./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3549288008

<...>
Warning: Permanently added '10.128.0.121' (ED25519) to the list of known hosts.
execve("./syz-executor3549288008", ["./syz-executor3549288008"], 0x7ffcc3e57bb0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555572c4000
brk(0x5555572c4d40)                     = 0x5555572c4d40
arch_prctl(ARCH_SET_FS, 0x5555572c43c0) = 0
set_tid_address(0x5555572c4690)         = 5040
set_robust_list(0x5555572c46a0, 24)     = 0
rseq(0x5555572c4ce0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3549288008", 4096) = 28
getrandom("\x87\x2b\x89\xca\x8e\xa1\xac\xbc", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555572c4d40
brk(0x5555572e5d40)                     = 0x5555572e5d40
brk(0x5555572e6000)                     = 0x5555572e6000
mprotect(0x7f8ee30d2000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./syzkaller.jfUcuN", 0700)       = 0
chmod("./syzkaller.jfUcuN", 0777)       = 0
chdir("./syzkaller.jfUcuN")             = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 5041
./strace-static-x86_64: Process 5041 attached
[pid  5041] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5041] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5041] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5041] setsid()                    = 1
[pid  5041] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5041] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5041] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5041] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5041] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5041] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5041] unshare(CLONE_NEWNS)        = 0
[pid  5041] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5041] unshare(CLONE_NEWIPC)       = 0
[pid  5041] unshare(CLONE_NEWCGROUP)    = 0
[pid  5041] unshare(CLONE_NEWUTS)       = 0
[pid  5041] unshare(CLONE_SYSVSEM)      = 0
[pid  5041] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5041] write(3, "16777216", 8)     = 8
[pid  5041] close(3)                    = 0
[pid  5041] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5041] write(3, "536870912", 9)    = 9
[pid  5041] close(3)                    = 0
[pid  5041] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5041] write(3, "1024", 4)         = 4
[pid  5041] close(3)                    = 0
[pid  5041] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5041] write(3, "8192", 4)         = 4
[pid  5041] close(3)                    = 0
[pid  5041] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5041] write(3, "1024", 4)         = 4
[pid  5041] close(3)                    = 0
[pid  5041] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5041] write(3, "1024", 4)         = 4
[pid  5041] close(3)                    = 0
[pid  5041] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5041] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5041] close(3)                    = 0
[pid  5041] getpid()                    = 1
[pid  5041] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5041] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5041] unshare(CLONE_NEWNET)       = 0
[pid  5041] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5041] write(3, "0 65535", 7)      = 7
[pid  5041] close(3)                    = 0
[pid  5041] mkdir("/dev/binderfs", 0777) = 0
[pid  5041] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5041] mkdir("./0", 0777)          = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5044 attached
, child_tidptr=0x5555572c4690) = 2
[pid  5044] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5044] chdir("./0")                = 0
[pid  5044] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5044] setpgid(0, 0)               = 0
[pid  5044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5044] write(3, "1000", 4)         = 4
[pid  5044] close(3)                    = 0
[pid  5044] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5044] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5044] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5044] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5044] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5044] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5044] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5044] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[3]}, 88) = 3
[pid  5044] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5044] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5044] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5045 attached
 <unfinished ...>
[pid  5045] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5045] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5045] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5045] memfd_create("syzkaller", 0) = 3
[pid  5045] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5045] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5045] munmap(0x7f8edabec000, 524288) = 0
[pid  5045] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5045] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5045] close(3)                    = 0
[pid  5045] mkdir("./file0", 0777)      = 0
[   89.102566][ T5045] syz-executor354[5045]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   89.127638][ T5045] loop0: detected capacity change from 0 to 1024
[   89.137497][ T5045] =======================================================
[   89.137497][ T5045] WARNING: The mand mount option has been deprecated and
[pid  5045] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5045] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5045] chdir("./file0")            = 0
[pid  5045] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5045] close(4)                    = 0
[pid  5045] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5044] <... futex resumed>)        = 0
[pid  5045] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5044] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5045] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5044] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   89.137497][ T5045]          and is ignored by this kernel. Remove the mand
[   89.137497][ T5045]          option from the mount to silence this warning.
[   89.137497][ T5045] =======================================================
[   89.186050][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.193779][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5045] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5044] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5044] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5044] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5044] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5044] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5044] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[4]}, 88) = 4
[pid  5044] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5044] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5046 attached
) = 0
[pid  5046] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5044] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5046] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5046] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5046] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5046] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5044] <... futex resumed>)        = 0
[pid  5044] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5044] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5046] <... futex resumed>)        = 1
[   89.201752][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.209394][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.221324][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.228823][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.236937][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.245919][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5046] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5044] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5044] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5044] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[   89.253947][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.261298][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.268657][ T5046] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.276061][ T5046] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.283451][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.290817][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5044] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5044] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5044] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5047 attached
 <unfinished ...>
[pid  5047] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5047] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5047] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5044] <... clone3 resumed> => {parent_tid=[5]}, 88) = 5
[pid  5047] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5044] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5044] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5047] <... futex resumed>)        = 0
[pid  5047] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88 <unfinished ...>
[pid  5044] <... futex resumed>)        = 1
[pid  5044] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5048 attached
 <unfinished ...>
[pid  5048] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5047] <... clone3 resumed>)       = 6
[pid  5047] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5047] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5044] <... futex resumed>)        = 0
[   89.299925][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.308094][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.315864][ T5046] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.324126][ T5046] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.331595][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.338943][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5046] <... write resumed>)        = 53248
[pid  5046] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   89.348149][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.356391][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.364238][ T5046] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.371631][ T5046] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.379068][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.386490][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.394327][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5046] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5048] +++ killed by SIGSEGV (core dumped) +++
[pid  5047] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5047] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=6, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5047] getpid()                    = 2
[pid  5047] rt_sigreturn({mask=[]})     = 202
[   89.402083][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.410040][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.417452][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.424947][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.432303][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.440054][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.447529][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.454969][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.462374][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.469735][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.477066][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.484468][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.491819][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5047] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5045] <... open resumed>)         = 4
[pid  5045] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5045] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5044] close(3)                    = 0
[pid  5044] close(4)                    = 0
[pid  5044] close(5)                    = 0
[pid  5044] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5044] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5044] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5044] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5044] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5044] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5044] exit_group(0 <unfinished ...>
[pid  5046] <... futex resumed>)        = ?
[pid  5044] <... exit_group resumed>)   = ?
[pid  5047] <... futex resumed>)        = ?
[pid  5046] +++ exited with 0 +++
[pid  5047] +++ exited with 0 +++
[pid  5045] <... futex resumed>)        = ?
[pid  5045] +++ exited with 0 +++
[pid  5044] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=6, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./0/binderfs")      = 0
[pid  5041] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./0/file0")          = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[   89.499294][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.506615][ T5045] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.514200][   T28] audit: type=1800 audit(1693646109.982:2): pid=5045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] rmdir("./0")                = 0
[pid  5041] mkdir("./1", 0777)          = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5049 attached
, child_tidptr=0x5555572c4690) = 7
[pid  5049] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5049] chdir("./1")                = 0
[pid  5049] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5049] setpgid(0, 0)               = 0
[pid  5049] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5049] write(3, "1000", 4)         = 4
[pid  5049] close(3)                    = 0
[pid  5049] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5049] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5049] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5049] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5049] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5049] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5049] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5049] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[8]}, 88) = 8
[pid  5049] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5049] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5049] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5050 attached
 <unfinished ...>
[pid  5050] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5050] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5050] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5050] memfd_create("syzkaller", 0) = 3
[pid  5050] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5050] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5050] munmap(0x7f8edabec000, 524288) = 0
[pid  5050] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5050] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5050] close(3)                    = 0
[pid  5050] mkdir("./file0", 0777)      = 0
[pid  5050] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5050] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5050] chdir("./file0")            = 0
[pid  5050] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5050] close(4)                    = 0
[pid  5050] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5049] <... futex resumed>)        = 0
[pid  5050] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5049] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5050] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5049] <... futex resumed>)        = 0
[pid  5050] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[   89.598478][ T5050] syz-executor354[5050]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   89.620325][ T5050] loop0: detected capacity change from 0 to 1024
[pid  5049] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5049] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5049] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5049] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5049] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5049] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5049] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[9]}, 88) = 9
[pid  5049] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5049] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5049] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5051 attached
[   89.647228][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.655168][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.663383][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.670941][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.678422][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.685810][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
 <unfinished ...>
[pid  5051] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5051] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5051] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5051] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5051] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5049] <... futex resumed>)        = 0
[pid  5051] <... futex resumed>)        = 1
[pid  5051] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5049] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5051] <... futex resumed>)        = 0
[pid  5051] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5049] <... futex resumed>)        = 1
[   89.693852][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.702546][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.712909][ T5051] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.720231][ T5051] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.727761][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.735174][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5049] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5049] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5049] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5049] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5049] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5049] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5052 attached
 => {parent_tid=[10]}, 88) = 10
[pid  5052] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5049] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5052] <... rseq resumed>)         = 0
[pid  5052] set_robust_list(0x7f8edac4a9a0, 24 <unfinished ...>
[pid  5049] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5052] <... set_robust_list resumed>) = 0
[pid  5049] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5052] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5049] <... futex resumed>)        = 0
[pid  5052] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5049] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5052] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5053 attached
) = 11
[pid  5053] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5052] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5049] <... futex resumed>)        = 0
[pid  5052] <... futex resumed>)        = 1
[   89.742609][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.749904][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.757356][ T5051] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.765118][ T5051] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.774594][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.785031][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5052] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5051] <... write resumed>)        = 53248
[pid  5051] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   89.792694][ T5051] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.800013][ T5051] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.808395][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.816188][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.824297][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.832264][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.840278][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.849308][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.857133][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.866023][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.873809][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.881766][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.889260][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5051] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5053] +++ killed by SIGSEGV (core dumped) +++
[pid  5049] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=11, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5049] getpid()                    = 7
[pid  5049] rt_sigreturn({mask=[]})     = 0
[pid  5052] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5049] close(3)                    = 0
[pid  5049] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5049] close(5)                    = 0
[pid  5049] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5049] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5049] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5049] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5049] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5052] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5049] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5049] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5049] exit_group(0 <unfinished ...>
[pid  5052] <... futex resumed>)        = ?
[pid  5051] <... futex resumed>)        = ?
[pid  5052] +++ exited with 0 +++
[pid  5051] +++ exited with 0 +++
[pid  5049] <... exit_group resumed>)   = ?
[   89.896723][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.904162][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.911481][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.918879][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.926250][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.933756][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.941107][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5050] <... open resumed>)         = ?
[pid  5050] +++ exited with 0 +++
[pid  5049] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=11, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./1/binderfs")      = 0
[   89.948469][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.955800][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.963210][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.970509][ T5050] hfsplus: request for non-existent node 16777216 in B*Tree
[   89.979134][   T28] audit: type=1800 audit(1693646110.442:3): pid=5050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./1/file0")          = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./1")                = 0
[pid  5041] mkdir("./2", 0777)          = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 12
./strace-static-x86_64: Process 5054 attached
[pid  5054] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5054] chdir("./2")                = 0
[pid  5054] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5054] setpgid(0, 0)               = 0
[pid  5054] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5054] write(3, "1000", 4)         = 4
[pid  5054] close(3)                    = 0
[pid  5054] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5054] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5054] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5054] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5054] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5054] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5054] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5054] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[13]}, 88) = 13
[pid  5054] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5055 attached
 <unfinished ...>
[pid  5055] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5054] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5055] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5054] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5055] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5054] <... futex resumed>)        = 0
[pid  5055] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5054] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5055] memfd_create("syzkaller", 0) = 3
[pid  5055] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5055] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5055] munmap(0x7f8edabec000, 524288) = 0
[pid  5055] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5055] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5055] close(3)                    = 0
[pid  5055] mkdir("./file0", 0777)      = 0
[pid  5055] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5055] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5055] chdir("./file0")            = 0
[pid  5055] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5055] close(4)                    = 0
[pid  5055] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5054] <... futex resumed>)        = 0
[pid  5054] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5054] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   90.079873][ T5055] syz-executor354[5055]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   90.101707][ T5055] loop0: detected capacity change from 0 to 1024
[pid  5055] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5054] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5054] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5054] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5054] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5054] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5054] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5056 attached
 <unfinished ...>
[pid  5056] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5056] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5056] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5054] <... clone3 resumed> => {parent_tid=[14]}, 88) = 14
[pid  5056] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5054] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5054] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5056] <... futex resumed>)        = 0
[pid  5054] <... futex resumed>)        = 1
[pid  5056] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[   90.123443][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.130786][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.138967][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.146685][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.154395][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.161800][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.169386][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5054] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5056] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5054] <... futex resumed>)        = 0
[pid  5054] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5054] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   90.179776][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.187745][ T5056] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.195219][ T5056] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.202799][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.210150][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.217591][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5056] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5054] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5054] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5054] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5054] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5054] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5054] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5057 attached
 <unfinished ...>
[pid  5057] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5054] <... clone3 resumed> => {parent_tid=[15]}, 88) = 15
[pid  5057] <... rseq resumed>)         = 0
[pid  5054] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5057] set_robust_list(0x7f8edac4a9a0, 24 <unfinished ...>
[pid  5054] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5057] <... set_robust_list resumed>) = 0
[pid  5054] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5057] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5054] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5057] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5058 attached
 <unfinished ...>
[pid  5058] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5057] <... clone3 resumed>)       = 16
[pid  5057] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5057] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5054] <... futex resumed>)        = 0
[   90.224954][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.233635][ T5056] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.241070][ T5056] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.248578][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.256147][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.264015][ T5056] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.271542][ T5056] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5056] <... write resumed>)        = 53248
[pid  5056] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   90.278915][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.286388][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.293981][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.301493][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.308947][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.316354][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.323878][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.331240][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.338820][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.346181][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.353689][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.361794][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.369614][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5056] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5058] +++ killed by SIGSEGV (core dumped) +++
[pid  5057] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5054] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=16, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5054] getpid()                    = 12
[pid  5054] rt_sigreturn({mask=[]})     = 0
[pid  5054] close(3)                    = 0
[pid  5054] close(4 <unfinished ...>
[pid  5057] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5054] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid  5054] close(5)                    = 0
[pid  5054] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5054] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5054] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5054] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5054] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(15)                   = -1 EBADF (Bad file descriptor)
[   90.377964][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.385782][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.393224][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.401038][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.408379][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.418512][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5054] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5054] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5054] exit_group(0)               = ?
[pid  5057] <... futex resumed>)        = ?
[pid  5056] <... futex resumed>)        = ?
[pid  5057] +++ exited with 0 +++
[pid  5056] +++ exited with 0 +++
[pid  5055] <... open resumed>)         = ?
[pid  5055] +++ exited with 0 +++
[pid  5054] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=16, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./2/binderfs")      = 0
[pid  5041] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[   90.425951][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.433427][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.440788][ T5055] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.449890][   T28] audit: type=1800 audit(1693646110.912:4): pid=5055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./2/file0")          = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./2")                = 0
[pid  5041] mkdir("./3", 0777)          = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5059 attached
, child_tidptr=0x5555572c4690) = 17
[pid  5059] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5059] chdir("./3")                = 0
[pid  5059] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5059] setpgid(0, 0)               = 0
[pid  5059] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5059] write(3, "1000", 4)         = 4
[pid  5059] close(3)                    = 0
[pid  5059] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5059] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5059] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5059] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5059] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5059] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5059] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5059] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5060 attached
 <unfinished ...>
[pid  5060] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5059] <... clone3 resumed> => {parent_tid=[18]}, 88) = 18
[pid  5060] <... rseq resumed>)         = 0
[pid  5059] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5060] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5059] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5060] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5059] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5060] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5060] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5059] <... futex resumed>)        = 0
[pid  5059] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5060] <... memfd_create resumed>) = 3
[pid  5060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5060] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5060] munmap(0x7f8edabec000, 524288) = 0
[pid  5060] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5060] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5060] close(3)                    = 0
[pid  5060] mkdir("./file0", 0777)      = 0
[pid  5060] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5060] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5060] chdir("./file0")            = 0
[pid  5060] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5060] close(4)                    = 0
[pid  5060] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5059] <... futex resumed>)        = 0
[pid  5059] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5060] <... futex resumed>)        = 1
[pid  5059] <... futex resumed>)        = 0
[pid  5060] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[   90.533428][ T5060] syz-executor354[5060]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   90.556181][ T5060] loop0: detected capacity change from 0 to 1024
[   90.574455][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5059] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5059] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5059] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5059] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5059] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5059] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[19]}, 88) = 19
[   90.582252][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.589885][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.597586][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.605689][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.613097][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.620772][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5059] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5059] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5059] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5061 attached
 <unfinished ...>
[pid  5061] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5061] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5061] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5061] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5061] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5059] <... futex resumed>)        = 0
[pid  5059] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5059] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5061] <... futex resumed>)        = 1
[   90.628151][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.635638][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.643135][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.650572][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.657963][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.665371][ T5061] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.672777][ T5061] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5061] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5059] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5059] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5059] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5059] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5059] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5059] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[20]}, 88) = 20
./strace-static-x86_64: Process 5062 attached
[pid  5059] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5059] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5059] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5062] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5062] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5062] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   90.680142][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.687676][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.695360][ T5061] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.703802][ T5061] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.711967][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.719360][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.727144][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5062] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5063 attached
) = 21
[pid  5063] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5062] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5062] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5059] <... futex resumed>)        = 0
[pid  5061] <... write resumed>)        = 53248
[pid  5061] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   90.734825][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.742296][ T5061] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.749659][ T5061] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.757142][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.765064][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.772789][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.780168][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.788064][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.795457][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.803397][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.810745][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.818577][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.826188][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5061] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5063] +++ killed by SIGSEGV (core dumped) +++
[pid  5062] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5062] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=21, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5062] getpid()                    = 17
[pid  5062] rt_sigreturn({mask=[]})     = 202
[   90.833701][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.841339][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.848778][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.856366][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.863784][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.871126][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5062] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5060] <... open resumed>)         = 4
[pid  5060] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5060] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5059] close(3)                    = 0
[pid  5059] close(4)                    = 0
[pid  5059] close(5)                    = 0
[pid  5059] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5059] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5059] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5059] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5059] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5059] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5059] exit_group(0 <unfinished ...>
[pid  5061] <... futex resumed>)        = ?
[pid  5060] <... futex resumed>)        = ?
[pid  5062] <... futex resumed>)        = ?
[pid  5061] +++ exited with 0 +++
[pid  5062] +++ exited with 0 +++
[pid  5059] <... exit_group resumed>)   = ?
