid  3789] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3789] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3789] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3789] close(3)                    = 0
[pid  3789] close(4)                    = 0
[pid  3789] close(5)                    = 0
[pid  3789] close(6)                    = 0
[pid  3789] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3789] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3789] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3789] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3789] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3789] exit_group(0)               = ?
[pid  3789] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=79, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./76/binderfs")     = 0
[pid  3632] umount2("./76/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./76/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./76/cgroup")       = 0
[pid  3632] umount2("./76/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./76/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./76/cgroup.net")   = 0
[pid  3632] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./76/file0")         = 0
[pid  3632] umount2("./76/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./76/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./76/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./76")               = 0
[pid  3632] mkdir("./77", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 80
./strace-static-x86_64: Process 3791 attached
[pid  3791] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3791] chdir("./77")               = 0
[pid  3791] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3791] setpgid(0, 0)               = 0
[pid  3791] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3791] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3791] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3791] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3791] write(3, "1000", 4)         = 4
[pid  3791] close(3)                    = 0
[pid  3791] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3791] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3791] memfd_create("syzkaller", 0) = 3
[pid  3791] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3791] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3791] munmap(0x7fd662669000, 2097152) = 0
[pid  3791] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3791] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3791] close(3)                    = 0
[pid  3791] mkdir("./file0", 0777)      = 0
[   78.946607][ T3791] loop0: detected capacity change from 0 to 4096
[   78.962156][ T3791] NILFS (loop0): invalid segment: Checksum error in segment payload
[   78.970447][ T3791] NILFS (loop0): trying rollback from an earlier position
[   78.984849][ T3791] NILFS (loop0): recovery complete
[pid  3791] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3791] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3791] chdir("./file0")            = 0
[pid  3791] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3791] close(4)                    = 0
[pid  3791] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3791] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3791] creat("./bus", 000)         = 4
[pid  3791] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3791] ftruncate(4, 2048)          = 0
[pid  3791] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3791] open("./bus", O_RDONLY)     = 5
[   78.991144][ T3792] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   78.997626][   T27] audit: type=1804 audit(1670457110.899:79): pid=3791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/77/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3791] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3791] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3791] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3791] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3791] open(".", O_RDONLY)         = 6
[pid  3791] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3791] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3791] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3791] close(3)                    = 0
[pid  3791] close(4)                    = 0
[pid  3791] close(5)                    = 0
[pid  3791] close(6)                    = 0
[pid  3791] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3791] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3791] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3791] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3791] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3791] exit_group(0)               = ?
[pid  3791] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=80, si_uid=0, si_status=0, si_utime=0, si_stime=13} ---
[pid  3632] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./77/binderfs")     = 0
[pid  3632] umount2("./77/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./77/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./77/cgroup")       = 0
[pid  3632] umount2("./77/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./77/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./77/cgroup.net")   = 0
[pid  3632] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./77/file0")         = 0
[pid  3632] umount2("./77/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./77/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./77/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./77")               = 0
[pid  3632] mkdir("./78", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 81
./strace-static-x86_64: Process 3793 attached
[pid  3793] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3793] chdir("./78")               = 0
[pid  3793] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3793] setpgid(0, 0)               = 0
[pid  3793] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3793] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3793] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3793] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3793] write(3, "1000", 4)         = 4
[pid  3793] close(3)                    = 0
[pid  3793] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3793] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3793] memfd_create("syzkaller", 0) = 3
[pid  3793] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3793] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3793] munmap(0x7fd662669000, 2097152) = 0
[pid  3793] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3793] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3793] close(3)                    = 0
[pid  3793] mkdir("./file0", 0777)      = 0
[   79.302240][ T3793] loop0: detected capacity change from 0 to 4096
[   79.317750][ T3793] NILFS (loop0): invalid segment: Checksum error in segment payload
[   79.326552][ T3793] NILFS (loop0): trying rollback from an earlier position
[   79.341019][ T3793] NILFS (loop0): recovery complete
[pid  3793] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3793] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3793] chdir("./file0")            = 0
[pid  3793] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3793] close(4)                    = 0
[pid  3793] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3793] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3793] creat("./bus", 000)         = 4
[pid  3793] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3793] ftruncate(4, 2048)          = 0
[pid  3793] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3793] open("./bus", O_RDONLY)     = 5
[   79.347769][ T3794] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   79.351648][   T27] audit: type=1804 audit(1670457111.249:80): pid=3793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/78/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3793] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3793] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3793] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3793] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3793] open(".", O_RDONLY)         = 6
[pid  3793] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3793] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3793] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3793] close(3)                    = 0
[pid  3793] close(4)                    = 0
[pid  3793] close(5)                    = 0
[pid  3793] close(6)                    = 0
[pid  3793] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3793] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3793] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3793] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3793] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3793] exit_group(0)               = ?
[pid  3793] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=81, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./78/binderfs")     = 0
[pid  3632] umount2("./78/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./78/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./78/cgroup")       = 0
[pid  3632] umount2("./78/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./78/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./78/cgroup.net")   = 0
[pid  3632] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./78/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./78/file0")         = 0
[pid  3632] umount2("./78/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./78/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./78/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./78")               = 0
[pid  3632] mkdir("./79", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 82
./strace-static-x86_64: Process 3795 attached
[pid  3795] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3795] chdir("./79")               = 0
[pid  3795] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3795] setpgid(0, 0)               = 0
[pid  3795] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3795] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3795] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3795] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3795] write(3, "1000", 4)         = 4
[pid  3795] close(3)                    = 0
[pid  3795] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3795] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3795] memfd_create("syzkaller", 0) = 3
[pid  3795] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3795] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3795] munmap(0x7fd662669000, 2097152) = 0
[pid  3795] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3795] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3795] close(3)                    = 0
[pid  3795] mkdir("./file0", 0777)      = 0
[   79.650092][ T3795] loop0: detected capacity change from 0 to 4096
[   79.665062][ T3795] NILFS (loop0): invalid segment: Checksum error in segment payload
[   79.673367][ T3795] NILFS (loop0): trying rollback from an earlier position
[   79.687857][ T3795] NILFS (loop0): recovery complete
[pid  3795] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3795] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3795] chdir("./file0")            = 0
[pid  3795] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3795] close(4)                    = 0
[pid  3795] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3795] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3795] creat("./bus", 000)         = 4
[pid  3795] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3795] ftruncate(4, 2048)          = 0
[pid  3795] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3795] open("./bus", O_RDONLY)     = 5
[   79.694116][ T3796] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   79.710779][   T27] audit: type=1804 audit(1670457111.619:81): pid=3795 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/79/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3795] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3795] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3795] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3795] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3795] open(".", O_RDONLY)         = 6
[pid  3795] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3795] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3795] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3795] close(3)                    = 0
[pid  3795] close(4)                    = 0
[pid  3795] close(5)                    = 0
[pid  3795] close(6)                    = 0
[pid  3795] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3795] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3795] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3795] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3795] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3795] exit_group(0)               = ?
[pid  3795] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=82, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./79/binderfs")     = 0
[pid  3632] umount2("./79/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./79/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./79/cgroup")       = 0
[pid  3632] umount2("./79/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./79/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./79/cgroup.net")   = 0
[pid  3632] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./79/file0")         = 0
[pid  3632] umount2("./79/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./79/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./79/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./79")               = 0
[pid  3632] mkdir("./80", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 83
./strace-static-x86_64: Process 3797 attached
[pid  3797] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3797] chdir("./80")               = 0
[pid  3797] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3797] setpgid(0, 0)               = 0
[pid  3797] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3797] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3797] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3797] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3797] write(3, "1000", 4)         = 4
[pid  3797] close(3)                    = 0
[pid  3797] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3797] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3797] memfd_create("syzkaller", 0) = 3
[pid  3797] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3797] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3797] munmap(0x7fd662669000, 2097152) = 0
[pid  3797] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3797] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3797] close(3)                    = 0
[pid  3797] mkdir("./file0", 0777)      = 0
[   79.993803][ T3797] loop0: detected capacity change from 0 to 4096
[   80.009351][ T3797] NILFS (loop0): invalid segment: Checksum error in segment payload
[   80.017354][ T3797] NILFS (loop0): trying rollback from an earlier position
[   80.032153][ T3797] NILFS (loop0): recovery complete
[pid  3797] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3797] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3797] chdir("./file0")            = 0
[pid  3797] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3797] close(4)                    = 0
[pid  3797] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3797] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3797] creat("./bus", 000)         = 4
[pid  3797] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3797] ftruncate(4, 2048)          = 0
[pid  3797] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3797] open("./bus", O_RDONLY)     = 5
[   80.038407][ T3798] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   80.045721][   T27] audit: type=1804 audit(1670457111.939:82): pid=3797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/80/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3797] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3797] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3797] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3797] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3797] open(".", O_RDONLY)         = 6
[pid  3797] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3797] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3797] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3797] close(3)                    = 0
[pid  3797] close(4)                    = 0
[pid  3797] close(5)                    = 0
[pid  3797] close(6)                    = 0
[pid  3797] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3797] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3797] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3797] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3797] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3797] exit_group(0)               = ?
[pid  3797] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=83, si_uid=0, si_status=0, si_utime=0, si_stime=13} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./80/binderfs")     = 0
[pid  3632] umount2("./80/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./80/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./80/cgroup")       = 0
[pid  3632] umount2("./80/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./80/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./80/cgroup.net")   = 0
[pid  3632] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./80/file0")         = 0
[pid  3632] umount2("./80/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./80/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./80/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./80")               = 0
[pid  3632] mkdir("./81", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3799 attached
, child_tidptr=0x5555573f25d0) = 84
[pid  3799] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3799] chdir("./81")               = 0
[pid  3799] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3799] setpgid(0, 0)               = 0
[pid  3799] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3799] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3799] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3799] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3799] write(3, "1000", 4)         = 4
[pid  3799] close(3)                    = 0
[pid  3799] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3799] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3799] memfd_create("syzkaller", 0) = 3
[pid  3799] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3799] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3799] munmap(0x7fd662669000, 2097152) = 0
[pid  3799] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3799] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3799] close(3)                    = 0
[pid  3799] mkdir("./file0", 0777)      = 0
[pid  3799] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3799] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3799] chdir("./file0")            = 0
[pid  3799] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3799] close(4)                    = 0
[pid  3799] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3799] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3799] creat("./bus", 000)         = 4
[pid  3799] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3799] ftruncate(4, 2048)          = 0
[pid  3799] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3799] open("./bus", O_RDONLY)     = 5
[   80.345999][ T3799] loop0: detected capacity change from 0 to 4096
[   80.360546][ T3799] NILFS (loop0): invalid segment: Checksum error in segment payload
[   80.368611][ T3799] NILFS (loop0): trying rollback from an earlier position
[   80.383480][ T3799] NILFS (loop0): recovery complete
[   80.389645][ T3800] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   80.400301][   T27] audit: type=1804 audit(1670457112.299:83): pid=3799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/81/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3799] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3799] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3799] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3799] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3799] open(".", O_RDONLY)         = 6
[pid  3799] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3799] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3799] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3799] close(3)                    = 0
[pid  3799] close(4)                    = 0
[pid  3799] close(5)                    = 0
[pid  3799] close(6)                    = 0
[pid  3799] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3799] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3799] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3799] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3799] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3799] exit_group(0)               = ?
[pid  3799] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=84, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./81/binderfs")     = 0
[pid  3632] umount2("./81/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./81/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./81/cgroup")       = 0
[pid  3632] umount2("./81/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./81/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./81/cgroup.net")   = 0
[pid  3632] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./81/file0")         = 0
[pid  3632] umount2("./81/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./81/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./81/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./81")               = 0
[pid  3632] mkdir("./82", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 85
./strace-static-x86_64: Process 3801 attached
[pid  3801] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3801] chdir("./82")               = 0
[pid  3801] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3801] setpgid(0, 0)               = 0
[pid  3801] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3801] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3801] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3801] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3801] write(3, "1000", 4)         = 4
[pid  3801] close(3)                    = 0
[pid  3801] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3801] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3801] memfd_create("syzkaller", 0) = 3
[pid  3801] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3801] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3801] munmap(0x7fd662669000, 2097152) = 0
[pid  3801] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3801] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3801] close(3)                    = 0
[pid  3801] mkdir("./file0", 0777)      = 0
[pid  3801] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3801] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3801] chdir("./file0")            = 0
[pid  3801] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3801] close(4)                    = 0
[   80.683675][ T3801] loop0: detected capacity change from 0 to 4096
[   80.699234][ T3801] NILFS (loop0): invalid segment: Checksum error in segment payload
[   80.707338][ T3801] NILFS (loop0): trying rollback from an earlier position
[   80.720549][ T3801] NILFS (loop0): recovery complete
[pid  3801] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3801] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3801] creat("./bus", 000)         = 4
[pid  3801] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3801] ftruncate(4, 2048)          = 0
[pid  3801] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3801] open("./bus", O_RDONLY)     = 5
[   80.726387][ T3802] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   80.742369][   T27] audit: type=1804 audit(1670457112.649:84): pid=3801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/82/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3801] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3801] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3801] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3801] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3801] open(".", O_RDONLY)         = 6
[pid  3801] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3801] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3801] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3801] close(3)                    = 0
[pid  3801] close(4)                    = 0
[pid  3801] close(5)                    = 0
[pid  3801] close(6)                    = 0
[pid  3801] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3801] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3801] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3801] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3801] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3801] exit_group(0)               = ?
[pid  3801] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=85, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./82/binderfs")     = 0
[pid  3632] umount2("./82/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./82/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./82/cgroup")       = 0
[pid  3632] umount2("./82/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./82/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./82/cgroup.net")   = 0
[pid  3632] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./82/file0")         = 0
[pid  3632] umount2("./82/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./82/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./82/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./82")               = 0
[pid  3632] mkdir("./83", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 86
./strace-static-x86_64: Process 3803 attached
[pid  3803] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3803] chdir("./83")               = 0
[pid  3803] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3803] setpgid(0, 0)               = 0
[pid  3803] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3803] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3803] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3803] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3803] write(3, "1000", 4)         = 4
[pid  3803] close(3)                    = 0
[pid  3803] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3803] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3803] memfd_create("syzkaller", 0) = 3
[pid  3803] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3803] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3803] munmap(0x7fd662669000, 2097152) = 0
[pid  3803] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3803] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3803] close(3)                    = 0
[pid  3803] mkdir("./file0", 0777)      = 0
[pid  3803] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3803] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3803] chdir("./file0")            = 0
[pid  3803] ioctl(4, LOOP_CLR_FD)       = 0
[   81.036947][ T3803] loop0: detected capacity change from 0 to 4096
[   81.052330][ T3803] NILFS (loop0): invalid segment: Checksum error in segment payload
[   81.060421][ T3803] NILFS (loop0): trying rollback from an earlier position
[   81.075248][ T3803] NILFS (loop0): recovery complete
[pid  3803] close(4)                    = 0
[pid  3803] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3803] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3803] creat("./bus", 000)         = 4
[pid  3803] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3803] ftruncate(4, 2048)          = 0
[pid  3803] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3803] open("./bus", O_RDONLY)     = 5
[   81.081852][ T3804] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3803] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3803] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3803] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3803] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3803] open(".", O_RDONLY)         = 6
[pid  3803] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3803] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3803] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3803] close(3)                    = 0
[pid  3803] close(4)                    = 0
[pid  3803] close(5)                    = 0
[pid  3803] close(6)                    = 0
[pid  3803] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3803] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3803] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3803] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3803] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3803] exit_group(0)               = ?
[pid  3803] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=86, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./83/binderfs")     = 0
[pid  3632] umount2("./83/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./83/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./83/cgroup")       = 0
[pid  3632] umount2("./83/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./83/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./83/cgroup.net")   = 0
[pid  3632] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./83/file0")         = 0
[pid  3632] umount2("./83/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./83/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./83/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./83")               = 0
[pid  3632] mkdir("./84", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 87
./strace-static-x86_64: Process 3805 attached
[pid  3805] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3805] chdir("./84")               = 0
[pid  3805] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3805] setpgid(0, 0)               = 0
[pid  3805] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3805] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3805] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3805] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3805] write(3, "1000", 4)         = 4
[pid  3805] close(3)                    = 0
[pid  3805] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3805] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3805] memfd_create("syzkaller", 0) = 3
[pid  3805] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3805] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3805] munmap(0x7fd662669000, 2097152) = 0
[pid  3805] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3805] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3805] close(3)                    = 0
[pid  3805] mkdir("./file0", 0777)      = 0
[pid  3805] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3805] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3805] chdir("./file0")            = 0
[   81.370106][ T3805] loop0: detected capacity change from 0 to 4096
[   81.385959][ T3805] NILFS (loop0): invalid segment: Checksum error in segment payload
[   81.394041][ T3805] NILFS (loop0): trying rollback from an earlier position
[   81.407996][ T3805] NILFS (loop0): recovery complete
[pid  3805] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3805] close(4)                    = 0
[pid  3805] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3805] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3805] creat("./bus", 000)         = 4
[pid  3805] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3805] ftruncate(4, 2048)          = 0
[pid  3805] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3805] open("./bus", O_RDONLY)     = 5
[   81.414005][ T3806] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3805] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3805] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3805] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3805] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3805] open(".", O_RDONLY)         = 6
[pid  3805] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3805] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3805] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3805] close(3)                    = 0
[pid  3805] close(4)                    = 0
[pid  3805] close(5)                    = 0
[pid  3805] close(6)                    = 0
[pid  3805] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3805] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3805] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3805] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3805] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3805] exit_group(0)               = ?
[pid  3805] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=87, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./84/binderfs")     = 0
[pid  3632] umount2("./84/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./84/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./84/cgroup")       = 0
[pid  3632] umount2("./84/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./84/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./84/cgroup.net")   = 0
[pid  3632] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./84/file0")         = 0
[pid  3632] umount2("./84/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./84/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./84/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./84")               = 0
[pid  3632] mkdir("./85", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 88
./strace-static-x86_64: Process 3807 attached
[pid  3807] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3807] chdir("./85")               = 0
[pid  3807] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3807] setpgid(0, 0)               = 0
[pid  3807] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3807] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3807] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3807] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3807] write(3, "1000", 4)         = 4
[pid  3807] close(3)                    = 0
[pid  3807] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3807] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3807] memfd_create("syzkaller", 0) = 3
[pid  3807] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3807] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3807] munmap(0x7fd662669000, 2097152) = 0
[pid  3807] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3807] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3807] close(3)                    = 0
[pid  3807] mkdir("./file0", 0777)      = 0
[pid  3807] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3807] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3807] chdir("./file0")            = 0
[pid  3807] ioctl(4, LOOP_CLR_FD)       = 0
[   81.702680][ T3807] loop0: detected capacity change from 0 to 4096
[   81.717663][ T3807] NILFS (loop0): invalid segment: Checksum error in segment payload
[   81.725703][ T3807] NILFS (loop0): trying rollback from an earlier position
[   81.739604][ T3807] NILFS (loop0): recovery complete
[pid  3807] close(4)                    = 0
[pid  3807] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3807] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3807] creat("./bus", 000)         = 4
[pid  3807] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3807] ftruncate(4, 2048)          = 0
[pid  3807] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3807] open("./bus", O_RDONLY)     = 5
[   81.745819][ T3808] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3807] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3807] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3807] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3807] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3807] open(".", O_RDONLY)         = 6
[pid  3807] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3807] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3807] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3807] close(3)                    = 0
[pid  3807] close(4)                    = 0
[pid  3807] close(5)                    = 0
[pid  3807] close(6)                    = 0
[pid  3807] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3807] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3807] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3807] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3807] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3807] exit_group(0)               = ?
[pid  3807] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=88, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./85/binderfs")     = 0
[pid  3632] umount2("./85/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./85/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./85/cgroup")       = 0
[pid  3632] umount2("./85/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./85/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./85/cgroup.net")   = 0
[pid  3632] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./85/file0")         = 0
[pid  3632] umount2("./85/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./85/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./85/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./85")               = 0
[pid  3632] mkdir("./86", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3809 attached
 <unfinished ...>
[pid  3809] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3809] chdir("./86")               = 0
[pid  3809] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3809] setpgid(0, 0)               = 0
[pid  3809] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3809] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3809] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3809] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3809] write(3, "1000", 4)         = 4
[pid  3809] close(3)                    = 0
[pid  3809] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3809] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3809] memfd_create("syzkaller", 0) = 3
[pid  3809] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 89
[pid  3809] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3809] munmap(0x7fd662669000, 2097152) = 0
[pid  3809] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3809] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3809] close(3)                    = 0
[pid  3809] mkdir("./file0", 0777)      = 0
[pid  3809] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3809] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3809] chdir("./file0")            = 0
[pid  3809] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3809] close(4)                    = 0
[   82.031533][ T3809] loop0: detected capacity change from 0 to 4096
[   82.046403][ T3809] NILFS (loop0): invalid segment: Checksum error in segment payload
[   82.054514][ T3809] NILFS (loop0): trying rollback from an earlier position
[   82.068648][ T3809] NILFS (loop0): recovery complete
[pid  3809] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3809] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3809] creat("./bus", 000)         = 4
[pid  3809] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3809] ftruncate(4, 2048)          = 0
[pid  3809] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3809] open("./bus", O_RDONLY)     = 5
[   82.075096][ T3810] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3809] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3809] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3809] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3809] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3809] open(".", O_RDONLY)         = 6
[pid  3809] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3809] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3809] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3809] close(3)                    = 0
[pid  3809] close(4)                    = 0
[pid  3809] close(5)                    = 0
[pid  3809] close(6)                    = 0
[pid  3809] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3809] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3809] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3809] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3809] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3809] exit_group(0)               = ?
[pid  3809] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=89, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./86/binderfs")     = 0
[pid  3632] umount2("./86/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./86/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./86/cgroup")       = 0
[pid  3632] umount2("./86/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./86/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./86/cgroup.net")   = 0
[pid  3632] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./86/file0")         = 0
[pid  3632] umount2("./86/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./86/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./86/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./86")               = 0
[pid  3632] mkdir("./87", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3811 attached
 <unfinished ...>
[pid  3811] set_robust_list(0x5555573f25e0, 24 <unfinished ...>
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 90
[pid  3811] <... set_robust_list resumed>) = 0
[pid  3811] chdir("./87")               = 0
[pid  3811] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3811] setpgid(0, 0)               = 0
[pid  3811] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3811] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3811] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3811] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3811] write(3, "1000", 4)         = 4
[pid  3811] close(3)                    = 0
[pid  3811] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3811] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3811] memfd_create("syzkaller", 0) = 3
[pid  3811] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3811] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3811] munmap(0x7fd662669000, 2097152) = 0
[pid  3811] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3811] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3811] close(3)                    = 0
[pid  3811] mkdir("./file0", 0777)      = 0
[   82.372759][ T3811] loop0: detected capacity change from 0 to 4096
[   82.387140][ T3811] NILFS (loop0): invalid segment: Checksum error in segment payload
[   82.395241][ T3811] NILFS (loop0): trying rollback from an earlier position
[   82.408926][ T3811] NILFS (loop0): recovery complete
[pid  3811] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3811] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3811] chdir("./file0")            = 0
[pid  3811] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3811] close(4)                    = 0
[pid  3811] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3811] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3811] creat("./bus", 000)         = 4
[pid  3811] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3811] ftruncate(4, 2048)          = 0
[pid  3811] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3811] open("./bus", O_RDONLY)     = 5
[   82.415092][ T3812] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3811] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3811] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3811] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3811] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3811] open(".", O_RDONLY)         = 6
[pid  3811] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3811] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3811] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3811] close(3)                    = 0
[pid  3811] close(4)                    = 0
[pid  3811] close(5)                    = 0
[pid  3811] close(6)                    = 0
[pid  3811] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3811] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3811] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3811] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3811] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3811] exit_group(0)               = ?
[pid  3811] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=90, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./87/binderfs")     = 0
[pid  3632] umount2("./87/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./87/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./87/cgroup")       = 0
[pid  3632] umount2("./87/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./87/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./87/cgroup.net")   = 0
[pid  3632] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./87/file0")         = 0
[pid  3632] umount2("./87/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./87/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./87/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./87")               = 0
[pid  3632] mkdir("./88", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 91
./strace-static-x86_64: Process 3813 attached
[pid  3813] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3813] chdir("./88")               = 0
[pid  3813] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3813] setpgid(0, 0)               = 0
[pid  3813] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3813] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3813] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3813] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3813] write(3, "1000", 4)         = 4
[pid  3813] close(3)                    = 0
[pid  3813] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3813] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3813] memfd_create("syzkaller", 0) = 3
[pid  3813] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3813] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3813] munmap(0x7fd662669000, 2097152) = 0
[pid  3813] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3813] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3813] close(3)                    = 0
[pid  3813] mkdir("./file0", 0777)      = 0
[   82.696988][ T3813] loop0: detected capacity change from 0 to 4096
[   82.712205][ T3813] NILFS (loop0): invalid segment: Checksum error in segment payload
[   82.720291][ T3813] NILFS (loop0): trying rollback from an earlier position
[   82.733158][ T3813] NILFS (loop0): recovery complete
[pid  3813] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3813] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3813] chdir("./file0")            = 0
[pid  3813] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3813] close(4)                    = 0
[pid  3813] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3813] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3813] creat("./bus", 000)         = 4
[pid  3813] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3813] ftruncate(4, 2048)          = 0
[pid  3813] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3813] open("./bus", O_RDONLY)     = 5
[   82.739357][ T3814] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   82.757308][   T27] kauditd_printk_skb: 5 callbacks suppressed
[   82.757320][   T27] audit: type=1804 audit(1670457114.659:90): pid=3813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/88/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3813] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3813] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3813] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3813] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3813] open(".", O_RDONLY)         = 6
[pid  3813] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3813] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3813] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3813] close(3)                    = 0
[pid  3813] close(4)                    = 0
[pid  3813] close(5)                    = 0
[pid  3813] close(6)                    = 0
[pid  3813] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3813] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3813] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3813] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3813] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3813] exit_group(0)               = ?