[pid  5060] +++ exited with 0 +++
[pid  5059] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=21, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=8 /* 0.08 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./3/binderfs")      = 0
[pid  5041] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./3/file0")          = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./3")                = 0
[pid  5041] mkdir("./4", 0777)          = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[   90.878487][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.885838][ T5060] hfsplus: request for non-existent node 16777216 in B*Tree
[   90.893434][   T28] audit: type=1800 audit(1693646111.362:5): pid=5060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5064 attached
, child_tidptr=0x5555572c4690) = 22
[pid  5064] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5064] chdir("./4")                = 0
[pid  5064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5064] setpgid(0, 0)               = 0
[pid  5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "1000", 4)         = 4
[pid  5064] close(3)                    = 0
[pid  5064] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5064] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5064] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5064] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5064] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5064] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5064] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[23]}, 88) = 23
[pid  5064] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5064] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5064] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5065 attached
 <unfinished ...>
[pid  5065] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5065] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5065] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5065] memfd_create("syzkaller", 0) = 3
[pid  5065] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5065] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5065] munmap(0x7f8edabec000, 524288) = 0
[pid  5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5065] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5065] close(3)                    = 0
[pid  5065] mkdir("./file0", 0777)      = 0
[pid  5065] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5065] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5065] chdir("./file0")            = 0
[pid  5065] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5065] close(4)                    = 0
[pid  5065] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5064] <... futex resumed>)        = 0
[pid  5065] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5064] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5065] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5064] <... futex resumed>)        = 0
[   90.973070][ T5065] syz-executor354[5065]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   91.003313][ T5065] loop0: detected capacity change from 0 to 1024
[pid  5065] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[   91.022939][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.030474][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.038601][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.046679][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.054416][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.062015][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5064] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5064] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5064] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5064] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5064] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5066 attached
 => {parent_tid=[24]}, 88) = 24
[pid  5066] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5064] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5066] set_robust_list(0x7f8edac6b9a0, 24 <unfinished ...>
[pid  5064] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5066] <... set_robust_list resumed>) = 0
[pid  5064] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5066] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5064] <... futex resumed>)        = 0
[pid  5066] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5064] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5066] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5066] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5064] <... futex resumed>)        = 0
[pid  5066] <... futex resumed>)        = 1
[pid  5066] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5064] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5066] <... futex resumed>)        = 0
[pid  5066] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5064] <... futex resumed>)        = 1
[   91.069583][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.078206][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.085864][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.093728][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.101457][ T5066] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.108782][ T5066] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5064] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5064] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5064] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5064] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5064] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5064] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5064] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[25]}, 88) = 25
[pid  5064] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5064] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5064] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5067 attached
 <unfinished ...>
[pid  5067] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5067] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5067] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5067] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5068 attached
 <unfinished ...>
[pid  5068] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5067] <... clone3 resumed>)       = 26
[pid  5067] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5064] <... futex resumed>)        = 0
[   91.116712][ T5066] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.124138][ T5066] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.132712][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.140302][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.148184][ T5066] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.156096][ T5066] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.163975][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5067] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5066] <... write resumed>)        = 53248
[pid  5066] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   91.172158][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.180384][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.188294][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.196054][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.203953][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.211743][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.219348][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.227052][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.235042][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.243100][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.250446][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.257976][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.265638][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5066] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5068] +++ killed by SIGSEGV (core dumped) +++
[pid  5067] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5067] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=26, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5067] getpid()                    = 22
[pid  5067] rt_sigreturn({mask=[]})     = 202
[   91.273587][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.281145][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.288532][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.296127][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.303815][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.311216][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5067] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5065] <... open resumed>)         = 4
[pid  5065] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5065] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5064] close(3)                    = 0
[pid  5064] close(4)                    = 0
[pid  5064] close(5)                    = 0
[pid  5064] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5064] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5064] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5064] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5064] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5064] exit_group(0 <unfinished ...>
[pid  5067] <... futex resumed>)        = ?
[pid  5066] <... futex resumed>)        = ?
[pid  5065] <... futex resumed>)        = ?
[pid  5066] +++ exited with 0 +++
[pid  5065] +++ exited with 0 +++
[pid  5067] +++ exited with 0 +++
[pid  5064] <... exit_group resumed>)   = ?
[pid  5064] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=26, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./4/binderfs")      = 0
[   91.318727][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.326057][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.333454][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.340739][ T5065] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.349499][   T28] audit: type=1800 audit(1693646111.812:6): pid=5065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./4/file0")          = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./4")                = 0
[pid  5041] mkdir("./5", 0777)          = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 27
./strace-static-x86_64: Process 5069 attached
[pid  5069] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5069] chdir("./5")                = 0
[pid  5069] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5069] setpgid(0, 0)               = 0
[pid  5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5069] write(3, "1000", 4)         = 4
[pid  5069] close(3)                    = 0
[pid  5069] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5069] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5069] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5069] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5069] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5069] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5069] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5069] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[28]}, 88) = 28
./strace-static-x86_64: Process 5070 attached
[pid  5069] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5069] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5069] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5070] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5070] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5070] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5070] memfd_create("syzkaller", 0) = 3
[pid  5070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5070] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5070] munmap(0x7f8edabec000, 524288) = 0
[pid  5070] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5070] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5070] close(3)                    = 0
[pid  5070] mkdir("./file0", 0777)      = 0
[pid  5070] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5070] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5070] chdir("./file0")            = 0
[pid  5070] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5070] close(4)                    = 0
[pid  5070] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5069] <... futex resumed>)        = 0
[pid  5070] <... futex resumed>)        = 1
[pid  5069] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5070] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5069] <... futex resumed>)        = 0
[   91.445165][ T5070] syz-executor354[5070]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   91.470617][ T5070] loop0: detected capacity change from 0 to 1024
[   91.488198][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5069] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[   91.496057][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.503859][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.511559][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.519222][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.526689][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.534455][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5069] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5069] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5069] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5069] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5069] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[29]}, 88) = 29
[pid  5069] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5069] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5069] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5071 attached
 <unfinished ...>
[pid  5071] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5071] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5071] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5071] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5071] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5069] <... futex resumed>)        = 0
[pid  5071] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5069] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5071] <... futex resumed>)        = 0
[pid  5069] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   91.541883][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.549268][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.556679][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.564122][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.571679][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.579247][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.586632][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5071] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5069] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5069] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5069] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5069] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5069] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5069] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[30]}, 88) = 30
[pid  5069] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5069] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5069] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5072 attached
[   91.594053][ T5071] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.601546][ T5071] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.609102][ T5071] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.616443][ T5071] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.624081][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.631577][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.638953][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
 <unfinished ...>
[pid  5072] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5072] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5072] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5072] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 31
[pid  5072] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5073 attached
) = 1
[pid  5069] <... futex resumed>)        = 0
[pid  5072] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5073] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5071] <... write resumed>)        = 53248
[pid  5071] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   91.646759][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.654261][ T5071] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.662113][ T5071] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.669803][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.680246][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.688187][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.695641][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.703267][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.710586][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.718039][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.725388][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.732858][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.740262][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.747738][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.755093][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.762883][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.770212][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.777668][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.785010][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5071] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5070] <... open resumed>)         = 4
[pid  5070] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5070] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5073] +++ killed by SIGSEGV (core dumped) +++
[pid  5072] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5072] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=31, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5069] close(3 <unfinished ...>
[pid  5072] getpid( <unfinished ...>
[pid  5069] <... close resumed>)        = 0
[pid  5072] <... getpid resumed>)       = 27
[pid  5069] close(4 <unfinished ...>
[pid  5072] rt_sigreturn({mask=[]} <unfinished ...>
[pid  5069] <... close resumed>)        = 0
[pid  5072] <... rt_sigreturn resumed>) = 202
[pid  5069] close(5 <unfinished ...>
[pid  5072] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5069] <... close resumed>)        = 0
[pid  5069] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5069] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5069] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5069] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5069] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5069] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5069] exit_group(0 <unfinished ...>
[pid  5072] <... futex resumed>)        = ?
[pid  5071] <... futex resumed>)        = ?
[pid  5070] <... futex resumed>)        = ?
[pid  5069] <... exit_group resumed>)   = ?
[pid  5072] +++ exited with 0 +++
[pid  5071] +++ exited with 0 +++
[pid  5070] +++ exited with 0 +++
[pid  5069] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=31, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./5/binderfs")      = 0
[pid  5041] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   91.792474][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.799785][ T5070] hfsplus: request for non-existent node 16777216 in B*Tree
[   91.809504][   T28] audit: type=1800 audit(1693646112.272:7): pid=5070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./5/file0")          = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./5")                = 0
[pid  5041] mkdir("./6", 0777)          = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5074 attached
, child_tidptr=0x5555572c4690) = 32
[pid  5074] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5074] chdir("./6")                = 0
[pid  5074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5074] setpgid(0, 0)               = 0
[pid  5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5074] write(3, "1000", 4)         = 4
[pid  5074] close(3)                    = 0
[pid  5074] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5074] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5074] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5074] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5074] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5074] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5074] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5074] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[33]}, 88) = 33
[pid  5074] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5074] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5074] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5075 attached
 <unfinished ...>
[pid  5075] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5075] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5075] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5075] memfd_create("syzkaller", 0) = 3
[pid  5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5075] munmap(0x7f8edabec000, 524288) = 0
[pid  5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5075] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5075] close(3)                    = 0
[pid  5075] mkdir("./file0", 0777)      = 0
[pid  5075] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5075] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5075] chdir("./file0")            = 0
[pid  5075] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5075] close(4)                    = 0
[pid  5075] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5074] <... futex resumed>)        = 0
[pid  5075] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5074] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5075] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5074] <... futex resumed>)        = 0
[pid  5075] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[   91.941438][ T5075] syz-executor354[5075]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   91.973202][ T5075] loop0: detected capacity change from 0 to 1024
[   92.004605][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.012155][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.019573][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.041015][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5074] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5074] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5074] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5074] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5074] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5074] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[34]}, 88) = 34
./strace-static-x86_64: Process 5076 attached
[pid  5074] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5074] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5074] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5076] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5076] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5076] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5076] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5076] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5074] <... futex resumed>)        = 0
[pid  5076] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5074] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5074] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5076] <... futex resumed>)        = 0
[   92.048448][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.055875][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.063633][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.071206][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.080850][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.088285][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.095766][ T5076] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5076] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5074] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5074] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5074] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5074] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5074] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5074] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5077 attached
 <unfinished ...>
[pid  5077] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5074] <... clone3 resumed> => {parent_tid=[35]}, 88) = 35
[pid  5074] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5074] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5074] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5077] <... rseq resumed>)         = 0
[pid  5077] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5077] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5077] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 36
[   92.103601][ T5076] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.111373][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.118777][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.126262][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.133817][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.141460][ T5076] hfsplus: request for non-existent node 16777216 in B*Tree
./strace-static-x86_64: Process 5078 attached
[pid  5077] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5078] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5077] <... futex resumed>)        = 1
[pid  5077] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5074] <... futex resumed>)        = 0
[   92.148783][ T5076] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.165799][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.183930][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5076] <... write resumed>)        = 53248
[pid  5076] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   92.204182][ T5076] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.221167][ T5076] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.240936][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.248278][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5076] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5078] +++ killed by SIGSEGV (core dumped) +++
[pid  5077] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5077] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=36, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5077] getpid()                    = 32
[pid  5077] rt_sigreturn({mask=[]})     = 202
[   92.261801][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.269134][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.276938][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.287564][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.295173][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.302545][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5077] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5074] close(3)                    = 0
[pid  5074] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5074] close(5)                    = 0
[pid  5074] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5074] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5074] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5074] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5074] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5074] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5074] exit_group(0)               = ?
[pid  5077] <... futex resumed>)        = ?
[pid  5077] +++ exited with 0 +++
[pid  5076] <... futex resumed>)        = ?
[pid  5076] +++ exited with 0 +++
[   92.309944][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.317439][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.324938][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.332291][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.339786][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.347527][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.355086][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.362841][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.370323][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.377935][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.385459][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.393165][ T5075] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5075] <... open resumed>)         = ?
[pid  5075] +++ exited with 0 +++
[pid  5074] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=36, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./6/binderfs")      = 0
[pid  5041] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./6/file0")          = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./6")                = 0
[pid  5041] mkdir("./7", 0777)          = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5079 attached
, child_tidptr=0x5555572c4690) = 37
[pid  5079] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5079] chdir("./7")                = 0
[pid  5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5079] setpgid(0, 0)               = 0
[pid  5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5079] write(3, "1000", 4)         = 4
[pid  5079] close(3)                    = 0
[pid  5079] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5079] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5079] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5079] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5079] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5079] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5079] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[38]}, 88) = 38
[pid  5079] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
./strace-static-x86_64: Process 5080 attached
[pid  5079] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5080] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5079] <... futex resumed>)        = 0
[pid  5080] <... rseq resumed>)         = 0
[pid  5079] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5080] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5080] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   92.400754][   T28] audit: type=1800 audit(1693646112.862:8): pid=5075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5080] memfd_create("syzkaller", 0) = 3
[pid  5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5080] munmap(0x7f8edabec000, 524288) = 0
[pid  5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5080] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5080] close(3)                    = 0
[pid  5080] mkdir("./file0", 0777)      = 0
[pid  5080] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5080] chdir("./file0")            = 0
[pid  5080] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5080] close(4)                    = 0
[pid  5080] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5080] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5079] <... futex resumed>)        = 0
[pid  5079] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5080] <... futex resumed>)        = 0
[pid  5080] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5079] <... futex resumed>)        = 1
[   92.467042][ T5080] syz-executor354[5080]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   92.491261][ T5080] loop0: detected capacity change from 0 to 1024
[   92.509371][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5079] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[   92.517015][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.524695][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.532482][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.539867][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.547316][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.555113][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5079] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5079] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5079] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5079] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[39]}, 88) = 39
[pid  5079] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5079] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5079] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5081 attached
 <unfinished ...>
[pid  5081] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5081] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5081] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5081] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5081] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5079] <... futex resumed>)        = 0
[pid  5081] <... futex resumed>)        = 1
[pid  5079] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5081] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[   92.563015][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.570454][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.577848][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.585292][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.592671][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.600068][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.607467][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5079] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5079] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5079] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5079] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5079] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[40]}, 88) = 40
[pid  5079] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5079] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5079] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5082 attached
 <unfinished ...>
[pid  5082] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5082] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5082] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   92.614903][ T5081] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.622367][ T5081] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.629743][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.637161][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.644579][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.651922][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.659292][ T5081] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5082] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 41
[pid  5082] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5082] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5079] <... futex resumed>)        = 0
./strace-static-x86_64: Process 5083 attached
[pid  5083] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5081] <... write resumed>)        = 53248
[pid  5081] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   92.667150][ T5081] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.674651][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.685268][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.692907][ T5081] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.700709][ T5081] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.708978][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.719489][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.727535][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.735470][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.743405][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.752532][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.760353][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.768485][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.776303][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.784427][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.792131][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.799752][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.807410][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5081] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5083] +++ killed by SIGSEGV (core dumped) +++
[pid  5082] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5082] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=41, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5082] getpid()                    = 37
[pid  5082] rt_sigreturn({mask=[]})     = 202
[pid  5080] <... open resumed>)         = 4
[pid  5082] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5080] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5080] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5079] close(3)                    = 0
[pid  5079] close(4)                    = 0
[pid  5079] close(5)                    = 0
[pid  5079] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5079] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5079] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5079] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5079] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5079] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5079] exit_group(0)               = ?
[pid  5082] <... futex resumed>)        = ?
[pid  5081] <... futex resumed>)        = ?
[pid  5082] +++ exited with 0 +++
[pid  5081] +++ exited with 0 +++
[pid  5080] <... futex resumed>)        = ?
[pid  5080] +++ exited with 0 +++
[pid  5079] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=41, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
[pid  5041] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./7/binderfs")      = 0
[   92.815181][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.823003][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.830315][ T5080] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.841801][   T28] audit: type=1800 audit(1693646113.302:9): pid=5080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./7/file0")          = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./7")                = 0
[pid  5041] mkdir("./8", 0777)          = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5084 attached
, child_tidptr=0x5555572c4690) = 42
[pid  5084] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5084] chdir("./8")                = 0
[pid  5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5084] setpgid(0, 0)               = 0
[pid  5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5084] write(3, "1000", 4)         = 4
[pid  5084] close(3)                    = 0
[pid  5084] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5084] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5084] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5084] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5084] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5084] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5084] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5085 attached
 => {parent_tid=[43]}, 88) = 43
[pid  5085] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5085] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5085] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5085] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5084] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5084] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5085] <... futex resumed>)        = 0
[pid  5085] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5084] <... futex resumed>)        = 1
[pid  5084] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5085] <... memfd_create resumed>) = 3
[pid  5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5085] munmap(0x7f8edabec000, 524288) = 0
[pid  5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5085] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5085] close(3)                    = 0
[pid  5085] mkdir("./file0", 0777)      = 0
[pid  5085] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5085] chdir("./file0")            = 0
[pid  5085] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5085] close(4)                    = 0
[pid  5085] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5084] <... futex resumed>)        = 0
[pid  5084] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5084] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5085] <... futex resumed>)        = 1
[   92.917851][ T5085] syz-executor354[5085]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   92.943541][ T5085] loop0: detected capacity change from 0 to 1024
[pid  5085] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5084] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   92.964038][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.971848][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.979639][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.987310][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   92.995408][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.002987][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.010688][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5084] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5084] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5084] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5084] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5086 attached
 <unfinished ...>
[pid  5086] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5086] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5086] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5086] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5084] <... clone3 resumed> => {parent_tid=[44]}, 88) = 44
[pid  5084] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5084] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5086] <... futex resumed>)        = 0
[pid  5086] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 <unfinished ...>
[pid  5084] <... futex resumed>)        = 1
[pid  5084] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5086] <... openat resumed>)       = 5
[pid  5086] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5084] <... futex resumed>)        = 0
[pid  5084] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5084] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5086] <... futex resumed>)        = 1
[   93.018313][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.029040][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.036553][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.044354][ T5086] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.051720][ T5086] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.059073][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5086] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5084] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5084] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5084] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5084] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5084] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[45]}, 88) = 45
./strace-static-x86_64: Process 5087 attached
[pid  5084] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5084] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5084] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5087] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5087] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5087] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5087] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 46
[pid  5087] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5087] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5084] <... futex resumed>)        = 0
./strace-static-x86_64: Process 5088 attached
[pid  5088] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[   93.067492][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.074960][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.082342][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.090010][ T5086] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.097416][ T5086] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.106067][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5086] <... write resumed>)        = 53248
[pid  5086] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   93.113667][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.121475][ T5086] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.128802][ T5086] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.136356][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.143866][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.151318][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.158627][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.166073][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.173425][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.181022][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.188342][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.195781][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.203275][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.210673][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.218019][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.225433][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.232782][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.240189][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.247527][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.254961][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.262337][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5086] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5085] <... open resumed>)         = 4
[pid  5088] +++ killed by SIGSEGV (core dumped) +++
[pid  5087] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5085] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=46, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5085] getpid()                    = 42
[pid  5085] rt_sigreturn({mask=[]} <unfinished ...>
[pid  5087] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5085] <... rt_sigreturn resumed>) = 4
[pid  5085] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5085] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5084] close(3)                    = 0
[pid  5084] close(4)                    = 0
[pid  5084] close(5)                    = 0
[pid  5084] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5084] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5084] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5084] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5084] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5084] exit_group(0 <unfinished ...>
[pid  5086] <... futex resumed>)        = ?
[pid  5085] <... futex resumed>)        = ?
[pid  5084] <... exit_group resumed>)   = ?
[pid  5087] <... futex resumed>)        = ?
[pid  5086] +++ exited with 0 +++
[pid  5085] +++ exited with 0 +++
[pid  5087] +++ exited with 0 +++
[pid  5084] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=46, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./8/binderfs")      = 0
[   93.269719][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.277050][ T5085] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.286119][   T28] audit: type=1800 audit(1693646113.752:10): pid=5085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./8/file0")          = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./8")                = 0
[pid  5041] mkdir("./9", 0777)          = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 47
./strace-static-x86_64: Process 5089 attached
[pid  5089] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5089] chdir("./9")                = 0
[pid  5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5089] setpgid(0, 0)               = 0
[pid  5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5089] write(3, "1000", 4)         = 4
[pid  5089] close(3)                    = 0
[pid  5089] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5089] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5089] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5089] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5089] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5089] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5089] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[48]}, 88) = 48
./strace-static-x86_64: Process 5090 attached
[pid  5090] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5089] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5090] set_robust_list(0x7f8ee300c9a0, 24 <unfinished ...>
[pid  5089] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5089] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5090] <... set_robust_list resumed>) = 0
[pid  5089] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5090] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5090] memfd_create("syzkaller", 0) = 3
[pid  5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5090] munmap(0x7f8edabec000, 524288) = 0
[pid  5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5090] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5090] close(3)                    = 0
[pid  5090] mkdir("./file0", 0777)      = 0
[pid  5090] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5090] chdir("./file0")            = 0
[pid  5090] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5090] close(4)                    = 0
[pid  5090] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5089] <... futex resumed>)        = 0
[pid  5089] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5089] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   93.378583][ T5090] syz-executor354[5090]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   93.402075][ T5090] loop0: detected capacity change from 0 to 1024
[pid  5090] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5089] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5089] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5089] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5089] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5089] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5091 attached
 <unfinished ...>
[   93.427305][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.434989][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.443024][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.450421][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.457903][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.466094][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5091] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5089] <... clone3 resumed> => {parent_tid=[49]}, 88) = 49
[pid  5091] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5089] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5091] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5089] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5091] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5089] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5091] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5089] <... futex resumed>)        = 0
[pid  5089] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5091] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5089] <... futex resumed>)        = 0
[pid  5089] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5089] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5091] <... futex resumed>)        = 1
[   93.474699][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.482656][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.490062][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.497528][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.504920][ T5091] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.512284][ T5091] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.519644][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5091] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5089] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5089] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5089] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5089] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5089] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[50]}, 88) = 50
[pid  5089] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5089] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5089] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5092 attached
 <unfinished ...>
[pid  5092] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5092] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5092] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5092] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5093 attached
 <unfinished ...>
[pid  5093] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5092] <... clone3 resumed>)       = 51
[   93.527024][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.534590][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.542125][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.551655][ T5091] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.559244][ T5091] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.568912][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5092] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5089] <... futex resumed>)        = 0
[pid  5092] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5091] <... write resumed>)        = 53248
[pid  5091] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   93.577492][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.585333][ T5091] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.592968][ T5091] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.601087][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.609363][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.617512][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.625173][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.632678][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.640184][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.648333][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.656277][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.663990][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.671563][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5091] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5093] +++ killed by SIGSEGV (core dumped) +++
[pid  5089] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=51, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5089] getpid()                    = 47
[pid  5089] rt_sigreturn({mask=[]})     = 0
[pid  5092] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[   93.679388][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.686781][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.694220][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.702020][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.709442][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.716788][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5092] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5090] <... open resumed>)         = 4
[pid  5090] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5089] close(3 <unfinished ...>
[pid  5090] <... futex resumed>)        = 0
[pid  5089] <... close resumed>)        = 0
[pid  5090] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5089] close(4)                    = 0
[pid  5089] close(5)                    = 0
[pid  5089] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5089] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5089] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5089] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5089] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5089] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5089] exit_group(0 <unfinished ...>
[pid  5092] <... futex resumed>)        = ?
[pid  5091] <... futex resumed>)        = ?
[pid  5090] <... futex resumed>)        = ?
[pid  5089] <... exit_group resumed>)   = ?
[pid  5092] +++ exited with 0 +++
[pid  5090] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=51, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
[pid  5091] +++ exited with 0 +++
[pid  5089] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=47, si_uid=0, si_status=0, si_utime=0, si_stime=39 /* 0.39 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./9/binderfs")      = 0
[   93.724325][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.731662][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.739066][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.746406][ T5090] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.754911][   T28] audit: type=1800 audit(1693646114.222:11): pid=5090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./9/file0")          = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./9")                = 0
[pid  5041] mkdir("./10", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5094 attached
, child_tidptr=0x5555572c4690) = 52
[pid  5094] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5094] chdir("./10")               = 0
[pid  5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5094] setpgid(0, 0)               = 0
[pid  5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "1000", 4)         = 4
[pid  5094] close(3)                    = 0
[pid  5094] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5094] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5094] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5094] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5094] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5094] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5094] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5094] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[53]}, 88) = 53
[pid  5094] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5094] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5094] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5095 attached
 <unfinished ...>
[pid  5095] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5095] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5095] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5095] memfd_create("syzkaller", 0) = 3
[pid  5095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5095] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5095] munmap(0x7f8edabec000, 524288) = 0
[pid  5095] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5095] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5095] close(3)                    = 0
[pid  5095] mkdir("./file0", 0777)      = 0
[pid  5095] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5095] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5095] chdir("./file0")            = 0
[pid  5095] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5095] close(4)                    = 0
[pid  5095] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5094] <... futex resumed>)        = 0
[pid  5095] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5094] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5095] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5094] <... futex resumed>)        = 0
[pid  5095] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[   93.886422][ T5095] loop0: detected capacity change from 0 to 1024
[   93.903816][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.911741][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.919231][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.927119][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5094] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5094] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5094] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5094] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5094] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5094] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[54]}, 88) = 54
[pid  5094] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5094] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5094] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5096 attached
 <unfinished ...>
[pid  5096] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5096] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5096] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5096] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5096] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5096] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5094] <... futex resumed>)        = 0
[pid  5094] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5096] <... futex resumed>)        = 0
[pid  5094] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   93.935034][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.942924][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.950487][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.957974][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.965456][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.972876][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5096] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5094] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5094] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5094] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5094] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5094] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5094] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5097 attached
 => {parent_tid=[55]}, 88) = 55
[   93.980291][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.987657][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   93.995183][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.002581][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.010040][ T5096] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.017483][ T5096] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.025204][ T5096] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5094] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5097] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5094] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5097] <... rseq resumed>)         = 0
[pid  5094] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5097] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5094] <... futex resumed>)        = 0
[pid  5097] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5094] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5097] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5097] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 56
./strace-static-x86_64: Process 5098 attached
[pid  5098] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5097] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5094] <... futex resumed>)        = 0
[pid  5097] <... futex resumed>)        = 1
[pid  5097] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5096] <... write resumed>)        = 53248
[   94.032591][ T5096] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.039980][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.047952][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.056922][ T5096] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.064552][ T5096] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.072165][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.079731][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5096] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   94.087269][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.094764][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.102265][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.109825][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.117520][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.124946][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.132618][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.140172][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.147650][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.155419][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.163336][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.170954][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.178479][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5096] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5098] +++ killed by SIGSEGV (core dumped) +++
[pid  5097] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5097] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=56, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5097] getpid()                    = 52
[pid  5097] rt_sigreturn({mask=[]})     = 202
[pid  5097] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5095] <... open resumed>)         = 4
[pid  5095] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5095] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5094] close(3)                    = 0
[pid  5094] close(4)                    = 0
[pid  5094] close(5)                    = 0
[pid  5094] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5094] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5094] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5094] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5094] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5094] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5094] exit_group(0 <unfinished ...>
[pid  5097] <... futex resumed>)        = ?
[pid  5096] <... futex resumed>)        = ?
[pid  5096] +++ exited with 0 +++
[pid  5097] +++ exited with 0 +++
[pid  5095] <... futex resumed>)        = ?
[pid  5094] <... exit_group resumed>)   = ?
[pid  5095] +++ exited with 0 +++
[pid  5094] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=56, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./10/binderfs")     = 0
[   94.185834][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.193280][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.200826][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.208236][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.215579][ T5095] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5041] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./10/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./10")               = 0
[pid  5041] mkdir("./11", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5099 attached
, child_tidptr=0x5555572c4690) = 57
[pid  5099] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5099] chdir("./11")               = 0
[pid  5099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5099] setpgid(0, 0)               = 0
[pid  5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5099] write(3, "1000", 4)         = 4
[pid  5099] close(3)                    = 0
[pid  5099] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5099] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5099] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5099] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5099] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5099] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5099] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[58]}, 88) = 58
./strace-static-x86_64: Process 5100 attached
[pid  5099] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5099] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5099] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5100] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5100] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5100] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5100] memfd_create("syzkaller", 0) = 3
[pid  5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5100] munmap(0x7f8edabec000, 524288) = 0
[pid  5100] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5100] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5100] close(3)                    = 0
[pid  5100] mkdir("./file0", 0777)      = 0
[pid  5100] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5100] chdir("./file0")            = 0
[pid  5100] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5100] close(4)                    = 0
[pid  5100] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5100] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5099] <... futex resumed>)        = 0
[pid  5099] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5100] <... futex resumed>)        = 0
[pid  5100] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[   94.317759][ T5100] __do_sys_memfd_create: 1 callbacks suppressed
[   94.317779][ T5100] syz-executor354[5100]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   94.345500][ T5100] loop0: detected capacity change from 0 to 1024
[pid  5099] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5099] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5099] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5099] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5099] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5101 attached
 => {parent_tid=[59]}, 88) = 59
[pid  5101] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5099] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5101] set_robust_list(0x7f8edac6b9a0, 24 <unfinished ...>
[pid  5099] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5101] <... set_robust_list resumed>) = 0
[   94.367412][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.374957][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.383576][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.391307][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.398790][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.406824][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5099] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5101] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5099] <... futex resumed>)        = 0
[pid  5101] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5101] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5099] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5101] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5099] <... futex resumed>)        = 0
[pid  5099] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5099] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5101] <... futex resumed>)        = 1
[   94.414560][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.423237][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.432139][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.439782][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.447371][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.454787][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5101] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5099] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5099] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5099] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5099] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5099] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[60]}, 88) = 60
[pid  5099] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5099] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5102 attached
) = 0
[pid  5099] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5102] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5102] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5102] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5102] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5103 attached
 <unfinished ...>
[pid  5103] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5102] <... clone3 resumed>)       = 61
[pid  5102] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5099] <... futex resumed>)        = 0
[   94.462885][ T5101] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.470231][ T5101] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.477930][ T5101] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.486195][ T5101] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.495902][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.504434][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5102] <... futex resumed>)        = 1
[pid  5102] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5101] <... write resumed>)        = 53248
[pid  5101] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   94.512411][ T5101] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.520281][ T5101] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.528774][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.536819][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.544590][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.552236][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.559740][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.567443][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.574919][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.582738][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.590327][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.598057][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.605535][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5101] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5099] close(3)                    = 0
[pid  5099] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5099] close(5)                    = 0
[pid  5099] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5103] +++ killed by SIGSEGV (core dumped) +++
[pid  5102] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5099] close(7 <unfinished ...>
[pid  5102] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=61, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5099] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid  5102] getpid()                    = 57
[pid  5102] rt_sigreturn({mask=[]} <unfinished ...>
[pid  5099] close(8 <unfinished ...>
[pid  5102] <... rt_sigreturn resumed>) = 202
[pid  5102] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5099] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid  5099] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5099] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5099] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5099] exit_group(0 <unfinished ...>
[pid  5102] <... futex resumed>)        = ?
[pid  5102] +++ exited with 0 +++
[pid  5099] <... exit_group resumed>)   = ?
[pid  5101] <... futex resumed>)        = ?
[   94.613151][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.620562][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.628199][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.635656][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.643253][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.650687][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.659434][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5101] +++ exited with 0 +++
[pid  5100] <... open resumed>)         = ?
[pid  5100] +++ exited with 0 +++
[pid  5099] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=61, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=9 /* 0.09 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./11/binderfs")     = 0
[   94.667065][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.674596][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.682017][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.689569][ T5100] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.697758][   T28] kauditd_printk_skb: 1 callbacks suppressed
[pid  5041] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[   94.697783][   T28] audit: type=1800 audit(1693646115.162:13): pid=5100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] rmdir("./11/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./11")               = 0
[pid  5041] mkdir("./12", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5104 attached
, child_tidptr=0x5555572c4690) = 62
[pid  5104] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5104] chdir("./12")               = 0
[pid  5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5104] setpgid(0, 0)               = 0
[pid  5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5104] write(3, "1000", 4)         = 4
[pid  5104] close(3)                    = 0
[pid  5104] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5104] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5104] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5104] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5104] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5104] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5104] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[63]}, 88) = 63
./strace-static-x86_64: Process 5105 attached
[pid  5104] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5104] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5104] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5105] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5105] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5105] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5105] memfd_create("syzkaller", 0) = 3
[pid  5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5105] munmap(0x7f8edabec000, 524288) = 0
[pid  5105] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5105] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5105] close(3)                    = 0
[pid  5105] mkdir("./file0", 0777)      = 0
[pid  5105] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5105] chdir("./file0")            = 0
[pid  5105] ioctl(4, LOOP_CLR_FD)       = 0
[   94.790423][ T5105] syz-executor354[5105]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   94.814851][ T5105] loop0: detected capacity change from 0 to 1024
[   94.832431][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5105] close(4)                    = 0
[pid  5105] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5104] <... futex resumed>)        = 0
[pid  5105] <... futex resumed>)        = 1
[pid  5104] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5105] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5104] <... futex resumed>)        = 0
[   94.839766][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.847745][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.855921][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.863611][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.871597][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.879368][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5104] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5104] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5104] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5104] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5104] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5106 attached
 => {parent_tid=[64]}, 88) = 64
[pid  5106] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5104] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5106] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5104] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5106] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5104] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5106] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5104] <... futex resumed>)        = 0
[pid  5106] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 <unfinished ...>
[pid  5104] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5106] <... openat resumed>)       = 5
[pid  5106] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5104] <... futex resumed>)        = 0
[pid  5104] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5106] <... futex resumed>)        = 1
[pid  5104] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   94.887137][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.894903][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.902946][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.910319][ T5106] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.917760][ T5106] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.925382][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.932725][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5106] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5104] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5104] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5104] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5104] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5104] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[65]}, 88) = 65
[pid  5104] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5104] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5104] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5107 attached
 <unfinished ...>
[pid  5107] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5107] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5107] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5107] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5108 attached
) = 66
[pid  5107] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5107] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5108] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5104] <... futex resumed>)        = 0
[   94.940127][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.947658][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.955226][ T5106] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.963146][ T5106] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.971033][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.978834][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5106] <... write resumed>)        = 53248
[pid  5106] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   94.986603][ T5106] hfsplus: request for non-existent node 16777216 in B*Tree
[   94.994026][ T5106] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.001434][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.008777][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.016349][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.023733][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.033203][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.040575][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.048521][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.056094][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.063583][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.071286][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.078713][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5106] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5108] +++ killed by SIGSEGV (core dumped) +++
[pid  5107] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5107] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=66, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5107] getpid()                    = 62
[pid  5107] rt_sigreturn({mask=[]})     = 202
[   95.086414][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.093827][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.101431][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.108855][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.116475][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.123865][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.131447][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5107] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5105] <... open resumed>)         = 4
[pid  5105] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5104] close(3)                    = 0
[pid  5105] <... futex resumed>)        = 0
[pid  5104] close(4 <unfinished ...>
[pid  5105] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5104] <... close resumed>)        = 0
[pid  5104] close(5)                    = 0
[pid  5104] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5104] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5104] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5104] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5104] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5104] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5104] exit_group(0 <unfinished ...>
[pid  5107] <... futex resumed>)        = ?
[pid  5107] +++ exited with 0 +++
[pid  5105] <... futex resumed>)        = ?
[pid  5104] <... exit_group resumed>)   = ?
[pid  5105] +++ exited with 0 +++
[pid  5106] <... futex resumed>)        = ?