[pid  3813] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=91, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./88/binderfs")     = 0
[pid  3632] umount2("./88/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./88/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./88/cgroup")       = 0
[pid  3632] umount2("./88/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./88/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./88/cgroup.net")   = 0
[pid  3632] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./88/file0")         = 0
[pid  3632] umount2("./88/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./88/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./88/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./88")               = 0
[pid  3632] mkdir("./89", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 92
./strace-static-x86_64: Process 3815 attached
[pid  3815] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3815] chdir("./89")               = 0
[pid  3815] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3815] setpgid(0, 0)               = 0
[pid  3815] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3815] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3815] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3815] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3815] write(3, "1000", 4)         = 4
[pid  3815] close(3)                    = 0
[pid  3815] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3815] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3815] memfd_create("syzkaller", 0) = 3
[pid  3815] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3815] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3815] munmap(0x7fd662669000, 2097152) = 0
[pid  3815] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3815] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3815] close(3)                    = 0
[pid  3815] mkdir("./file0", 0777)      = 0
[pid  3815] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3815] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3815] chdir("./file0")            = 0
[pid  3815] ioctl(4, LOOP_CLR_FD)       = 0
[   83.058320][ T3815] loop0: detected capacity change from 0 to 4096
[   83.074120][ T3815] NILFS (loop0): invalid segment: Checksum error in segment payload
[   83.082185][ T3815] NILFS (loop0): trying rollback from an earlier position
[   83.095700][ T3815] NILFS (loop0): recovery complete
[pid  3815] close(4)                    = 0
[pid  3815] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3815] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3815] creat("./bus", 000)         = 4
[pid  3815] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3815] ftruncate(4, 2048)          = 0
[pid  3815] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3815] open("./bus", O_RDONLY)     = 5
[   83.102431][ T3816] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   83.121044][   T27] audit: type=1804 audit(1670457115.029:91): pid=3815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/89/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3815] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3815] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3815] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3815] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3815] open(".", O_RDONLY)         = 6
[pid  3815] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3815] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3815] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3815] close(3)                    = 0
[pid  3815] close(4)                    = 0
[pid  3815] close(5)                    = 0
[pid  3815] close(6)                    = 0
[pid  3815] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3815] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3815] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3815] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3815] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3815] exit_group(0)               = ?
[pid  3815] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=92, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./89/binderfs")     = 0
[pid  3632] umount2("./89/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./89/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./89/cgroup")       = 0
[pid  3632] umount2("./89/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./89/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./89/cgroup.net")   = 0
[pid  3632] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./89/file0")         = 0
[pid  3632] umount2("./89/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./89/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./89/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./89")               = 0
[pid  3632] mkdir("./90", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3817 attached
, child_tidptr=0x5555573f25d0) = 93
[pid  3817] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3817] chdir("./90")               = 0
[pid  3817] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3817] setpgid(0, 0)               = 0
[pid  3817] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3817] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3817] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3817] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3817] write(3, "1000", 4)         = 4
[pid  3817] close(3)                    = 0
[pid  3817] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3817] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3817] memfd_create("syzkaller", 0) = 3
[pid  3817] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3817] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3817] munmap(0x7fd662669000, 2097152) = 0
[pid  3817] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3817] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3817] close(3)                    = 0
[pid  3817] mkdir("./file0", 0777)      = 0
[   83.414006][ T3817] loop0: detected capacity change from 0 to 4096
[   83.429796][ T3817] NILFS (loop0): invalid segment: Checksum error in segment payload
[   83.437788][ T3817] NILFS (loop0): trying rollback from an earlier position
[   83.451517][ T3817] NILFS (loop0): recovery complete
[pid  3817] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3817] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3817] chdir("./file0")            = 0
[pid  3817] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3817] close(4)                    = 0
[pid  3817] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3817] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3817] creat("./bus", 000)         = 4
[pid  3817] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3817] ftruncate(4, 2048)          = 0
[pid  3817] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3817] open("./bus", O_RDONLY)     = 5
[   83.457692][ T3818] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   83.481174][   T27] audit: type=1804 audit(1670457115.389:92): pid=3817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/90/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3817] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3817] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3817] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3817] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3817] open(".", O_RDONLY)         = 6
[pid  3817] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3817] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3817] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3817] close(3)                    = 0
[pid  3817] close(4)                    = 0
[pid  3817] close(5)                    = 0
[pid  3817] close(6)                    = 0
[pid  3817] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3817] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3817] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3817] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3817] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3817] exit_group(0)               = ?
[pid  3817] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=93, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./90/binderfs")     = 0
[pid  3632] umount2("./90/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./90/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./90/cgroup")       = 0
[pid  3632] umount2("./90/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./90/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./90/cgroup.net")   = 0
[pid  3632] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./90/file0")         = 0
[pid  3632] umount2("./90/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./90/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./90/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./90")               = 0
[pid  3632] mkdir("./91", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 94
./strace-static-x86_64: Process 3819 attached
[pid  3819] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3819] chdir("./91")               = 0
[pid  3819] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3819] setpgid(0, 0)               = 0
[pid  3819] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3819] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3819] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3819] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3819] write(3, "1000", 4)         = 4
[pid  3819] close(3)                    = 0
[pid  3819] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3819] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3819] memfd_create("syzkaller", 0) = 3
[pid  3819] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3819] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3819] munmap(0x7fd662669000, 2097152) = 0
[pid  3819] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3819] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3819] close(3)                    = 0
[pid  3819] mkdir("./file0", 0777)      = 0
[pid  3819] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3819] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3819] chdir("./file0")            = 0
[pid  3819] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3819] close(4)                    = 0
[pid  3819] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3819] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3819] creat("./bus", 000)         = 4
[pid  3819] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3819] ftruncate(4, 2048)          = 0
[   83.766713][ T3819] loop0: detected capacity change from 0 to 4096
[   83.782642][ T3819] NILFS (loop0): invalid segment: Checksum error in segment payload
[   83.790737][ T3819] NILFS (loop0): trying rollback from an earlier position
[   83.803907][ T3819] NILFS (loop0): recovery complete
[pid  3819] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3819] open("./bus", O_RDONLY)     = 5
[   83.809890][ T3820] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   83.820534][   T27] audit: type=1804 audit(1670457115.719:93): pid=3819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/91/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3819] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3819] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3819] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3819] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3819] open(".", O_RDONLY)         = 6
[pid  3819] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3819] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3819] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3819] close(3)                    = 0
[pid  3819] close(4)                    = 0
[pid  3819] close(5)                    = 0
[pid  3819] close(6)                    = 0
[pid  3819] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3819] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3819] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3819] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3819] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3819] exit_group(0)               = ?
[pid  3819] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=94, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./91/binderfs")     = 0
[pid  3632] umount2("./91/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./91/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./91/cgroup")       = 0
[pid  3632] umount2("./91/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./91/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./91/cgroup.net")   = 0
[pid  3632] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./91/file0")         = 0
[pid  3632] umount2("./91/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./91/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./91/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./91")               = 0
[pid  3632] mkdir("./92", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 95
./strace-static-x86_64: Process 3821 attached
[pid  3821] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3821] chdir("./92")               = 0
[pid  3821] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3821] setpgid(0, 0)               = 0
[pid  3821] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3821] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3821] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3821] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3821] write(3, "1000", 4)         = 4
[pid  3821] close(3)                    = 0
[pid  3821] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3821] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3821] memfd_create("syzkaller", 0) = 3
[pid  3821] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3821] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3821] munmap(0x7fd662669000, 2097152) = 0
[pid  3821] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3821] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3821] close(3)                    = 0
[pid  3821] mkdir("./file0", 0777)      = 0
[pid  3821] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3821] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3821] chdir("./file0")            = 0
[pid  3821] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3821] close(4)                    = 0
[pid  3821] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3821] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[   84.100499][ T3821] loop0: detected capacity change from 0 to 4096
[   84.117088][ T3821] NILFS (loop0): invalid segment: Checksum error in segment payload
[   84.125337][ T3821] NILFS (loop0): trying rollback from an earlier position
[   84.139435][ T3821] NILFS (loop0): recovery complete
[pid  3821] creat("./bus", 000)         = 4
[pid  3821] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3821] ftruncate(4, 2048)          = 0
[pid  3821] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3821] open("./bus", O_RDONLY)     = 5
[   84.145652][ T3822] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   84.156323][   T27] audit: type=1804 audit(1670457116.049:94): pid=3821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/92/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3821] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3821] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3821] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3821] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3821] open(".", O_RDONLY)         = 6
[pid  3821] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3821] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3821] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3821] close(3)                    = 0
[pid  3821] close(4)                    = 0
[pid  3821] close(5)                    = 0
[pid  3821] close(6)                    = 0
[pid  3821] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3821] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3821] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3821] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3821] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3821] exit_group(0)               = ?
[pid  3821] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=95, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./92/binderfs")     = 0
[pid  3632] umount2("./92/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./92/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./92/cgroup")       = 0
[pid  3632] umount2("./92/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./92/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./92/cgroup.net")   = 0
[pid  3632] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./92/file0")         = 0
[pid  3632] umount2("./92/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./92/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./92/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./92")               = 0
[pid  3632] mkdir("./93", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3823 attached
 <unfinished ...>
[pid  3823] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 96
[pid  3823] chdir("./93")               = 0
[pid  3823] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3823] setpgid(0, 0)               = 0
[pid  3823] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3823] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3823] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3823] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3823] write(3, "1000", 4)         = 4
[pid  3823] close(3)                    = 0
[pid  3823] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3823] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3823] memfd_create("syzkaller", 0) = 3
[pid  3823] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3823] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3823] munmap(0x7fd662669000, 2097152) = 0
[pid  3823] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3823] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3823] close(3)                    = 0
[pid  3823] mkdir("./file0", 0777)      = 0
[   84.444047][ T3823] loop0: detected capacity change from 0 to 4096
[   84.458930][ T3823] NILFS (loop0): invalid segment: Checksum error in segment payload
[   84.466955][ T3823] NILFS (loop0): trying rollback from an earlier position
[   84.481718][ T3823] NILFS (loop0): recovery complete
[pid  3823] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3823] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3823] chdir("./file0")            = 0
[pid  3823] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3823] close(4)                    = 0
[pid  3823] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3823] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3823] creat("./bus", 000)         = 4
[pid  3823] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3823] ftruncate(4, 2048)          = 0
[pid  3823] lseek(4, 132096, SEEK_SET)  = 132096
[   84.487580][ T3824] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3823] open("./bus", O_RDONLY)     = 5
[   84.520212][   T27] audit: type=1804 audit(1670457116.429:95): pid=3823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/93/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3823] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3823] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3823] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3823] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3823] open(".", O_RDONLY)         = 6
[pid  3823] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3823] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3823] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3823] close(3)                    = 0
[pid  3823] close(4)                    = 0
[pid  3823] close(5)                    = 0
[pid  3823] close(6)                    = 0
[pid  3823] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3823] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3823] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3823] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3823] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3823] exit_group(0)               = ?
[pid  3823] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=96, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./93/binderfs")     = 0
[pid  3632] umount2("./93/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./93/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./93/cgroup")       = 0
[pid  3632] umount2("./93/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./93/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./93/cgroup.net")   = 0
[pid  3632] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./93/file0")         = 0
[pid  3632] umount2("./93/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./93/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./93/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./93")               = 0
[pid  3632] mkdir("./94", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 97
./strace-static-x86_64: Process 3825 attached
[pid  3825] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3825] chdir("./94")               = 0
[pid  3825] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3825] setpgid(0, 0)               = 0
[pid  3825] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3825] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3825] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3825] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3825] write(3, "1000", 4)         = 4
[pid  3825] close(3)                    = 0
[pid  3825] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3825] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3825] memfd_create("syzkaller", 0) = 3
[pid  3825] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3825] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3825] munmap(0x7fd662669000, 2097152) = 0
[pid  3825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3825] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3825] close(3)                    = 0
[pid  3825] mkdir("./file0", 0777)      = 0
[   84.804484][ T3825] loop0: detected capacity change from 0 to 4096
[   84.818689][ T3825] NILFS (loop0): invalid segment: Checksum error in segment payload
[   84.827061][ T3825] NILFS (loop0): trying rollback from an earlier position
[   84.841600][ T3825] NILFS (loop0): recovery complete
[pid  3825] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3825] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3825] chdir("./file0")            = 0
[pid  3825] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3825] close(4)                    = 0
[pid  3825] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3825] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3825] creat("./bus", 000)         = 4
[pid  3825] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3825] ftruncate(4, 2048)          = 0
[pid  3825] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3825] open("./bus", O_RDONLY)     = 5
[   84.847313][ T3826] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   84.866048][   T27] audit: type=1804 audit(1670457116.769:96): pid=3825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/94/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3825] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3825] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3825] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3825] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3825] open(".", O_RDONLY)         = 6
[pid  3825] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3825] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3825] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3825] close(3)                    = 0
[pid  3825] close(4)                    = 0
[pid  3825] close(5)                    = 0
[pid  3825] close(6)                    = 0
[pid  3825] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3825] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3825] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3825] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3825] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3825] exit_group(0)               = ?
[pid  3825] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=97, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./94/binderfs")     = 0
[pid  3632] umount2("./94/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./94/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./94/cgroup")       = 0
[pid  3632] umount2("./94/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./94/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./94/cgroup.net")   = 0
[pid  3632] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./94/file0")         = 0
[pid  3632] umount2("./94/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./94/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./94/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./94")               = 0
[pid  3632] mkdir("./95", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 98
./strace-static-x86_64: Process 3827 attached
[pid  3827] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3827] chdir("./95")               = 0
[pid  3827] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3827] setpgid(0, 0)               = 0
[pid  3827] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3827] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3827] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3827] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3827] write(3, "1000", 4)         = 4
[pid  3827] close(3)                    = 0
[pid  3827] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3827] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3827] memfd_create("syzkaller", 0) = 3
[pid  3827] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3827] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3827] munmap(0x7fd662669000, 2097152) = 0
[pid  3827] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3827] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3827] close(3)                    = 0
[pid  3827] mkdir("./file0", 0777)      = 0
[pid  3827] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3827] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3827] chdir("./file0")            = 0
[pid  3827] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3827] close(4)                    = 0
[pid  3827] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3827] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[   85.138361][ T3827] loop0: detected capacity change from 0 to 4096
[   85.154292][ T3827] NILFS (loop0): invalid segment: Checksum error in segment payload
[   85.162483][ T3827] NILFS (loop0): trying rollback from an earlier position
[   85.177215][ T3827] NILFS (loop0): recovery complete
[pid  3827] creat("./bus", 000)         = 4
[pid  3827] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3827] ftruncate(4, 2048)          = 0
[pid  3827] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3827] open("./bus", O_RDONLY)     = 5
[   85.183399][ T3828] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   85.191659][   T27] audit: type=1804 audit(1670457117.099:97): pid=3827 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/95/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3827] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3827] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3827] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3827] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3827] open(".", O_RDONLY)         = 6
[pid  3827] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3827] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3827] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3827] close(3)                    = 0
[pid  3827] close(4)                    = 0
[pid  3827] close(5)                    = 0
[pid  3827] close(6)                    = 0
[pid  3827] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3827] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3827] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3827] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3827] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3827] exit_group(0)               = ?
[pid  3827] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=98, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./95/binderfs")     = 0
[pid  3632] umount2("./95/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./95/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./95/cgroup")       = 0
[pid  3632] umount2("./95/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./95/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./95/cgroup.net")   = 0
[pid  3632] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./95/file0")         = 0
[pid  3632] umount2("./95/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./95/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./95/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./95")               = 0
[pid  3632] mkdir("./96", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 99
./strace-static-x86_64: Process 3829 attached
[pid  3829] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3829] chdir("./96")               = 0
[pid  3829] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3829] setpgid(0, 0)               = 0
[pid  3829] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3829] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3829] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3829] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3829] write(3, "1000", 4)         = 4
[pid  3829] close(3)                    = 0
[pid  3829] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3829] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3829] memfd_create("syzkaller", 0) = 3
[pid  3829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3829] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3829] munmap(0x7fd662669000, 2097152) = 0
[pid  3829] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3829] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3829] close(3)                    = 0
[pid  3829] mkdir("./file0", 0777)      = 0
[   85.475289][ T3829] loop0: detected capacity change from 0 to 4096
[   85.491146][ T3829] NILFS (loop0): invalid segment: Checksum error in segment payload
[   85.499316][ T3829] NILFS (loop0): trying rollback from an earlier position
[   85.513103][ T3829] NILFS (loop0): recovery complete
[pid  3829] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3829] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3829] chdir("./file0")            = 0
[pid  3829] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3829] close(4)                    = 0
[pid  3829] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3829] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3829] creat("./bus", 000)         = 4
[pid  3829] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3829] ftruncate(4, 2048)          = 0
[pid  3829] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3829] open("./bus", O_RDONLY)     = 5
[   85.519307][ T3830] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   85.523736][   T27] audit: type=1804 audit(1670457117.429:98): pid=3829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/96/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3829] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3829] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3829] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3829] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3829] open(".", O_RDONLY)         = 6
[pid  3829] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3829] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3829] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3829] close(3)                    = 0
[pid  3829] close(4)                    = 0
[pid  3829] close(5)                    = 0
[pid  3829] close(6)                    = 0
[pid  3829] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3829] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3829] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3829] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3829] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3829] exit_group(0)               = ?
[pid  3829] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=99, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./96/binderfs")     = 0
[pid  3632] umount2("./96/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./96/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./96/cgroup")       = 0
[pid  3632] umount2("./96/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./96/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./96/cgroup.net")   = 0
[pid  3632] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./96/file0")         = 0
[pid  3632] umount2("./96/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./96/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./96/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./96")               = 0
[pid  3632] mkdir("./97", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 100
./strace-static-x86_64: Process 3831 attached
[pid  3831] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3831] chdir("./97")               = 0
[pid  3831] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3831] setpgid(0, 0)               = 0
[pid  3831] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3831] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3831] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3831] write(3, "1000", 4)         = 4
[pid  3831] close(3)                    = 0
[pid  3831] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3831] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3831] memfd_create("syzkaller", 0) = 3
[pid  3831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3831] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3831] munmap(0x7fd662669000, 2097152) = 0
[pid  3831] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3831] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3831] close(3)                    = 0
[pid  3831] mkdir("./file0", 0777)      = 0
[pid  3831] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3831] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3831] chdir("./file0")            = 0
[pid  3831] ioctl(4, LOOP_CLR_FD)       = 0
[   85.830106][ T3831] loop0: detected capacity change from 0 to 4096
[   85.845552][ T3831] NILFS (loop0): invalid segment: Checksum error in segment payload
[   85.853709][ T3831] NILFS (loop0): trying rollback from an earlier position
[   85.868164][ T3831] NILFS (loop0): recovery complete
[pid  3831] close(4)                    = 0
[pid  3831] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3831] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3831] creat("./bus", 000)         = 4
[pid  3831] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3831] ftruncate(4, 2048)          = 0
[pid  3831] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3831] open("./bus", O_RDONLY)     = 5
[   85.874333][ T3832] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   85.900083][   T27] audit: type=1804 audit(1670457117.809:99): pid=3831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/97/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3831] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3831] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3831] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3831] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3831] open(".", O_RDONLY)         = 6
[pid  3831] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3831] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3831] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3831] close(3)                    = 0
[pid  3831] close(4)                    = 0
[pid  3831] close(5)                    = 0
[pid  3831] close(6)                    = 0
[pid  3831] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3831] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3831] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3831] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3831] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3831] exit_group(0)               = ?
[pid  3831] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=100, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./97/binderfs")     = 0
[pid  3632] umount2("./97/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./97/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./97/cgroup")       = 0
[pid  3632] umount2("./97/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./97/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./97/cgroup.net")   = 0
[pid  3632] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./97/file0")         = 0
[pid  3632] umount2("./97/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./97/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./97/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./97")               = 0
[pid  3632] mkdir("./98", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 101
./strace-static-x86_64: Process 3833 attached
[pid  3833] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3833] chdir("./98")               = 0
[pid  3833] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3833] setpgid(0, 0)               = 0
[pid  3833] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3833] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3833] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3833] write(3, "1000", 4)         = 4
[pid  3833] close(3)                    = 0
[pid  3833] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3833] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3833] memfd_create("syzkaller", 0) = 3
[pid  3833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3833] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3833] munmap(0x7fd662669000, 2097152) = 0
[pid  3833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3833] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3833] close(3)                    = 0
[pid  3833] mkdir("./file0", 0777)      = 0
[pid  3833] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3833] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3833] chdir("./file0")            = 0
[pid  3833] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3833] close(4)                    = 0
[pid  3833] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3833] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3833] creat("./bus", 000)         = 4
[   86.191783][ T3833] loop0: detected capacity change from 0 to 4096
[   86.206615][ T3833] NILFS (loop0): invalid segment: Checksum error in segment payload
[   86.214962][ T3833] NILFS (loop0): trying rollback from an earlier position
[   86.229296][ T3833] NILFS (loop0): recovery complete
[pid  3833] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3833] ftruncate(4, 2048)          = 0
[pid  3833] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3833] open("./bus", O_RDONLY)     = 5
[   86.235413][ T3834] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3833] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3833] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3833] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3833] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3833] open(".", O_RDONLY)         = 6
[pid  3833] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3833] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3833] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3833] close(3)                    = 0
[pid  3833] close(4)                    = 0
[pid  3833] close(5)                    = 0
[pid  3833] close(6)                    = 0
[pid  3833] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3833] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3833] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3833] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3833] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3833] exit_group(0)               = ?
[pid  3833] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=101, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./98/binderfs")     = 0
[pid  3632] umount2("./98/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./98/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./98/cgroup")       = 0
[pid  3632] umount2("./98/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./98/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./98/cgroup.net")   = 0
[pid  3632] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./98/file0")         = 0
[pid  3632] umount2("./98/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./98/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./98/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./98")               = 0
[pid  3632] mkdir("./99", 0777)         = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 102
./strace-static-x86_64: Process 3835 attached
[pid  3835] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3835] chdir("./99")               = 0
[pid  3835] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3835] setpgid(0, 0)               = 0
[pid  3835] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3835] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3835] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3835] write(3, "1000", 4)         = 4
[pid  3835] close(3)                    = 0
[pid  3835] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3835] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3835] memfd_create("syzkaller", 0) = 3
[pid  3835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3835] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3835] munmap(0x7fd662669000, 2097152) = 0
[pid  3835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3835] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3835] close(3)                    = 0
[pid  3835] mkdir("./file0", 0777)      = 0
[pid  3835] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3835] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3835] chdir("./file0")            = 0
[pid  3835] ioctl(4, LOOP_CLR_FD)       = 0
[   86.522937][ T3835] loop0: detected capacity change from 0 to 4096
[   86.539038][ T3835] NILFS (loop0): invalid segment: Checksum error in segment payload
[   86.547078][ T3835] NILFS (loop0): trying rollback from an earlier position
[   86.560129][ T3835] NILFS (loop0): recovery complete
[pid  3835] close(4)                    = 0
[pid  3835] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3835] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3835] creat("./bus", 000)         = 4
[pid  3835] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3835] ftruncate(4, 2048)          = 0
[pid  3835] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3835] open("./bus", O_RDONLY)     = 5
[   86.566285][ T3836] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3835] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3835] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3835] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3835] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3835] open(".", O_RDONLY)         = 6
[pid  3835] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3835] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3835] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3835] close(3)                    = 0
[pid  3835] close(4)                    = 0
[pid  3835] close(5)                    = 0
[pid  3835] close(6)                    = 0
[pid  3835] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3835] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3835] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3835] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3835] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3835] exit_group(0)               = ?
[pid  3835] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=102, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./99/binderfs")     = 0
[pid  3632] umount2("./99/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./99/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./99/cgroup")       = 0
[pid  3632] umount2("./99/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./99/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./99/cgroup.net")   = 0
[pid  3632] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./99/file0")         = 0
[pid  3632] umount2("./99/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./99/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./99/cgroup.cpu")   = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./99")               = 0
[pid  3632] mkdir("./100", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 103
./strace-static-x86_64: Process 3837 attached
[pid  3837] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3837] chdir("./100")              = 0
[pid  3837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3837] setpgid(0, 0)               = 0
[pid  3837] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3837] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3837] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3837] write(3, "1000", 4)         = 4
[pid  3837] close(3)                    = 0
[pid  3837] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3837] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3837] memfd_create("syzkaller", 0) = 3
[pid  3837] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3837] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3837] munmap(0x7fd662669000, 2097152) = 0
[pid  3837] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3837] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3837] close(3)                    = 0
[pid  3837] mkdir("./file0", 0777)      = 0
[pid  3837] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3837] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3837] chdir("./file0")            = 0
[pid  3837] ioctl(4, LOOP_CLR_FD)       = 0
[   86.853953][ T3837] loop0: detected capacity change from 0 to 4096
[   86.868469][ T3837] NILFS (loop0): invalid segment: Checksum error in segment payload
[   86.876746][ T3837] NILFS (loop0): trying rollback from an earlier position
[   86.891066][ T3837] NILFS (loop0): recovery complete
[pid  3837] close(4)                    = 0
[pid  3837] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3837] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3837] creat("./bus", 000)         = 4
[pid  3837] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3837] ftruncate(4, 2048)          = 0
[pid  3837] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3837] open("./bus", O_RDONLY)     = 5
[   86.896892][ T3838] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3837] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3837] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3837] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3837] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3837] open(".", O_RDONLY)         = 6
[pid  3837] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3837] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3837] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3837] close(3)                    = 0
[pid  3837] close(4)                    = 0
[pid  3837] close(5)                    = 0
[pid  3837] close(6)                    = 0
[pid  3837] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3837] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3837] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3837] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3837] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3837] exit_group(0)               = ?
[pid  3837] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=103, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./100/binderfs")    = 0
[pid  3632] umount2("./100/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./100/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./100/cgroup")      = 0
[pid  3632] umount2("./100/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./100/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./100/cgroup.net")  = 0
[pid  3632] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./100/file0")        = 0
[pid  3632] umount2("./100/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./100/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./100/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./100")              = 0
[pid  3632] mkdir("./101", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 104
./strace-static-x86_64: Process 3839 attached
[pid  3839] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3839] chdir("./101")              = 0
[pid  3839] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3839] setpgid(0, 0)               = 0
[pid  3839] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3839] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3839] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3839] write(3, "1000", 4)         = 4
[pid  3839] close(3)                    = 0
[pid  3839] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3839] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3839] memfd_create("syzkaller", 0) = 3
[pid  3839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3839] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3839] munmap(0x7fd662669000, 2097152) = 0
[pid  3839] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3839] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3839] close(3)                    = 0
[pid  3839] mkdir("./file0", 0777)      = 0
[   87.191251][ T3839] loop0: detected capacity change from 0 to 4096
[   87.206680][ T3839] NILFS (loop0): invalid segment: Checksum error in segment payload
[   87.215022][ T3839] NILFS (loop0): trying rollback from an earlier position
[   87.229599][ T3839] NILFS (loop0): recovery complete
[pid  3839] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3839] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3839] chdir("./file0")            = 0
[pid  3839] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3839] close(4)                    = 0
[pid  3839] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3839] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3839] creat("./bus", 000)         = 4
[pid  3839] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3839] ftruncate(4, 2048)          = 0
[pid  3839] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3839] open("./bus", O_RDONLY)     = 5
[   87.236732][ T3840] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3839] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3839] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3839] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3839] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3839] open(".", O_RDONLY)         = 6
[pid  3839] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3839] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3839] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3839] close(3)                    = 0
[pid  3839] close(4)                    = 0
[pid  3839] close(5)                    = 0
[pid  3839] close(6)                    = 0
[pid  3839] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3839] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3839] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3839] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3839] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3839] exit_group(0)               = ?