[pid  5106] +++ exited with 0 +++
[pid  5104] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=66, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./12/binderfs")     = 0
[pid  5041] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[   95.138909][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.146547][ T5105] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.155423][   T28] audit: type=1800 audit(1693646115.622:14): pid=5105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./12/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./12")               = 0
[pid  5041] mkdir("./13", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 67
./strace-static-x86_64: Process 5109 attached
[pid  5109] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5109] chdir("./13")               = 0
[pid  5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5109] setpgid(0, 0)               = 0
[pid  5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5109] write(3, "1000", 4)         = 4
[pid  5109] close(3)                    = 0
[pid  5109] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5109] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5109] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5109] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5109] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5109] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5109] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[68]}, 88) = 68
[pid  5109] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5109] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5109] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5110 attached
 <unfinished ...>
[pid  5110] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5110] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5110] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5110] memfd_create("syzkaller", 0) = 3
[pid  5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5110] munmap(0x7f8edabec000, 524288) = 0
[pid  5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5110] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5110] close(3)                    = 0
[pid  5110] mkdir("./file0", 0777)      = 0
[pid  5110] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5110] chdir("./file0")            = 0
[pid  5110] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5110] close(4)                    = 0
[pid  5110] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5109] <... futex resumed>)        = 0
[pid  5110] <... futex resumed>)        = 1
[   95.256554][ T5110] syz-executor354[5110]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   95.281871][ T5110] loop0: detected capacity change from 0 to 1024
[pid  5110] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5109] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5109] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[   95.302427][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.309759][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.317531][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.325313][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.332857][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.340267][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.347997][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5109] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5109] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5109] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5109] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[69]}, 88) = 69
[pid  5109] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5109] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5111 attached
) = 0
[pid  5109] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5111] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5111] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5111] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5111] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5111] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5109] <... futex resumed>)        = 0
[pid  5111] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5109] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5111] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5109] <... futex resumed>)        = 0
[pid  5111] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[   95.355396][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.362906][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.370251][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.377678][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.385050][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.392527][ T5111] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.399881][ T5111] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5109] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5109] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5109] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5109] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5109] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5112 attached
 => {parent_tid=[70]}, 88) = 70
[pid  5112] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5109] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5112] <... rseq resumed>)         = 0
[pid  5109] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5112] set_robust_list(0x7f8edac4a9a0, 24 <unfinished ...>
[pid  5109] <... futex resumed>)        = 0
[pid  5112] <... set_robust_list resumed>) = 0
[pid  5109] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5112] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   95.407521][ T5111] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.414832][ T5111] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.422441][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.430049][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.437550][ T5111] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.445317][ T5111] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5112] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5113 attached
 <unfinished ...>
[pid  5111] <... write resumed>)        = 53248
[pid  5113] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5112] <... clone3 resumed>)       = 71
[pid  5112] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5112] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5109] <... futex resumed>)        = 0
[pid  5111] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   95.452809][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.460127][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.468612][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.476590][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.485304][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.492711][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.500192][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.507834][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.515628][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.523027][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.530440][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.537825][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.545299][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5111] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5113] +++ killed by SIGSEGV (core dumped) +++
[pid  5112] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5112] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=71, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5112] getpid()                    = 67
[pid  5112] rt_sigreturn({mask=[]})     = 202
[   95.552644][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.560047][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.568046][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.575753][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.583645][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.591187][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.598536][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5112] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5110] <... open resumed>)         = 4
[pid  5110] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5110] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5109] close(3)                    = 0
[pid  5109] close(4)                    = 0
[pid  5109] close(5)                    = 0
[pid  5109] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5109] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5109] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5109] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5109] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5109] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5109] exit_group(0 <unfinished ...>
[pid  5112] <... futex resumed>)        = ?
[pid  5111] <... futex resumed>)        = ?
[pid  5110] <... futex resumed>)        = ?
[pid  5111] +++ exited with 0 +++
[pid  5110] +++ exited with 0 +++
[pid  5112] +++ exited with 0 +++
[pid  5109] <... exit_group resumed>)   = ?
[pid  5109] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=71, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./13/binderfs")     = 0
[pid  5041] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[   95.606036][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.613377][ T5110] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.622118][   T28] audit: type=1800 audit(1693646116.082:15): pid=5110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./13/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./13")               = 0
[pid  5041] mkdir("./14", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 72
./strace-static-x86_64: Process 5114 attached
[pid  5114] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5114] chdir("./14")               = 0
[pid  5114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5114] setpgid(0, 0)               = 0
[pid  5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5114] write(3, "1000", 4)         = 4
[pid  5114] close(3)                    = 0
[pid  5114] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5114] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5114] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5114] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5114] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5114] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5114] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5114] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[73]}, 88) = 73
[pid  5114] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5114] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5114] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5115 attached
 <unfinished ...>
[pid  5115] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5115] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5115] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5115] memfd_create("syzkaller", 0) = 3
[pid  5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5115] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5115] munmap(0x7f8edabec000, 524288) = 0
[pid  5115] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5115] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5115] close(3)                    = 0
[pid  5115] mkdir("./file0", 0777)      = 0
[pid  5115] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5115] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5115] chdir("./file0")            = 0
[pid  5115] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5115] close(4)                    = 0
[pid  5115] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5115] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5114] <... futex resumed>)        = 0
[pid  5114] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5115] <... futex resumed>)        = 0
[pid  5114] <... futex resumed>)        = 1
[pid  5115] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[   95.734002][ T5115] syz-executor354[5115]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   95.754130][ T5115] loop0: detected capacity change from 0 to 1024
[   95.775613][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5114] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5114] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5114] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5114] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5114] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5114] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[74]}, 88) = 74
[pid  5114] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5114] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5114] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5116 attached
 <unfinished ...>
[   95.783016][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.790420][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.797778][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.805372][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.812814][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.820394][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5116] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5116] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5116] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5116] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5116] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5114] <... futex resumed>)        = 0
[pid  5114] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5114] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5116] <... futex resumed>)        = 1
[   95.828233][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.835716][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.845788][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.853231][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.860628][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.868077][ T5116] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.876239][ T5116] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5116] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5114] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5114] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5114] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5114] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5114] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5114] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[75]}, 88) = 75
[pid  5114] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5114] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5114] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5117 attached
 <unfinished ...>
[pid  5117] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5117] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5117] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5117] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 76
./strace-static-x86_64: Process 5118 attached
[pid  5118] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5117] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5114] <... futex resumed>)        = 0
[pid  5117] <... futex resumed>)        = 1
[   95.883611][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.890958][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.901704][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.909024][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.916468][ T5116] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.927632][ T5116] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5117] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5116] <... write resumed>)        = 53248
[pid  5116] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   95.937227][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.945557][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.953374][ T5116] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.961624][ T5116] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.969397][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.978894][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.986696][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   95.995048][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.003144][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.010712][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.018818][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.026598][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5116] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5118] +++ killed by SIGSEGV (core dumped) +++
[pid  5117] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5117] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=76, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5117] getpid()                    = 72
[pid  5117] rt_sigreturn({mask=[]})     = 202
[   96.034280][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.042194][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.049855][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.057726][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.065402][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.072913][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.080323][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5117] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5115] <... open resumed>)         = 4
[pid  5115] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5115] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5114] close(3)                    = 0
[pid  5114] close(4)                    = 0
[pid  5114] close(5)                    = 0
[pid  5114] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5114] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5114] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5114] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5114] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5114] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5114] exit_group(0)               = ?
[pid  5115] <... futex resumed>)        = ?
[pid  5117] <... futex resumed>)        = ?
[pid  5117] +++ exited with 0 +++
[pid  5115] +++ exited with 0 +++
[pid  5116] <... futex resumed>)        = ?
[pid  5116] +++ exited with 0 +++
[pid  5114] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=76, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./14/binderfs")     = 0
[pid  5041] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[   96.087708][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.095369][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.102916][ T5115] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.110615][   T28] audit: type=1800 audit(1693646116.572:16): pid=5115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] rmdir("./14/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./14")               = 0
[pid  5041] mkdir("./15", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5119 attached
, child_tidptr=0x5555572c4690) = 77
[pid  5119] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5119] chdir("./15")               = 0
[pid  5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5119] setpgid(0, 0)               = 0
[pid  5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5119] write(3, "1000", 4)         = 4
[pid  5119] close(3)                    = 0
[pid  5119] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5119] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5119] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5119] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5119] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5119] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5119] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5119] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5120 attached
 => {parent_tid=[78]}, 88) = 78
[pid  5120] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5119] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5120] set_robust_list(0x7f8ee300c9a0, 24 <unfinished ...>
[pid  5119] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5120] <... set_robust_list resumed>) = 0
[pid  5120] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5119] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5120] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5119] <... futex resumed>)        = 0
[pid  5120] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5119] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5120] <... memfd_create resumed>) = 3
[pid  5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5120] munmap(0x7f8edabec000, 524288) = 0
[pid  5120] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5120] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5120] close(3)                    = 0
[pid  5120] mkdir("./file0", 0777)      = 0
[pid  5120] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5120] chdir("./file0")            = 0
[pid  5120] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5120] close(4)                    = 0
[pid  5120] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5119] <... futex resumed>)        = 0
[pid  5119] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5119] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5120] <... futex resumed>)        = 1
[   96.184032][ T5120] syz-executor354[5120]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   96.207056][ T5120] loop0: detected capacity change from 0 to 1024
[pid  5120] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5119] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5119] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5119] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5119] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5119] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5119] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[79]}, 88) = 79
[pid  5119] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5119] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5119] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5121 attached
[   96.240445][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.248107][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.255905][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.263631][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.271076][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.278368][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
 <unfinished ...>
[pid  5121] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5121] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5121] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5121] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5121] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5119] <... futex resumed>)        = 0
[pid  5121] <... futex resumed>)        = 1
[pid  5121] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5119] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5121] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5121] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[   96.286173][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.294234][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.302579][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.309884][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.317509][ T5121] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.324967][ T5121] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.332590][ T5121] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5119] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5119] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5119] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5119] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5119] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5119] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[80]}, 88) = 80
[pid  5119] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5119] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5119] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5122 attached
 <unfinished ...>
[pid  5122] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5122] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5122] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5122] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5123 attached
 <unfinished ...>
[pid  5123] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5122] <... clone3 resumed>)       = 81
[pid  5122] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5122] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5119] <... futex resumed>)        = 0
[   96.339886][ T5121] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.347429][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.355818][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.364009][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.371729][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.379173][ T5121] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5121] <... write resumed>)        = 53248
[pid  5121] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   96.389154][ T5121] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.396964][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.406136][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.414129][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.421613][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.429175][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5121] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5123] +++ killed by SIGSEGV (core dumped) +++
[pid  5122] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5122] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=81, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5122] getpid()                    = 77
[pid  5122] rt_sigreturn({mask=[]})     = 202
[   96.436638][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.444210][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.451666][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.459370][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.466750][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.474357][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.481694][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.489115][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.496458][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.504314][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.511649][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.519067][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.526425][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.533826][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5122] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5120] <... open resumed>)         = 4
[pid  5120] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5120] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5119] close(3)                    = 0
[pid  5119] close(4)                    = 0
[pid  5119] close(5)                    = 0
[pid  5119] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5119] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5119] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5119] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5119] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5119] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5119] exit_group(0 <unfinished ...>
[pid  5121] <... futex resumed>)        = ?
[pid  5120] <... futex resumed>)        = ?
[pid  5121] +++ exited with 0 +++
[pid  5120] +++ exited with 0 +++
[pid  5119] <... exit_group resumed>)   = ?
[pid  5122] <... futex resumed>)        = ?
[pid  5122] +++ exited with 0 +++
[pid  5119] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=81, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./15/binderfs")     = 0
[pid  5041] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[   96.541236][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.548610][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.555942][ T5120] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.564501][   T28] audit: type=1800 audit(1693646117.032:17): pid=5120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./15/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./15")               = 0
[pid  5041] mkdir("./16", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5124 attached
, child_tidptr=0x5555572c4690) = 82
[pid  5124] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5124] chdir("./16")               = 0
[pid  5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5124] setpgid(0, 0)               = 0
[pid  5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5124] write(3, "1000", 4)         = 4
[pid  5124] close(3)                    = 0
[pid  5124] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5124] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5124] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5124] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5124] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5124] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5124] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5125 attached
 => {parent_tid=[83]}, 88) = 83
[pid  5125] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5124] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5125] <... rseq resumed>)         = 0
[pid  5125] set_robust_list(0x7f8ee300c9a0, 24 <unfinished ...>
[pid  5124] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5125] <... set_robust_list resumed>) = 0
[pid  5124] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5125] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5124] <... futex resumed>)        = 0
[pid  5125] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5124] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5125] memfd_create("syzkaller", 0) = 3
[pid  5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5125] munmap(0x7f8edabec000, 524288) = 0
[pid  5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5125] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5125] close(3)                    = 0
[pid  5125] mkdir("./file0", 0777)      = 0
[pid  5125] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5125] chdir("./file0")            = 0
[pid  5125] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5125] close(4)                    = 0
[pid  5125] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5124] <... futex resumed>)        = 0
[pid  5124] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5124] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   96.662303][ T5125] syz-executor354[5125]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   96.687204][ T5125] loop0: detected capacity change from 0 to 1024
[pid  5125] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5124] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5124] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[   96.714784][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.722590][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.730269][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.738187][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.746177][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.754127][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5124] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5124] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5124] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5126 attached
 <unfinished ...>
[pid  5126] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5124] <... clone3 resumed> => {parent_tid=[84]}, 88) = 84
[pid  5124] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5124] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5124] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5126] <... rseq resumed>)         = 0
[pid  5126] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5126] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5126] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5126] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5124] <... futex resumed>)        = 0
[pid  5124] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5124] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5126] <... futex resumed>)        = 1
[   96.761815][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.769136][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.778006][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.785398][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.792921][ T5126] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.800260][ T5126] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.807955][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5126] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5124] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5124] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5124] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5124] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5124] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[85]}, 88) = 85
[pid  5124] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5124] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5124] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5127 attached
 <unfinished ...>
[pid  5127] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5127] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5127] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5127] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 86
./strace-static-x86_64: Process 5128 attached
[pid  5127] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5127] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5128] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5124] <... futex resumed>)        = 0
[   96.815436][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.822958][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.830301][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.841302][ T5126] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.848888][ T5126] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.857883][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5126] <... write resumed>)        = 53248
[pid  5126] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   96.865311][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.872722][ T5126] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.880142][ T5126] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.888361][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.896065][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.904209][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.911563][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.918952][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.926293][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.935058][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.942394][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.949807][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.957249][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.964663][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.972029][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.979432][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.986876][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   96.994339][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.001680][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.009055][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5126] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5124] close(3)                    = 0
[pid  5124] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5124] close(5)                    = 0
[pid  5124] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5124] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5124] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5124] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5124] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5124] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5124] exit_group(0 <unfinished ...>
[pid  5125] <... open resumed>)         = 4
[pid  5125] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5125] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5128] +++ killed by SIGSEGV (core dumped) +++
[pid  5127] <... futex resumed>)        = ?
[pid  5126] <... futex resumed>)        = ?
[pid  5124] <... exit_group resumed>)   = ?
[pid  5125] <... futex resumed>)        = ?
[pid  5125] +++ exited with 0 +++
[pid  5126] +++ exited with 0 +++
[pid  5127] +++ exited with 0 +++
[pid  5124] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=86, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
[pid  5041] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./16/binderfs")     = 0
[   97.016395][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.025682][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.033220][ T5125] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.043037][   T28] audit: type=1800 audit(1693646117.512:18): pid=5125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./16/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./16")               = 0
[pid  5041] mkdir("./17", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5129 attached
, child_tidptr=0x5555572c4690) = 87
[pid  5129] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5129] chdir("./17")               = 0
[pid  5129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5129] setpgid(0, 0)               = 0
[pid  5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5129] write(3, "1000", 4)         = 4
[pid  5129] close(3)                    = 0
[pid  5129] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5129] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5129] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5129] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5129] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5129] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5129] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5129] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5130 attached
 <unfinished ...>
[pid  5130] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5129] <... clone3 resumed> => {parent_tid=[88]}, 88) = 88
[pid  5130] <... rseq resumed>)         = 0
[pid  5129] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5129] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5130] set_robust_list(0x7f8ee300c9a0, 24 <unfinished ...>
[pid  5129] <... futex resumed>)        = 0
[pid  5130] <... set_robust_list resumed>) = 0
[pid  5129] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5130] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5130] memfd_create("syzkaller", 0) = 3
[pid  5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5130] munmap(0x7f8edabec000, 524288) = 0
[pid  5130] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5130] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5130] close(3)                    = 0
[pid  5130] mkdir("./file0", 0777)      = 0
[pid  5130] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5130] chdir("./file0")            = 0
[pid  5130] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5130] close(4)                    = 0
[pid  5130] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5129] <... futex resumed>)        = 0
[pid  5129] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5130] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5129] <... futex resumed>)        = 0
[   97.144136][ T5130] syz-executor354[5130]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   97.171845][ T5130] loop0: detected capacity change from 0 to 1024
[pid  5129] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5129] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5129] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5129] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5129] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[   97.193844][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.201803][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.209154][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.216523][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.224440][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.231980][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5129] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5129] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[89]}, 88) = 89
[pid  5129] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5129] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
./strace-static-x86_64: Process 5131 attached
[pid  5131] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5129] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5131] <... rseq resumed>)         = 0
[pid  5131] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5131] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5131] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5131] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5129] <... futex resumed>)        = 0
[pid  5129] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5129] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5131] <... futex resumed>)        = 1
[   97.239490][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.247810][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.256319][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.263667][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.271085][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.278469][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.282004][   T54] cfg80211: failed to load regulatory.db
[pid  5131] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5129] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5129] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5129] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5129] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5129] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5129] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5133 attached
 <unfinished ...>
[pid  5133] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5129] <... clone3 resumed> => {parent_tid=[90]}, 88) = 90
[pid  5133] <... rseq resumed>)         = 0
[pid  5129] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5133] set_robust_list(0x7f8edac4a9a0, 24 <unfinished ...>
[pid  5129] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5133] <... set_robust_list resumed>) = 0
[pid  5129] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5133] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5129] <... futex resumed>)        = 0
[pid  5133] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5133] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88 <unfinished ...>
[pid  5129] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5134 attached
 <unfinished ...>
[pid  5134] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5133] <... clone3 resumed>)       = 91
[pid  5133] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5129] <... futex resumed>)        = 0
[   97.288278][ T5131] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.298777][ T5131] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.307655][ T5131] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.317464][ T5131] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.324880][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.332752][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5133] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5131] <... write resumed>)        = 53248
[pid  5131] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   97.340969][ T5131] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.348782][ T5131] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.357651][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.365362][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.372797][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.380106][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.387557][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.394889][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.402323][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.409635][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.417233][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.424598][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.432032][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5131] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5134] +++ killed by SIGSEGV (core dumped) +++
[pid  5133] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5133] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=91, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5133] getpid()                    = 87
[pid  5133] rt_sigreturn({mask=[]})     = 202
[pid  5133] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5129] close(3)                    = 0
[pid  5129] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5129] close(5)                    = 0
[pid  5129] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5129] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5129] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5129] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5129] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(11)                   = -1 EBADF (Bad file descriptor)
[   97.439352][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.446803][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.454134][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.461573][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.468963][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.476617][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.484049][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5129] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5129] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5129] exit_group(0)               = ?
[pid  5131] <... futex resumed>)        = ?
[pid  5131] +++ exited with 0 +++
[pid  5133] <... futex resumed>)        = ?
[pid  5133] +++ exited with 0 +++
[pid  5130] <... open resumed>)         = ?
[pid  5130] +++ exited with 0 +++
[pid  5129] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=91, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./17/binderfs")     = 0
[pid  5041] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   97.491499][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.500440][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.508179][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.515591][ T5130] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.523306][   T28] audit: type=1800 audit(1693646117.992:19): pid=5130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./17/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./17")               = 0
[pid  5041] mkdir("./18", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5135 attached
, child_tidptr=0x5555572c4690) = 92
[pid  5135] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5135] chdir("./18")               = 0
[pid  5135] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5135] setpgid(0, 0)               = 0
[pid  5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5135] write(3, "1000", 4)         = 4
[pid  5135] close(3)                    = 0
[pid  5135] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5135] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5135] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5135] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5135] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5135] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5135] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5135] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[93]}, 88) = 93
[pid  5135] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5135] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5135] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5136 attached
 <unfinished ...>
[pid  5136] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5136] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5136] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5136] memfd_create("syzkaller", 0) = 3
[pid  5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5136] munmap(0x7f8edabec000, 524288) = 0
[pid  5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5136] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5136] close(3)                    = 0
[pid  5136] mkdir("./file0", 0777)      = 0
[pid  5136] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5136] chdir("./file0")            = 0
[pid  5136] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5136] close(4)                    = 0
[pid  5136] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5136] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5135] <... futex resumed>)        = 0
[pid  5135] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5136] <... futex resumed>)        = 0
[pid  5136] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5135] <... futex resumed>)        = 1
[   97.620163][ T5136] syz-executor354[5136]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   97.644391][ T5136] loop0: detected capacity change from 0 to 1024
[pid  5135] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5135] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5135] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5135] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5135] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5135] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[   97.677776][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.685210][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.692895][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.700208][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.707685][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.715546][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5135] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5135] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[94]}, 88) = 94
[pid  5135] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5135] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5135] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5137 attached
 <unfinished ...>
[pid  5137] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5137] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5137] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5137] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5137] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5137] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5135] <... futex resumed>)        = 0
[pid  5135] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5137] <... futex resumed>)        = 0
[pid  5137] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5135] <... futex resumed>)        = 1
[   97.723314][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.731883][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.740024][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.747706][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.755412][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.762754][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.770139][ T5137] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5135] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5135] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5135] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5135] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5135] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5135] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[95]}, 88) = 95
./strace-static-x86_64: Process 5138 attached
[pid  5138] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5138] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5138] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5135] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5138] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5135] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5135] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5138] <... futex resumed>)        = 0
[pid  5135] <... futex resumed>)        = 1
[pid  5138] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88 <unfinished ...>
[pid  5135] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5139 attached
 <unfinished ...>
[pid  5139] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5138] <... clone3 resumed>)       = 96
[pid  5138] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5138] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5135] <... futex resumed>)        = 0
[   97.777640][ T5137] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.785344][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.794094][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.801903][ T5137] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.810997][ T5137] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.820270][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.828521][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.836371][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.844531][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.852364][ T5137] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.860089][ T5137] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.867886][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5137] <... write resumed>)        = 53248
[pid  5137] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   97.875752][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.884406][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.892173][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.900186][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.907914][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.915815][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5137] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5139] +++ killed by SIGSEGV (core dumped) +++
[pid  5138] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5138] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=96, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5138] getpid()                    = 92
[pid  5138] rt_sigreturn({mask=[]})     = 202
[   97.923825][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.931322][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.940048][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.947683][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.955044][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.962458][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.969765][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5138] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5136] <... open resumed>)         = 4
[pid  5136] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5136] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5135] close(3)                    = 0
[pid  5135] close(4)                    = 0
[pid  5135] close(5)                    = 0
[pid  5135] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5135] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5135] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5135] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5135] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5135] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5135] exit_group(0 <unfinished ...>
[pid  5138] <... futex resumed>)        = ?
[pid  5137] <... futex resumed>)        = ?
[pid  5136] <... futex resumed>)        = ?
[pid  5135] <... exit_group resumed>)   = ?
[pid  5138] +++ exited with 0 +++
[pid  5137] +++ exited with 0 +++
[pid  5136] +++ exited with 0 +++
[pid  5135] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=96, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
[pid  5041] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./18/binderfs")     = 0
[   97.977181][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.984516][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.991936][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   97.999240][ T5136] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.006919][   T28] audit: type=1800 audit(1693646118.472:20): pid=5136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./18/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./18")               = 0
[pid  5041] mkdir("./19", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5140 attached
, child_tidptr=0x5555572c4690) = 97
[pid  5140] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5140] chdir("./19")               = 0
[pid  5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5140] setpgid(0, 0)               = 0
[pid  5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5140] write(3, "1000", 4)         = 4
[pid  5140] close(3)                    = 0
[pid  5140] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5140] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5140] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5140] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5140] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5140] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5140] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5141 attached
 <unfinished ...>
[pid  5141] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5140] <... clone3 resumed> => {parent_tid=[98]}, 88) = 98
[pid  5140] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5141] <... rseq resumed>)         = 0
[pid  5141] set_robust_list(0x7f8ee300c9a0, 24 <unfinished ...>
[pid  5140] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5141] <... set_robust_list resumed>) = 0
[pid  5140] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5141] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5140] <... futex resumed>)        = 0
[pid  5141] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5140] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5141] memfd_create("syzkaller", 0) = 3
[pid  5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5141] munmap(0x7f8edabec000, 524288) = 0
[pid  5141] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5141] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5141] close(3)                    = 0
[pid  5141] mkdir("./file0", 0777)      = 0
[pid  5141] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5141] chdir("./file0")            = 0
[pid  5141] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5141] close(4)                    = 0
[pid  5141] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5140] <... futex resumed>)        = 0
[pid  5141] <... futex resumed>)        = 1
[pid  5140] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5141] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5140] <... futex resumed>)        = 0
[   98.090364][ T5141] syz-executor354[5141]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   98.113469][ T5141] loop0: detected capacity change from 0 to 1024
[pid  5140] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5140] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5140] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5140] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5140] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5142 attached
 => {parent_tid=[99]}, 88) = 99
[pid  5142] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5140] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5142] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5142] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5140] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5140] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5142] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5140] <... futex resumed>)        = 0
[pid  5142] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 <unfinished ...>
[pid  5140] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5142] <... openat resumed>)       = 5
[   98.133751][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.141434][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.149242][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.157894][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.165674][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.173208][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.182882][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5142] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5140] <... futex resumed>)        = 0
[pid  5142] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5140] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   98.192143][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.200093][ T5142] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.207455][ T5142] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.214964][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.222322][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.229815][ T5142] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5140] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5140] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5140] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5140] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5140] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5143 attached
 <unfinished ...>
[pid  5143] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5143] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5140] <... clone3 resumed> => {parent_tid=[100]}, 88) = 100
[pid  5143] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5140] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5143] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5143] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5140] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5140] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5143] <... futex resumed>)        = 0
[pid  5140] <... futex resumed>)        = 1
[pid  5140] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5143] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 101
[   98.237236][ T5142] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.246203][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.253617][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.261046][ T5142] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.268363][ T5142] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.275834][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.283218][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5143] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5144 attached
 <unfinished ...>
[pid  5140] <... futex resumed>)        = 0
[pid  5143] <... futex resumed>)        = 1
[pid  5144] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5143] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5142] <... write resumed>)        = 53248
[pid  5142] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   98.290787][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.298335][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.306191][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.313910][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.321915][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.329429][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.337379][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.344854][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.352608][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.359986][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.367562][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.374971][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.382578][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5142] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5144] +++ killed by SIGSEGV (core dumped) +++
[pid  5140] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=101, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5140] getpid()                    = 97
[pid  5140] rt_sigreturn({mask=[]})     = 0
[pid  5143] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[   98.389962][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.397585][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.405061][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.412595][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.420169][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.427814][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.435185][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5143] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5141] <... open resumed>)         = 4
[pid  5141] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5141] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5140] close(3)                    = 0
[pid  5140] close(4)                    = 0
[pid  5140] close(5)                    = 0
[pid  5140] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5140] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5140] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5140] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5140] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5140] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5140] exit_group(0 <unfinished ...>
[pid  5143] <... futex resumed>)        = ?
[pid  5140] <... exit_group resumed>)   = ?
[pid  5142] <... futex resumed>)        = ?
[pid  5143] +++ exited with 0 +++
[pid  5142] +++ exited with 0 +++
[pid  5141] <... futex resumed>)        = ?
[pid  5141] +++ exited with 0 +++
[pid  5140] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=101, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=8 /* 0.08 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./19/binderfs")     = 0
[pid  5041] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   98.442568][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.449887][ T5141] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.457925][   T28] audit: type=1800 audit(1693646118.922:21): pid=5141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./19/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./19")               = 0
[pid  5041] mkdir("./20", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 102
./strace-static-x86_64: Process 5145 attached
[pid  5145] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5145] chdir("./20")               = 0
[pid  5145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5145] setpgid(0, 0)               = 0
[pid  5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5145] write(3, "1000", 4)         = 4
[pid  5145] close(3)                    = 0
[pid  5145] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5145] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5145] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5145] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5145] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5145] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5145] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5145] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5146 attached
 => {parent_tid=[103]}, 88) = 103
[pid  5145] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5145] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5145] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5146] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5146] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5146] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5146] memfd_create("syzkaller", 0) = 3
[pid  5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5146] munmap(0x7f8edabec000, 524288) = 0
[pid  5146] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5146] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5146] close(3)                    = 0
[pid  5146] mkdir("./file0", 0777)      = 0
[pid  5146] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5146] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5146] chdir("./file0")            = 0
[pid  5146] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5146] close(4)                    = 0
[pid  5146] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5145] <... futex resumed>)        = 0
[pid  5145] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5146] <... futex resumed>)        = 1
[pid  5145] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   98.565577][ T5146] syz-executor354[5146]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   98.588375][ T5146] loop0: detected capacity change from 0 to 1024
[   98.607537][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5146] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5145] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5145] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5145] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[   98.615024][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.623586][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.631497][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.638940][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.646378][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.654073][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5145] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5145] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5145] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[104]}, 88) = 104
[pid  5145] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5145] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5145] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5147 attached
 <unfinished ...>
[pid  5147] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5147] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5147] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5147] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5147] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5147] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5145] <... futex resumed>)        = 0
[pid  5145] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5147] <... futex resumed>)        = 0
[pid  5147] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5145] <... futex resumed>)        = 1
[   98.661562][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.668968][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.676338][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.683981][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.691814][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.699209][ T5147] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.706606][ T5147] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5145] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5145] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5145] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5145] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5145] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5145] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5148 attached
 => {parent_tid=[105]}, 88) = 105
[pid  5145] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5145] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5145] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5148] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5148] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5148] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[   98.714241][ T5147] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.721855][ T5147] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.729214][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.736586][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.744653][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.752500][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5148] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5149 attached
) = 106
[pid  5149] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5148] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5147] <... write resumed>)        = 53248
[pid  5147] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5148] <... futex resumed>)        = 1
[pid  5147] <... futex resumed>)        = 0
[pid  5145] <... futex resumed>)        = 0
[pid  5148] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[   98.759887][ T5147] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.767762][ T5147] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.775299][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.783283][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.790979][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.798293][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.806454][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.814437][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.822281][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.829735][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.837929][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.845862][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.853609][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5147] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5149] +++ killed by SIGSEGV (core dumped) +++
[pid  5145] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=106, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5145] getpid()                    = 102
[pid  5145] rt_sigreturn({mask=[]})     = 0
[pid  5148] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[   98.861885][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.869377][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.876751][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.884357][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.891867][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.899227][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.906598][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5148] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5146] <... open resumed>)         = 4
[pid  5146] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5146] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5145] close(3)                    = 0
[pid  5145] close(4)                    = 0
[pid  5145] close(5)                    = 0
[pid  5145] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5145] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5145] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5145] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5145] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5145] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5145] exit_group(0 <unfinished ...>
[pid  5147] <... futex resumed>)        = ?
[pid  5148] <... futex resumed>)        = ?
[pid  5147] +++ exited with 0 +++
[pid  5146] <... futex resumed>)        = ?
[pid  5148] +++ exited with 0 +++
[pid  5146] +++ exited with 0 +++
[pid  5145] <... exit_group resumed>)   = ?
[pid  5145] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=106, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./20/binderfs")     = 0
[pid  5041] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   98.914159][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.921507][ T5146] hfsplus: request for non-existent node 16777216 in B*Tree
[   98.929041][   T28] audit: type=1800 audit(1693646119.392:22): pid=5146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./20/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./20")               = 0
[pid  5041] mkdir("./21", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5150 attached
, child_tidptr=0x5555572c4690) = 107
[pid  5150] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5150] chdir("./21")               = 0
[pid  5150] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5150] setpgid(0, 0)               = 0
[pid  5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5150] write(3, "1000", 4)         = 4
[pid  5150] close(3)                    = 0
[pid  5150] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5150] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5150] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5150] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5150] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5150] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5150] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5150] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5151 attached
 => {parent_tid=[108]}, 88) = 108
[pid  5150] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5150] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5150] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5151] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5151] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5151] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5151] memfd_create("syzkaller", 0) = 3
[pid  5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5151] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5151] munmap(0x7f8edabec000, 524288) = 0
[pid  5151] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5151] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5151] close(3)                    = 0
[pid  5151] mkdir("./file0", 0777)      = 0
[pid  5151] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5151] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5151] chdir("./file0")            = 0
[pid  5151] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5151] close(4)                    = 0
[pid  5151] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5150] <... futex resumed>)        = 0
[pid  5150] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5150] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5151] <... futex resumed>)        = 1
[   99.050128][ T5151] loop0: detected capacity change from 0 to 1024
[   99.069070][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.076851][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.084942][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.092899][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5151] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5150] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5150] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5150] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5150] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5150] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5150] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5150] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5152 attached
 => {parent_tid=[109]}, 88) = 109
[pid  5152] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5150] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5152] set_robust_list(0x7f8edac6b9a0, 24 <unfinished ...>
[pid  5150] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5152] <... set_robust_list resumed>) = 0
[pid  5150] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5152] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5150] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5152] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5152] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5152] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5150] <... futex resumed>)        = 0
[pid  5150] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5150] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5152] <... futex resumed>)        = 1
[   99.100567][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.108164][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.118339][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.128323][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.135936][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.143518][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5152] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5150] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5150] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5150] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5150] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5150] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5150] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[110]}, 88) = 110
./strace-static-x86_64: Process 5153 attached
[pid  5150] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5153] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5153] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5153] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5153] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5150] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5150] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5153] <... futex resumed>)        = 0
[   99.151105][ T5152] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.158444][ T5152] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.165919][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.173385][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.181312][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.189128][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5153] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88 <unfinished ...>
[pid  5150] <... futex resumed>)        = 1
[pid  5153] <... clone3 resumed>)       = 111
[pid  5153] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5153] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5154 attached
 <unfinished ...>
[pid  5150] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5154] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5150] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[   99.198103][ T5152] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.205720][ T5152] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.215277][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.223665][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.232051][ T5152] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.239362][ T5152] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5152] <... write resumed>)        = 53248
[pid  5152] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   99.247395][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.255148][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.262694][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.270463][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.278646][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.287859][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.295455][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.303267][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.310676][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.318476][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.326200][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.333539][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.341238][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5152] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5154] +++ killed by SIGSEGV (core dumped) +++
[pid  5153] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5153] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=111, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5153] getpid()                    = 107
[pid  5153] rt_sigreturn({mask=[]})     = 202
[pid  5153] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5150] close(3)                    = 0
[pid  5150] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5150] close(5)                    = 0
[pid  5150] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5150] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5150] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5150] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5150] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5150] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5150] exit_group(0 <unfinished ...>
[pid  5153] <... futex resumed>)        = ?
[pid  5152] <... futex resumed>)        = ?
[pid  5153] +++ exited with 0 +++
[pid  5152] +++ exited with 0 +++
[pid  5150] <... exit_group resumed>)   = ?
[pid  5151] <... open resumed>)         = ?
[pid  5151] +++ exited with 0 +++
[pid  5150] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=111, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
[pid  5041] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./21/binderfs")     = 0
[   99.348548][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.355974][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.363564][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.371159][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.378475][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.385983][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.393306][ T5151] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5041] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./21/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./21")               = 0
[pid  5041] mkdir("./22", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5155 attached
, child_tidptr=0x5555572c4690) = 112
[pid  5155] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5155] chdir("./22")               = 0
[pid  5155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5155] setpgid(0, 0)               = 0
[pid  5155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5155] write(3, "1000", 4)         = 4
[pid  5155] close(3)                    = 0
[pid  5155] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5155] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5155] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5155] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5155] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5155] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5155] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5155] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5156 attached
 => {parent_tid=[113]}, 88) = 113
[pid  5156] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5155] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5156] set_robust_list(0x7f8ee300c9a0, 24 <unfinished ...>
[pid  5155] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5156] <... set_robust_list resumed>) = 0
[pid  5156] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5155] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5156] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5155] <... futex resumed>)        = 0
[pid  5156] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5155] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5156] <... memfd_create resumed>) = 3
[pid  5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5156] munmap(0x7f8edabec000, 524288) = 0
[pid  5156] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5156] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5156] close(3)                    = 0
[pid  5156] mkdir("./file0", 0777)      = 0
[pid  5156] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[   99.489848][ T5156] __do_sys_memfd_create: 1 callbacks suppressed
[   99.489868][ T5156] syz-executor354[5156]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   99.519299][ T5156] loop0: detected capacity change from 0 to 1024
[pid  5156] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5156] chdir("./file0")            = 0
[pid  5156] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5156] close(4)                    = 0
[pid  5156] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5155] <... futex resumed>)        = 0
[pid  5155] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5155] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5156] <... futex resumed>)        = 1
[   99.537125][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.544723][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.552564][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.559948][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.568064][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.575527][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5156] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5155] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5155] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5155] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5155] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5155] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5155] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[114]}, 88) = 114
[pid  5155] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5155] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5155] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5157 attached
 <unfinished ...>
[pid  5157] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5157] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5157] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5157] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5157] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5155] <... futex resumed>)        = 0
[pid  5155] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5155] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5157] <... futex resumed>)        = 1
[   99.583308][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.590648][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.598159][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.605549][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.613022][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.620350][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.627780][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5157] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5155] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5155] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5155] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5155] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5155] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5155] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5155] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5158 attached
 => {parent_tid=[115]}, 88) = 115
[pid  5158] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5158] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5155] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5158] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5155] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5158] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5155] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5158] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88 <unfinished ...>
[pid  5155] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5159 attached
 <unfinished ...>
[pid  5159] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5158] <... clone3 resumed>)       = 116
[   99.635118][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.642588][ T5157] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.649920][ T5157] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.657555][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.665098][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.672802][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.680165][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5158] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5155] <... futex resumed>)        = 0
[pid  5158] <... futex resumed>)        = 1
[   99.687749][ T5157] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.695508][ T5157] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.703025][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.710524][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.718042][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.726048][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.733820][ T5157] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5158] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5157] <... write resumed>)        = 53248
[pid  5157] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   99.741585][ T5157] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.749376][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.759126][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.767200][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.774850][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.782911][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5157] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5159] +++ killed by SIGSEGV (core dumped) +++
[pid  5155] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=116, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5155] getpid()                    = 112
[pid  5155] rt_sigreturn({mask=[]})     = 0
[pid  5158] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[   99.790263][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.797703][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.805058][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.812512][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.820149][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.827583][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.834920][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5158] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5156] <... open resumed>)         = 4
[pid  5156] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5156] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5155] close(3)                    = 0
[pid  5155] close(4)                    = 0
[pid  5155] close(5)                    = 0
[pid  5155] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5155] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5155] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5155] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5155] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5155] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5155] exit_group(0 <unfinished ...>
[pid  5158] <... futex resumed>)        = ?