[pid  3839] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=104, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./101/binderfs")    = 0
[pid  3632] umount2("./101/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./101/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./101/cgroup")      = 0
[pid  3632] umount2("./101/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./101/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./101/cgroup.net")  = 0
[pid  3632] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./101/file0")        = 0
[pid  3632] umount2("./101/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./101/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./101/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./101")              = 0
[pid  3632] mkdir("./102", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3841 attached
 <unfinished ...>
[pid  3841] set_robust_list(0x5555573f25e0, 24 <unfinished ...>
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 105
[pid  3841] <... set_robust_list resumed>) = 0
[pid  3841] chdir("./102")              = 0
[pid  3841] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3841] setpgid(0, 0)               = 0
[pid  3841] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3841] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3841] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3841] write(3, "1000", 4)         = 4
[pid  3841] close(3)                    = 0
[pid  3841] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3841] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3841] memfd_create("syzkaller", 0) = 3
[pid  3841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3841] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3841] munmap(0x7fd662669000, 2097152) = 0
[pid  3841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3841] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3841] close(3)                    = 0
[pid  3841] mkdir("./file0", 0777)      = 0
[   87.528296][ T3841] loop0: detected capacity change from 0 to 4096
[   87.543541][ T3841] NILFS (loop0): invalid segment: Checksum error in segment payload
[   87.551743][ T3841] NILFS (loop0): trying rollback from an earlier position
[   87.566224][ T3841] NILFS (loop0): recovery complete
[pid  3841] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3841] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3841] chdir("./file0")            = 0
[pid  3841] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3841] close(4)                    = 0
[pid  3841] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3841] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3841] creat("./bus", 000)         = 4
[pid  3841] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3841] ftruncate(4, 2048)          = 0
[pid  3841] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3841] open("./bus", O_RDONLY)     = 5
[   87.572621][ T3842] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3841] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3841] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3841] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3841] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3841] open(".", O_RDONLY)         = 6
[pid  3841] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3841] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3841] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3841] close(3)                    = 0
[pid  3841] close(4)                    = 0
[pid  3841] close(5)                    = 0
[pid  3841] close(6)                    = 0
[pid  3841] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3841] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3841] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3841] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3841] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3841] exit_group(0)               = ?
[pid  3841] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=105, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./102/binderfs")    = 0
[pid  3632] umount2("./102/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./102/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./102/cgroup")      = 0
[pid  3632] umount2("./102/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./102/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./102/cgroup.net")  = 0
[pid  3632] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./102/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./102/file0")        = 0
[pid  3632] umount2("./102/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./102/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./102/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./102")              = 0
[pid  3632] mkdir("./103", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 106
./strace-static-x86_64: Process 3843 attached
[pid  3843] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3843] chdir("./103")              = 0
[pid  3843] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3843] setpgid(0, 0)               = 0
[pid  3843] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3843] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3843] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3843] write(3, "1000", 4)         = 4
[pid  3843] close(3)                    = 0
[pid  3843] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3843] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3843] memfd_create("syzkaller", 0) = 3
[pid  3843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3843] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3843] munmap(0x7fd662669000, 2097152) = 0
[pid  3843] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3843] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3843] close(3)                    = 0
[pid  3843] mkdir("./file0", 0777)      = 0
[   87.869878][ T3843] loop0: detected capacity change from 0 to 4096
[   87.884646][ T3843] NILFS (loop0): invalid segment: Checksum error in segment payload
[   87.892882][ T3843] NILFS (loop0): trying rollback from an earlier position
[   87.906469][ T3843] NILFS (loop0): recovery complete
[pid  3843] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3843] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3843] chdir("./file0")            = 0
[pid  3843] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3843] close(4)                    = 0
[pid  3843] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3843] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3843] creat("./bus", 000)         = 4
[pid  3843] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3843] ftruncate(4, 2048)          = 0
[pid  3843] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3843] open("./bus", O_RDONLY)     = 5
[   87.912379][ T3845] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   87.925722][   T27] kauditd_printk_skb: 5 callbacks suppressed
[   87.925733][   T27] audit: type=1804 audit(1670457119.839:105): pid=3843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/103/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3843] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3843] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3843] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3843] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3843] open(".", O_RDONLY)         = 6
[pid  3843] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3843] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3843] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3843] close(3)                    = 0
[pid  3843] close(4)                    = 0
[pid  3843] close(5)                    = 0
[pid  3843] close(6)                    = 0
[pid  3843] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3843] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3843] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3843] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3843] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3843] exit_group(0)               = ?
[pid  3843] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=106, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./103/binderfs")    = 0
[pid  3632] umount2("./103/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./103/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./103/cgroup")      = 0
[pid  3632] umount2("./103/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./103/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./103/cgroup.net")  = 0
[pid  3632] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./103/file0")        = 0
[pid  3632] umount2("./103/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./103/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./103/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./103")              = 0
[pid  3632] mkdir("./104", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 107
./strace-static-x86_64: Process 3846 attached
[pid  3846] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3846] chdir("./104")              = 0
[pid  3846] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3846] setpgid(0, 0)               = 0
[pid  3846] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3846] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3846] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3846] write(3, "1000", 4)         = 4
[pid  3846] close(3)                    = 0
[pid  3846] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3846] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3846] memfd_create("syzkaller", 0) = 3
[pid  3846] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3846] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3846] munmap(0x7fd662669000, 2097152) = 0
[pid  3846] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3846] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3846] close(3)                    = 0
[pid  3846] mkdir("./file0", 0777)      = 0
[   88.198009][ T3846] loop0: detected capacity change from 0 to 4096
[   88.214472][ T3846] NILFS (loop0): invalid segment: Checksum error in segment payload
[   88.222596][ T3846] NILFS (loop0): trying rollback from an earlier position
[   88.236459][ T3846] NILFS (loop0): recovery complete
[pid  3846] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3846] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3846] chdir("./file0")            = 0
[pid  3846] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3846] close(4)                    = 0
[pid  3846] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3846] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3846] creat("./bus", 000)         = 4
[pid  3846] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3846] ftruncate(4, 2048)          = 0
[pid  3846] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3846] open("./bus", O_RDONLY)     = 5
[   88.242650][ T3847] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   88.265760][   T27] audit: type=1804 audit(1670457120.169:106): pid=3846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/104/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3846] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3846] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3846] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3846] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3846] open(".", O_RDONLY)         = 6
[pid  3846] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3846] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3846] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3846] close(3)                    = 0
[pid  3846] close(4)                    = 0
[pid  3846] close(5)                    = 0
[pid  3846] close(6)                    = 0
[pid  3846] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3846] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3846] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3846] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3846] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3846] exit_group(0)               = ?
[pid  3846] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=107, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./104/binderfs")    = 0
[pid  3632] umount2("./104/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./104/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./104/cgroup")      = 0
[pid  3632] umount2("./104/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./104/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./104/cgroup.net")  = 0
[pid  3632] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./104/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./104/file0")        = 0
[pid  3632] umount2("./104/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./104/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./104/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./104")              = 0
[pid  3632] mkdir("./105", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 108
./strace-static-x86_64: Process 3848 attached
[pid  3848] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3848] chdir("./105")              = 0
[pid  3848] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3848] setpgid(0, 0)               = 0
[pid  3848] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3848] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3848] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3848] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3848] write(3, "1000", 4)         = 4
[pid  3848] close(3)                    = 0
[pid  3848] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3848] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3848] memfd_create("syzkaller", 0) = 3
[pid  3848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3848] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3848] munmap(0x7fd662669000, 2097152) = 0
[pid  3848] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3848] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3848] close(3)                    = 0
[pid  3848] mkdir("./file0", 0777)      = 0
[   88.540726][ T3848] loop0: detected capacity change from 0 to 4096
[   88.567665][ T3848] NILFS (loop0): invalid segment: Checksum error in segment payload
[   88.575813][ T3848] NILFS (loop0): trying rollback from an earlier position
[pid  3848] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3848] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3848] chdir("./file0")            = 0
[pid  3848] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3848] close(4)                    = 0
[pid  3848] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3848] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3848] creat("./bus", 000)         = 4
[pid  3848] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3848] ftruncate(4, 2048)          = 0
[pid  3848] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3848] open("./bus", O_RDONLY)     = 5
[   88.589493][ T3848] NILFS (loop0): recovery complete
[   88.595554][ T3849] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   88.614897][   T27] audit: type=1804 audit(1670457120.519:107): pid=3848 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/105/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3848] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3848] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3848] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3848] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3848] open(".", O_RDONLY)         = 6
[pid  3848] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3848] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3848] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3848] close(3)                    = 0
[pid  3848] close(4)                    = 0
[pid  3848] close(5)                    = 0
[pid  3848] close(6)                    = 0
[pid  3848] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3848] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3848] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3848] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3848] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3848] exit_group(0)               = ?
[pid  3848] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=108, si_uid=0, si_status=0, si_utime=0, si_stime=10} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./105/binderfs")    = 0
[pid  3632] umount2("./105/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./105/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./105/cgroup")      = 0
[pid  3632] umount2("./105/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./105/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./105/cgroup.net")  = 0
[pid  3632] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./105/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./105/file0")        = 0
[pid  3632] umount2("./105/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./105/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./105/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./105")              = 0
[pid  3632] mkdir("./106", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 109
./strace-static-x86_64: Process 3850 attached
[pid  3850] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3850] chdir("./106")              = 0
[pid  3850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3850] setpgid(0, 0)               = 0
[pid  3850] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3850] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3850] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3850] write(3, "1000", 4)         = 4
[pid  3850] close(3)                    = 0
[pid  3850] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3850] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3850] memfd_create("syzkaller", 0) = 3
[pid  3850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3850] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3850] munmap(0x7fd662669000, 2097152) = 0
[pid  3850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3850] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3850] close(3)                    = 0
[pid  3850] mkdir("./file0", 0777)      = 0
[   88.904544][ T3850] loop0: detected capacity change from 0 to 4096
[   88.918461][ T3850] NILFS (loop0): invalid segment: Checksum error in segment payload
[   88.926501][ T3850] NILFS (loop0): trying rollback from an earlier position
[   88.939635][ T3850] NILFS (loop0): recovery complete
[pid  3850] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3850] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3850] chdir("./file0")            = 0
[pid  3850] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3850] close(4)                    = 0
[pid  3850] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3850] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3850] creat("./bus", 000)         = 4
[pid  3850] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3850] ftruncate(4, 2048)          = 0
[pid  3850] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3850] open("./bus", O_RDONLY)     = 5
[   88.945526][ T3851] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   88.962586][   T27] audit: type=1804 audit(1670457120.869:108): pid=3850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/106/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3850] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3850] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3850] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3850] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3850] open(".", O_RDONLY)         = 6
[pid  3850] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3850] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3850] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3850] close(3)                    = 0
[pid  3850] close(4)                    = 0
[pid  3850] close(5)                    = 0
[pid  3850] close(6)                    = 0
[pid  3850] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3850] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3850] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3850] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3850] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3850] exit_group(0)               = ?
[pid  3850] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=109, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./106/binderfs")    = 0
[pid  3632] umount2("./106/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./106/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./106/cgroup")      = 0
[pid  3632] umount2("./106/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./106/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./106/cgroup.net")  = 0
[pid  3632] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./106/file0")        = 0
[pid  3632] umount2("./106/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./106/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./106/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./106")              = 0
[pid  3632] mkdir("./107", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 110
./strace-static-x86_64: Process 3852 attached
[pid  3852] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3852] chdir("./107")              = 0
[pid  3852] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3852] setpgid(0, 0)               = 0
[pid  3852] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3852] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3852] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3852] write(3, "1000", 4)         = 4
[pid  3852] close(3)                    = 0
[pid  3852] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3852] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3852] memfd_create("syzkaller", 0) = 3
[pid  3852] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3852] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3852] munmap(0x7fd662669000, 2097152) = 0
[pid  3852] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3852] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3852] close(3)                    = 0
[pid  3852] mkdir("./file0", 0777)      = 0
[   89.248196][ T3852] loop0: detected capacity change from 0 to 4096
[   89.264738][ T3852] NILFS (loop0): invalid segment: Checksum error in segment payload
[   89.272868][ T3852] NILFS (loop0): trying rollback from an earlier position
[   89.286610][ T3852] NILFS (loop0): recovery complete
[pid  3852] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3852] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3852] chdir("./file0")            = 0
[pid  3852] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3852] close(4)                    = 0
[pid  3852] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3852] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3852] creat("./bus", 000)         = 4
[pid  3852] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3852] ftruncate(4, 2048)          = 0
[pid  3852] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3852] open("./bus", O_RDONLY)     = 5
[   89.292951][ T3853] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   89.303527][   T27] audit: type=1804 audit(1670457121.209:109): pid=3852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/107/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3852] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3852] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3852] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3852] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3852] open(".", O_RDONLY)         = 6
[pid  3852] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3852] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3852] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3852] close(3)                    = 0
[pid  3852] close(4)                    = 0
[pid  3852] close(5)                    = 0
[pid  3852] close(6)                    = 0
[pid  3852] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3852] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3852] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3852] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3852] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3852] exit_group(0)               = ?
[pid  3852] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=110, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./107/binderfs")    = 0
[pid  3632] umount2("./107/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./107/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./107/cgroup")      = 0
[pid  3632] umount2("./107/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./107/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./107/cgroup.net")  = 0
[pid  3632] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./107/file0")        = 0
[pid  3632] umount2("./107/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./107/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./107/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./107")              = 0
[pid  3632] mkdir("./108", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 111
./strace-static-x86_64: Process 3854 attached
[pid  3854] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3854] chdir("./108")              = 0
[pid  3854] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3854] setpgid(0, 0)               = 0
[pid  3854] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3854] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3854] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3854] write(3, "1000", 4)         = 4
[pid  3854] close(3)                    = 0
[pid  3854] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3854] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3854] memfd_create("syzkaller", 0) = 3
[pid  3854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3854] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3854] munmap(0x7fd662669000, 2097152) = 0
[pid  3854] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3854] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3854] close(3)                    = 0
[pid  3854] mkdir("./file0", 0777)      = 0
[pid  3854] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3854] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[   89.593418][ T3854] loop0: detected capacity change from 0 to 4096
[   89.609423][ T3854] NILFS (loop0): invalid segment: Checksum error in segment payload
[   89.617814][ T3854] NILFS (loop0): trying rollback from an earlier position
[   89.631762][ T3854] NILFS (loop0): recovery complete
[pid  3854] chdir("./file0")            = 0
[pid  3854] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3854] close(4)                    = 0
[pid  3854] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3854] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3854] creat("./bus", 000)         = 4
[pid  3854] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3854] ftruncate(4, 2048)          = 0
[pid  3854] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3854] open("./bus", O_RDONLY)     = 5
[   89.639980][ T3855] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   89.655577][   T27] audit: type=1804 audit(1670457121.569:110): pid=3854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/108/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3854] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3854] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3854] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3854] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3854] open(".", O_RDONLY)         = 6
[pid  3854] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3854] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3854] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3854] close(3)                    = 0
[pid  3854] close(4)                    = 0
[pid  3854] close(5)                    = 0
[pid  3854] close(6)                    = 0
[pid  3854] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3854] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3854] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3854] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3854] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3854] exit_group(0)               = ?
[pid  3854] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=111, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./108/binderfs")    = 0
[pid  3632] umount2("./108/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./108/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./108/cgroup")      = 0
[pid  3632] umount2("./108/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./108/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./108/cgroup.net")  = 0
[pid  3632] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./108/file0")        = 0
[pid  3632] umount2("./108/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./108/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./108/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./108")              = 0
[pid  3632] mkdir("./109", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 112
./strace-static-x86_64: Process 3856 attached
[pid  3856] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3856] chdir("./109")              = 0
[pid  3856] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3856] setpgid(0, 0)               = 0
[pid  3856] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3856] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3856] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3856] write(3, "1000", 4)         = 4
[pid  3856] close(3)                    = 0
[pid  3856] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3856] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3856] memfd_create("syzkaller", 0) = 3
[pid  3856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3856] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3856] munmap(0x7fd662669000, 2097152) = 0
[pid  3856] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3856] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3856] close(3)                    = 0
[pid  3856] mkdir("./file0", 0777)      = 0
[   89.940021][ T3856] loop0: detected capacity change from 0 to 4096
[   89.955576][ T3856] NILFS (loop0): invalid segment: Checksum error in segment payload
[   89.963843][ T3856] NILFS (loop0): trying rollback from an earlier position
[   89.979426][ T3856] NILFS (loop0): recovery complete
[pid  3856] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3856] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3856] chdir("./file0")            = 0
[pid  3856] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3856] close(4)                    = 0
[pid  3856] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3856] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3856] creat("./bus", 000)         = 4
[pid  3856] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3856] ftruncate(4, 2048)          = 0
[pid  3856] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3856] open("./bus", O_RDONLY)     = 5
[   89.985447][ T3857] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   90.002178][   T27] audit: type=1804 audit(1670457121.909:111): pid=3856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/109/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3856] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3856] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3856] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3856] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3856] open(".", O_RDONLY)         = 6
[pid  3856] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3856] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3856] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3856] close(3)                    = 0
[pid  3856] close(4)                    = 0
[pid  3856] close(5)                    = 0
[pid  3856] close(6)                    = 0
[pid  3856] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3856] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3856] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3856] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3856] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3856] exit_group(0)               = ?
[pid  3856] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=112, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./109/binderfs")    = 0
[pid  3632] umount2("./109/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./109/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./109/cgroup")      = 0
[pid  3632] umount2("./109/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./109/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./109/cgroup.net")  = 0
[pid  3632] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./109/file0")        = 0
[pid  3632] umount2("./109/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./109/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./109/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./109")              = 0
[pid  3632] mkdir("./110", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 113
./strace-static-x86_64: Process 3860 attached
[pid  3860] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3860] chdir("./110")              = 0
[pid  3860] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3860] setpgid(0, 0)               = 0
[pid  3860] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3860] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3860] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3860] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3860] write(3, "1000", 4)         = 4
[pid  3860] close(3)                    = 0
[pid  3860] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3860] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3860] memfd_create("syzkaller", 0) = 3
[pid  3860] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3860] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3860] munmap(0x7fd662669000, 2097152) = 0
[pid  3860] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3860] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3860] close(3)                    = 0
[pid  3860] mkdir("./file0", 0777)      = 0
[   90.316330][ T3860] loop0: detected capacity change from 0 to 4096
[   90.331338][ T3860] NILFS (loop0): invalid segment: Checksum error in segment payload
[   90.339418][ T3860] NILFS (loop0): trying rollback from an earlier position
[   90.352761][ T3860] NILFS (loop0): recovery complete
[pid  3860] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3860] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3860] chdir("./file0")            = 0
[pid  3860] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3860] close(4)                    = 0
[pid  3860] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3860] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3860] creat("./bus", 000)         = 4
[pid  3860] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3860] ftruncate(4, 2048)          = 0
[pid  3860] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3860] open("./bus", O_RDONLY)     = 5
[   90.359256][ T3861] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   90.377546][   T27] audit: type=1804 audit(1670457122.279:112): pid=3860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/110/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3860] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3860] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3860] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3860] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3860] open(".", O_RDONLY)         = 6
[pid  3860] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3860] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3860] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3860] close(3)                    = 0
[pid  3860] close(4)                    = 0
[pid  3860] close(5)                    = 0
[pid  3860] close(6)                    = 0
[pid  3860] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3860] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3860] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3860] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3860] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3860] exit_group(0)               = ?
[pid  3860] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=113, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./110/binderfs")    = 0
[pid  3632] umount2("./110/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./110/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./110/cgroup")      = 0
[pid  3632] umount2("./110/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./110/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./110/cgroup.net")  = 0
[pid  3632] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./110/file0")        = 0
[pid  3632] umount2("./110/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./110/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./110/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./110")              = 0
[pid  3632] mkdir("./111", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 114
./strace-static-x86_64: Process 3862 attached
[pid  3862] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3862] chdir("./111")              = 0
[pid  3862] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3862] setpgid(0, 0)               = 0
[pid  3862] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3862] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3862] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3862] write(3, "1000", 4)         = 4
[pid  3862] close(3)                    = 0
[pid  3862] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3862] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3862] memfd_create("syzkaller", 0) = 3
[pid  3862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3862] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3862] munmap(0x7fd662669000, 2097152) = 0
[pid  3862] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3862] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3862] close(3)                    = 0
[pid  3862] mkdir("./file0", 0777)      = 0
[   90.681583][ T3862] loop0: detected capacity change from 0 to 4096
[   90.698071][ T3862] NILFS (loop0): invalid segment: Checksum error in segment payload
[   90.707686][ T3862] NILFS (loop0): trying rollback from an earlier position
[   90.720383][ T3862] NILFS (loop0): recovery complete
[pid  3862] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3862] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3862] chdir("./file0")            = 0
[pid  3862] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3862] close(4)                    = 0
[pid  3862] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3862] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3862] creat("./bus", 000)         = 4
[pid  3862] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3862] ftruncate(4, 2048)          = 0
[pid  3862] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3862] open("./bus", O_RDONLY)     = 5
[   90.726387][ T3864] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   90.736850][   T27] audit: type=1804 audit(1670457122.629:113): pid=3862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/111/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3862] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3862] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3862] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3862] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3862] open(".", O_RDONLY)         = 6
[pid  3862] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3862] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3862] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3862] close(3)                    = 0
[pid  3862] close(4)                    = 0
[pid  3862] close(5)                    = 0
[pid  3862] close(6)                    = 0
[pid  3862] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3862] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3862] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3862] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3862] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3862] exit_group(0)               = ?
[pid  3862] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=114, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./111/binderfs")    = 0
[pid  3632] umount2("./111/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./111/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./111/cgroup")      = 0
[pid  3632] umount2("./111/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./111/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./111/cgroup.net")  = 0
[pid  3632] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./111/file0")        = 0
[pid  3632] umount2("./111/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./111/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./111/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./111")              = 0
[pid  3632] mkdir("./112", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 115
./strace-static-x86_64: Process 3866 attached
[pid  3866] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3866] chdir("./112")              = 0
[pid  3866] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3866] setpgid(0, 0)               = 0
[pid  3866] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3866] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3866] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3866] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3866] write(3, "1000", 4)         = 4
[pid  3866] close(3)                    = 0
[pid  3866] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3866] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3866] memfd_create("syzkaller", 0) = 3
[pid  3866] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3866] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3866] munmap(0x7fd662669000, 2097152) = 0
[pid  3866] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3866] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3866] close(3)                    = 0
[pid  3866] mkdir("./file0", 0777)      = 0
[   91.047379][ T3866] loop0: detected capacity change from 0 to 4096
[   91.062804][ T3866] NILFS (loop0): invalid segment: Checksum error in segment payload
[   91.070898][ T3866] NILFS (loop0): trying rollback from an earlier position
[   91.083746][ T3866] NILFS (loop0): recovery complete
[pid  3866] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3866] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3866] chdir("./file0")            = 0
[pid  3866] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3866] close(4)                    = 0
[pid  3866] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3866] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3866] creat("./bus", 000)         = 4
[pid  3866] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3866] ftruncate(4, 2048)          = 0
[pid  3866] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3866] open("./bus", O_RDONLY)     = 5
[   91.089529][ T3867] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   91.104015][   T27] audit: type=1804 audit(1670457123.009:114): pid=3866 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/112/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3866] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3866] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3866] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3866] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3866] open(".", O_RDONLY)         = 6
[pid  3866] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3866] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3866] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3866] close(3)                    = 0
[pid  3866] close(4)                    = 0
[pid  3866] close(5)                    = 0
[pid  3866] close(6)                    = 0
[pid  3866] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3866] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3866] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3866] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3866] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3866] exit_group(0)               = ?
[pid  3866] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=115, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./112/binderfs")    = 0
[pid  3632] umount2("./112/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./112/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./112/cgroup")      = 0
[pid  3632] umount2("./112/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./112/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./112/cgroup.net")  = 0
[pid  3632] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./112/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./112/file0")        = 0
[pid  3632] umount2("./112/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./112/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./112/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./112")              = 0
[pid  3632] mkdir("./113", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 116
./strace-static-x86_64: Process 3869 attached
[pid  3869] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3869] chdir("./113")              = 0
[pid  3869] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3869] setpgid(0, 0)               = 0
[pid  3869] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3869] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3869] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3869] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3869] write(3, "1000", 4)         = 4
[pid  3869] close(3)                    = 0
[pid  3869] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3869] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3869] memfd_create("syzkaller", 0) = 3
[pid  3869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3869] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3869] munmap(0x7fd662669000, 2097152) = 0
[pid  3869] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3869] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3869] close(3)                    = 0
[pid  3869] mkdir("./file0", 0777)      = 0
[   91.416415][ T3869] loop0: detected capacity change from 0 to 4096
[   91.432414][ T3869] NILFS (loop0): invalid segment: Checksum error in segment payload
[   91.440496][ T3869] NILFS (loop0): trying rollback from an earlier position
[   91.453221][ T3869] NILFS (loop0): recovery complete
[pid  3869] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3869] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3869] chdir("./file0")            = 0
[pid  3869] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3869] close(4)                    = 0
[pid  3869] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3869] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3869] creat("./bus", 000)         = 4
[pid  3869] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3869] ftruncate(4, 2048)          = 0
[pid  3869] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3869] open("./bus", O_RDONLY)     = 5
[   91.459380][ T3870] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3869] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3869] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3869] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3869] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3869] open(".", O_RDONLY)         = 6
[pid  3869] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3869] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3869] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3869] close(3)                    = 0
[pid  3869] close(4)                    = 0
[pid  3869] close(5)                    = 0
[pid  3869] close(6)                    = 0
[pid  3869] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3869] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3869] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3869] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3869] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3869] exit_group(0)               = ?