[pid  5157] <... futex resumed>)        = ?
[pid  5156] <... futex resumed>)        = ?
[pid  5155] <... exit_group resumed>)   = ?
[pid  5158] +++ exited with 0 +++
[pid  5157] +++ exited with 0 +++
[pid  5156] +++ exited with 0 +++
[pid  5155] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=116, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
[pid  5041] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./22/binderfs")     = 0
[pid  5041] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[   99.842357][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.849718][ T5156] hfsplus: request for non-existent node 16777216 in B*Tree
[   99.857517][   T28] kauditd_printk_skb: 1 callbacks suppressed
[   99.857534][   T28] audit: type=1800 audit(1693646120.322:24): pid=5156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./22/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./22")               = 0
[pid  5041] mkdir("./23", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5160 attached
, child_tidptr=0x5555572c4690) = 117
[pid  5160] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5160] chdir("./23")               = 0
[pid  5160] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5160] setpgid(0, 0)               = 0
[pid  5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5160] write(3, "1000", 4)         = 4
[pid  5160] close(3)                    = 0
[pid  5160] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5160] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5160] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5160] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5160] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5160] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5160] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5160] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5161 attached
 => {parent_tid=[118]}, 88) = 118
[pid  5160] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5160] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5160] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5161] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5161] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5161] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5161] memfd_create("syzkaller", 0) = 3
[pid  5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5161] munmap(0x7f8edabec000, 524288) = 0
[pid  5161] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5161] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5161] close(3)                    = 0
[pid  5161] mkdir("./file0", 0777)      = 0
[pid  5161] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5161] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5161] chdir("./file0")            = 0
[pid  5161] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5161] close(4)                    = 0
[pid  5161] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5161] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[pid  5160] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5161] <... futex resumed>)        = 0
[pid  5161] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5160] <... futex resumed>)        = 1
[   99.950292][ T5161] syz-executor354[5161]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   99.972355][ T5161] loop0: detected capacity change from 0 to 1024
[   99.994059][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.001672][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.009850][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.017732][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.026047][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.034086][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.041911][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5160] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5160] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5160] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5160] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5160] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5160] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5162 attached
 => {parent_tid=[119]}, 88) = 119
[pid  5162] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5160] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5162] set_robust_list(0x7f8edac6b9a0, 24 <unfinished ...>
[pid  5160] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5162] <... set_robust_list resumed>) = 0
[pid  5160] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5162] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[pid  5162] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5162] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 <unfinished ...>
[pid  5160] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5162] <... openat resumed>)       = 5
[pid  5162] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[pid  5160] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5160] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5162] <... futex resumed>)        = 1
[  100.049195][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.057769][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.065687][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.073119][ T5162] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.080456][ T5162] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.087898][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5162] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5160] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5160] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5160] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5160] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5160] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5160] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5163 attached
 => {parent_tid=[120]}, 88) = 120
[pid  5163] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5160] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5163] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5163] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5163] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5160] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5160] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5163] <... futex resumed>)        = 0
[pid  5160] <... futex resumed>)        = 1
[pid  5163] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88 <unfinished ...>
[pid  5160] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5164 attached
 <unfinished ...>
[pid  5163] <... clone3 resumed>)       = 121
[pid  5164] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[  100.095278][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.102746][ T5162] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.110087][ T5162] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.119436][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.129993][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.137424][ T5162] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5163] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[pid  5163] <... futex resumed>)        = 1
[pid  5163] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5162] <... write resumed>)        = 53248
[pid  5162] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  100.145527][ T5162] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.154105][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.162143][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.170064][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.177610][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.185289][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.192636][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.200236][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.207895][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.215518][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.223413][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.230817][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.238593][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5162] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5164] +++ killed by SIGSEGV (core dumped) +++
[pid  5163] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5163] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=121, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5163] getpid()                    = 117
[pid  5163] rt_sigreturn({mask=[]})     = 202
[pid  5163] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5160] close(3)                    = 0
[pid  5160] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5160] close(5)                    = 0
[pid  5160] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5160] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5160] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5160] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5160] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(22)                   = -1 EBADF (Bad file descriptor)
[  100.246095][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.253697][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.261558][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.268871][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.276755][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.284332][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.291746][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5160] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5160] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5160] exit_group(0 <unfinished ...>
[pid  5163] <... futex resumed>)        = ?
[pid  5163] +++ exited with 0 +++
[pid  5162] <... futex resumed>)        = ?
[pid  5160] <... exit_group resumed>)   = ?
[pid  5162] +++ exited with 0 +++
[pid  5161] <... open resumed>)         = ?
[pid  5161] +++ exited with 0 +++
[pid  5160] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=121, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./23/binderfs")     = 0
[pid  5041] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./23/file0")         = 0
[  100.300946][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.308415][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.316222][ T5161] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.323888][   T28] audit: type=1800 audit(1693646120.792:25): pid=5161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./23")               = 0
[pid  5041] mkdir("./24", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5165 attached
 <unfinished ...>
[pid  5165] set_robust_list(0x5555572c46a0, 24 <unfinished ...>
[pid  5041] <... clone resumed>, child_tidptr=0x5555572c4690) = 122
[pid  5165] <... set_robust_list resumed>) = 0
[pid  5165] chdir("./24")               = 0
[pid  5165] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5165] setpgid(0, 0)               = 0
[pid  5165] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5165] write(3, "1000", 4)         = 4
[pid  5165] close(3)                    = 0
[pid  5165] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5165] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5165] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5165] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5165] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5165] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5165] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5165] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5166 attached
 => {parent_tid=[123]}, 88) = 123
[pid  5166] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5165] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5165] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5165] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5166] <... rseq resumed>)         = 0
[pid  5166] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5166] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5166] memfd_create("syzkaller", 0) = 3
[pid  5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5166] munmap(0x7f8edabec000, 524288) = 0
[pid  5166] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5166] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5166] close(3)                    = 0
[pid  5166] mkdir("./file0", 0777)      = 0
[pid  5166] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5166] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5166] chdir("./file0")            = 0
[pid  5166] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5166] close(4)                    = 0
[pid  5166] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5166] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5165] <... futex resumed>)        = 0
[pid  5165] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5166] <... futex resumed>)        = 0
[pid  5166] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5165] <... futex resumed>)        = 1
[  100.407678][ T5166] syz-executor354[5166]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  100.429815][ T5166] loop0: detected capacity change from 0 to 1024
[  100.455429][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.462920][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.470323][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.478512][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.486280][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.494119][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5165] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5165] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5165] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5165] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5165] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5165] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[124]}, 88) = 124
[pid  5165] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5165] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5165] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5168 attached
 <unfinished ...>
[pid  5168] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5168] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5168] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5168] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5168] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5165] <... futex resumed>)        = 0
[pid  5165] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5165] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5168] <... futex resumed>)        = 1
[  100.502009][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.509422][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.516974][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.525281][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.533344][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.540659][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.548859][ T5168] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5168] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5165] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5165] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5165] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5165] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5165] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5165] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5165] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5169 attached
 => {parent_tid=[125]}, 88) = 125
[pid  5169] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5165] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5169] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5169] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5165] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5165] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5169] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5165] <... futex resumed>)        = 0
[pid  5169] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88 <unfinished ...>
[pid  5165] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5169] <... clone3 resumed>)       = 126
[pid  5169] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5165] <... futex resumed>)        = 0
[pid  5169] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5170 attached
 <unfinished ...>
[pid  5170] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[  100.556328][ T5168] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.563942][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.571280][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.579627][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.589263][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.597116][ T5168] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5168] <... write resumed>)        = 53248
[pid  5168] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  100.604934][ T5168] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.613912][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.622057][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.629932][ T5168] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.637909][ T5168] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.646122][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5168] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5170] +++ killed by SIGSEGV (core dumped) +++
[pid  5165] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=126, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5165] getpid()                    = 122
[pid  5165] rt_sigreturn({mask=[]})     = -1 EINTR (Interrupted system call)
[pid  5169] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[  100.654814][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.662649][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.670402][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.678713][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.686736][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.694280][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.701960][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.709350][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.716958][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.724541][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.732135][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.739526][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.747084][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5169] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5165] close(3)                    = 0
[pid  5165] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5165] close(5)                    = 0
[pid  5165] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5165] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5165] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5165] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5165] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5165] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5165] exit_group(0 <unfinished ...>
[pid  5169] <... futex resumed>)        = ?
[pid  5168] <... futex resumed>)        = ?
[pid  5169] +++ exited with 0 +++
[pid  5165] <... exit_group resumed>)   = ?
[pid  5166] <... open resumed>)         = ?
[pid  5166] +++ exited with 0 +++
[pid  5168] +++ exited with 0 +++
[pid  5165] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=126, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=8 /* 0.08 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./24/binderfs")     = 0
[  100.754542][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.762155][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.769557][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.777132][ T5166] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.789186][   T28] audit: type=1800 audit(1693646121.252:26): pid=5166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./24/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./24")               = 0
[pid  5041] mkdir("./25", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 127
./strace-static-x86_64: Process 5171 attached
[pid  5171] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5171] chdir("./25")               = 0
[pid  5171] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5171] setpgid(0, 0)               = 0
[pid  5171] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5171] write(3, "1000", 4)         = 4
[pid  5171] close(3)                    = 0
[pid  5171] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5171] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5171] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5171] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5171] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5171] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5171] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5171] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5172 attached
 <unfinished ...>
[pid  5172] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5172] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5172] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5172] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5171] <... clone3 resumed> => {parent_tid=[128]}, 88) = 128
[pid  5171] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5171] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5171] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5172] <... futex resumed>)        = 0
[pid  5172] memfd_create("syzkaller", 0) = 3
[pid  5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5172] munmap(0x7f8edabec000, 524288) = 0
[pid  5172] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5172] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5172] close(3)                    = 0
[pid  5172] mkdir("./file0", 0777)      = 0
[pid  5172] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5172] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5172] chdir("./file0")            = 0
[pid  5172] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5172] close(4)                    = 0
[pid  5172] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5171] <... futex resumed>)        = 0
[pid  5172] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5171] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5172] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5171] <... futex resumed>)        = 0
[pid  5172] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[  100.883593][ T5172] syz-executor354[5172]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  100.904904][ T5172] loop0: detected capacity change from 0 to 1024
[  100.935421][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.943064][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.950485][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.958218][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.965690][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.973739][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5171] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5171] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5171] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5171] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5171] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5171] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5173 attached
 <unfinished ...>
[pid  5173] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5171] <... clone3 resumed> => {parent_tid=[129]}, 88) = 129
[pid  5173] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5171] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5173] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5171] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5173] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5171] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5173] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 <unfinished ...>
[pid  5171] <... futex resumed>)        = 0
[pid  5173] <... openat resumed>)       = 5
[pid  5171] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5173] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5171] <... futex resumed>)        = 0
[pid  5171] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5171] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5173] <... futex resumed>)        = 1
[  100.981397][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.988923][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  100.996818][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.004178][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.011592][ T5173] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.018939][ T5173] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.026481][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5173] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5171] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5171] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5171] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5171] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5171] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5171] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5171] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5174 attached
 => {parent_tid=[130]}, 88) = 130
[pid  5174] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5171] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5174] <... rseq resumed>)         = 0
[pid  5171] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5171] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5174] set_robust_list(0x7f8edac4a9a0, 24 <unfinished ...>
[pid  5171] <... futex resumed>)        = 0
[pid  5174] <... set_robust_list resumed>) = 0
[pid  5171] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5174] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5174] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 131
./strace-static-x86_64: Process 5175 attached
[pid  5174] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5174] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5175] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5171] <... futex resumed>)        = 0
[  101.033999][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.041556][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.048947][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.057250][ T5173] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.065503][ T5173] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.073174][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5173] <... write resumed>)        = 53248
[  101.080553][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.088648][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.096509][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.104201][ T5173] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.111671][ T5173] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.119213][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.126701][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5173] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  101.134134][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.141509][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.149160][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.156634][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.164074][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.171413][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.178812][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5173] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5175] +++ killed by SIGSEGV (core dumped) +++
[pid  5171] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=131, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5171] getpid()                    = 127
[pid  5171] rt_sigreturn({mask=[]})     = 0
[pid  5174] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[  101.186156][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.193751][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.201160][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.208586][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.215962][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.223386][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5174] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5172] <... open resumed>)         = 4
[pid  5172] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5171] close(3 <unfinished ...>
[pid  5172] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5171] <... close resumed>)        = 0
[pid  5171] close(4)                    = 0
[pid  5171] close(5)                    = 0
[pid  5171] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5171] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5171] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5171] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5171] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5171] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5171] exit_group(0 <unfinished ...>
[pid  5173] <... futex resumed>)        = ?
[pid  5172] <... futex resumed>)        = ?
[pid  5174] <... futex resumed>)        = ?
[pid  5173] +++ exited with 0 +++
[pid  5174] +++ exited with 0 +++
[pid  5172] +++ exited with 0 +++
[pid  5171] <... exit_group resumed>)   = ?
[pid  5171] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=131, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
[pid  5041] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./25/binderfs")     = 0
[pid  5041] umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[  101.230679][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.238086][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.245412][ T5172] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.254018][   T28] audit: type=1800 audit(1693646121.722:27): pid=5172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] rmdir("./25/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./25")               = 0
[pid  5041] mkdir("./26", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 132
./strace-static-x86_64: Process 5176 attached
[pid  5176] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5176] chdir("./26")               = 0
[pid  5176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5176] setpgid(0, 0)               = 0
[pid  5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5176] write(3, "1000", 4)         = 4
[pid  5176] close(3)                    = 0
[pid  5176] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5176] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5176] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5176] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5176] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5176] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5176] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5176] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5177 attached
 => {parent_tid=[133]}, 88) = 133
[pid  5176] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5176] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5176] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5177] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5177] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5177] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5177] memfd_create("syzkaller", 0) = 3
[pid  5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5177] munmap(0x7f8edabec000, 524288) = 0
[pid  5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5177] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5177] close(3)                    = 0
[pid  5177] mkdir("./file0", 0777)      = 0
[pid  5177] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5177] chdir("./file0")            = 0
[pid  5177] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5177] close(4)                    = 0
[pid  5177] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5176] <... futex resumed>)        = 0
[pid  5177] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5176] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5177] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5177] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5176] <... futex resumed>)        = 0
[  101.348486][ T5177] syz-executor354[5177]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  101.371899][ T5177] loop0: detected capacity change from 0 to 1024
[pid  5176] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5176] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5176] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5176] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5176] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5176] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5178 attached
 => {parent_tid=[134]}, 88) = 134
[pid  5176] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5176] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5176] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5178] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5178] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5178] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5178] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5178] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5176] <... futex resumed>)        = 0
[pid  5176] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5176] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5178] <... futex resumed>)        = 1
[  101.391920][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.399533][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.407870][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.415669][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.423523][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.431349][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5178] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5176] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5176] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5176] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5176] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[  101.442045][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.449790][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.457978][ T5178] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.465597][ T5178] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.473510][ T5178] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.480820][ T5178] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.488196][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5176] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5176] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5179 attached
 <unfinished ...>
[pid  5179] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5179] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5179] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5178] <... write resumed>)        = 53248
[pid  5176] <... clone3 resumed> => {parent_tid=[135]}, 88) = 135
[pid  5179] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5178] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5176] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5178] <... futex resumed>)        = 0
[pid  5178] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5176] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5176] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5179] <... futex resumed>)        = 0
[pid  5176] <... futex resumed>)        = 1
[pid  5176] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5179] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 136
[  101.496323][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.503843][ T5178] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.511592][ T5178] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.518948][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.526334][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.534184][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.541773][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5179] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5176] <... futex resumed>)        = 0
./strace-static-x86_64: Process 5180 attached
[pid  5179] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5180] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[  101.549342][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.556939][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.564394][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.573174][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.580587][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.588172][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.595619][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.603225][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.610809][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.618441][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.625952][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.633572][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.641129][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5176] close(3)                    = 0
[pid  5176] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5176] close(5)                    = 0
[  101.648448][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.656215][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.663769][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.671202][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.678513][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.686337][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5176] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5176] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5176] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5176] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5176] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5176] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5176] exit_group(0 <unfinished ...>
[pid  5177] <... open resumed>)         = 4
[pid  5180] +++ killed by SIGSEGV (core dumped) +++
[pid  5179] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5179] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=136, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5179] getpid()                    = 132
[pid  5179] rt_sigreturn({mask=[]})     = 202
[pid  5179] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL) = ?
[pid  5179] +++ exited with 0 +++
[pid  5178] <... futex resumed>)        = ?
[pid  5178] +++ exited with 0 +++
[pid  5176] <... exit_group resumed>)   = ?
[pid  5177] +++ exited with 0 +++
[pid  5176] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=136, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=8 /* 0.08 s */} ---
[pid  5041] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./26/binderfs")     = 0
[pid  5041] umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./26/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./26")               = 0
[pid  5041] mkdir("./27", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5181 attached
, child_tidptr=0x5555572c4690) = 137
[  101.693694][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.701501][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.708822][ T5177] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.717954][   T28] audit: type=1800 audit(1693646122.182:28): pid=5177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5181] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5181] chdir("./27")               = 0
[pid  5181] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5181] setpgid(0, 0)               = 0
[pid  5181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5181] write(3, "1000", 4)         = 4
[pid  5181] close(3)                    = 0
[pid  5181] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5181] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5181] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5181] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5181] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5181] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5181] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5181] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5182 attached
 => {parent_tid=[138]}, 88) = 138
[pid  5182] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5181] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5182] set_robust_list(0x7f8ee300c9a0, 24 <unfinished ...>
[pid  5181] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5182] <... set_robust_list resumed>) = 0
[pid  5181] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5182] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5181] <... futex resumed>)        = 0
[pid  5182] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5181] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5182] memfd_create("syzkaller", 0) = 3
[pid  5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5182] munmap(0x7f8edabec000, 524288) = 0
[pid  5182] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5182] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5182] close(3)                    = 0
[pid  5182] mkdir("./file0", 0777)      = 0
[pid  5182] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5182] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5182] chdir("./file0")            = 0
[pid  5182] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5182] close(4)                    = 0
[pid  5182] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5181] <... futex resumed>)        = 0
[pid  5182] <... futex resumed>)        = 1
[pid  5181] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5182] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5181] <... futex resumed>)        = 0
[  101.788711][ T5182] syz-executor354[5182]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  101.814113][ T5182] loop0: detected capacity change from 0 to 1024
[  101.832709][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.840307][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.848115][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.856078][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.863810][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.871224][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.878769][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5181] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5181] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5181] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5181] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5181] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5181] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5183 attached
 => {parent_tid=[139]}, 88) = 139
[pid  5183] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5181] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5183] <... rseq resumed>)         = 0
[pid  5183] set_robust_list(0x7f8edac6b9a0, 24 <unfinished ...>
[pid  5181] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5183] <... set_robust_list resumed>) = 0
[pid  5181] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5183] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5181] <... futex resumed>)        = 0
[pid  5183] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5181] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5183] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5183] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5181] <... futex resumed>)        = 0
[pid  5181] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5181] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5183] <... futex resumed>)        = 1
[  101.886336][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.894225][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.901975][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.909693][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.918258][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.926070][ T5183] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5183] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5181] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5181] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5181] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5181] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5181] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5181] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[140]}, 88) = 140
[pid  5181] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5181] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5181] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5184 attached
 <unfinished ...>
[pid  5184] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5184] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5184] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[  101.933565][ T5183] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.940983][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.948327][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.955885][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.963339][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.971056][ T5183] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.978674][ T5183] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5184] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 141
./strace-static-x86_64: Process 5185 attached
[pid  5185] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5184] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5184] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5181] <... futex resumed>)        = 0
[pid  5183] <... write resumed>)        = 53248
[pid  5183] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  101.987332][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  101.995027][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.003323][ T5183] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.014419][ T5183] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.022657][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.032609][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.040655][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.048865][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.056844][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.065173][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.072977][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.080674][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.089087][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.096891][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.104552][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.112411][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.120042][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.127536][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5183] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5185] +++ killed by SIGSEGV (core dumped) +++
[pid  5184] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5184] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=141, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5184] getpid()                    = 137
[pid  5184] rt_sigreturn({mask=[]})     = 202
[pid  5184] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5182] <... open resumed>)         = 4
[pid  5182] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5182] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5181] close(3)                    = 0
[pid  5181] close(4)                    = 0
[pid  5181] close(5)                    = 0
[pid  5181] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5181] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5181] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5181] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5181] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5181] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5181] exit_group(0 <unfinished ...>
[pid  5184] <... futex resumed>)        = ?
[pid  5183] <... futex resumed>)        = ?
[pid  5182] <... futex resumed>)        = ?
[pid  5184] +++ exited with 0 +++
[pid  5183] +++ exited with 0 +++
[pid  5182] +++ exited with 0 +++
[pid  5181] <... exit_group resumed>)   = ?
[pid  5181] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=141, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./27/binderfs")     = 0
[  102.135333][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.142970][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.150510][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.157859][ T5182] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.165578][   T28] audit: type=1800 audit(1693646122.632:29): pid=5182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./27/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./27")               = 0
[pid  5041] mkdir("./28", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 142
./strace-static-x86_64: Process 5186 attached
[pid  5186] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5186] chdir("./28")               = 0
[pid  5186] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5186] setpgid(0, 0)               = 0
[pid  5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5186] write(3, "1000", 4)         = 4
[pid  5186] close(3)                    = 0
[pid  5186] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5186] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5186] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5186] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5186] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5186] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5186] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5186] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[143]}, 88) = 143
[pid  5186] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5186] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5186] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5187 attached
 <unfinished ...>
[pid  5187] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5187] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5187] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5187] memfd_create("syzkaller", 0) = 3
[pid  5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5187] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5187] munmap(0x7f8edabec000, 524288) = 0
[pid  5187] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5187] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5187] close(3)                    = 0
[pid  5187] mkdir("./file0", 0777)      = 0
[pid  5187] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5187] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5187] chdir("./file0")            = 0
[pid  5187] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5187] close(4)                    = 0
[pid  5187] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5186] <... futex resumed>)        = 0
[pid  5187] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5186] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5187] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5186] <... futex resumed>)        = 0
[pid  5187] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[  102.279426][ T5187] syz-executor354[5187]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  102.306150][ T5187] loop0: detected capacity change from 0 to 1024
[pid  5186] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5186] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5186] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5186] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5186] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5186] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[144]}, 88) = 144
[pid  5186] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5186] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5186] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5188 attached
 <unfinished ...>
[pid  5188] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5188] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5188] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5188] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[  102.324164][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.331671][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.339126][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.347383][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.355090][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.362609][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.370353][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5188] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5186] <... futex resumed>)        = 0
[pid  5188] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5186] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5188] <... futex resumed>)        = 0
[pid  5186] <... futex resumed>)        = 1
[pid  5188] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[  102.380931][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.388978][ T5188] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.396371][ T5188] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.403870][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.411207][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.418560][ T5188] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5186] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5186] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5186] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5186] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5186] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5186] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5189 attached
 <unfinished ...>
[pid  5189] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5186] <... clone3 resumed> => {parent_tid=[145]}, 88) = 145
[pid  5189] <... rseq resumed>)         = 0
[pid  5186] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5189] set_robust_list(0x7f8edac4a9a0, 24 <unfinished ...>
[pid  5186] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5189] <... set_robust_list resumed>) = 0
[pid  5186] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5189] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5186] <... futex resumed>)        = 0
[pid  5189] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5186] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5189] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 146
./strace-static-x86_64: Process 5190 attached
[pid  5189] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5190] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5186] <... futex resumed>)        = 0
[pid  5189] <... futex resumed>)        = 1
[pid  5189] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5188] <... write resumed>)        = 53248
[pid  5188] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  102.425950][ T5188] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.433433][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.443038][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.450447][ T5188] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.458456][ T5188] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.469252][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.477972][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.485863][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.493496][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.501141][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.508681][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.516297][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.523837][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.531463][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.539045][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.547031][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.554501][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.562038][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.569360][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5188] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5190] +++ killed by SIGSEGV (core dumped) +++
[pid  5186] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=146, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5186] getpid()                    = 142
[pid  5186] rt_sigreturn({mask=[]} <unfinished ...>
[pid  5189] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5186] <... rt_sigreturn resumed>) = 0
[  102.577188][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.588122][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.598765][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.606214][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.613768][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.621143][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5189] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5187] <... open resumed>)         = 4
[pid  5187] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5186] close(3)                    = 0
[pid  5186] close(4)                    = 0
[pid  5186] close(5)                    = 0
[pid  5186] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5186] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5186] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5186] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5186] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(20 <unfinished ...>
[pid  5187] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5186] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid  5186] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5186] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5186] exit_group(0 <unfinished ...>
[pid  5189] <... futex resumed>)        = ?
[pid  5188] <... futex resumed>)        = ?
[pid  5186] <... exit_group resumed>)   = ?
[pid  5188] +++ exited with 0 +++
[pid  5189] +++ exited with 0 +++
[pid  5187] <... futex resumed>)        = ?
[pid  5187] +++ exited with 0 +++
[pid  5186] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=146, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./28/binderfs")     = 0
[  102.628534][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.635868][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.643612][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.650947][ T5187] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.659442][   T28] audit: type=1800 audit(1693646123.122:30): pid=5187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./28/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./28")               = 0
[pid  5041] mkdir("./29", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5191 attached
 <unfinished ...>
[pid  5191] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5191] chdir("./29" <unfinished ...>
[pid  5041] <... clone resumed>, child_tidptr=0x5555572c4690) = 147
[pid  5191] <... chdir resumed>)        = 0
[pid  5191] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5191] setpgid(0, 0)               = 0
[pid  5191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5191] write(3, "1000", 4)         = 4
[pid  5191] close(3)                    = 0
[pid  5191] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5191] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5191] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5191] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5191] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5191] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5191] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5191] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5192 attached
 => {parent_tid=[148]}, 88) = 148
[pid  5192] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5192] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5192] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5192] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5191] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5191] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5192] <... futex resumed>)        = 0
[pid  5191] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5192] memfd_create("syzkaller", 0) = 3
[pid  5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5192] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5192] munmap(0x7f8edabec000, 524288) = 0
[pid  5192] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5192] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5192] close(3)                    = 0
[pid  5192] mkdir("./file0", 0777)      = 0
[pid  5192] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5192] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5192] chdir("./file0")            = 0
[pid  5192] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5192] close(4)                    = 0
[pid  5192] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5191] <... futex resumed>)        = 0
[pid  5192] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5191] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5191] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5192] <... futex resumed>)        = 0
[  102.787136][ T5192] syz-executor354[5192]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  102.808696][ T5192] loop0: detected capacity change from 0 to 1024
[pid  5192] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5191] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5191] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5191] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5191] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5191] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[  102.837058][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.844646][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.852619][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.859980][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.867485][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.875662][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5191] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5193 attached
 => {parent_tid=[149]}, 88) = 149
[pid  5193] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5193] set_robust_list(0x7f8edac6b9a0, 24 <unfinished ...>
[pid  5191] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5193] <... set_robust_list resumed>) = 0
[pid  5191] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5193] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5191] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5193] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 <unfinished ...>
[pid  5191] <... futex resumed>)        = 0
[pid  5191] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5193] <... openat resumed>)       = 5
[pid  5193] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5191] <... futex resumed>)        = 0
[pid  5191] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5193] <... futex resumed>)        = 1
[pid  5191] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[  102.884623][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.892002][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.899406][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.906784][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.914208][ T5193] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.921586][ T5193] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.928947][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5193] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5191] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5191] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5191] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5191] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5191] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5191] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5194 attached
 => {parent_tid=[150]}, 88) = 150
[pid  5194] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5191] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5194] <... rseq resumed>)         = 0
[pid  5191] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5191] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5194] set_robust_list(0x7f8edac4a9a0, 24 <unfinished ...>
[pid  5191] <... futex resumed>)        = 0
[pid  5194] <... set_robust_list resumed>) = 0
[pid  5191] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5194] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5194] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 151
[  102.936594][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.944068][ T5193] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.951527][ T5193] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.958888][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.967204][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.974992][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
./strace-static-x86_64: Process 5195 attached
[pid  5194] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5194] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5191] <... futex resumed>)        = 0
[pid  5195] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5193] <... write resumed>)        = 53248
[  102.982340][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.989765][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  102.997141][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.008344][ T5193] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.017581][ T5193] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.024993][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5193] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  103.032590][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.040338][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.047824][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.056171][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.063532][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.070980][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.078717][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.086141][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.093720][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.101396][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.109049][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.116618][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.124624][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5193] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5192] <... open resumed>)         = 4
[pid  5192] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5191] close(3 <unfinished ...>
[pid  5192] <... futex resumed>)        = 0
[pid  5191] <... close resumed>)        = 0
[pid  5192] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5191] close(4)                    = 0
[pid  5191] close(5)                    = 0
[pid  5191] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5191] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5191] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5191] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5191] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(23 <unfinished ...>
[pid  5195] +++ killed by SIGSEGV (core dumped) +++
[pid  5194] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5194] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=151, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5191] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid  5194] getpid()                    = 147
[pid  5194] rt_sigreturn({mask=[]})     = 202
[pid  5194] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5191] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5191] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5191] exit_group(0 <unfinished ...>
[pid  5194] <... futex resumed>)        = ?
[pid  5191] <... exit_group resumed>)   = ?
[pid  5194] +++ exited with 0 +++
[pid  5193] <... futex resumed>)        = ?
[pid  5192] <... futex resumed>)        = ?
[pid  5193] +++ exited with 0 +++
[pid  5192] +++ exited with 0 +++
[pid  5191] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=151, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./29/binderfs")     = 0
[  103.132189][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.139498][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.147414][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.154842][ T5192] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.163898][   T28] audit: type=1800 audit(1693646123.632:31): pid=5192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./29/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./29")               = 0
[pid  5041] mkdir("./30", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5196 attached
, child_tidptr=0x5555572c4690) = 152
[pid  5196] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5196] chdir("./30")               = 0
[pid  5196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5196] setpgid(0, 0)               = 0
[pid  5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5196] write(3, "1000", 4)         = 4
[pid  5196] close(3)                    = 0
[pid  5196] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5196] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5196] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5196] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5196] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5196] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5196] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5196] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[153]}, 88) = 153
[pid  5196] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5196] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5196] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5197 attached
 <unfinished ...>
[pid  5197] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5197] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5197] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5197] memfd_create("syzkaller", 0) = 3
[pid  5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5197] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5197] munmap(0x7f8edabec000, 524288) = 0
[pid  5197] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5197] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5197] close(3)                    = 0
[pid  5197] mkdir("./file0", 0777)      = 0
[pid  5197] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5197] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5197] chdir("./file0")            = 0
[pid  5197] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5197] close(4)                    = 0
[pid  5197] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5196] <... futex resumed>)        = 0
[pid  5196] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5197] <... futex resumed>)        = 1
[pid  5196] <... futex resumed>)        = 0
[pid  5197] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[  103.267907][ T5197] syz-executor354[5197]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  103.289722][ T5197] loop0: detected capacity change from 0 to 1024
[  103.307406][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5196] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5196] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5196] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5196] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5196] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5196] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[154]}, 88) = 154
[  103.315058][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.323006][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.330464][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.338020][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.345424][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.353151][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.360504][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5196] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
./strace-static-x86_64: Process 5198 attached
[pid  5196] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5196] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5198] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5198] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5198] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5198] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5198] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5198] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5196] <... futex resumed>)        = 0
[pid  5196] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5198] <... futex resumed>)        = 0
[pid  5196] <... futex resumed>)        = 1
[pid  5198] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[  103.368299][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.375668][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.383162][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.390480][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.397941][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.405273][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5196] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5196] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5196] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5196] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5196] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5196] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5199 attached
 <unfinished ...>
[pid  5199] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5199] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5199] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5196] <... clone3 resumed> => {parent_tid=[155]}, 88) = 155
[pid  5199] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5196] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5196] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5199] <... futex resumed>)        = 0
[pid  5196] <... futex resumed>)        = 1
[pid  5196] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5199] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5200 attached
) = 156
[pid  5200] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[  103.412743][ T5198] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.420116][ T5198] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.427554][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.435086][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.443839][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.451222][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.458966][ T5198] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5199] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5196] <... futex resumed>)        = 0
[pid  5199] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5198] <... write resumed>)        = 53248
[pid  5198] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  103.466630][ T5198] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.474826][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.482435][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.489898][ T5198] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.497318][ T5198] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.504759][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.513145][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.521156][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.529002][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.538120][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.546323][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.554159][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.562392][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.570088][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.578065][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.585731][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.593682][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.601216][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.608529][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5198] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5200] +++ killed by SIGSEGV (core dumped) +++
[pid  5199] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5199] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=156, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5199] getpid()                    = 152
[pid  5199] rt_sigreturn({mask=[]})     = 202
[pid  5199] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5197] <... open resumed>)         = 4
[pid  5197] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5197] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5196] close(3)                    = 0
[pid  5196] close(4)                    = 0
[pid  5196] close(5)                    = 0
[pid  5196] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5196] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5196] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5196] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5196] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5196] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5196] exit_group(0 <unfinished ...>
[pid  5199] <... futex resumed>)        = ?
[pid  5199] +++ exited with 0 +++
[pid  5198] <... futex resumed>)        = ?
[pid  5197] <... futex resumed>)        = ?
[pid  5196] <... exit_group resumed>)   = ?
[pid  5198] +++ exited with 0 +++
[pid  5197] +++ exited with 0 +++
[pid  5196] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=156, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./30/binderfs")     = 0
[pid  5041] umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[  103.616501][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.624008][ T5197] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.631971][   T28] audit: type=1800 audit(1693646124.102:32): pid=5197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./30/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./30")               = 0
[pid  5041] mkdir("./31", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5201 attached
, child_tidptr=0x5555572c4690) = 157
[pid  5201] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5201] chdir("./31")               = 0
[pid  5201] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5201] setpgid(0, 0)               = 0
[pid  5201] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5201] write(3, "1000", 4)         = 4
[pid  5201] close(3)                    = 0
[pid  5201] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5201] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5201] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5201] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5201] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5201] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5201] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5201] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5202 attached
 => {parent_tid=[158]}, 88) = 158
[pid  5202] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5201] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5202] set_robust_list(0x7f8ee300c9a0, 24 <unfinished ...>
[pid  5201] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5202] <... set_robust_list resumed>) = 0
[pid  5201] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5202] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5201] <... futex resumed>)        = 0
[pid  5202] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5201] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5202] memfd_create("syzkaller", 0) = 3
[pid  5202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5202] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5202] munmap(0x7f8edabec000, 524288) = 0
[pid  5202] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5202] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5202] close(3)                    = 0
[pid  5202] mkdir("./file0", 0777)      = 0
[pid  5202] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5202] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5202] chdir("./file0")            = 0
[pid  5202] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5202] close(4)                    = 0
[pid  5202] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5201] <... futex resumed>)        = 0
[pid  5201] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5201] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5202] <... futex resumed>)        = 1
[  103.713965][ T5202] syz-executor354[5202]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  103.738288][ T5202] loop0: detected capacity change from 0 to 1024
[pid  5202] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5201] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5201] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5201] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5201] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5201] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[  103.762240][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.769583][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.777159][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.784550][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.792320][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.799619][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.807376][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5201] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[159]}, 88) = 159
[pid  5201] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5201] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5201] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5203 attached
 <unfinished ...>
[pid  5203] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5203] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5203] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5203] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5203] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5201] <... futex resumed>)        = 0
[pid  5203] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5201] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5203] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5201] <... futex resumed>)        = 0
[pid  5203] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[  103.814885][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.822321][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.829671][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.837126][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.844469][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.852043][ T5203] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5201] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5201] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5201] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5201] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5201] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5201] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[160]}, 88) = 160
[pid  5201] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5201] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5201] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5204 attached
 <unfinished ...>
[pid  5204] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5204] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5204] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5204] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88) = 161
./strace-static-x86_64: Process 5205 attached
[pid  5205] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5204] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5201] <... futex resumed>)        = 0
[  103.859354][ T5203] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.866909][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.874302][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.882135][ T5203] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.889482][ T5203] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.898037][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.905760][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5204] <... futex resumed>)        = 1
[pid  5204] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5203] <... write resumed>)        = 53248
[pid  5203] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  103.915519][ T5203] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.922918][ T5203] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.930277][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.937910][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.945812][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.953320][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.961184][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.968898][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.977204][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.985111][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  103.993277][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.001205][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5203] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5205] +++ killed by SIGSEGV (core dumped) +++
[pid  5204] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5204] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=161, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5204] getpid()                    = 157
[pid  5204] rt_sigreturn({mask=[]})     = 202
[  104.009027][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.017012][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.024541][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.031875][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.039294][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.046647][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.054113][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5204] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5202] <... open resumed>)         = 4
[pid  5202] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5202] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5201] close(3)                    = 0
[pid  5201] close(4)                    = 0
[pid  5201] close(5)                    = 0
[pid  5201] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5201] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5201] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5201] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5201] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5201] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5201] exit_group(0)               = ?