[pid  3869] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=116, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./113/binderfs")    = 0
[pid  3632] umount2("./113/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./113/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./113/cgroup")      = 0
[pid  3632] umount2("./113/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./113/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./113/cgroup.net")  = 0
[pid  3632] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./113/file0")        = 0
[pid  3632] umount2("./113/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./113/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./113/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./113")              = 0
[pid  3632] mkdir("./114", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3871 attached
 <unfinished ...>
[pid  3871] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3871] chdir("./114")              = 0
[pid  3871] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3871] setpgid(0, 0)               = 0
[pid  3871] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3871] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 117
[pid  3871] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3871] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3871] write(3, "1000", 4)         = 4
[pid  3871] close(3)                    = 0
[pid  3871] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3871] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3871] memfd_create("syzkaller", 0) = 3
[pid  3871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3871] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3871] munmap(0x7fd662669000, 2097152) = 0
[pid  3871] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3871] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3871] close(3)                    = 0
[pid  3871] mkdir("./file0", 0777)      = 0
[pid  3871] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3871] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3871] chdir("./file0")            = 0
[   91.767559][ T3871] loop0: detected capacity change from 0 to 4096
[   91.783527][ T3871] NILFS (loop0): invalid segment: Checksum error in segment payload
[   91.791769][ T3871] NILFS (loop0): trying rollback from an earlier position
[   91.805061][ T3871] NILFS (loop0): recovery complete
[pid  3871] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3871] close(4)                    = 0
[pid  3871] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3871] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3871] creat("./bus", 000)         = 4
[pid  3871] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3871] ftruncate(4, 2048)          = 0
[pid  3871] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3871] open("./bus", O_RDONLY)     = 5
[   91.811249][ T3872] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3871] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3871] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3871] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3871] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3871] open(".", O_RDONLY)         = 6
[pid  3871] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3871] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3871] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3871] close(3)                    = 0
[pid  3871] close(4)                    = 0
[pid  3871] close(5)                    = 0
[pid  3871] close(6)                    = 0
[pid  3871] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3871] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3871] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3871] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3871] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3871] exit_group(0)               = ?
[pid  3871] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=117, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./114/binderfs")    = 0
[pid  3632] umount2("./114/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./114/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./114/cgroup")      = 0
[pid  3632] umount2("./114/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./114/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./114/cgroup.net")  = 0
[pid  3632] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./114/file0")        = 0
[pid  3632] umount2("./114/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./114/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./114/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./114")              = 0
[pid  3632] mkdir("./115", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 118
./strace-static-x86_64: Process 3873 attached
[pid  3873] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3873] chdir("./115")              = 0
[pid  3873] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3873] setpgid(0, 0)               = 0
[pid  3873] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3873] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3873] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3873] write(3, "1000", 4)         = 4
[pid  3873] close(3)                    = 0
[pid  3873] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3873] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3873] memfd_create("syzkaller", 0) = 3
[pid  3873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3873] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3873] munmap(0x7fd662669000, 2097152) = 0
[pid  3873] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3873] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3873] close(3)                    = 0
[pid  3873] mkdir("./file0", 0777)      = 0
[pid  3873] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3873] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[   92.116508][ T3873] loop0: detected capacity change from 0 to 4096
[   92.131561][ T3873] NILFS (loop0): invalid segment: Checksum error in segment payload
[   92.139688][ T3873] NILFS (loop0): trying rollback from an earlier position
[   92.153868][ T3873] NILFS (loop0): recovery complete
[pid  3873] chdir("./file0")            = 0
[pid  3873] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3873] close(4)                    = 0
[pid  3873] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3873] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3873] creat("./bus", 000)         = 4
[pid  3873] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3873] ftruncate(4, 2048)          = 0
[pid  3873] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3873] open("./bus", O_RDONLY)     = 5
[   92.159912][ T3874] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3873] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3873] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3873] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3873] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3873] open(".", O_RDONLY)         = 6
[pid  3873] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3873] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3873] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3873] close(3)                    = 0
[pid  3873] close(4)                    = 0
[pid  3873] close(5)                    = 0
[pid  3873] close(6)                    = 0
[pid  3873] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3873] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3873] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3873] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3873] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3873] exit_group(0)               = ?
[pid  3873] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=118, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./115/binderfs")    = 0
[pid  3632] umount2("./115/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./115/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./115/cgroup")      = 0
[pid  3632] umount2("./115/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./115/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./115/cgroup.net")  = 0
[pid  3632] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./115/file0")        = 0
[pid  3632] umount2("./115/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./115/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./115/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./115")              = 0
[pid  3632] mkdir("./116", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 119
./strace-static-x86_64: Process 3875 attached
[pid  3875] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3875] chdir("./116")              = 0
[pid  3875] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3875] setpgid(0, 0)               = 0
[pid  3875] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3875] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3875] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3875] write(3, "1000", 4)         = 4
[pid  3875] close(3)                    = 0
[pid  3875] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3875] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3875] memfd_create("syzkaller", 0) = 3
[pid  3875] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3875] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3875] munmap(0x7fd662669000, 2097152) = 0
[pid  3875] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3875] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3875] close(3)                    = 0
[pid  3875] mkdir("./file0", 0777)      = 0
[   92.451205][ T3875] loop0: detected capacity change from 0 to 4096
[   92.466532][ T3875] NILFS (loop0): invalid segment: Checksum error in segment payload
[   92.474680][ T3875] NILFS (loop0): trying rollback from an earlier position
[   92.488235][ T3875] NILFS (loop0): recovery complete
[pid  3875] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3875] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3875] chdir("./file0")            = 0
[pid  3875] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3875] close(4)                    = 0
[pid  3875] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3875] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3875] creat("./bus", 000)         = 4
[pid  3875] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3875] ftruncate(4, 2048)          = 0
[pid  3875] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3875] open("./bus", O_RDONLY)     = 5
[   92.494227][ T3876] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3875] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3875] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3875] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3875] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3875] open(".", O_RDONLY)         = 6
[pid  3875] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3875] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3875] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3875] close(3)                    = 0
[pid  3875] close(4)                    = 0
[pid  3875] close(5)                    = 0
[pid  3875] close(6)                    = 0
[pid  3875] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3875] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3875] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3875] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3875] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3875] exit_group(0)               = ?
[pid  3875] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=119, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./116/binderfs")    = 0
[pid  3632] umount2("./116/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./116/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./116/cgroup")      = 0
[pid  3632] umount2("./116/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./116/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./116/cgroup.net")  = 0
[pid  3632] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./116/file0")        = 0
[pid  3632] umount2("./116/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./116/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./116/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./116")              = 0
[pid  3632] mkdir("./117", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 120
./strace-static-x86_64: Process 3877 attached
[pid  3877] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3877] chdir("./117")              = 0
[pid  3877] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3877] setpgid(0, 0)               = 0
[pid  3877] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3877] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3877] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3877] write(3, "1000", 4)         = 4
[pid  3877] close(3)                    = 0
[pid  3877] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3877] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3877] memfd_create("syzkaller", 0) = 3
[pid  3877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3877] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3877] munmap(0x7fd662669000, 2097152) = 0
[pid  3877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3877] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3877] close(3)                    = 0
[pid  3877] mkdir("./file0", 0777)      = 0
[   92.787264][ T3877] loop0: detected capacity change from 0 to 4096
[   92.802572][ T3877] NILFS (loop0): invalid segment: Checksum error in segment payload
[   92.810670][ T3877] NILFS (loop0): trying rollback from an earlier position
[   92.824665][ T3877] NILFS (loop0): recovery complete
[pid  3877] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3877] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3877] chdir("./file0")            = 0
[pid  3877] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3877] close(4)                    = 0
[pid  3877] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3877] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3877] creat("./bus", 000)         = 4
[pid  3877] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3877] ftruncate(4, 2048)          = 0
[pid  3877] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3877] open("./bus", O_RDONLY)     = 5
[   92.830606][ T3878] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3877] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3877] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3877] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3877] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3877] open(".", O_RDONLY)         = 6
[pid  3877] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3877] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3877] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3877] close(3)                    = 0
[pid  3877] close(4)                    = 0
[pid  3877] close(5)                    = 0
[pid  3877] close(6)                    = 0
[pid  3877] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3877] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3877] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3877] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3877] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3877] exit_group(0)               = ?
[pid  3877] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=120, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./117/binderfs")    = 0
[pid  3632] umount2("./117/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./117/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./117/cgroup")      = 0
[pid  3632] umount2("./117/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./117/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./117/cgroup.net")  = 0
[pid  3632] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./117/file0")        = 0
[pid  3632] umount2("./117/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./117/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./117/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./117")              = 0
[pid  3632] mkdir("./118", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 121
./strace-static-x86_64: Process 3879 attached
[pid  3879] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3879] chdir("./118")              = 0
[pid  3879] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3879] setpgid(0, 0)               = 0
[pid  3879] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3879] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3879] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3879] write(3, "1000", 4)         = 4
[pid  3879] close(3)                    = 0
[pid  3879] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3879] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3879] memfd_create("syzkaller", 0) = 3
[pid  3879] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3879] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3879] munmap(0x7fd662669000, 2097152) = 0
[pid  3879] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3879] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3879] close(3)                    = 0
[pid  3879] mkdir("./file0", 0777)      = 0
[pid  3879] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3879] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3879] chdir("./file0")            = 0
[pid  3879] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3879] close(4)                    = 0
[pid  3879] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3879] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[   93.126159][ T3879] loop0: detected capacity change from 0 to 4096
[   93.141373][ T3879] NILFS (loop0): invalid segment: Checksum error in segment payload
[   93.149464][ T3879] NILFS (loop0): trying rollback from an earlier position
[   93.163742][ T3879] NILFS (loop0): recovery complete
[pid  3879] creat("./bus", 000)         = 4
[pid  3879] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3879] ftruncate(4, 2048)          = 0
[pid  3879] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3879] open("./bus", O_RDONLY)     = 5
[   93.170838][ T3880] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   93.184678][   T27] kauditd_printk_skb: 5 callbacks suppressed
[   93.184691][   T27] audit: type=1804 audit(1670457125.099:120): pid=3879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/118/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3879] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3879] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3879] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3879] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3879] open(".", O_RDONLY)         = 6
[pid  3879] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3879] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3879] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3879] close(3)                    = 0
[pid  3879] close(4)                    = 0
[pid  3879] close(5)                    = 0
[pid  3879] close(6)                    = 0
[pid  3879] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3879] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3879] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3879] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3879] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3879] exit_group(0)               = ?
[pid  3879] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=121, si_uid=0, si_status=0, si_utime=0, si_stime=13} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./118/binderfs")    = 0
[pid  3632] umount2("./118/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./118/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./118/cgroup")      = 0
[pid  3632] umount2("./118/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./118/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./118/cgroup.net")  = 0
[pid  3632] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./118/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./118/file0")        = 0
[pid  3632] umount2("./118/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./118/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./118/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./118")              = 0
[pid  3632] mkdir("./119", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 122
./strace-static-x86_64: Process 3881 attached
[pid  3881] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3881] chdir("./119")              = 0
[pid  3881] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3881] setpgid(0, 0)               = 0
[pid  3881] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3881] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3881] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3881] write(3, "1000", 4)         = 4
[pid  3881] close(3)                    = 0
[pid  3881] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3881] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3881] memfd_create("syzkaller", 0) = 3
[pid  3881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3881] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3881] munmap(0x7fd662669000, 2097152) = 0
[pid  3881] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3881] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3881] close(3)                    = 0
[pid  3881] mkdir("./file0", 0777)      = 0
[   93.505654][ T3881] loop0: detected capacity change from 0 to 4096
[   93.520923][ T3881] NILFS (loop0): invalid segment: Checksum error in segment payload
[   93.529131][ T3881] NILFS (loop0): trying rollback from an earlier position
[   93.543533][ T3881] NILFS (loop0): recovery complete
[pid  3881] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3881] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3881] chdir("./file0")            = 0
[pid  3881] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3881] close(4)                    = 0
[pid  3881] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3881] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3881] creat("./bus", 000)         = 4
[pid  3881] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3881] ftruncate(4, 2048)          = 0
[pid  3881] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3881] open("./bus", O_RDONLY)     = 5
[   93.550159][ T3882] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   93.560959][   T27] audit: type=1804 audit(1670457125.459:121): pid=3881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/119/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3881] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3881] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3881] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3881] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3881] open(".", O_RDONLY)         = 6
[pid  3881] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3881] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3881] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3881] close(3)                    = 0
[pid  3881] close(4)                    = 0
[pid  3881] close(5)                    = 0
[pid  3881] close(6)                    = 0
[pid  3881] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3881] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3881] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3881] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3881] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3881] exit_group(0)               = ?
[pid  3881] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=122, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./119/binderfs")    = 0
[pid  3632] umount2("./119/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./119/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./119/cgroup")      = 0
[pid  3632] umount2("./119/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./119/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./119/cgroup.net")  = 0
[pid  3632] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./119/file0")        = 0
[pid  3632] umount2("./119/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./119/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./119/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./119")              = 0
[pid  3632] mkdir("./120", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 123
./strace-static-x86_64: Process 3883 attached
[pid  3883] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3883] chdir("./120")              = 0
[pid  3883] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3883] setpgid(0, 0)               = 0
[pid  3883] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3883] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3883] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3883] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3883] write(3, "1000", 4)         = 4
[pid  3883] close(3)                    = 0
[pid  3883] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3883] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3883] memfd_create("syzkaller", 0) = 3
[pid  3883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3883] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3883] munmap(0x7fd662669000, 2097152) = 0
[pid  3883] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3883] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3883] close(3)                    = 0
[pid  3883] mkdir("./file0", 0777)      = 0
[pid  3883] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3883] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3883] chdir("./file0")            = 0
[pid  3883] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3883] close(4)                    = 0
[pid  3883] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3883] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[   93.846040][ T3883] loop0: detected capacity change from 0 to 4096
[   93.861788][ T3883] NILFS (loop0): invalid segment: Checksum error in segment payload
[   93.870133][ T3883] NILFS (loop0): trying rollback from an earlier position
[   93.883315][ T3883] NILFS (loop0): recovery complete
[pid  3883] creat("./bus", 000)         = 4
[pid  3883] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3883] ftruncate(4, 2048)          = 0
[pid  3883] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3883] open("./bus", O_RDONLY)     = 5
[   93.890090][ T3884] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   93.908775][   T27] audit: type=1804 audit(1670457125.809:122): pid=3883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/120/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3883] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3883] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3883] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3883] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3883] open(".", O_RDONLY)         = 6
[pid  3883] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3883] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3883] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3883] close(3)                    = 0
[pid  3883] close(4)                    = 0
[pid  3883] close(5)                    = 0
[pid  3883] close(6)                    = 0
[pid  3883] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3883] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3883] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3883] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3883] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3883] exit_group(0)               = ?
[pid  3883] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=123, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./120/binderfs")    = 0
[pid  3632] umount2("./120/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./120/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./120/cgroup")      = 0
[pid  3632] umount2("./120/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./120/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./120/cgroup.net")  = 0
[pid  3632] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./120/file0")        = 0
[pid  3632] umount2("./120/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./120/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./120/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./120")              = 0
[pid  3632] mkdir("./121", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 124
./strace-static-x86_64: Process 3885 attached
[pid  3885] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3885] chdir("./121")              = 0
[pid  3885] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3885] setpgid(0, 0)               = 0
[pid  3885] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3885] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3885] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3885] write(3, "1000", 4)         = 4
[pid  3885] close(3)                    = 0
[pid  3885] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3885] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3885] memfd_create("syzkaller", 0) = 3
[pid  3885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3885] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3885] munmap(0x7fd662669000, 2097152) = 0
[pid  3885] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3885] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3885] close(3)                    = 0
[pid  3885] mkdir("./file0", 0777)      = 0
[pid  3885] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3885] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3885] chdir("./file0")            = 0
[   94.195602][ T3885] loop0: detected capacity change from 0 to 4096
[   94.210168][ T3885] NILFS (loop0): invalid segment: Checksum error in segment payload
[   94.218186][ T3885] NILFS (loop0): trying rollback from an earlier position
[   94.231373][ T3885] NILFS (loop0): recovery complete
[pid  3885] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3885] close(4)                    = 0
[pid  3885] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3885] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3885] creat("./bus", 000)         = 4
[pid  3885] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3885] ftruncate(4, 2048)          = 0
[pid  3885] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3885] open("./bus", O_RDONLY)     = 5
[   94.237614][ T3886] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   94.252444][   T27] audit: type=1804 audit(1670457126.159:123): pid=3885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/121/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3885] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3885] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3885] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3885] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3885] open(".", O_RDONLY)         = 6
[pid  3885] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3885] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3885] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3885] close(3)                    = 0
[pid  3885] close(4)                    = 0
[pid  3885] close(5)                    = 0
[pid  3885] close(6)                    = 0
[pid  3885] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3885] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3885] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3885] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3885] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3885] exit_group(0)               = ?
[pid  3885] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=124, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./121/binderfs")    = 0
[pid  3632] umount2("./121/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./121/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./121/cgroup")      = 0
[pid  3632] umount2("./121/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./121/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./121/cgroup.net")  = 0
[pid  3632] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./121/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./121/file0")        = 0
[pid  3632] umount2("./121/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./121/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./121/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./121")              = 0
[pid  3632] mkdir("./122", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 125
./strace-static-x86_64: Process 3887 attached
[pid  3887] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3887] chdir("./122")              = 0
[pid  3887] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3887] setpgid(0, 0)               = 0
[pid  3887] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3887] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3887] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3887] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3887] write(3, "1000", 4)         = 4
[pid  3887] close(3)                    = 0
[pid  3887] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3887] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3887] memfd_create("syzkaller", 0) = 3
[pid  3887] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3887] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3887] munmap(0x7fd662669000, 2097152) = 0
[pid  3887] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3887] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3887] close(3)                    = 0
[pid  3887] mkdir("./file0", 0777)      = 0
[   94.551244][ T3887] loop0: detected capacity change from 0 to 4096
[   94.567187][ T3887] NILFS (loop0): invalid segment: Checksum error in segment payload
[   94.575299][ T3887] NILFS (loop0): trying rollback from an earlier position
[   94.589008][ T3887] NILFS (loop0): recovery complete
[pid  3887] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3887] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3887] chdir("./file0")            = 0
[pid  3887] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3887] close(4)                    = 0
[pid  3887] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3887] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3887] creat("./bus", 000)         = 4
[pid  3887] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3887] ftruncate(4, 2048)          = 0
[pid  3887] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3887] open("./bus", O_RDONLY)     = 5
[   94.594891][ T3888] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   94.611971][   T27] audit: type=1804 audit(1670457126.519:124): pid=3887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/122/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3887] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3887] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3887] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3887] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3887] open(".", O_RDONLY)         = 6
[pid  3887] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3887] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3887] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3887] close(3)                    = 0
[pid  3887] close(4)                    = 0
[pid  3887] close(5)                    = 0
[pid  3887] close(6)                    = 0
[pid  3887] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3887] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3887] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3887] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3887] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3887] exit_group(0)               = ?
[pid  3887] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=125, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./122/binderfs")    = 0
[pid  3632] umount2("./122/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./122/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./122/cgroup")      = 0
[pid  3632] umount2("./122/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./122/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./122/cgroup.net")  = 0
[pid  3632] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./122/file0")        = 0
[pid  3632] umount2("./122/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./122/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./122/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./122")              = 0
[pid  3632] mkdir("./123", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 126
./strace-static-x86_64: Process 3889 attached
[pid  3889] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3889] chdir("./123")              = 0
[pid  3889] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3889] setpgid(0, 0)               = 0
[pid  3889] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3889] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3889] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3889] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3889] write(3, "1000", 4)         = 4
[pid  3889] close(3)                    = 0
[pid  3889] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3889] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3889] memfd_create("syzkaller", 0) = 3
[pid  3889] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3889] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3889] munmap(0x7fd662669000, 2097152) = 0
[pid  3889] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3889] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3889] close(3)                    = 0
[pid  3889] mkdir("./file0", 0777)      = 0
[pid  3889] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3889] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3889] chdir("./file0")            = 0
[pid  3889] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3889] close(4)                    = 0
[pid  3889] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[   94.894255][ T3889] loop0: detected capacity change from 0 to 4096
[   94.909458][ T3889] NILFS (loop0): invalid segment: Checksum error in segment payload
[   94.917499][ T3889] NILFS (loop0): trying rollback from an earlier position
[   94.930882][ T3889] NILFS (loop0): recovery complete
[pid  3889] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3889] creat("./bus", 000)         = 4
[pid  3889] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3889] ftruncate(4, 2048)          = 0
[pid  3889] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3889] open("./bus", O_RDONLY)     = 5
[   94.936816][ T3890] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   94.951228][   T27] audit: type=1804 audit(1670457126.859:125): pid=3889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/123/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3889] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3889] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3889] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3889] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3889] open(".", O_RDONLY)         = 6
[pid  3889] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3889] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3889] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3889] close(3)                    = 0
[pid  3889] close(4)                    = 0
[pid  3889] close(5)                    = 0
[pid  3889] close(6)                    = 0
[pid  3889] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3889] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3889] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3889] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3889] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3889] exit_group(0)               = ?
[pid  3889] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=126, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./123/binderfs")    = 0
[pid  3632] umount2("./123/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./123/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./123/cgroup")      = 0
[pid  3632] umount2("./123/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./123/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./123/cgroup.net")  = 0
[pid  3632] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./123/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./123/file0")        = 0
[pid  3632] umount2("./123/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./123/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./123/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./123")              = 0
[pid  3632] mkdir("./124", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 127
./strace-static-x86_64: Process 3891 attached
[pid  3891] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3891] chdir("./124")              = 0
[pid  3891] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3891] setpgid(0, 0)               = 0
[pid  3891] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3891] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3891] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3891] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3891] write(3, "1000", 4)         = 4
[pid  3891] close(3)                    = 0
[pid  3891] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3891] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3891] memfd_create("syzkaller", 0) = 3
[pid  3891] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3891] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3891] munmap(0x7fd662669000, 2097152) = 0
[pid  3891] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3891] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3891] close(3)                    = 0
[pid  3891] mkdir("./file0", 0777)      = 0
[pid  3891] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3891] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3891] chdir("./file0")            = 0
[pid  3891] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3891] close(4)                    = 0
[pid  3891] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3891] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3891] creat("./bus", 000)         = 4
[pid  3891] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3891] ftruncate(4, 2048)          = 0
[pid  3891] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3891] open("./bus", O_RDONLY)     = 5
[   95.245538][ T3891] loop0: detected capacity change from 0 to 4096
[   95.260919][ T3891] NILFS (loop0): invalid segment: Checksum error in segment payload
[   95.269165][ T3891] NILFS (loop0): trying rollback from an earlier position
[   95.283584][ T3891] NILFS (loop0): recovery complete
[   95.290369][ T3892] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   95.301155][   T27] audit: type=1804 audit(1670457127.199:126): pid=3891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/124/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3891] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3891] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3891] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3891] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3891] open(".", O_RDONLY)         = 6
[pid  3891] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3891] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3891] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3891] close(3)                    = 0
[pid  3891] close(4)                    = 0
[pid  3891] close(5)                    = 0
[pid  3891] close(6)                    = 0
[pid  3891] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3891] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3891] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3891] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3891] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3891] exit_group(0)               = ?
[pid  3891] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=127, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./124/binderfs")    = 0
[pid  3632] umount2("./124/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./124/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./124/cgroup")      = 0
[pid  3632] umount2("./124/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./124/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./124/cgroup.net")  = 0
[pid  3632] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./124/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./124/file0")        = 0
[pid  3632] umount2("./124/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./124/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./124/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./124")              = 0
[pid  3632] mkdir("./125", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 128
./strace-static-x86_64: Process 3893 attached
[pid  3893] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3893] chdir("./125")              = 0
[pid  3893] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3893] setpgid(0, 0)               = 0
[pid  3893] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3893] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3893] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3893] write(3, "1000", 4)         = 4
[pid  3893] close(3)                    = 0
[pid  3893] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3893] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3893] memfd_create("syzkaller", 0) = 3
[pid  3893] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3893] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3893] munmap(0x7fd662669000, 2097152) = 0
[pid  3893] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3893] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3893] close(3)                    = 0
[pid  3893] mkdir("./file0", 0777)      = 0
[pid  3893] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3893] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3893] chdir("./file0")            = 0
[pid  3893] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3893] close(4)                    = 0
[pid  3893] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3893] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[   95.594293][ T3893] loop0: detected capacity change from 0 to 4096
[   95.608610][ T3893] NILFS (loop0): invalid segment: Checksum error in segment payload
[   95.616807][ T3893] NILFS (loop0): trying rollback from an earlier position
[   95.630562][ T3893] NILFS (loop0): recovery complete
[pid  3893] creat("./bus", 000)         = 4
[pid  3893] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3893] ftruncate(4, 2048)          = 0
[pid  3893] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3893] open("./bus", O_RDONLY)     = 5
[   95.636906][ T3894] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   95.648621][   T27] audit: type=1804 audit(1670457127.549:127): pid=3893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/125/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3893] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3893] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3893] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3893] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3893] open(".", O_RDONLY)         = 6
[pid  3893] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3893] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3893] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3893] close(3)                    = 0
[pid  3893] close(4)                    = 0
[pid  3893] close(5)                    = 0
[pid  3893] close(6)                    = 0
[pid  3893] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3893] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3893] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3893] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3893] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3893] exit_group(0)               = ?
[pid  3893] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=128, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./125/binderfs")    = 0
[pid  3632] umount2("./125/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./125/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./125/cgroup")      = 0
[pid  3632] umount2("./125/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./125/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./125/cgroup.net")  = 0
[pid  3632] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./125/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./125/file0")        = 0
[pid  3632] umount2("./125/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./125/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./125/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./125")              = 0
[pid  3632] mkdir("./126", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 129
./strace-static-x86_64: Process 3895 attached
[pid  3895] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3895] chdir("./126")              = 0
[pid  3895] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3895] setpgid(0, 0)               = 0
[pid  3895] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3895] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3895] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3895] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3895] write(3, "1000", 4)         = 4
[pid  3895] close(3)                    = 0
[pid  3895] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3895] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3895] memfd_create("syzkaller", 0) = 3
[pid  3895] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3895] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3895] munmap(0x7fd662669000, 2097152) = 0
[pid  3895] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3895] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3895] close(3)                    = 0
[pid  3895] mkdir("./file0", 0777)      = 0
[   95.933015][ T3895] loop0: detected capacity change from 0 to 4096
[   95.947412][ T3895] NILFS (loop0): invalid segment: Checksum error in segment payload
[   95.955673][ T3895] NILFS (loop0): trying rollback from an earlier position
[   95.969327][ T3895] NILFS (loop0): recovery complete
[pid  3895] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3895] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3895] chdir("./file0")            = 0
[pid  3895] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3895] close(4)                    = 0
[pid  3895] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3895] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3895] creat("./bus", 000)         = 4
[pid  3895] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3895] ftruncate(4, 2048)          = 0
[pid  3895] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3895] open("./bus", O_RDONLY)     = 5
[   95.975226][ T3896] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   95.986511][   T27] audit: type=1804 audit(1670457127.879:128): pid=3895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/126/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3895] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3895] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3895] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3895] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3895] open(".", O_RDONLY)         = 6
[pid  3895] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3895] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3895] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3895] close(3)                    = 0
[pid  3895] close(4)                    = 0
[pid  3895] close(5)                    = 0
[pid  3895] close(6)                    = 0
[pid  3895] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3895] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3895] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3895] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3895] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3895] exit_group(0)               = ?
[pid  3895] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=129, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./126/binderfs")    = 0
[pid  3632] umount2("./126/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./126/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./126/cgroup")      = 0
[pid  3632] umount2("./126/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./126/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./126/cgroup.net")  = 0
[pid  3632] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./126/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./126/file0")        = 0
[pid  3632] umount2("./126/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./126/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./126/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./126")              = 0
[pid  3632] mkdir("./127", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 130
./strace-static-x86_64: Process 3897 attached
[pid  3897] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3897] chdir("./127")              = 0
[pid  3897] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3897] setpgid(0, 0)               = 0
[pid  3897] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3897] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3897] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3897] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3897] write(3, "1000", 4)         = 4
[pid  3897] close(3)                    = 0
[pid  3897] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3897] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3897] memfd_create("syzkaller", 0) = 3
[pid  3897] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3897] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3897] munmap(0x7fd662669000, 2097152) = 0
[pid  3897] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3897] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3897] close(3)                    = 0
[pid  3897] mkdir("./file0", 0777)      = 0
[   96.279896][ T3897] loop0: detected capacity change from 0 to 4096
[   96.295817][ T3897] NILFS (loop0): invalid segment: Checksum error in segment payload
[   96.304154][ T3897] NILFS (loop0): trying rollback from an earlier position
[   96.319577][ T3897] NILFS (loop0): recovery complete
[pid  3897] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3897] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3897] chdir("./file0")            = 0
[pid  3897] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3897] close(4)                    = 0
[pid  3897] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3897] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3897] creat("./bus", 000)         = 4
[pid  3897] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3897] ftruncate(4, 2048)          = 0
[pid  3897] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3897] open("./bus", O_RDONLY)     = 5
[   96.325551][ T3898] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   96.338779][   T27] audit: type=1804 audit(1670457128.249:129): pid=3897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/127/file0/bus" dev="loop0" ino=12 res=1 errno=0
[   96.369073][ T3898] NILFS (loop0): nilfs_direct_assign (ino=6): invalid key: 130
[pid  3897] sendfile(4, 5, NULL, 140737974943952) = 65536
[pid  3897] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3897] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3897] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3897] open(".", O_RDONLY)         = 6
[pid  3897] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3897] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3897] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3897] close(3)                    = 0
[pid  3897] close(4)                    = 0
[pid  3897] close(5)                    = 0
[pid  3897] close(6)                    = 0
[pid  3897] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3897] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3897] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3897] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3897] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3897] exit_group(0)               = ?
[pid  3897] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=130, si_uid=0, si_status=0, si_utime=0, si_stime=9} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./127/binderfs")    = 0
[pid  3632] umount2("./127/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./127/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./127/cgroup")      = 0
[pid  3632] umount2("./127/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./127/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./127/cgroup.net")  = 0
[pid  3632] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./127/file0")        = 0
[pid  3632] umount2("./127/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./127/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./127/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./127")              = 0
[pid  3632] mkdir("./128", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[   96.376837][ T3898] NILFS error (device loop0): nilfs_bmap_assign: broken bmap (inode number=6)
[   96.387557][ T3898] Remounting filesystem read-only
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3899 attached
, child_tidptr=0x5555573f25d0) = 131
[pid  3899] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3899] chdir("./128")              = 0
[pid  3899] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3899] setpgid(0, 0)               = 0
[pid  3899] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3899] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3899] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3899] write(3, "1000", 4)         = 4
[pid  3899] close(3)                    = 0
[pid  3899] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3899] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3899] memfd_create("syzkaller", 0) = 3
[pid  3899] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3899] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3899] munmap(0x7fd662669000, 2097152) = 0
[pid  3899] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3899] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3899] close(3)                    = 0
[pid  3899] mkdir("./file0", 0777)      = 0
[   96.478155][ T3899] loop0: detected capacity change from 0 to 4096
[   96.494545][ T3899] NILFS (loop0): invalid segment: Checksum error in segment payload
[   96.502662][ T3899] NILFS (loop0): trying rollback from an earlier position
[   96.518086][ T3899] NILFS (loop0): recovery complete
[pid  3899] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3899] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3899] chdir("./file0")            = 0
[pid  3899] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3899] close(4)                    = 0
[pid  3899] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3899] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3899] creat("./bus", 000)         = 4
[pid  3899] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3899] ftruncate(4, 2048)          = 0
[pid  3899] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3899] open("./bus", O_RDONLY)     = 5
[   96.523984][ T3900] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3899] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3899] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3899] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3899] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3899] open(".", O_RDONLY)         = 6
[pid  3899] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3899] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3899] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3899] close(3)                    = 0
[pid  3899] close(4)                    = 0
[pid  3899] close(5)                    = 0
[pid  3899] close(6)                    = 0
[pid  3899] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3899] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3899] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3899] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3899] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3899] exit_group(0)               = ?
[pid  3899] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=131, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./128/binderfs")    = 0
[pid  3632] umount2("./128/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./128/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./128/cgroup")      = 0
[pid  3632] umount2("./128/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./128/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./128/cgroup.net")  = 0
[pid  3632] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./128/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./128/file0")        = 0
[pid  3632] umount2("./128/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./128/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./128/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./128")              = 0
[pid  3632] mkdir("./129", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 132
./strace-static-x86_64: Process 3901 attached
[pid  3901] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3901] chdir("./129")              = 0
[pid  3901] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3901] setpgid(0, 0)               = 0
[pid  3901] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3901] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3901] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3901] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3901] write(3, "1000", 4)         = 4
[pid  3901] close(3)                    = 0
[pid  3901] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3901] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3901] memfd_create("syzkaller", 0) = 3
[pid  3901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3901] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3901] munmap(0x7fd662669000, 2097152) = 0
[pid  3901] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3901] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3901] close(3)                    = 0
[pid  3901] mkdir("./file0", 0777)      = 0
[pid  3901] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3901] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3901] chdir("./file0")            = 0
[pid  3901] ioctl(4, LOOP_CLR_FD)       = 0
[   96.822002][ T3901] loop0: detected capacity change from 0 to 4096
[   96.836751][ T3901] NILFS (loop0): invalid segment: Checksum error in segment payload
[   96.844830][ T3901] NILFS (loop0): trying rollback from an earlier position
[   96.865006][ T3901] NILFS (loop0): recovery complete
[pid  3901] close(4)                    = 0
[pid  3901] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3901] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3901] creat("./bus", 000)         = 4
[pid  3901] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3901] ftruncate(4, 2048)          = 0
[pid  3901] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3901] open("./bus", O_RDONLY)     = 5
[   96.873671][ T3902] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3901] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3901] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3901] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3901] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3901] open(".", O_RDONLY)         = 6
[pid  3901] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3901] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3901] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3901] close(3)                    = 0
[pid  3901] close(4)                    = 0
[pid  3901] close(5)                    = 0
[pid  3901] close(6)                    = 0
[pid  3901] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3901] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3901] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3901] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3901] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3901] exit_group(0)               = ?
[pid  3901] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=132, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./129/binderfs")    = 0
[pid  3632] umount2("./129/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./129/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./129/cgroup")      = 0
[pid  3632] umount2("./129/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./129/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./129/cgroup.net")  = 0
[pid  3632] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./129/file0")        = 0
[pid  3632] umount2("./129/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./129/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./129/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./129")              = 0
[pid  3632] mkdir("./130", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3903 attached
, child_tidptr=0x5555573f25d0) = 133
[pid  3903] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3903] chdir("./130")              = 0
[pid  3903] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3903] setpgid(0, 0)               = 0
[pid  3903] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3903] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3903] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3903] write(3, "1000", 4)         = 4
[pid  3903] close(3)                    = 0
[pid  3903] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3903] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3903] memfd_create("syzkaller", 0) = 3
[pid  3903] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3903] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3903] munmap(0x7fd662669000, 2097152) = 0
[pid  3903] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3903] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3903] close(3)                    = 0
[pid  3903] mkdir("./file0", 0777)      = 0
[pid  3903] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3903] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3903] chdir("./file0")            = 0
[pid  3903] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3903] close(4)                    = 0
[   97.163359][ T3903] loop0: detected capacity change from 0 to 4096
[   97.179371][ T3903] NILFS (loop0): invalid segment: Checksum error in segment payload
[   97.187439][ T3903] NILFS (loop0): trying rollback from an earlier position
[   97.201397][ T3903] NILFS (loop0): recovery complete
[pid  3903] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3903] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3903] creat("./bus", 000)         = 4
[pid  3903] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3903] ftruncate(4, 2048)          = 0
[pid  3903] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3903] open("./bus", O_RDONLY)     = 5
[   97.208377][ T3904] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3903] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3903] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3903] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3903] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3903] open(".", O_RDONLY)         = 6
[pid  3903] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3903] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3903] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3903] close(3)                    = 0
[pid  3903] close(4)                    = 0
[pid  3903] close(5)                    = 0
[pid  3903] close(6)                    = 0
[pid  3903] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3903] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3903] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3903] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3903] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3903] exit_group(0)               = ?
[pid  3903] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=133, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./130/binderfs")    = 0
[pid  3632] umount2("./130/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./130/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./130/cgroup")      = 0
[pid  3632] umount2("./130/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./130/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./130/cgroup.net")  = 0
[pid  3632] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./130/file0")        = 0
[pid  3632] umount2("./130/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./130/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./130/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./130")              = 0
[pid  3632] mkdir("./131", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 134
./strace-static-x86_64: Process 3905 attached
[pid  3905] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3905] chdir("./131")              = 0
[pid  3905] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3905] setpgid(0, 0)               = 0
[pid  3905] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3905] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3905] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3905] write(3, "1000", 4)         = 4
[pid  3905] close(3)                    = 0
[pid  3905] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3905] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3905] memfd_create("syzkaller", 0) = 3
[pid  3905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3905] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3905] munmap(0x7fd662669000, 2097152) = 0
[pid  3905] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3905] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3905] close(3)                    = 0
[pid  3905] mkdir("./file0", 0777)      = 0
[pid  3905] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3905] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3905] chdir("./file0")            = 0
[pid  3905] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3905] close(4)                    = 0
[pid  3905] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3905] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3905] creat("./bus", 000)         = 4
[pid  3905] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3905] ftruncate(4, 2048)          = 0
[pid  3905] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3905] open("./bus", O_RDONLY)     = 5
[   97.501230][ T3905] loop0: detected capacity change from 0 to 4096
[   97.515516][ T3905] NILFS (loop0): invalid segment: Checksum error in segment payload
[   97.523545][ T3905] NILFS (loop0): trying rollback from an earlier position
[   97.538210][ T3905] NILFS (loop0): recovery complete
[   97.544828][ T3906] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3905] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3905] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3905] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3905] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3905] open(".", O_RDONLY)         = 6
[pid  3905] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3905] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3905] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3905] close(3)                    = 0
[pid  3905] close(4)                    = 0
[pid  3905] close(5)                    = 0
[pid  3905] close(6)                    = 0
[pid  3905] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3905] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3905] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3905] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3905] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3905] exit_group(0)               = ?
[pid  3905] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=134, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./131/binderfs")    = 0
[pid  3632] umount2("./131/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./131/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./131/cgroup")      = 0
[pid  3632] umount2("./131/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./131/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./131/cgroup.net")  = 0
[pid  3632] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./131/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./131/file0")        = 0
[pid  3632] umount2("./131/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./131/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./131/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./131")              = 0
[pid  3632] mkdir("./132", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 135
./strace-static-x86_64: Process 3907 attached
[pid  3907] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3907] chdir("./132")              = 0
[pid  3907] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3907] setpgid(0, 0)               = 0
[pid  3907] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3907] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3907] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3907] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3907] write(3, "1000", 4)         = 4
[pid  3907] close(3)                    = 0
[pid  3907] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3907] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3907] memfd_create("syzkaller", 0) = 3
[pid  3907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3907] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3907] munmap(0x7fd662669000, 2097152) = 0
[pid  3907] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3907] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3907] close(3)                    = 0
[pid  3907] mkdir("./file0", 0777)      = 0
[pid  3907] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3907] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3907] chdir("./file0")            = 0
[pid  3907] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3907] close(4)                    = 0
[pid  3907] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[   97.836134][ T3907] loop0: detected capacity change from 0 to 4096
[   97.851757][ T3907] NILFS (loop0): invalid segment: Checksum error in segment payload
[   97.859846][ T3907] NILFS (loop0): trying rollback from an earlier position
[   97.874017][ T3907] NILFS (loop0): recovery complete
[pid  3907] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3907] creat("./bus", 000)         = 4
[pid  3907] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3907] ftruncate(4, 2048)          = 0
[pid  3907] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3907] open("./bus", O_RDONLY)     = 5
[   97.879985][ T3908] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3907] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3907] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3907] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3907] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3907] open(".", O_RDONLY)         = 6
[pid  3907] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3907] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3907] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3907] close(3)                    = 0
[pid  3907] close(4)                    = 0
[pid  3907] close(5)                    = 0
[pid  3907] close(6)                    = 0
[pid  3907] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3907] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3907] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3907] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3907] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3907] exit_group(0)               = ?
[pid  3907] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=135, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./132/binderfs")    = 0
[pid  3632] umount2("./132/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./132/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./132/cgroup")      = 0
[pid  3632] umount2("./132/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./132/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./132/cgroup.net")  = 0
[pid  3632] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./132/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./132/file0")        = 0
[pid  3632] umount2("./132/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./132/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./132/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./132")              = 0
[pid  3632] mkdir("./133", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 136
./strace-static-x86_64: Process 3909 attached
[pid  3909] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3909] chdir("./133")              = 0
[pid  3909] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3909] setpgid(0, 0)               = 0
[pid  3909] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3909] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3909] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3909] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3909] write(3, "1000", 4)         = 4
[pid  3909] close(3)                    = 0
[pid  3909] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3909] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3909] memfd_create("syzkaller", 0) = 3
[pid  3909] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3909] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3909] munmap(0x7fd662669000, 2097152) = 0
[pid  3909] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3909] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3909] close(3)                    = 0
[pid  3909] mkdir("./file0", 0777)      = 0
[pid  3909] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3909] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3909] chdir("./file0")            = 0
[pid  3909] ioctl(4, LOOP_CLR_FD)       = 0
[   98.184522][ T3909] loop0: detected capacity change from 0 to 4096
[   98.200255][ T3909] NILFS (loop0): invalid segment: Checksum error in segment payload
[   98.208248][ T3909] NILFS (loop0): trying rollback from an earlier position
[   98.221678][ T3909] NILFS (loop0): recovery complete
[pid  3909] close(4)                    = 0
[pid  3909] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3909] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3909] creat("./bus", 000)         = 4
[pid  3909] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3909] ftruncate(4, 2048)          = 0
[pid  3909] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3909] open("./bus", O_RDONLY)     = 5
[   98.227894][ T3910] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   98.245644][   T27] kauditd_printk_skb: 5 callbacks suppressed
[   98.245656][   T27] audit: type=1804 audit(1670457130.149:135): pid=3909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/133/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3909] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3909] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3909] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3909] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3909] open(".", O_RDONLY)         = 6
[pid  3909] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3909] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3909] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3909] close(3)                    = 0
[pid  3909] close(4)                    = 0
[pid  3909] close(5)                    = 0
[pid  3909] close(6)                    = 0
[pid  3909] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3909] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3909] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3909] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3909] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3909] exit_group(0)               = ?
[pid  3909] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=136, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./133/binderfs")    = 0
[pid  3632] umount2("./133/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./133/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./133/cgroup")      = 0
[pid  3632] umount2("./133/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./133/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./133/cgroup.net")  = 0
[pid  3632] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./133/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./133/file0")        = 0
[pid  3632] umount2("./133/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./133/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./133/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./133")              = 0
[pid  3632] mkdir("./134", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 137
./strace-static-x86_64: Process 3911 attached
[pid  3911] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3911] chdir("./134")              = 0
[pid  3911] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3911] setpgid(0, 0)               = 0
[pid  3911] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3911] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3911] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3911] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3911] write(3, "1000", 4)         = 4
[pid  3911] close(3)                    = 0
[pid  3911] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3911] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3911] memfd_create("syzkaller", 0) = 3
[pid  3911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3911] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3911] munmap(0x7fd662669000, 2097152) = 0
[pid  3911] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3911] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3911] close(3)                    = 0
[pid  3911] mkdir("./file0", 0777)      = 0
[pid  3911] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[   98.528147][ T3911] loop0: detected capacity change from 0 to 4096
[   98.545532][ T3911] NILFS (loop0): invalid segment: Checksum error in segment payload
[   98.553616][ T3911] NILFS (loop0): trying rollback from an earlier position
[   98.566877][ T3911] NILFS (loop0): recovery complete
[pid  3911] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3911] chdir("./file0")            = 0
[pid  3911] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3911] close(4)                    = 0
[pid  3911] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3911] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3911] creat("./bus", 000)         = 4
[pid  3911] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3911] ftruncate(4, 2048)          = 0
[pid  3911] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3911] open("./bus", O_RDONLY)     = 5
[   98.572909][ T3912] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   98.589708][   T27] audit: type=1804 audit(1670457130.499:136): pid=3911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/134/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3911] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3911] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3911] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3911] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3911] open(".", O_RDONLY)         = 6
[pid  3911] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3911] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3911] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3911] close(3)                    = 0
[pid  3911] close(4)                    = 0
[pid  3911] close(5)                    = 0
[pid  3911] close(6)                    = 0
[pid  3911] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3911] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3911] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3911] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3911] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3911] exit_group(0)               = ?
[pid  3911] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=137, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./134/binderfs")    = 0
[pid  3632] umount2("./134/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./134/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./134/cgroup")      = 0
[pid  3632] umount2("./134/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./134/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./134/cgroup.net")  = 0
[pid  3632] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./134/file0")        = 0
[pid  3632] umount2("./134/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./134/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./134/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./134")              = 0
[pid  3632] mkdir("./135", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 138
./strace-static-x86_64: Process 3913 attached
[pid  3913] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3913] chdir("./135")              = 0
[pid  3913] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3913] setpgid(0, 0)               = 0
[pid  3913] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3913] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3913] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3913] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3913] write(3, "1000", 4)         = 4
[pid  3913] close(3)                    = 0
[pid  3913] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3913] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3913] memfd_create("syzkaller", 0) = 3
[pid  3913] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3913] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3913] munmap(0x7fd662669000, 2097152) = 0
[pid  3913] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3913] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3913] close(3)                    = 0
[pid  3913] mkdir("./file0", 0777)      = 0
[pid  3913] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3913] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3913] chdir("./file0")            = 0
[pid  3913] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3913] close(4)                    = 0
[pid  3913] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3913] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3913] creat("./bus", 000)         = 4
[   98.873937][ T3913] loop0: detected capacity change from 0 to 4096
[   98.889596][ T3913] NILFS (loop0): invalid segment: Checksum error in segment payload
[   98.897835][ T3913] NILFS (loop0): trying rollback from an earlier position
[   98.911084][ T3913] NILFS (loop0): recovery complete
[pid  3913] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3913] ftruncate(4, 2048)          = 0
[pid  3913] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3913] open("./bus", O_RDONLY)     = 5
[   98.916991][ T3914] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   98.927433][   T27] audit: type=1804 audit(1670457130.829:137): pid=3913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/135/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3913] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3913] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3913] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3913] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3913] open(".", O_RDONLY)         = 6
[pid  3913] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3913] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3913] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3913] close(3)                    = 0
[pid  3913] close(4)                    = 0
[pid  3913] close(5)                    = 0
[pid  3913] close(6)                    = 0
[pid  3913] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3913] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3913] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3913] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3913] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3913] exit_group(0)               = ?
[pid  3913] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=138, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./135/binderfs")    = 0
[pid  3632] umount2("./135/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./135/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./135/cgroup")      = 0
[pid  3632] umount2("./135/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./135/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./135/cgroup.net")  = 0
[pid  3632] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./135/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./135/file0")        = 0
[pid  3632] umount2("./135/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./135/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./135/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./135")              = 0
[pid  3632] mkdir("./136", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 139
./strace-static-x86_64: Process 3915 attached
[pid  3915] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3915] chdir("./136")              = 0
[pid  3915] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3915] setpgid(0, 0)               = 0
[pid  3915] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3915] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3915] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3915] write(3, "1000", 4)         = 4
[pid  3915] close(3)                    = 0
[pid  3915] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3915] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3915] memfd_create("syzkaller", 0) = 3
[pid  3915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3915] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3915] munmap(0x7fd662669000, 2097152) = 0
[pid  3915] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3915] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3915] close(3)                    = 0
[pid  3915] mkdir("./file0", 0777)      = 0
[pid  3915] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3915] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3915] chdir("./file0")            = 0
[pid  3915] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3915] close(4)                    = 0
[pid  3915] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3915] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[   99.221439][ T3915] loop0: detected capacity change from 0 to 4096
[   99.236536][ T3915] NILFS (loop0): invalid segment: Checksum error in segment payload
[   99.244709][ T3915] NILFS (loop0): trying rollback from an earlier position
[   99.258324][ T3915] NILFS (loop0): recovery complete
[pid  3915] creat("./bus", 000)         = 4
[pid  3915] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3915] ftruncate(4, 2048)          = 0
[pid  3915] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3915] open("./bus", O_RDONLY)     = 5
[   99.265056][ T3916] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   99.283275][   T27] audit: type=1804 audit(1670457131.189:138): pid=3915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/136/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3915] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3915] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3915] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3915] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3915] open(".", O_RDONLY)         = 6
[pid  3915] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3915] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3915] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3915] close(3)                    = 0
[pid  3915] close(4)                    = 0
[pid  3915] close(5)                    = 0
[pid  3915] close(6)                    = 0
[pid  3915] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3915] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3915] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3915] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3915] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3915] exit_group(0)               = ?
[pid  3915] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=139, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./136/binderfs")    = 0
[pid  3632] umount2("./136/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./136/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./136/cgroup")      = 0
[pid  3632] umount2("./136/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./136/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./136/cgroup.net")  = 0
[pid  3632] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./136/file0")        = 0
[pid  3632] umount2("./136/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./136/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./136/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./136")              = 0
[pid  3632] mkdir("./137", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3917 attached
, child_tidptr=0x5555573f25d0) = 140
[pid  3917] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3917] chdir("./137")              = 0
[pid  3917] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3917] setpgid(0, 0)               = 0
[pid  3917] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3917] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3917] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3917] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3917] write(3, "1000", 4)         = 4
[pid  3917] close(3)                    = 0
[pid  3917] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3917] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3917] memfd_create("syzkaller", 0) = 3
[pid  3917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3917] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3917] munmap(0x7fd662669000, 2097152) = 0
[pid  3917] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3917] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3917] close(3)                    = 0
[pid  3917] mkdir("./file0", 0777)      = 0
[   99.567371][ T3917] loop0: detected capacity change from 0 to 4096
[   99.583198][ T3917] NILFS (loop0): invalid segment: Checksum error in segment payload
[   99.591251][ T3917] NILFS (loop0): trying rollback from an earlier position
[   99.604039][ T3917] NILFS (loop0): recovery complete
[pid  3917] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3917] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3917] chdir("./file0")            = 0
[pid  3917] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3917] close(4)                    = 0
[pid  3917] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3917] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3917] creat("./bus", 000)         = 4
[pid  3917] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3917] ftruncate(4, 2048)          = 0
[pid  3917] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3917] open("./bus", O_RDONLY)     = 5
[   99.609953][ T3918] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   99.628264][   T27] audit: type=1804 audit(1670457131.529:139): pid=3917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/137/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3917] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3917] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3917] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3917] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3917] open(".", O_RDONLY)         = 6
[pid  3917] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3917] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3917] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3917] close(3)                    = 0
[pid  3917] close(4)                    = 0
[pid  3917] close(5)                    = 0
[pid  3917] close(6)                    = 0
[pid  3917] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3917] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3917] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3917] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3917] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3917] exit_group(0)               = ?
[pid  3917] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=140, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./137/binderfs")    = 0
[pid  3632] umount2("./137/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./137/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./137/cgroup")      = 0
[pid  3632] umount2("./137/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./137/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./137/cgroup.net")  = 0
[pid  3632] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./137/file0")        = 0
[pid  3632] umount2("./137/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./137/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./137/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./137")              = 0
[pid  3632] mkdir("./138", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 141
./strace-static-x86_64: Process 3919 attached
[pid  3919] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3919] chdir("./138")              = 0
[pid  3919] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3919] setpgid(0, 0)               = 0
[pid  3919] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3919] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3919] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3919] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3919] write(3, "1000", 4)         = 4
[pid  3919] close(3)                    = 0
[pid  3919] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3919] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3919] memfd_create("syzkaller", 0) = 3
[pid  3919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3919] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3919] munmap(0x7fd662669000, 2097152) = 0
[pid  3919] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3919] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3919] close(3)                    = 0
[pid  3919] mkdir("./file0", 0777)      = 0
[pid  3919] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3919] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[   99.917005][ T3919] loop0: detected capacity change from 0 to 4096
[   99.933490][ T3919] NILFS (loop0): invalid segment: Checksum error in segment payload
[   99.941721][ T3919] NILFS (loop0): trying rollback from an earlier position
[   99.956236][ T3919] NILFS (loop0): recovery complete
[pid  3919] chdir("./file0")            = 0
[pid  3919] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3919] close(4)                    = 0
[pid  3919] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3919] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3919] creat("./bus", 000)         = 4
[pid  3919] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3919] ftruncate(4, 2048)          = 0
[pid  3919] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3919] open("./bus", O_RDONLY)     = 5
[   99.962935][ T3920] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   99.983983][   T27] audit: type=1804 audit(1670457131.889:140): pid=3919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/138/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3919] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3919] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3919] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3919] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3919] open(".", O_RDONLY)         = 6
[pid  3919] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3919] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3919] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3919] close(3)                    = 0
[pid  3919] close(4)                    = 0
[pid  3919] close(5)                    = 0
[pid  3919] close(6)                    = 0
[pid  3919] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3919] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3919] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3919] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3919] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3919] exit_group(0)               = ?
[pid  3919] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=141, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./138/binderfs")    = 0
[pid  3632] umount2("./138/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./138/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./138/cgroup")      = 0
[pid  3632] umount2("./138/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./138/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./138/cgroup.net")  = 0
[pid  3632] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./138/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./138/file0")        = 0
[pid  3632] umount2("./138/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./138/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./138/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./138")              = 0
[pid  3632] mkdir("./139", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3921 attached
 <unfinished ...>
[pid  3921] set_robust_list(0x5555573f25e0, 24 <unfinished ...>
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 142
[pid  3921] <... set_robust_list resumed>) = 0
[pid  3921] chdir("./139")              = 0
[pid  3921] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3921] setpgid(0, 0)               = 0
[pid  3921] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3921] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3921] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3921] write(3, "1000", 4)         = 4
[pid  3921] close(3)                    = 0
[pid  3921] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3921] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3921] memfd_create("syzkaller", 0) = 3
[pid  3921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3921] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3921] munmap(0x7fd662669000, 2097152) = 0
[pid  3921] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3921] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3921] close(3)                    = 0
[pid  3921] mkdir("./file0", 0777)      = 0
[  100.278019][ T3921] loop0: detected capacity change from 0 to 4096
[  100.293766][ T3921] NILFS (loop0): invalid segment: Checksum error in segment payload
[  100.301837][ T3921] NILFS (loop0): trying rollback from an earlier position
[  100.315215][ T3921] NILFS (loop0): recovery complete
[pid  3921] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3921] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3921] chdir("./file0")            = 0
[pid  3921] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3921] close(4)                    = 0
[pid  3921] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3921] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3921] creat("./bus", 000)         = 4
[pid  3921] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3921] ftruncate(4, 2048)          = 0
[pid  3921] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3921] open("./bus", O_RDONLY)     = 5
[  100.321069][ T3922] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  100.342714][   T27] audit: type=1804 audit(1670457132.249:141): pid=3921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/139/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3921] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3921] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3921] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3921] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3921] open(".", O_RDONLY)         = 6
[pid  3921] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3921] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3921] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3921] close(3)                    = 0
[pid  3921] close(4)                    = 0
[pid  3921] close(5)                    = 0
[pid  3921] close(6)                    = 0
[pid  3921] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3921] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3921] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3921] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3921] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3921] exit_group(0)               = ?
[pid  3921] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=142, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./139/binderfs")    = 0
[pid  3632] umount2("./139/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./139/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./139/cgroup")      = 0
[pid  3632] umount2("./139/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./139/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./139/cgroup.net")  = 0
[pid  3632] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./139/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./139/file0")        = 0
[pid  3632] umount2("./139/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./139/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./139/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./139")              = 0
[pid  3632] mkdir("./140", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 143
./strace-static-x86_64: Process 3923 attached
[pid  3923] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3923] chdir("./140")              = 0
[pid  3923] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3923] setpgid(0, 0)               = 0
[pid  3923] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3923] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3923] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3923] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3923] write(3, "1000", 4)         = 4
[pid  3923] close(3)                    = 0
[pid  3923] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3923] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3923] memfd_create("syzkaller", 0) = 3
[pid  3923] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3923] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3923] munmap(0x7fd662669000, 2097152) = 0
[pid  3923] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3923] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3923] close(3)                    = 0
[pid  3923] mkdir("./file0", 0777)      = 0
[  100.627241][ T3923] loop0: detected capacity change from 0 to 4096
[  100.641858][ T3923] NILFS (loop0): invalid segment: Checksum error in segment payload
[  100.649913][ T3923] NILFS (loop0): trying rollback from an earlier position
[  100.662729][ T3923] NILFS (loop0): recovery complete
[pid  3923] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3923] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3923] chdir("./file0")            = 0
[pid  3923] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3923] close(4)                    = 0
[pid  3923] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3923] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3923] creat("./bus", 000)         = 4
[pid  3923] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3923] ftruncate(4, 2048)          = 0
[pid  3923] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3923] open("./bus", O_RDONLY)     = 5
[  100.668604][ T3924] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  100.687891][   T27] audit: type=1804 audit(1670457132.589:142): pid=3923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/140/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3923] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3923] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3923] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3923] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3923] open(".", O_RDONLY)         = 6
[pid  3923] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3923] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3923] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3923] close(3)                    = 0
[pid  3923] close(4)                    = 0
[pid  3923] close(5)                    = 0
[pid  3923] close(6)                    = 0
[pid  3923] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3923] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3923] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3923] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3923] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3923] exit_group(0)               = ?
[pid  3923] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=143, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./140/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./140/binderfs")    = 0
[pid  3632] umount2("./140/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./140/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./140/cgroup")      = 0
[pid  3632] umount2("./140/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./140/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./140/cgroup.net")  = 0
[pid  3632] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./140/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./140/file0")        = 0
[pid  3632] umount2("./140/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./140/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./140/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./140")              = 0
[pid  3632] mkdir("./141", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 144
./strace-static-x86_64: Process 3925 attached
[pid  3925] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3925] chdir("./141")              = 0
[pid  3925] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3925] setpgid(0, 0)               = 0
[pid  3925] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3925] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3925] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3925] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3925] write(3, "1000", 4)         = 4
[pid  3925] close(3)                    = 0
[pid  3925] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3925] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3925] memfd_create("syzkaller", 0) = 3
[pid  3925] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3925] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3925] munmap(0x7fd662669000, 2097152) = 0
[pid  3925] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3925] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3925] close(3)                    = 0
[pid  3925] mkdir("./file0", 0777)      = 0
[  100.983904][ T3925] loop0: detected capacity change from 0 to 4096
[  100.999110][ T3925] NILFS (loop0): invalid segment: Checksum error in segment payload
[  101.007174][ T3925] NILFS (loop0): trying rollback from an earlier position
[  101.020440][ T3925] NILFS (loop0): recovery complete
[pid  3925] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3925] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3925] chdir("./file0")            = 0
[pid  3925] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3925] close(4)                    = 0
[pid  3925] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3925] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3925] creat("./bus", 000)         = 4
[pid  3925] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3925] ftruncate(4, 2048)          = 0
[pid  3925] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3925] open("./bus", O_RDONLY)     = 5
[  101.026254][ T3926] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  101.033010][   T27] audit: type=1804 audit(1670457132.929:143): pid=3925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/141/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3925] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3925] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3925] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3925] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3925] open(".", O_RDONLY)         = 6
[pid  3925] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3925] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3925] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3925] close(3)                    = 0
[pid  3925] close(4)                    = 0
[pid  3925] close(5)                    = 0
[pid  3925] close(6)                    = 0
[pid  3925] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3925] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3925] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3925] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3925] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3925] exit_group(0)               = ?
[pid  3925] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=144, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./141/binderfs")    = 0
[pid  3632] umount2("./141/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./141/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./141/cgroup")      = 0
[pid  3632] umount2("./141/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./141/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./141/cgroup.net")  = 0
[pid  3632] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./141/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./141/file0")        = 0
[pid  3632] umount2("./141/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./141/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./141/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./141")              = 0
[pid  3632] mkdir("./142", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 145
./strace-static-x86_64: Process 3927 attached
[pid  3927] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3927] chdir("./142")              = 0
[pid  3927] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3927] setpgid(0, 0)               = 0
[pid  3927] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3927] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3927] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3927] write(3, "1000", 4)         = 4
[pid  3927] close(3)                    = 0
[pid  3927] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3927] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3927] memfd_create("syzkaller", 0) = 3
[pid  3927] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3927] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3927] munmap(0x7fd662669000, 2097152) = 0
[pid  3927] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3927] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3927] close(3)                    = 0
[pid  3927] mkdir("./file0", 0777)      = 0
[  101.341674][ T3927] loop0: detected capacity change from 0 to 4096
[  101.356481][ T3927] NILFS (loop0): invalid segment: Checksum error in segment payload
[  101.364526][ T3927] NILFS (loop0): trying rollback from an earlier position
[  101.378412][ T3927] NILFS (loop0): recovery complete
[pid  3927] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3927] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3927] chdir("./file0")            = 0
[pid  3927] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3927] close(4)                    = 0
[pid  3927] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3927] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3927] creat("./bus", 000)         = 4
[pid  3927] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3927] ftruncate(4, 2048)          = 0
[pid  3927] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3927] open("./bus", O_RDONLY)     = 5
[  101.384457][ T3928] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  101.401039][   T27] audit: type=1804 audit(1670457133.309:144): pid=3927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/142/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3927] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3927] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3927] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3927] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3927] open(".", O_RDONLY)         = 6
[pid  3927] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3927] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3927] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3927] close(3)                    = 0
[pid  3927] close(4)                    = 0
[pid  3927] close(5)                    = 0
[pid  3927] close(6)                    = 0
[pid  3927] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3927] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3927] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3927] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3927] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3927] exit_group(0)               = ?
[pid  3927] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=145, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./142/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./142/binderfs")    = 0
[pid  3632] umount2("./142/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./142/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./142/cgroup")      = 0
[pid  3632] umount2("./142/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./142/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./142/cgroup.net")  = 0
[pid  3632] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./142/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./142/file0")        = 0
[pid  3632] umount2("./142/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./142/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./142/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./142")              = 0
[pid  3632] mkdir("./143", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3929 attached
 <unfinished ...>
[pid  3929] set_robust_list(0x5555573f25e0, 24 <unfinished ...>
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 146
[pid  3929] <... set_robust_list resumed>) = 0
[pid  3929] chdir("./143")              = 0
[pid  3929] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3929] setpgid(0, 0)               = 0
[pid  3929] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3929] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3929] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3929] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3929] write(3, "1000", 4)         = 4
[pid  3929] close(3)                    = 0
[pid  3929] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3929] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3929] memfd_create("syzkaller", 0) = 3
[pid  3929] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3929] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3929] munmap(0x7fd662669000, 2097152) = 0
[pid  3929] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3929] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3929] close(3)                    = 0
[pid  3929] mkdir("./file0", 0777)      = 0
[pid  3929] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3929] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3929] chdir("./file0")            = 0
[pid  3929] ioctl(4, LOOP_CLR_FD)       = 0
[  101.702515][ T3929] loop0: detected capacity change from 0 to 4096
[  101.717839][ T3929] NILFS (loop0): invalid segment: Checksum error in segment payload
[  101.725936][ T3929] NILFS (loop0): trying rollback from an earlier position
[  101.739598][ T3929] NILFS (loop0): recovery complete
[pid  3929] close(4)                    = 0
[pid  3929] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3929] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3929] creat("./bus", 000)         = 4
[pid  3929] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3929] ftruncate(4, 2048)          = 0
[pid  3929] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3929] open("./bus", O_RDONLY)     = 5
[  101.745938][ T3930] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3929] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3929] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3929] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3929] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3929] open(".", O_RDONLY)         = 6
[pid  3929] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3929] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3929] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3929] close(3)                    = 0
[pid  3929] close(4)                    = 0
[pid  3929] close(5)                    = 0
[pid  3929] close(6)                    = 0
[pid  3929] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3929] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3929] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3929] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3929] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3929] exit_group(0)               = ?
[pid  3929] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=146, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./143/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./143/binderfs")    = 0
[pid  3632] umount2("./143/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./143/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./143/cgroup")      = 0
[pid  3632] umount2("./143/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./143/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./143/cgroup.net")  = 0
[pid  3632] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./143/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./143/file0")        = 0
[pid  3632] umount2("./143/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./143/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./143/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./143")              = 0
[pid  3632] mkdir("./144", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 147
./strace-static-x86_64: Process 3931 attached
[pid  3931] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3931] chdir("./144")              = 0
[pid  3931] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3931] setpgid(0, 0)               = 0
[pid  3931] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3931] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3931] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3931] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3931] write(3, "1000", 4)         = 4
[pid  3931] close(3)                    = 0
[pid  3931] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3931] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3931] memfd_create("syzkaller", 0) = 3
[pid  3931] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3931] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3931] munmap(0x7fd662669000, 2097152) = 0
[pid  3931] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3931] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3931] close(3)                    = 0
[pid  3931] mkdir("./file0", 0777)      = 0
[pid  3931] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3931] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3931] chdir("./file0")            = 0
[pid  3931] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3931] close(4)                    = 0
[pid  3931] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3931] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[  102.035576][ T3931] loop0: detected capacity change from 0 to 4096
[  102.052382][ T3931] NILFS (loop0): invalid segment: Checksum error in segment payload
[  102.060427][ T3931] NILFS (loop0): trying rollback from an earlier position
[  102.073228][ T3931] NILFS (loop0): recovery complete
[pid  3931] creat("./bus", 000)         = 4
[pid  3931] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3931] ftruncate(4, 2048)          = 0
[pid  3931] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3931] open("./bus", O_RDONLY)     = 5
[  102.079568][ T3932] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3931] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3931] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3931] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3931] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3931] open(".", O_RDONLY)         = 6
[pid  3931] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3931] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3931] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3931] close(3)                    = 0
[pid  3931] close(4)                    = 0
[pid  3931] close(5)                    = 0
[pid  3931] close(6)                    = 0
[pid  3931] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3931] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3931] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3931] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3931] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3931] exit_group(0)               = ?
[pid  3931] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=147, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./144/binderfs")    = 0
[pid  3632] umount2("./144/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./144/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./144/cgroup")      = 0
[pid  3632] umount2("./144/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./144/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./144/cgroup.net")  = 0
[pid  3632] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./144/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./144/file0")        = 0
[pid  3632] umount2("./144/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./144/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./144/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./144")              = 0
[pid  3632] mkdir("./145", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 148
./strace-static-x86_64: Process 3933 attached
[pid  3933] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3933] chdir("./145")              = 0
[pid  3933] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3933] setpgid(0, 0)               = 0
[pid  3933] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3933] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3933] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3933] write(3, "1000", 4)         = 4
[pid  3933] close(3)                    = 0
[pid  3933] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3933] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3933] memfd_create("syzkaller", 0) = 3
[pid  3933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3933] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3933] munmap(0x7fd662669000, 2097152) = 0
[pid  3933] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3933] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3933] close(3)                    = 0
[pid  3933] mkdir("./file0", 0777)      = 0
[  102.374106][ T3933] loop0: detected capacity change from 0 to 4096
[  102.389460][ T3933] NILFS (loop0): invalid segment: Checksum error in segment payload
[  102.397705][ T3933] NILFS (loop0): trying rollback from an earlier position
[  102.412207][ T3933] NILFS (loop0): recovery complete
[pid  3933] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3933] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3933] chdir("./file0")            = 0
[pid  3933] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3933] close(4)                    = 0
[pid  3933] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3933] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3933] creat("./bus", 000)         = 4
[pid  3933] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3933] ftruncate(4, 2048)          = 0
[pid  3933] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3933] open("./bus", O_RDONLY)     = 5
[  102.418142][ T3934] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3933] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3933] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3933] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3933] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3933] open(".", O_RDONLY)         = 6
[pid  3933] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3933] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3933] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3933] close(3)                    = 0
[pid  3933] close(4)                    = 0
[pid  3933] close(5)                    = 0
[pid  3933] close(6)                    = 0
[pid  3933] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3933] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3933] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3933] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3933] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3933] exit_group(0)               = ?
[pid  3933] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=148, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./145/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./145/binderfs")    = 0
[pid  3632] umount2("./145/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./145/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./145/cgroup")      = 0
[pid  3632] umount2("./145/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./145/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./145/cgroup.net")  = 0
[pid  3632] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./145/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./145/file0")        = 0
[pid  3632] umount2("./145/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./145/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./145/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./145")              = 0
[pid  3632] mkdir("./146", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 149
./strace-static-x86_64: Process 3935 attached
[pid  3935] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3935] chdir("./146")              = 0
[pid  3935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3935] setpgid(0, 0)               = 0
[pid  3935] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3935] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3935] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3935] write(3, "1000", 4)         = 4
[pid  3935] close(3)                    = 0
[pid  3935] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3935] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3935] memfd_create("syzkaller", 0) = 3
[pid  3935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3935] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3935] munmap(0x7fd662669000, 2097152) = 0
[pid  3935] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3935] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3935] close(3)                    = 0
[pid  3935] mkdir("./file0", 0777)      = 0
[  102.718623][ T3935] loop0: detected capacity change from 0 to 4096
[  102.733127][ T3935] NILFS (loop0): invalid segment: Checksum error in segment payload
[  102.741146][ T3935] NILFS (loop0): trying rollback from an earlier position
[  102.754568][ T3935] NILFS (loop0): recovery complete
[pid  3935] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3935] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3935] chdir("./file0")            = 0
[pid  3935] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3935] close(4)                    = 0
[pid  3935] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3935] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3935] creat("./bus", 000)         = 4
[pid  3935] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3935] ftruncate(4, 2048)          = 0
[pid  3935] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3935] open("./bus", O_RDONLY)     = 5
[  102.760514][ T3936] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3935] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3935] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3935] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3935] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3935] open(".", O_RDONLY)         = 6
[pid  3935] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3935] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3935] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3935] close(3)                    = 0
[pid  3935] close(4)                    = 0
[pid  3935] close(5)                    = 0
[pid  3935] close(6)                    = 0
[pid  3935] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3935] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3935] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3935] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3935] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3935] exit_group(0)               = ?
[pid  3935] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=149, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./146/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./146/binderfs")    = 0
[pid  3632] umount2("./146/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./146/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./146/cgroup")      = 0
[pid  3632] umount2("./146/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./146/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./146/cgroup.net")  = 0
[pid  3632] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./146/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./146/file0")        = 0
[pid  3632] umount2("./146/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./146/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./146/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./146")              = 0
[pid  3632] mkdir("./147", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 150
./strace-static-x86_64: Process 3937 attached
[pid  3937] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3937] chdir("./147")              = 0
[pid  3937] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3937] setpgid(0, 0)               = 0
[pid  3937] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3937] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3937] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3937] write(3, "1000", 4)         = 4
[pid  3937] close(3)                    = 0
[pid  3937] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3937] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3937] memfd_create("syzkaller", 0) = 3
[pid  3937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3937] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3937] munmap(0x7fd662669000, 2097152) = 0
[pid  3937] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3937] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3937] close(3)                    = 0
[pid  3937] mkdir("./file0", 0777)      = 0
[pid  3937] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3937] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3937] chdir("./file0")            = 0
[pid  3937] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3937] close(4)                    = 0
[pid  3937] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[  103.055531][ T3937] loop0: detected capacity change from 0 to 4096
[  103.070472][ T3937] NILFS (loop0): invalid segment: Checksum error in segment payload
[  103.078864][ T3937] NILFS (loop0): trying rollback from an earlier position
[  103.094102][ T3937] NILFS (loop0): recovery complete
[pid  3937] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3937] creat("./bus", 000)         = 4
[pid  3937] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3937] ftruncate(4, 2048)          = 0
[pid  3937] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3937] open("./bus", O_RDONLY)     = 5
[  103.100466][ T3938] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3937] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3937] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3937] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3937] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3937] open(".", O_RDONLY)         = 6
[pid  3937] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3937] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3937] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3937] close(3)                    = 0
[pid  3937] close(4)                    = 0
[pid  3937] close(5)                    = 0
[pid  3937] close(6)                    = 0
[pid  3937] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3937] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3937] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3937] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3937] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3937] exit_group(0)               = ?
[pid  3937] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=150, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./147/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./147/binderfs")    = 0
[pid  3632] umount2("./147/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./147/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./147/cgroup")      = 0
[pid  3632] umount2("./147/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./147/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./147/cgroup.net")  = 0
[pid  3632] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./147/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./147/file0")        = 0
[pid  3632] umount2("./147/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./147/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./147/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./147")              = 0
[pid  3632] mkdir("./148", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 151
./strace-static-x86_64: Process 3939 attached
[pid  3939] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3939] chdir("./148")              = 0
[pid  3939] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3939] setpgid(0, 0)               = 0
[pid  3939] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3939] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3939] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3939] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3939] write(3, "1000", 4)         = 4
[pid  3939] close(3)                    = 0
[pid  3939] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3939] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3939] memfd_create("syzkaller", 0) = 3
[pid  3939] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3939] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3939] munmap(0x7fd662669000, 2097152) = 0
[pid  3939] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3939] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3939] close(3)                    = 0
[pid  3939] mkdir("./file0", 0777)      = 0
[pid  3939] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3939] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3939] chdir("./file0")            = 0
[pid  3939] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3939] close(4)                    = 0
[pid  3939] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3939] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3939] creat("./bus", 000)         = 4
[  103.394718][ T3939] loop0: detected capacity change from 0 to 4096
[  103.409878][ T3939] NILFS (loop0): invalid segment: Checksum error in segment payload
[  103.417936][ T3939] NILFS (loop0): trying rollback from an earlier position
[  103.430971][ T3939] NILFS (loop0): recovery complete
[pid  3939] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3939] ftruncate(4, 2048)          = 0
[pid  3939] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3939] open("./bus", O_RDONLY)     = 5
[  103.436761][ T3940] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  103.448493][   T27] kauditd_printk_skb: 5 callbacks suppressed
[  103.448504][   T27] audit: type=1804 audit(1670457135.359:150): pid=3939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/148/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3939] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3939] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3939] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3939] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3939] open(".", O_RDONLY)         = 6
[pid  3939] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3939] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3939] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3939] close(3)                    = 0
[pid  3939] close(4)                    = 0
[pid  3939] close(5)                    = 0
[pid  3939] close(6)                    = 0
[pid  3939] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3939] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3939] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3939] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3939] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3939] exit_group(0)               = ?
[pid  3939] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=151, si_uid=0, si_status=0, si_utime=0, si_stime=13} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./148/binderfs")    = 0
[pid  3632] umount2("./148/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./148/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./148/cgroup")      = 0
[pid  3632] umount2("./148/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./148/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./148/cgroup.net")  = 0
[pid  3632] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./148/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./148/file0")        = 0
[pid  3632] umount2("./148/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./148/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./148/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./148")              = 0
[pid  3632] mkdir("./149", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 152
./strace-static-x86_64: Process 3941 attached
[pid  3941] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3941] chdir("./149")              = 0
[pid  3941] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3941] setpgid(0, 0)               = 0
[pid  3941] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3941] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3941] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3941] write(3, "1000", 4)         = 4
[pid  3941] close(3)                    = 0
[pid  3941] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3941] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3941] memfd_create("syzkaller", 0) = 3
[pid  3941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3941] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3941] munmap(0x7fd662669000, 2097152) = 0
[pid  3941] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3941] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3941] close(3)                    = 0
[pid  3941] mkdir("./file0", 0777)      = 0
[  103.762168][ T3941] loop0: detected capacity change from 0 to 4096
[  103.776879][ T3941] NILFS (loop0): invalid segment: Checksum error in segment payload
[  103.785088][ T3941] NILFS (loop0): trying rollback from an earlier position
[  103.800011][ T3941] NILFS (loop0): recovery complete
[pid  3941] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3941] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3941] chdir("./file0")            = 0
[pid  3941] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3941] close(4)                    = 0
[pid  3941] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3941] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3941] creat("./bus", 000)         = 4
[pid  3941] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3941] ftruncate(4, 2048)          = 0
[pid  3941] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3941] open("./bus", O_RDONLY)     = 5
[  103.805959][ T3942] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  103.810601][   T27] audit: type=1804 audit(1670457135.709:151): pid=3941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/149/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3941] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3941] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3941] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3941] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3941] open(".", O_RDONLY)         = 6
[pid  3941] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3941] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3941] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3941] close(3)                    = 0
[pid  3941] close(4)                    = 0
[pid  3941] close(5)                    = 0
[pid  3941] close(6)                    = 0
[pid  3941] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3941] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3941] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3941] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3941] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3941] exit_group(0)               = ?
[pid  3941] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=152, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./149/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./149/binderfs")    = 0
[pid  3632] umount2("./149/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./149/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./149/cgroup")      = 0
[pid  3632] umount2("./149/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./149/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./149/cgroup.net")  = 0
[pid  3632] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./149/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./149/file0")        = 0
[pid  3632] umount2("./149/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./149/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./149/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./149")              = 0
[pid  3632] mkdir("./150", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 153
./strace-static-x86_64: Process 3943 attached
[pid  3943] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3943] chdir("./150")              = 0
[pid  3943] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3943] setpgid(0, 0)               = 0
[pid  3943] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3943] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3943] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3943] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3943] write(3, "1000", 4)         = 4
[pid  3943] close(3)                    = 0
[pid  3943] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3943] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3943] memfd_create("syzkaller", 0) = 3
[pid  3943] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3943] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3943] munmap(0x7fd662669000, 2097152) = 0
[pid  3943] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3943] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3943] close(3)                    = 0
[pid  3943] mkdir("./file0", 0777)      = 0
[  104.117457][ T3943] loop0: detected capacity change from 0 to 4096
[  104.134190][ T3943] NILFS (loop0): invalid segment: Checksum error in segment payload
[  104.142437][ T3943] NILFS (loop0): trying rollback from an earlier position
[  104.156615][ T3943] NILFS (loop0): recovery complete
[pid  3943] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3943] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3943] chdir("./file0")            = 0
[pid  3943] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3943] close(4)                    = 0
[pid  3943] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3943] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3943] creat("./bus", 000)         = 4
[pid  3943] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3943] ftruncate(4, 2048)          = 0
[pid  3943] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3943] open("./bus", O_RDONLY)     = 5
[  104.162728][ T3944] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  104.190647][   T27] audit: type=1804 audit(1670457136.099:152): pid=3943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/150/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3943] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3943] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3943] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3943] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3943] open(".", O_RDONLY)         = 6
[pid  3943] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3943] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3943] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3943] close(3)                    = 0
[pid  3943] close(4)                    = 0
[pid  3943] close(5)                    = 0
[pid  3943] close(6)                    = 0
[pid  3943] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3943] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3943] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3943] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3943] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3943] exit_group(0)               = ?
[pid  3943] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=153, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./150/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./150/binderfs")    = 0
[pid  3632] umount2("./150/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./150/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./150/cgroup")      = 0
[pid  3632] umount2("./150/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./150/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./150/cgroup.net")  = 0
[pid  3632] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./150/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./150/file0")        = 0
[pid  3632] umount2("./150/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./150/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./150/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./150")              = 0
[pid  3632] mkdir("./151", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 154
./strace-static-x86_64: Process 3945 attached
[pid  3945] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3945] chdir("./151")              = 0
[pid  3945] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3945] setpgid(0, 0)               = 0
[pid  3945] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3945] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3945] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3945] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3945] write(3, "1000", 4)         = 4
[pid  3945] close(3)                    = 0
[pid  3945] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3945] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3945] memfd_create("syzkaller", 0) = 3
[pid  3945] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3945] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3945] munmap(0x7fd662669000, 2097152) = 0
[pid  3945] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3945] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3945] close(3)                    = 0
[pid  3945] mkdir("./file0", 0777)      = 0
[  104.474024][ T3945] loop0: detected capacity change from 0 to 4096
[  104.489706][ T3945] NILFS (loop0): invalid segment: Checksum error in segment payload
[  104.497704][ T3945] NILFS (loop0): trying rollback from an earlier position
[  104.510892][ T3945] NILFS (loop0): recovery complete
[pid  3945] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3945] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3945] chdir("./file0")            = 0
[pid  3945] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3945] close(4)                    = 0
[pid  3945] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3945] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3945] creat("./bus", 000)         = 4
[pid  3945] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3945] ftruncate(4, 2048)          = 0
[pid  3945] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3945] open("./bus", O_RDONLY)     = 5
[  104.517129][ T3946] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  104.523222][   T27] audit: type=1804 audit(1670457136.419:153): pid=3945 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/151/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3945] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3945] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3945] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3945] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3945] open(".", O_RDONLY)         = 6
[pid  3945] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3945] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3945] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3945] close(3)                    = 0
[pid  3945] close(4)                    = 0
[pid  3945] close(5)                    = 0
[pid  3945] close(6)                    = 0
[pid  3945] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3945] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3945] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3945] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3945] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3945] exit_group(0)               = ?
[pid  3945] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=154, si_uid=0, si_status=0, si_utime=0, si_stime=10} ---
[pid  3632] umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./151/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./151/binderfs")    = 0
[pid  3632] umount2("./151/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./151/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./151/cgroup")      = 0
[pid  3632] umount2("./151/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./151/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./151/cgroup.net")  = 0
[pid  3632] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./151/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./151/file0")        = 0
[pid  3632] umount2("./151/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./151/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./151/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./151")              = 0
[pid  3632] mkdir("./152", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 155
./strace-static-x86_64: Process 3947 attached
[pid  3947] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3947] chdir("./152")              = 0
[pid  3947] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3947] setpgid(0, 0)               = 0
[pid  3947] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3947] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3947] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3947] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3947] write(3, "1000", 4)         = 4
[pid  3947] close(3)                    = 0
[pid  3947] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3947] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3947] memfd_create("syzkaller", 0) = 3
[pid  3947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3947] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3947] munmap(0x7fd662669000, 2097152) = 0
[pid  3947] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3947] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3947] close(3)                    = 0
[pid  3947] mkdir("./file0", 0777)      = 0
[pid  3947] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3947] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3947] chdir("./file0")            = 0
[pid  3947] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3947] close(4)                    = 0
[pid  3947] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3947] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3947] creat("./bus", 000)         = 4
[pid  3947] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3947] ftruncate(4, 2048)          = 0
[pid  3947] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3947] open("./bus", O_RDONLY)     = 5
[  104.824541][ T3947] loop0: detected capacity change from 0 to 4096
[  104.840150][ T3947] NILFS (loop0): invalid segment: Checksum error in segment payload
[  104.848153][ T3947] NILFS (loop0): trying rollback from an earlier position
[  104.862096][ T3947] NILFS (loop0): recovery complete
[  104.868218][ T3948] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  104.878939][   T27] audit: type=1804 audit(1670457136.779:154): pid=3947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/152/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3947] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3947] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3947] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3947] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3947] open(".", O_RDONLY)         = 6
[pid  3947] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3947] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3947] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3947] close(3)                    = 0
[pid  3947] close(4)                    = 0
[pid  3947] close(5)                    = 0
[pid  3947] close(6)                    = 0
[pid  3947] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3947] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3947] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3947] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3947] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3947] exit_group(0)               = ?
[pid  3947] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=155, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./152/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./152/binderfs")    = 0
[pid  3632] umount2("./152/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./152/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./152/cgroup")      = 0
[pid  3632] umount2("./152/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./152/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./152/cgroup.net")  = 0
[pid  3632] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./152/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./152/file0")        = 0
[pid  3632] umount2("./152/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./152/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./152/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./152")              = 0
[pid  3632] mkdir("./153", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 156
./strace-static-x86_64: Process 3949 attached
[pid  3949] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3949] chdir("./153")              = 0
[pid  3949] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3949] setpgid(0, 0)               = 0
[pid  3949] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3949] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3949] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3949] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3949] write(3, "1000", 4)         = 4
[pid  3949] close(3)                    = 0
[pid  3949] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3949] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3949] memfd_create("syzkaller", 0) = 3
[pid  3949] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3949] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3949] munmap(0x7fd662669000, 2097152) = 0
[pid  3949] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3949] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3949] close(3)                    = 0
[pid  3949] mkdir("./file0", 0777)      = 0
[pid  3949] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3949] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3949] chdir("./file0")            = 0
[pid  3949] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3949] close(4)                    = 0
[  105.165277][ T3949] loop0: detected capacity change from 0 to 4096
[  105.181409][ T3949] NILFS (loop0): invalid segment: Checksum error in segment payload
[  105.189469][ T3949] NILFS (loop0): trying rollback from an earlier position
[  105.202928][ T3949] NILFS (loop0): recovery complete
[pid  3949] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3949] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3949] creat("./bus", 000)         = 4
[pid  3949] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3949] ftruncate(4, 2048)          = 0
[pid  3949] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3949] open("./bus", O_RDONLY)     = 5
[  105.209191][ T3950] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  105.219889][   T27] audit: type=1804 audit(1670457137.129:155): pid=3949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/153/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3949] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3949] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3949] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3949] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3949] open(".", O_RDONLY)         = 6
[pid  3949] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3949] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3949] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3949] close(3)                    = 0
[pid  3949] close(4)                    = 0
[pid  3949] close(5)                    = 0
[pid  3949] close(6)                    = 0
[pid  3949] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3949] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3949] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3949] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3949] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3949] exit_group(0)               = ?
[pid  3949] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=156, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./153/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./153/binderfs")    = 0
[pid  3632] umount2("./153/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./153/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./153/cgroup")      = 0
[pid  3632] umount2("./153/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./153/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./153/cgroup.net")  = 0
[pid  3632] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./153/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./153/file0")        = 0
[pid  3632] umount2("./153/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./153/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./153/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./153")              = 0
[pid  3632] mkdir("./154", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 157
./strace-static-x86_64: Process 3951 attached
[pid  3951] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3951] chdir("./154")              = 0
[pid  3951] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3951] setpgid(0, 0)               = 0
[pid  3951] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3951] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3951] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3951] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3951] write(3, "1000", 4)         = 4
[pid  3951] close(3)                    = 0
[pid  3951] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3951] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3951] memfd_create("syzkaller", 0) = 3
[pid  3951] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3951] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3951] munmap(0x7fd662669000, 2097152) = 0
[pid  3951] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3951] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3951] close(3)                    = 0
[pid  3951] mkdir("./file0", 0777)      = 0
[  105.522439][ T3951] loop0: detected capacity change from 0 to 4096
[  105.536485][ T3951] NILFS (loop0): invalid segment: Checksum error in segment payload
[  105.545011][ T3951] NILFS (loop0): trying rollback from an earlier position
[  105.558110][ T3951] NILFS (loop0): recovery complete
[pid  3951] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3951] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3951] chdir("./file0")            = 0
[pid  3951] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3951] close(4)                    = 0
[pid  3951] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3951] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3951] creat("./bus", 000)         = 4
[pid  3951] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3951] ftruncate(4, 2048)          = 0
[pid  3951] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3951] open("./bus", O_RDONLY)     = 5
[  105.564118][ T3952] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  105.583084][   T27] audit: type=1804 audit(1670457137.489:156): pid=3951 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/154/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3951] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3951] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3951] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3951] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3951] open(".", O_RDONLY)         = 6
[pid  3951] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3951] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3951] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3951] close(3)                    = 0
[pid  3951] close(4)                    = 0
[pid  3951] close(5)                    = 0
[pid  3951] close(6)                    = 0
[pid  3951] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3951] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3951] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3951] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3951] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3951] exit_group(0)               = ?
[pid  3951] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=157, si_uid=0, si_status=0, si_utime=0, si_stime=13} ---
[pid  3632] umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./154/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./154/binderfs")    = 0
[pid  3632] umount2("./154/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./154/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./154/cgroup")      = 0
[pid  3632] umount2("./154/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./154/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./154/cgroup.net")  = 0
[pid  3632] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./154/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./154/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./154/file0")        = 0
[pid  3632] umount2("./154/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./154/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./154/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./154")              = 0
[pid  3632] mkdir("./155", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 158
./strace-static-x86_64: Process 3953 attached
[pid  3953] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3953] chdir("./155")              = 0
[pid  3953] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3953] setpgid(0, 0)               = 0
[pid  3953] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3953] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3953] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3953] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3953] write(3, "1000", 4)         = 4
[pid  3953] close(3)                    = 0
[pid  3953] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3953] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3953] memfd_create("syzkaller", 0) = 3
[pid  3953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3953] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3953] munmap(0x7fd662669000, 2097152) = 0
[pid  3953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3953] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3953] close(3)                    = 0
[pid  3953] mkdir("./file0", 0777)      = 0
[pid  3953] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3953] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3953] chdir("./file0")            = 0
[pid  3953] ioctl(4, LOOP_CLR_FD)       = 0
[  105.867856][ T3953] loop0: detected capacity change from 0 to 4096
[  105.883118][ T3953] NILFS (loop0): invalid segment: Checksum error in segment payload
[  105.891364][ T3953] NILFS (loop0): trying rollback from an earlier position
[  105.905724][ T3953] NILFS (loop0): recovery complete
[pid  3953] close(4)                    = 0
[pid  3953] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3953] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3953] creat("./bus", 000)         = 4
[pid  3953] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3953] ftruncate(4, 2048)          = 0
[pid  3953] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3953] open("./bus", O_RDONLY)     = 5
[  105.912848][ T3954] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  105.929913][   T27] audit: type=1804 audit(1670457137.839:157): pid=3953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/155/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3953] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3953] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3953] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3953] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3953] open(".", O_RDONLY)         = 6
[pid  3953] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3953] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3953] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3953] close(3)                    = 0
[pid  3953] close(4)                    = 0
[pid  3953] close(5)                    = 0
[pid  3953] close(6)                    = 0
[pid  3953] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3953] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3953] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3953] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3953] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3953] exit_group(0)               = ?
[pid  3953] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=158, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./155", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./155/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./155/binderfs")    = 0
[pid  3632] umount2("./155/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./155/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./155/cgroup")      = 0
[pid  3632] umount2("./155/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./155/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./155/cgroup.net")  = 0
[pid  3632] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./155/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./155/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./155/file0")        = 0
[pid  3632] umount2("./155/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./155/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./155/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./155")              = 0
[pid  3632] mkdir("./156", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 159
./strace-static-x86_64: Process 3955 attached
[pid  3955] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3955] chdir("./156")              = 0
[pid  3955] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3955] setpgid(0, 0)               = 0
[pid  3955] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3955] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3955] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3955] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3955] write(3, "1000", 4)         = 4
[pid  3955] close(3)                    = 0
[pid  3955] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3955] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3955] memfd_create("syzkaller", 0) = 3
[pid  3955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3955] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3955] munmap(0x7fd662669000, 2097152) = 0
[pid  3955] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3955] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3955] close(3)                    = 0
[pid  3955] mkdir("./file0", 0777)      = 0
[pid  3955] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3955] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3955] chdir("./file0")            = 0
[pid  3955] ioctl(4, LOOP_CLR_FD)       = 0
[  106.220552][ T3955] loop0: detected capacity change from 0 to 4096
[  106.236460][ T3955] NILFS (loop0): invalid segment: Checksum error in segment payload
[  106.244535][ T3955] NILFS (loop0): trying rollback from an earlier position
[  106.259380][ T3955] NILFS (loop0): recovery complete
[pid  3955] close(4)                    = 0
[pid  3955] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3955] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3955] creat("./bus", 000)         = 4
[pid  3955] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3955] ftruncate(4, 2048)          = 0
[pid  3955] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3955] open("./bus", O_RDONLY)     = 5
[  106.265363][ T3956] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  106.280145][   T27] audit: type=1804 audit(1670457138.189:158): pid=3955 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/156/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3955] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3955] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3955] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3955] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3955] open(".", O_RDONLY)         = 6
[pid  3955] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3955] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3955] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3955] close(3)                    = 0
[pid  3955] close(4)                    = 0
[pid  3955] close(5)                    = 0
[pid  3955] close(6)                    = 0
[pid  3955] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3955] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3955] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3955] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3955] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3955] exit_group(0)               = ?
[pid  3955] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=159, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./156", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./156", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./156/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./156/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./156/binderfs")    = 0
[pid  3632] umount2("./156/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./156/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./156/cgroup")      = 0
[pid  3632] umount2("./156/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./156/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./156/cgroup.net")  = 0
[pid  3632] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./156/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./156/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./156/file0")        = 0
[pid  3632] umount2("./156/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./156/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./156/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./156")              = 0
[pid  3632] mkdir("./157", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 160
./strace-static-x86_64: Process 3957 attached
[pid  3957] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3957] chdir("./157")              = 0
[pid  3957] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3957] setpgid(0, 0)               = 0
[pid  3957] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3957] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3957] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3957] write(3, "1000", 4)         = 4
[pid  3957] close(3)                    = 0
[pid  3957] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3957] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3957] memfd_create("syzkaller", 0) = 3
[pid  3957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3957] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3957] munmap(0x7fd662669000, 2097152) = 0
[pid  3957] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3957] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3957] close(3)                    = 0
[pid  3957] mkdir("./file0", 0777)      = 0
[pid  3957] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3957] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3957] chdir("./file0")            = 0
[pid  3957] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3957] close(4)                    = 0
[pid  3957] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[  106.597462][ T3957] loop0: detected capacity change from 0 to 4096
[  106.612518][ T3957] NILFS (loop0): invalid segment: Checksum error in segment payload
[  106.620694][ T3957] NILFS (loop0): trying rollback from an earlier position
[  106.634890][ T3957] NILFS (loop0): recovery complete
[pid  3957] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3957] creat("./bus", 000)         = 4
[pid  3957] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3957] ftruncate(4, 2048)          = 0
[pid  3957] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3957] open("./bus", O_RDONLY)     = 5
[  106.641496][ T3958] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  106.656021][   T27] audit: type=1804 audit(1670457138.569:159): pid=3957 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/157/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3957] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3957] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3957] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3957] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3957] open(".", O_RDONLY)         = 6
[pid  3957] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3957] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3957] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3957] close(3)                    = 0
[pid  3957] close(4)                    = 0
[pid  3957] close(5)                    = 0
[pid  3957] close(6)                    = 0
[pid  3957] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3957] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3957] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3957] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3957] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3957] exit_group(0)               = ?
[pid  3957] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=160, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./157", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./157", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./157/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./157/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./157/binderfs")    = 0
[pid  3632] umount2("./157/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./157/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./157/cgroup")      = 0
[pid  3632] umount2("./157/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./157/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./157/cgroup.net")  = 0
[pid  3632] umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./157/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./157/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./157/file0")        = 0
[pid  3632] umount2("./157/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./157/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./157/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./157")              = 0
[pid  3632] mkdir("./158", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 161
./strace-static-x86_64: Process 3959 attached
[pid  3959] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3959] chdir("./158")              = 0
[pid  3959] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3959] setpgid(0, 0)               = 0
[pid  3959] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3959] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3959] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3959] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3959] write(3, "1000", 4)         = 4
[pid  3959] close(3)                    = 0
[pid  3959] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3959] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3959] memfd_create("syzkaller", 0) = 3
[pid  3959] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3959] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3959] munmap(0x7fd662669000, 2097152) = 0
[pid  3959] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3959] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3959] close(3)                    = 0
[pid  3959] mkdir("./file0", 0777)      = 0
[  106.937212][ T3959] loop0: detected capacity change from 0 to 4096
[  106.951862][ T3959] NILFS (loop0): invalid segment: Checksum error in segment payload
[  106.960022][ T3959] NILFS (loop0): trying rollback from an earlier position
[  106.973836][ T3959] NILFS (loop0): recovery complete
[pid  3959] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3959] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3959] chdir("./file0")            = 0
[pid  3959] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3959] close(4)                    = 0
[pid  3959] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3959] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3959] creat("./bus", 000)         = 4
[pid  3959] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3959] ftruncate(4, 2048)          = 0
[pid  3959] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3959] open("./bus", O_RDONLY)     = 5
[  106.980672][ T3960] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3959] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3959] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3959] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3959] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3959] open(".", O_RDONLY)         = 6
[pid  3959] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3959] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3959] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3959] close(3)                    = 0
[pid  3959] close(4)                    = 0
[pid  3959] close(5)                    = 0
[pid  3959] close(6)                    = 0
[pid  3959] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3959] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3959] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3959] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3959] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3959] exit_group(0)               = ?
[pid  3959] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=161, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] umount2("./158", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./158", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./158/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./158/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./158/binderfs")    = 0
[pid  3632] umount2("./158/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./158/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./158/cgroup")      = 0
[pid  3632] umount2("./158/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./158/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./158/cgroup.net")  = 0
[pid  3632] umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./158/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./158/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./158/file0")        = 0
[pid  3632] umount2("./158/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./158/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./158/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./158")              = 0
[pid  3632] mkdir("./159", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 162
./strace-static-x86_64: Process 3961 attached
[pid  3961] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3961] chdir("./159")              = 0
[pid  3961] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3961] setpgid(0, 0)               = 0
[pid  3961] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3961] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3961] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3961] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3961] write(3, "1000", 4)         = 4
[pid  3961] close(3)                    = 0
[pid  3961] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3961] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3961] memfd_create("syzkaller", 0) = 3
[pid  3961] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3961] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3961] munmap(0x7fd662669000, 2097152) = 0
[pid  3961] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3961] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3961] close(3)                    = 0
[pid  3961] mkdir("./file0", 0777)      = 0
[  107.277368][ T3961] loop0: detected capacity change from 0 to 4096
[  107.296146][ T3961] NILFS (loop0): invalid segment: Checksum error in segment payload
[  107.304502][ T3961] NILFS (loop0): trying rollback from an earlier position
[  107.320254][ T3961] NILFS (loop0): recovery complete
[pid  3961] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3961] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3961] chdir("./file0")            = 0
[pid  3961] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3961] close(4)                    = 0
[pid  3961] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3961] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3961] creat("./bus", 000)         = 4
[pid  3961] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3961] ftruncate(4, 2048)          = 0
[pid  3961] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3961] open("./bus", O_RDONLY)     = 5
[  107.326422][ T3962] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3961] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3961] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3961] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3961] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3961] open(".", O_RDONLY)         = 6
[pid  3961] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3961] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3961] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3961] close(3)                    = 0
[pid  3961] close(4)                    = 0
[pid  3961] close(5)                    = 0
[pid  3961] close(6)                    = 0
[pid  3961] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3961] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3961] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3961] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3961] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3961] exit_group(0)               = ?
[pid  3961] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=162, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./159", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./159", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./159/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./159/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./159/binderfs")    = 0
[pid  3632] umount2("./159/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./159/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./159/cgroup")      = 0
[pid  3632] umount2("./159/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./159/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./159/cgroup.net")  = 0
[pid  3632] umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./159/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./159/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./159/file0")        = 0
[pid  3632] umount2("./159/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./159/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./159/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./159")              = 0
[pid  3632] mkdir("./160", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 163
./strace-static-x86_64: Process 3963 attached
[pid  3963] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3963] chdir("./160")              = 0
[pid  3963] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3963] setpgid(0, 0)               = 0
[pid  3963] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3963] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3963] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3963] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3963] write(3, "1000", 4)         = 4
[pid  3963] close(3)                    = 0
[pid  3963] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3963] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3963] memfd_create("syzkaller", 0) = 3
[pid  3963] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3963] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3963] munmap(0x7fd662669000, 2097152) = 0
[pid  3963] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3963] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3963] close(3)                    = 0
[pid  3963] mkdir("./file0", 0777)      = 0
[  107.616079][ T3963] loop0: detected capacity change from 0 to 4096
[  107.631909][ T3963] NILFS (loop0): invalid segment: Checksum error in segment payload
[  107.640127][ T3963] NILFS (loop0): trying rollback from an earlier position
[  107.652962][ T3963] NILFS (loop0): recovery complete
[pid  3963] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3963] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3963] chdir("./file0")            = 0
[pid  3963] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3963] close(4)                    = 0
[pid  3963] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3963] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3963] creat("./bus", 000)         = 4
[pid  3963] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3963] ftruncate(4, 2048)          = 0
[pid  3963] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3963] open("./bus", O_RDONLY)     = 5
[  107.659108][ T3964] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3963] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3963] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3963] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3963] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3963] open(".", O_RDONLY)         = 6
[pid  3963] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3963] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3963] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3963] close(3)                    = 0
[pid  3963] close(4)                    = 0
[pid  3963] close(5)                    = 0
[pid  3963] close(6)                    = 0
[pid  3963] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3963] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3963] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3963] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3963] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3963] exit_group(0)               = ?
[pid  3963] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=163, si_uid=0, si_status=0, si_utime=0, si_stime=14} ---
[pid  3632] umount2("./160", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./160", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./160/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./160/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./160/binderfs")    = 0
[pid  3632] umount2("./160/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./160/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./160/cgroup")      = 0
[pid  3632] umount2("./160/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./160/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./160/cgroup.net")  = 0
[pid  3632] umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./160/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./160/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./160/file0")        = 0
[pid  3632] umount2("./160/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./160/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./160/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./160")              = 0
[pid  3632] mkdir("./161", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 164
./strace-static-x86_64: Process 3965 attached
[pid  3965] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3965] chdir("./161")              = 0
[pid  3965] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3965] setpgid(0, 0)               = 0
[pid  3965] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3965] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3965] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3965] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3965] write(3, "1000", 4)         = 4
[pid  3965] close(3)                    = 0
[pid  3965] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3965] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3965] memfd_create("syzkaller", 0) = 3
[pid  3965] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3965] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3965] munmap(0x7fd662669000, 2097152) = 0
[pid  3965] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3965] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3965] close(3)                    = 0
[pid  3965] mkdir("./file0", 0777)      = 0
[pid  3965] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3965] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3965] chdir("./file0")            = 0
[pid  3965] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3965] close(4)                    = 0
[pid  3965] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3965] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3965] creat("./bus", 000)         = 4
[pid  3965] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3965] ftruncate(4, 2048)          = 0
[pid  3965] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3965] open("./bus", O_RDONLY)     = 5
[  107.949373][ T3965] loop0: detected capacity change from 0 to 4096
[  107.963344][ T3965] NILFS (loop0): invalid segment: Checksum error in segment payload
[  107.971433][ T3965] NILFS (loop0): trying rollback from an earlier position
[  107.984684][ T3965] NILFS (loop0): recovery complete
[  107.990645][ T3966] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3965] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3965] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3965] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3965] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3965] open(".", O_RDONLY)         = 6
[pid  3965] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3965] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3965] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3965] close(3)                    = 0
[pid  3965] close(4)                    = 0
[pid  3965] close(5)                    = 0
[pid  3965] close(6)                    = 0
[pid  3965] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3965] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3965] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3965] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3965] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3965] exit_group(0)               = ?
[pid  3965] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=164, si_uid=0, si_status=0, si_utime=0, si_stime=10} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./161", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./161", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./161/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./161/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./161/binderfs")    = 0
[pid  3632] umount2("./161/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./161/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./161/cgroup")      = 0
[pid  3632] umount2("./161/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./161/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./161/cgroup.net")  = 0
[pid  3632] umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./161/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./161/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./161/file0")        = 0
[pid  3632] umount2("./161/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./161/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./161/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./161")              = 0
[pid  3632] mkdir("./162", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 165
./strace-static-x86_64: Process 3967 attached
[pid  3967] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3967] chdir("./162")              = 0
[pid  3967] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3967] setpgid(0, 0)               = 0
[pid  3967] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3967] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3967] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3967] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3967] write(3, "1000", 4)         = 4
[pid  3967] close(3)                    = 0
[pid  3967] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3967] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3967] memfd_create("syzkaller", 0) = 3
[pid  3967] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3967] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3967] munmap(0x7fd662669000, 2097152) = 0
[pid  3967] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3967] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3967] close(3)                    = 0
[pid  3967] mkdir("./file0", 0777)      = 0
[pid  3967] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3967] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3967] chdir("./file0")            = 0
[pid  3967] ioctl(4, LOOP_CLR_FD)       = 0
[  108.275876][ T3967] loop0: detected capacity change from 0 to 4096
[  108.290400][ T3967] NILFS (loop0): invalid segment: Checksum error in segment payload
[  108.298420][ T3967] NILFS (loop0): trying rollback from an earlier position
[  108.312374][ T3967] NILFS (loop0): recovery complete
[pid  3967] close(4)                    = 0
[pid  3967] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3967] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3967] creat("./bus", 000)         = 4
[pid  3967] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3967] ftruncate(4, 2048)          = 0
[pid  3967] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3967] open("./bus", O_RDONLY)     = 5
[  108.318265][ T3968] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid  3967] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3967] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3967] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3967] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3967] open(".", O_RDONLY)         = 6
[pid  3967] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3967] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3967] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3967] close(3)                    = 0
[pid  3967] close(4)                    = 0
[pid  3967] close(5)                    = 0
[pid  3967] close(6)                    = 0
[pid  3967] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3967] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3967] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3967] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3967] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3967] exit_group(0)               = ?
[pid  3967] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=165, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] umount2("./162", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./162", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./162/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./162/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./162/binderfs")    = 0
[pid  3632] umount2("./162/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./162/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./162/cgroup")      = 0
[pid  3632] umount2("./162/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./162/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./162/cgroup.net")  = 0
[pid  3632] umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./162/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./162/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./162/file0")        = 0
[pid  3632] umount2("./162/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./162/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./162/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./162")              = 0
[pid  3632] mkdir("./163", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 166
./strace-static-x86_64: Process 3969 attached
[pid  3969] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3969] chdir("./163")              = 0
[pid  3969] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3969] setpgid(0, 0)               = 0
[pid  3969] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3969] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3969] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3969] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3969] write(3, "1000", 4)         = 4
[pid  3969] close(3)                    = 0
[pid  3969] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3969] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3969] memfd_create("syzkaller", 0) = 3
[pid  3969] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3969] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3969] munmap(0x7fd662669000, 2097152) = 0
[pid  3969] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3969] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3969] close(3)                    = 0
[pid  3969] mkdir("./file0", 0777)      = 0
[pid  3969] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3969] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3969] chdir("./file0")            = 0
[pid  3969] ioctl(4, LOOP_CLR_FD)       = 0
[  108.626732][ T3969] loop0: detected capacity change from 0 to 4096
[  108.642843][ T3969] NILFS (loop0): invalid segment: Checksum error in segment payload
[  108.651303][ T3969] NILFS (loop0): trying rollback from an earlier position
[  108.666313][ T3969] NILFS (loop0): recovery complete
[pid  3969] close(4)                    = 0
[pid  3969] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3969] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3969] creat("./bus", 000)         = 4
[pid  3969] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3969] ftruncate(4, 2048)          = 0
[pid  3969] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3969] open("./bus", O_RDONLY)     = 5
[  108.672562][ T3970] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  108.690209][   T27] kauditd_printk_skb: 5 callbacks suppressed
[  108.690222][   T27] audit: type=1804 audit(1670457140.599:165): pid=3969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/163/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3969] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3969] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3969] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3969] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3969] open(".", O_RDONLY)         = 6
[pid  3969] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3969] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3969] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3969] close(3)                    = 0
[pid  3969] close(4)                    = 0
[pid  3969] close(5)                    = 0
[pid  3969] close(6)                    = 0
[pid  3969] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3969] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3969] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3969] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3969] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3969] exit_group(0)               = ?
[pid  3969] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=166, si_uid=0, si_status=0, si_utime=0, si_stime=15} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./163", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./163", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./163/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./163/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./163/binderfs")    = 0
[pid  3632] umount2("./163/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./163/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./163/cgroup")      = 0
[pid  3632] umount2("./163/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./163/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./163/cgroup.net")  = 0
[pid  3632] umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./163/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./163/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./163/file0")        = 0
[pid  3632] umount2("./163/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./163/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./163/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./163")              = 0
[pid  3632] mkdir("./164", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 167
./strace-static-x86_64: Process 3971 attached
[pid  3971] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3971] chdir("./164")              = 0
[pid  3971] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3971] setpgid(0, 0)               = 0
[pid  3971] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3971] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3971] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3971] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3971] write(3, "1000", 4)         = 4
[pid  3971] close(3)                    = 0
[pid  3971] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3971] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3971] memfd_create("syzkaller", 0) = 3
[pid  3971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3971] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3971] munmap(0x7fd662669000, 2097152) = 0
[pid  3971] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3971] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3971] close(3)                    = 0
[pid  3971] mkdir("./file0", 0777)      = 0
[pid  3971] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3971] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3971] chdir("./file0")            = 0
[pid  3971] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3971] close(4)                    = 0
[pid  3971] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3971] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[  108.974739][ T3971] loop0: detected capacity change from 0 to 4096
[  108.990732][ T3971] NILFS (loop0): invalid segment: Checksum error in segment payload
[  108.998892][ T3971] NILFS (loop0): trying rollback from an earlier position
[  109.012136][ T3971] NILFS (loop0): recovery complete
[pid  3971] creat("./bus", 000)         = 4
[pid  3971] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3971] ftruncate(4, 2048)          = 0
[pid  3971] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3971] open("./bus", O_RDONLY)     = 5
[  109.018186][ T3972] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  109.029111][   T27] audit: type=1804 audit(1670457140.939:166): pid=3971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/164/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3971] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3971] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3971] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3971] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3971] open(".", O_RDONLY)         = 6
[pid  3971] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3971] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3971] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3971] close(3)                    = 0
[pid  3971] close(4)                    = 0
[pid  3971] close(5)                    = 0
[pid  3971] close(6)                    = 0
[pid  3971] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3971] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3971] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3971] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3971] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3971] exit_group(0)               = ?
[pid  3971] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=167, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] umount2("./164", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./164", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./164/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./164/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./164/binderfs")    = 0
[pid  3632] umount2("./164/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./164/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./164/cgroup")      = 0
[pid  3632] umount2("./164/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./164/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./164/cgroup.net")  = 0
[pid  3632] umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./164/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./164/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./164/file0")        = 0
[pid  3632] umount2("./164/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./164/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./164/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./164")              = 0
[pid  3632] mkdir("./165", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 168
./strace-static-x86_64: Process 3973 attached
[pid  3973] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3973] chdir("./165")              = 0
[pid  3973] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3973] setpgid(0, 0)               = 0
[pid  3973] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3973] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3973] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3973] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3973] write(3, "1000", 4)         = 4
[pid  3973] close(3)                    = 0
[pid  3973] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3973] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3973] memfd_create("syzkaller", 0) = 3
[pid  3973] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3973] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3973] munmap(0x7fd662669000, 2097152) = 0
[pid  3973] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3973] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3973] close(3)                    = 0
[pid  3973] mkdir("./file0", 0777)      = 0
[pid  3973] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3973] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3973] chdir("./file0")            = 0
[pid  3973] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3973] close(4)                    = 0
[pid  3973] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3973] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3973] creat("./bus", 000)         = 4
[  109.322445][ T3973] loop0: detected capacity change from 0 to 4096
[  109.337235][ T3973] NILFS (loop0): invalid segment: Checksum error in segment payload
[  109.345650][ T3973] NILFS (loop0): trying rollback from an earlier position
[  109.359755][ T3973] NILFS (loop0): recovery complete
[pid  3973] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3973] ftruncate(4, 2048)          = 0
[pid  3973] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3973] open("./bus", O_RDONLY)     = 5
[  109.365679][ T3974] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  109.376305][   T27] audit: type=1804 audit(1670457141.289:167): pid=3973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/165/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3973] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3973] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3973] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3973] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3973] open(".", O_RDONLY)         = 6
[pid  3973] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3973] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3973] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3973] close(3)                    = 0
[pid  3973] close(4)                    = 0
[pid  3973] close(5)                    = 0
[pid  3973] close(6)                    = 0
[pid  3973] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3973] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3973] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3973] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3973] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3973] exit_group(0)               = ?
[pid  3973] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=168, si_uid=0, si_status=0, si_utime=0, si_stime=18} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./165", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./165", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./165/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./165/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./165/binderfs")    = 0
[pid  3632] umount2("./165/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./165/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./165/cgroup")      = 0
[pid  3632] umount2("./165/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./165/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./165/cgroup.net")  = 0
[pid  3632] umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./165/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./165/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./165/file0")        = 0
[pid  3632] umount2("./165/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./165/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./165/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./165")              = 0
[pid  3632] mkdir("./166", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3975 attached
 <unfinished ...>
[pid  3975] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3975] chdir("./166")              = 0
[pid  3975] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3975] setpgid(0, 0)               = 0
[pid  3975] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3975] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3975] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3975] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3975] write(3, "1000", 4)         = 4
[pid  3975] close(3)                    = 0
[pid  3975] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3632] <... clone resumed>, child_tidptr=0x5555573f25d0) = 169
[pid  3975] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3975] memfd_create("syzkaller", 0) = 3
[pid  3975] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3975] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3975] munmap(0x7fd662669000, 2097152) = 0
[pid  3975] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3975] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3975] close(3)                    = 0
[pid  3975] mkdir("./file0", 0777)      = 0
[pid  3975] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3975] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3975] chdir("./file0")            = 0
[  109.659803][ T3975] loop0: detected capacity change from 0 to 4096
[  109.674352][ T3975] NILFS (loop0): invalid segment: Checksum error in segment payload
[  109.682386][ T3975] NILFS (loop0): trying rollback from an earlier position
[  109.696012][ T3975] NILFS (loop0): recovery complete
[pid  3975] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3975] close(4)                    = 0
[pid  3975] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3975] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3975] creat("./bus", 000)         = 4
[pid  3975] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3975] ftruncate(4, 2048)          = 0
[pid  3975] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3975] open("./bus", O_RDONLY)     = 5
[  109.702534][ T3976] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  109.720703][   T27] audit: type=1804 audit(1670457141.629:168): pid=3975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/166/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3975] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3975] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3975] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3975] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3975] open(".", O_RDONLY)         = 6
[pid  3975] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3975] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3975] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3975] close(3)                    = 0
[pid  3975] close(4)                    = 0
[pid  3975] close(5)                    = 0
[pid  3975] close(6)                    = 0
[pid  3975] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3975] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3975] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3975] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3975] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3975] exit_group(0)               = ?
[pid  3975] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=169, si_uid=0, si_status=0, si_utime=0, si_stime=17} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./166", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./166", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./166/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./166/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./166/binderfs")    = 0
[pid  3632] umount2("./166/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./166/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./166/cgroup")      = 0
[pid  3632] umount2("./166/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./166/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./166/cgroup.net")  = 0
[pid  3632] umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./166/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./166/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./166/file0")        = 0
[pid  3632] umount2("./166/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./166/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./166/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./166")              = 0
[pid  3632] mkdir("./167", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 170
./strace-static-x86_64: Process 3977 attached
[pid  3977] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3977] chdir("./167")              = 0
[pid  3977] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3977] setpgid(0, 0)               = 0
[pid  3977] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3977] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3977] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3977] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3977] write(3, "1000", 4)         = 4
[pid  3977] close(3)                    = 0
[pid  3977] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3977] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3977] memfd_create("syzkaller", 0) = 3
[pid  3977] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3977] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3977] munmap(0x7fd662669000, 2097152) = 0
[pid  3977] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3977] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3977] close(3)                    = 0
[pid  3977] mkdir("./file0", 0777)      = 0
[  110.018501][ T3977] loop0: detected capacity change from 0 to 4096
[  110.033811][ T3977] NILFS (loop0): invalid segment: Checksum error in segment payload
[  110.042348][ T3977] NILFS (loop0): trying rollback from an earlier position
[  110.057628][ T3977] NILFS (loop0): recovery complete
[pid  3977] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3977] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3977] chdir("./file0")            = 0
[pid  3977] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3977] close(4)                    = 0
[pid  3977] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3977] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3977] creat("./bus", 000)         = 4
[pid  3977] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3977] ftruncate(4, 2048)          = 0
[pid  3977] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3977] open("./bus", O_RDONLY)     = 5
[  110.063910][ T3978] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  110.081944][   T27] audit: type=1804 audit(1670457141.989:169): pid=3977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/167/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid  3977] sendfile(4, 5, NULL, 140737974943952) = 1048576
[pid  3977] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOENT (No such file or directory)
[pid  3977] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3977] getdents64(-1, NULL, 0)     = -1 EBADF (Bad file descriptor)
[pid  3977] open(".", O_RDONLY)         = 6
[pid  3977] getdents64(6, 0x200022c0 /* 4 entries */, 4085) = 104
[pid  3977] sendfile(-1, 0, [129], 62146) = -1 ESPIPE (Illegal seek)
[pid  3977] poll([{fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=-1}, {fd=6, events=POLLOUT|POLLRDBAND}, {fd=-1}], 8, 8) = 1 ([{fd=6, revents=POLLOUT}])
[pid  3977] close(3)                    = 0
[pid  3977] close(4)                    = 0
[pid  3977] close(5)                    = 0
[pid  3977] close(6)                    = 0
[pid  3977] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  3977] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  3977] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  3977] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  3977] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  3977] exit_group(0)               = ?
[pid  3977] +++ exited with 0 +++
[pid  3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=170, si_uid=0, si_status=0, si_utime=0, si_stime=16} ---
[pid  3632] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  3632] umount2("./167", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./167", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3632] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 7 entries */, 32768) = 208
[pid  3632] umount2("./167/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./167/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[pid  3632] unlink("./167/binderfs")    = 0
[pid  3632] umount2("./167/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./167/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}) = 0
[pid  3632] unlink("./167/cgroup")      = 0
[pid  3632] umount2("./167/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./167/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./167/cgroup.net")  = 0
[pid  3632] umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  3632] umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./167/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] openat(AT_FDCWD, "./167/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  3632] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[pid  3632] getdents64(4, 0x5555573fb780 /* 2 entries */, 32768) = 48
[pid  3632] getdents64(4, 0x5555573fb780 /* 0 entries */, 32768) = 0
[pid  3632] close(4)                    = 0
[pid  3632] rmdir("./167/file0")        = 0
[pid  3632] umount2("./167/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  3632] lstat("./167/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}) = 0
[pid  3632] unlink("./167/cgroup.cpu")  = 0
[pid  3632] getdents64(3, 0x5555573f3740 /* 0 entries */, 32768) = 0
[pid  3632] close(3)                    = 0
[pid  3632] rmdir("./167")              = 0
[pid  3632] mkdir("./168", 0777)        = 0
[pid  3632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3632] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3632] close(3)                    = 0
[pid  3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573f25d0) = 171
./strace-static-x86_64: Process 3979 attached
[pid  3979] set_robust_list(0x5555573f25e0, 24) = 0
[pid  3979] chdir("./168")              = 0
[pid  3979] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3979] setpgid(0, 0)               = 0
[pid  3979] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  3979] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  3979] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  3979] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3979] write(3, "1000", 4)         = 4
[pid  3979] close(3)                    = 0
[pid  3979] read(200, 0x7ffc4ff8c690, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  3979] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3979] memfd_create("syzkaller", 0) = 3
[pid  3979] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd662669000
[pid  3979] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid  3979] munmap(0x7fd662669000, 2097152) = 0
[pid  3979] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3979] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3979] close(3)                    = 0
[pid  3979] mkdir("./file0", 0777)      = 0
[  110.366065][ T3979] loop0: detected capacity change from 0 to 4096
[  110.382334][ T3979] NILFS (loop0): invalid segment: Checksum error in segment payload
[  110.390474][ T3979] NILFS (loop0): trying rollback from an earlier position
[  110.404909][ T3979] NILFS (loop0): recovery complete
[pid  3979] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0
[pid  3979] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  3979] chdir("./file0")            = 0
[pid  3979] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3979] close(4)                    = 0
[pid  3979] open(NULL, O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = -1 EFAULT (Bad address)
[pid  3979] open(NULL, O_RDONLY)        = -1 EFAULT (Bad address)
[pid  3979] creat("./bus", 000)         = 4
[pid  3979] fcntl(4, F_SETFL, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECT|O_NOATIME|FASYNC) = 0
[pid  3979] ftruncate(4, 2048)          = 0
[pid  3979] lseek(4, 132096, SEEK_SET)  = 132096
[pid  3979] open("./bus", O_RDONLY)     = 5
[  110.411124][ T3980] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  110.422022][   T27] audit: type=1804 audit(1670457142.319:170): pid=3979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor177" name="/root/syzkaller.7UU4UF/168/file0/bus" dev="loop0" ino=12 res=1 errno=0
[  110.454965][ T3980] ------------[ cut here ]------------
[  110.460920][ T3980] WARNING: CPU: 0 PID: 3980 at fs/nilfs2/btree.c:2273 nilfs_btree_assign+0xa75/0xd00
[  110.470929][ T3980] Modules linked in:
[  110.474854][ T3980] CPU: 0 PID: 3980 Comm: segctord Not tainted 6.1.0-rc8-syzkaller-00014-g8ed710da2873 #0
[  110.484924][ T3980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  110.495103][ T3980] RIP: 0010:nilfs_btree_assign+0xa75/0xd00
[  110.501179][ T3980] Code: 00 0f 85 a4 02 00 00 44 89 f8 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 07 ee 3e fe 4c 8b 74 24 38 eb a5 e8 fb ed 3e fe <0f> 0b 41 bf fe ff ff ff 4c 8b 74 24 38 eb 91 44 89 f9 80 e1 07 80
[  110.521240][ T3980] RSP: 0018:ffffc90004507540 EFLAGS: 00010293
[  110.527321][ T3980] RAX: ffffffff834bb2a5 RBX: ffff8880715ed360 RCX: ffff888028523a80
[  110.535474][ T3980] RDX: 0000000000000000 RSI: 00000000fffffffe RDI: 00000000fffffffe
[  110.543798][ T3980] RBP: ffffc90004507670 R08: ffffffff834bac0f R09: ffffed100e7add40
[  110.552062][ T3980] R10: ffffed100e7add40 R11: 1ffff1100e7add3f R12: ffff88806e4acb00
[  110.560317][ T3980] R13: dffffc0000000000 R14: 0000000000000001 R15: 00000000fffffffe
[  110.568300][ T3980] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  110.577621][ T3980] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  110.584426][ T3980] CR2: 0000000000000000 CR3: 000000002884c000 CR4: 00000000003506f0
[  110.592636][ T3980] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  110.600807][ T3980] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  110.609022][ T3980] Call Trace:
[  110.612302][ T3980]  <TASK>
[  110.615238][ T3980]  ? down_write+0x1a5/0x270
[  110.620061][ T3980]  ? nilfs_btree_lookup_dirty_buffers+0x1020/0x1020
[  110.626659][ T3980]  ? down_read_killable+0x80/0x80
[  110.631810][ T3980]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  110.638064][ T3980]  ? __getblk_gfp+0x1f4/0x290
[  110.642888][ T3980]  nilfs_bmap_assign+0x87/0x150
[  110.647751][ T3980]  nilfs_segctor_do_construct+0x38c2/0x6f80
[  110.653709][ T3980]  ? update_cfs_rq_load_avg+0x483/0x570
[  110.659372][ T3980]  ? nilfs_transaction_unlock+0x210/0x210
[  110.665582][ T3980]  ? rcu_read_lock_sched_held+0x87/0x110
[  110.671270][ T3980]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  110.677258][ T3980]  ? nilfs_segctor_confirm+0x24b/0x2d0
[  110.682795][ T3980]  ? trace_lock_release+0x95/0x220
[  110.687928][ T3980]  ? __up_read+0x690/0x690
[  110.692373][ T3980]  ? nilfs_segctor_confirm+0x24b/0x2d0
[  110.697851][ T3980]  ? do_raw_spin_lock+0x148/0x360
[  110.702915][ T3980]  ? __lock_acquire+0x1f60/0x1f60
[  110.707950][ T3980]  ? do_raw_spin_unlock+0x134/0x8a0
[  110.713203][ T3980]  ? _raw_spin_unlock+0x24/0x40
[  110.718060][ T3980]  ? nilfs_segctor_confirm+0x24b/0x2d0
[  110.723549][ T3980]  nilfs_segctor_construct+0x143/0x8d0
[  110.729030][ T3980]  ? trace_nilfs2_transaction_transition+0xec/0x2e0
[  110.735606][ T3980]  nilfs_segctor_thread+0x59e/0x11c0
[  110.740962][ T3980]  ? nilfs_construction_timeout+0x40/0x40
[  110.746689][ T3980]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  110.753398][ T3980]  ? _raw_spin_unlock+0x40/0x40
[  110.758257][ T3980]  ? wake_bit_function+0x240/0x240
[  110.763669][ T3980]  ? _raw_spin_unlock+0x40/0x40
[  110.768524][ T3980]  ? lockdep_hardirqs_on_prepare+0x428/0x790
[  110.774545][ T3980]  ? __kthread_parkme+0x166/0x1c0
[  110.779611][ T3980]  kthread+0x266/0x300
[  110.783682][ T3980]  ? nilfs_construction_timeout+0x40/0x40
[  110.789466][ T3980]  ? kthread_blkcg+0xd0/0xd0
[  110.794100][ T3980]  ret_from_fork+0x1f/0x30
[  110.798545][ T3980]  </TASK>
[  110.801600][ T3980] Kernel panic - not syncing: panic_on_warn set ...
[  110.808191][ T3980] CPU: 1 PID: 3980 Comm: segctord Not tainted 6.1.0-rc8-syzkaller-00014-g8ed710da2873 #0
[  110.817985][ T3980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  110.828033][ T3980] Call Trace:
[  110.831319][ T3980]  <TASK>
[  110.834333][ T3980]  dump_stack_lvl+0x1b1/0x28e
[  110.839000][ T3980]  ? nf_tcp_handle_invalid+0x62e/0x62e
[  110.844441][ T3980]  ? panic+0x710/0x710
[  110.848497][ T3980]  ? vscnprintf+0x59/0x80
[  110.852815][ T3980]  ? nilfs_btree_assign+0x9d0/0xd00
[  110.857996][ T3980]  panic+0x2d6/0x710
[  110.861917][ T3980]  ? __warn+0x131/0x220
[  110.866054][ T3980]  ? memcpy_page_flushcache+0xfc/0xfc
[  110.871417][ T3980]  ? ret_from_fork+0x1f/0x30
[  110.875991][ T3980]  ? nilfs_btree_assign+0xa75/0xd00
[  110.881175][ T3980]  __warn+0x1fa/0x220
[  110.885165][ T3980]  ? nilfs_btree_assign+0xa75/0xd00
[  110.890437][ T3980]  report_bug+0x1b3/0x2d0
[  110.894780][ T3980]  handle_bug+0x3d/0x70
[  110.898930][ T3980]  exc_invalid_op+0x16/0x40
[  110.903432][ T3980]  asm_exc_invalid_op+0x16/0x20
[  110.908306][ T3980] RIP: 0010:nilfs_btree_assign+0xa75/0xd00
[  110.914109][ T3980] Code: 00 0f 85 a4 02 00 00 44 89 f8 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 07 ee 3e fe 4c 8b 74 24 38 eb a5 e8 fb ed 3e fe <0f> 0b 41 bf fe ff ff ff 4c 8b 74 24 38 eb 91 44 89 f9 80 e1 07 80
[  110.933796][ T3980] RSP: 0018:ffffc90004507540 EFLAGS: 00010293
[  110.939852][ T3980] RAX: ffffffff834bb2a5 RBX: ffff8880715ed360 RCX: ffff888028523a80
[  110.947812][ T3980] RDX: 0000000000000000 RSI: 00000000fffffffe RDI: 00000000fffffffe
[  110.955857][ T3980] RBP: ffffc90004507670 R08: ffffffff834bac0f R09: ffffed100e7add40
[  110.963815][ T3980] R10: ffffed100e7add40 R11: 1ffff1100e7add3f R12: ffff88806e4acb00
[  110.971772][ T3980] R13: dffffc0000000000 R14: 0000000000000001 R15: 00000000fffffffe
[  110.979734][ T3980]  ? nilfs_btree_assign+0x3df/0xd00
[  110.984919][ T3980]  ? nilfs_btree_assign+0xa75/0xd00
[  110.990205][ T3980]  ? down_write+0x1a5/0x270
[  110.994697][ T3980]  ? nilfs_btree_lookup_dirty_buffers+0x1020/0x1020
[  111.001279][ T3980]  ? down_read_killable+0x80/0x80
[  111.006293][ T3980]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  111.012256][ T3980]  ? __getblk_gfp+0x1f4/0x290
[  111.016928][ T3980]  nilfs_bmap_assign+0x87/0x150
[  111.021766][ T3980]  nilfs_segctor_do_construct+0x38c2/0x6f80
[  111.027645][ T3980]  ? update_cfs_rq_load_avg+0x483/0x570
[  111.033232][ T3980]  ? nilfs_transaction_unlock+0x210/0x210
[  111.038944][ T3980]  ? rcu_read_lock_sched_held+0x87/0x110
[  111.044567][ T3980]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  111.050884][ T3980]  ? nilfs_segctor_confirm+0x24b/0x2d0
[  111.056332][ T3980]  ? trace_lock_release+0x95/0x220
[  111.061436][ T3980]  ? __up_read+0x690/0x690
[  111.065834][ T3980]  ? nilfs_segctor_confirm+0x24b/0x2d0
[  111.071281][ T3980]  ? do_raw_spin_lock+0x148/0x360
[  111.076294][ T3980]  ? __lock_acquire+0x1f60/0x1f60
[  111.081317][ T3980]  ? do_raw_spin_unlock+0x134/0x8a0
[  111.086510][ T3980]  ? _raw_spin_unlock+0x24/0x40
[  111.091351][ T3980]  ? nilfs_segctor_confirm+0x24b/0x2d0
[  111.096802][ T3980]  nilfs_segctor_construct+0x143/0x8d0
[  111.103295][ T3980]  ? trace_nilfs2_transaction_transition+0xec/0x2e0
[  111.109873][ T3980]  nilfs_segctor_thread+0x59e/0x11c0
[  111.115187][ T3980]  ? nilfs_construction_timeout+0x40/0x40
[  111.120899][ T3980]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  111.126781][ T3980]  ? _raw_spin_unlock+0x40/0x40
[  111.131621][ T3980]  ? wake_bit_function+0x240/0x240
[  111.136724][ T3980]  ? _raw_spin_unlock+0x40/0x40
[  111.141562][ T3980]  ? lockdep_hardirqs_on_prepare+0x428/0x790
[  111.147552][ T3980]  ? __kthread_parkme+0x166/0x1c0
[  111.152598][ T3980]  kthread+0x266/0x300
[  111.156669][ T3980]  ? nilfs_construction_timeout+0x40/0x40
[  111.162646][ T3980]  ? kthread_blkcg+0xd0/0xd0
[  111.167230][ T3980]  ret_from_fork+0x1f/0x30
[  111.171647][ T3980]  </TASK>
[  111.174796][ T3980] Kernel Offset: disabled
[  111.179304][ T3980] Rebooting in 86400 seconds..