[pid  5202] <... futex resumed>)        = ?
[pid  5204] <... futex resumed>)        = ?
[pid  5203] <... futex resumed>)        = ?
[pid  5202] +++ exited with 0 +++
[pid  5204] +++ exited with 0 +++
[pid  5203] +++ exited with 0 +++
[pid  5201] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=161, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./31/binderfs")     = 0
[  104.061427][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.068788][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.076101][ T5202] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.083695][   T28] audit: type=1800 audit(1693646124.552:33): pid=5202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./31/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./31")               = 0
[pid  5041] mkdir("./32", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 162
./strace-static-x86_64: Process 5206 attached
[pid  5206] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5206] chdir("./32")               = 0
[pid  5206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5206] setpgid(0, 0)               = 0
[pid  5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5206] write(3, "1000", 4)         = 4
[pid  5206] close(3)                    = 0
[pid  5206] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5206] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5206] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5206] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5206] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5206] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5206] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5206] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5207 attached
 => {parent_tid=[163]}, 88) = 163
[pid  5206] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5206] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5206] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5207] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5207] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5207] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5207] memfd_create("syzkaller", 0) = 3
[pid  5207] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5207] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5207] munmap(0x7f8edabec000, 524288) = 0
[pid  5207] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5207] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5207] close(3)                    = 0
[pid  5207] mkdir("./file0", 0777)      = 0
[pid  5207] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5207] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5207] chdir("./file0")            = 0
[pid  5207] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5207] close(4)                    = 0
[pid  5207] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5206] <... futex resumed>)        = 0
[pid  5207] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5206] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5207] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5206] <... futex resumed>)        = 0
[pid  5207] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[  104.212087][ T5207] loop0: detected capacity change from 0 to 1024
[  104.233220][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.240621][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.248274][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5206] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5206] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5206] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5206] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5206] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5206] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5208 attached
 <unfinished ...>
[pid  5208] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5206] <... clone3 resumed> => {parent_tid=[164]}, 88) = 164
[pid  5208] <... rseq resumed>)         = 0
[pid  5206] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5208] set_robust_list(0x7f8edac6b9a0, 24 <unfinished ...>
[pid  5206] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5208] <... set_robust_list resumed>) = 0
[pid  5208] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5206] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5208] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5206] <... futex resumed>)        = 0
[pid  5208] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 <unfinished ...>
[pid  5206] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5208] <... openat resumed>)       = 5
[pid  5208] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5206] <... futex resumed>)        = 0
[pid  5206] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5206] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5208] <... futex resumed>)        = 1
[  104.256577][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.264404][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.272330][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.280026][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.288836][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.297241][ T5208] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.304662][ T5208] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5208] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5206] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5206] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5206] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5206] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5206] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5206] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5209 attached
 => {parent_tid=[165]}, 88) = 165
[pid  5209] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5206] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5209] <... rseq resumed>)         = 0
[pid  5206] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5209] set_robust_list(0x7f8edac4a9a0, 24 <unfinished ...>
[pid  5206] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5209] <... set_robust_list resumed>) = 0
[pid  5206] <... futex resumed>)        = 0
[pid  5206] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5209] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[  104.312222][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.319532][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.327482][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.334961][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.342756][ T5208] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.351738][ T5208] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5209] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5210 attached
) = 166
[pid  5210] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5209] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5206] <... futex resumed>)        = 0
[pid  5209] <... futex resumed>)        = 1
[  104.359109][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.366494][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.375229][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.383178][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.391362][ T5208] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.398705][ T5208] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5209] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5208] <... write resumed>)        = 53248
[pid  5208] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  104.406290][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.414453][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.423193][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.431213][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.439000][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.447159][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.455087][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5208] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5210] +++ killed by SIGSEGV (core dumped) +++
[pid  5209] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5209] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=166, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5209] getpid()                    = 162
[pid  5209] rt_sigreturn({mask=[]})     = 202
[  104.463283][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.470999][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.478305][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.486431][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.494185][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.501582][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5209] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5207] <... open resumed>)         = 4
[pid  5207] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5206] close(3 <unfinished ...>
[pid  5207] <... futex resumed>)        = 0
[pid  5206] <... close resumed>)        = 0
[pid  5206] close(4)                    = 0
[pid  5207] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5206] close(5)                    = 0
[pid  5206] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5206] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5206] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5206] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5206] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5206] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5206] exit_group(0 <unfinished ...>
[pid  5209] <... futex resumed>)        = ?
[pid  5208] <... futex resumed>)        = ?
[pid  5207] <... futex resumed>)        = ?
[pid  5208] +++ exited with 0 +++
[pid  5207] +++ exited with 0 +++
[pid  5209] +++ exited with 0 +++
[pid  5206] <... exit_group resumed>)   = ?
[pid  5206] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=166, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./32/binderfs")     = 0
[  104.508874][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.516689][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.524440][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.531878][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.539182][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.546570][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.553893][ T5207] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5041] umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./32/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./32")               = 0
[pid  5041] mkdir("./33", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 167
./strace-static-x86_64: Process 5211 attached
[pid  5211] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5211] chdir("./33")               = 0
[pid  5211] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5211] setpgid(0, 0)               = 0
[pid  5211] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5211] write(3, "1000", 4)         = 4
[pid  5211] close(3)                    = 0
[pid  5211] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5211] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5211] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5211] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5211] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5211] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5211] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5211] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5212 attached
 <unfinished ...>
[pid  5212] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5211] <... clone3 resumed> => {parent_tid=[168]}, 88) = 168
[pid  5212] <... rseq resumed>)         = 0
[pid  5211] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5212] set_robust_list(0x7f8ee300c9a0, 24 <unfinished ...>
[pid  5211] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5212] <... set_robust_list resumed>) = 0
[pid  5211] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5212] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5211] <... futex resumed>)        = 0
[pid  5212] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5211] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5212] <... memfd_create resumed>) = 3
[pid  5212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5212] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5212] munmap(0x7f8edabec000, 524288) = 0
[pid  5212] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5212] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5212] close(3)                    = 0
[pid  5212] mkdir("./file0", 0777)      = 0
[pid  5212] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5212] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5212] chdir("./file0")            = 0
[pid  5212] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5212] close(4)                    = 0
[pid  5212] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5211] <... futex resumed>)        = 0
[pid  5212] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5211] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5212] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5211] <... futex resumed>)        = 0
[pid  5211] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[  104.656532][ T5212] __do_sys_memfd_create: 1 callbacks suppressed
[  104.656554][ T5212] syz-executor354[5212]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  104.686240][ T5212] loop0: detected capacity change from 0 to 1024
[pid  5212] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5211] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid  5211] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  104.708971][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.717506][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.725318][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.732947][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.740674][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.749352][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5211] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5211] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5211] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5211] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[169]}, 88) = 169
[pid  5211] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5211] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5211] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5213 attached
 <unfinished ...>
[pid  5213] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5213] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5213] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5213] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5213] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5211] <... futex resumed>)        = 0
[pid  5211] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5213] <... futex resumed>)        = 1
[pid  5211] <... futex resumed>)        = 0
[pid  5213] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[  104.758442][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.769340][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.777241][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.785487][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.792985][ T5213] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.800290][ T5213] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5211] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5211] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5211] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5211] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5211] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5211] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0}./strace-static-x86_64: Process 5214 attached
 => {parent_tid=[170]}, 88) = 170
[pid  5214] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5214] set_robust_list(0x7f8edac4a9a0, 24 <unfinished ...>
[pid  5211] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5214] <... set_robust_list resumed>) = 0
[pid  5214] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5211] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5214] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5211] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5214] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88 <unfinished ...>
[pid  5211] <... futex resumed>)        = 0
[pid  5211] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5215 attached
 <unfinished ...>
[pid  5215] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5214] <... clone3 resumed>)       = 171
[pid  5214] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5211] <... futex resumed>)        = 0
[  104.807734][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.815079][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.822818][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.831128][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.838822][ T5213] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.847102][ T5213] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5214] <... futex resumed>)        = 1
[pid  5214] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5213] <... write resumed>)        = 53248
[pid  5213] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  104.855072][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.863808][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.871419][ T5213] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.878799][ T5213] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.889507][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.897409][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.905341][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.913047][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.921050][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.928739][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.936855][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.944671][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.952452][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5213] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5215] +++ killed by SIGSEGV (core dumped) +++
[pid  5214] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid  5214] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=171, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5214] getpid()                    = 167
[pid  5214] rt_sigreturn({mask=[]})     = 202
[  104.960010][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.967958][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.975337][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.982782][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.990081][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  104.997513][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5214] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5212] <... open resumed>)         = 4
[pid  5212] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5212] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5211] close(3)                    = 0
[pid  5211] close(4)                    = 0
[pid  5211] close(5)                    = 0
[pid  5211] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5211] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5211] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5211] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5211] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5211] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5211] exit_group(0 <unfinished ...>
[pid  5213] <... futex resumed>)        = ?
[pid  5212] <... futex resumed>)        = ?
[pid  5213] +++ exited with 0 +++
[pid  5212] +++ exited with 0 +++
[pid  5211] <... exit_group resumed>)   = ?
[pid  5214] <... futex resumed>)        = ?
[  105.004859][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.012270][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.019577][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.026976][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.034319][ T5212] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.041916][   T28] kauditd_printk_skb: 1 callbacks suppressed
[pid  5214] +++ exited with 0 +++
[pid  5211] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=171, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./33/binderfs")     = 0
[pid  5041] umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[  105.041932][   T28] audit: type=1800 audit(1693646125.512:35): pid=5212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./33/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./33")               = 0
[pid  5041] mkdir("./34", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5216 attached
, child_tidptr=0x5555572c4690) = 172
[pid  5216] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5216] chdir("./34")               = 0
[pid  5216] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5216] setpgid(0, 0)               = 0
[pid  5216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5216] write(3, "1000", 4)         = 4
[pid  5216] close(3)                    = 0
[pid  5216] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5216] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5216] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5216] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5216] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5216] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5216] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5216] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0} => {parent_tid=[173]}, 88) = 173
[pid  5216] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5216] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5216] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5217 attached
 <unfinished ...>
[pid  5217] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053) = 0
[pid  5217] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5217] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5217] memfd_create("syzkaller", 0) = 3
[pid  5217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5217] munmap(0x7f8edabec000, 524288) = 0
[pid  5217] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5217] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5217] close(3)                    = 0
[pid  5217] mkdir("./file0", 0777)      = 0
[pid  5217] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5217] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5217] chdir("./file0")            = 0
[pid  5217] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5217] close(4)                    = 0
[  105.149986][ T5217] syz-executor354[5217]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  105.173953][ T5217] loop0: detected capacity change from 0 to 1024
[pid  5217] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5216] <... futex resumed>)        = 0
[pid  5217] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5216] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5217] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5216] <... futex resumed>)        = 0
[pid  5217] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[pid  5216] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5216] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5216] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5216] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5216] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5216] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0} => {parent_tid=[174]}, 88) = 174
[pid  5216] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5216] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5216] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5218 attached
[  105.204343][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.214218][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.221760][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.229255][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.236728][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.244092][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
 <unfinished ...>
[pid  5218] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5218] set_robust_list(0x7f8edac6b9a0, 24) = 0
[pid  5218] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5218] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5218] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5216] <... futex resumed>)        = 0
[pid  5218] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5216] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5218] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5218] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5216] <... futex resumed>)        = 0
[  105.251740][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.259735][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.267699][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.275524][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.283054][ T5218] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.290417][ T5218] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5216] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5216] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5216] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5216] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5216] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5216] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5216] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[175]}, 88) = 175
[pid  5216] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5216] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5216] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5219 attached
 <unfinished ...>
[pid  5219] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5219] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5219] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5219] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5220 attached
) = 176
[pid  5220] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5219] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5216] <... futex resumed>)        = 0
[pid  5219] <... futex resumed>)        = 1
[  105.298066][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.305396][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.312951][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.324320][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.331726][ T5218] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.339442][ T5218] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5219] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5218] <... write resumed>)        = 53248
[pid  5218] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  105.348183][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.356103][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.364026][ T5218] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.371945][ T5218] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.379408][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.390965][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.398713][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.406230][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.414279][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.421668][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.429316][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.436680][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.445491][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5218] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5220] +++ killed by SIGSEGV (core dumped) +++
[pid  5216] --- SIGRT_1 {si_signo=SIGRT_1, si_code=0x3, si_pid=176, si_uid=0, si_int=11, si_ptr=0xb} ---
[pid  5216] getpid()                    = 172
[pid  5216] rt_sigreturn({mask=[]})     = 0
[pid  5219] <... futex resumed>)        = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[  105.453188][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.460722][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.468383][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.476059][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.483605][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.491051][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5219] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5216] close(3)                    = 0
[pid  5216] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5216] close(5)                    = 0
[pid  5217] <... open resumed>)         = 4
[pid  5217] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5216] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5216] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5216] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5216] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5217] <... futex resumed>)        = 0
[pid  5216] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5216] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5216] exit_group(0)               = ?
[pid  5218] <... futex resumed>)        = ?
[pid  5218] +++ exited with 0 +++
[  105.498876][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.506772][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.514316][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.521724][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.529018][ T5217] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5217] +++ exited with 0 +++
[pid  5219] <... futex resumed>)        = ?
[pid  5219] +++ exited with 0 +++
[pid  5216] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=176, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[pid  5041] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./34/binderfs")     = 0
[  105.540514][   T28] audit: type=1800 audit(1693646126.002:36): pid=5217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5041] umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5041] umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5041] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(4, 0x5555572cd770 /* 2 entries */, 32768) = 48
[pid  5041] getdents64(4, 0x5555572cd770 /* 0 entries */, 32768) = 0
[pid  5041] close(4)                    = 0
[pid  5041] rmdir("./34/file0")         = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 0 entries */, 32768) = 0
[pid  5041] close(3)                    = 0
[pid  5041] rmdir("./34")               = 0
[pid  5041] mkdir("./35", 0777)         = 0
[pid  5041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5041] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5041] close(3)                    = 0
[pid  5041] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572c4690) = 177
./strace-static-x86_64: Process 5221 attached
[pid  5221] set_robust_list(0x5555572c46a0, 24) = 0
[pid  5221] chdir("./35")               = 0
[pid  5221] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5221] setpgid(0, 0)               = 0
[pid  5221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5221] write(3, "1000", 4)         = 4
[pid  5221] close(3)                    = 0
[pid  5221] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5221] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5221] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ee3076290, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ee3067440}, NULL, 8) = 0
[pid  5221] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5221] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8ee2fec000
[pid  5221] mprotect(0x7f8ee2fed000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5221] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5221] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8ee300c990, parent_tid=0x7f8ee300c990, exit_signal=0, stack=0x7f8ee2fec000, stack_size=0x20300, tls=0x7f8ee300c6c0}./strace-static-x86_64: Process 5222 attached
 <unfinished ...>
[pid  5222] rseq(0x7f8ee300cfe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5221] <... clone3 resumed> => {parent_tid=[178]}, 88) = 178
[pid  5221] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5222] <... rseq resumed>)         = 0
[pid  5222] set_robust_list(0x7f8ee300c9a0, 24) = 0
[pid  5221] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5222] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5222] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5221] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5222] <... futex resumed>)        = 0
[pid  5221] <... futex resumed>)        = 1
[pid  5221] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5222] memfd_create("syzkaller", 0) = 3
[pid  5222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8edabec000
[pid  5222] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5222] munmap(0x7f8edabec000, 524288) = 0
[pid  5222] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5222] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5222] close(3)                    = 0
[pid  5222] mkdir("./file0", 0777)      = 0
[pid  5222] mount("/dev/loop0", "./file0", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK|MS_STRICTATIME, "") = 0
[pid  5222] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5222] chdir("./file0")            = 0
[pid  5222] ioctl(4, LOOP_CLR_FD)       = 0
[  105.653458][ T5222] syz-executor354[5222]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  105.678217][ T5222] loop0: detected capacity change from 0 to 1024
[pid  5222] close(4)                    = 0
[pid  5222] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5222] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5221] <... futex resumed>)        = 0
[pid  5221] futex(0x7f8ee30d86c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5222] <... futex resumed>)        = 0
[pid  5221] <... futex resumed>)        = 1
[pid  5222] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 <unfinished ...>
[  105.704440][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.715083][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.725362][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.732800][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.740218][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5221] futex(0x7f8ee30d86cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5221] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5221] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac4b000
[pid  5221] mprotect(0x7f8edac4c000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5221] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5221] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac6b990, parent_tid=0x7f8edac6b990, exit_signal=0, stack=0x7f8edac4b000, stack_size=0x20300, tls=0x7f8edac6b6c0}./strace-static-x86_64: Process 5223 attached
 => {parent_tid=[179]}, 88) = 179
[pid  5223] rseq(0x7f8edac6bfe0, 0x20, 0, 0x53053053) = 0
[pid  5221] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5223] set_robust_list(0x7f8edac6b9a0, 24 <unfinished ...>
[pid  5221] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5223] <... set_robust_list resumed>) = 0
[pid  5221] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5223] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5221] <... futex resumed>)        = 0
[pid  5223] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5221] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5223] openat(AT_FDCWD, "blkio.throttle.io_service_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid  5223] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5221] <... futex resumed>)        = 0
[pid  5223] <... futex resumed>)        = 1
[pid  5221] futex(0x7f8ee30d86d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5223] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5221] <... futex resumed>)        = 0
[  105.748516][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.757995][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.765638][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.773776][ T5223] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.781475][ T5223] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.788924][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.796268][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5221] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5221] futex(0x7f8ee30d86dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out)
[pid  5221] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5221] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8edac2a000
[pid  5221] mprotect(0x7f8edac2b000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5221] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5221] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8edac4a990, parent_tid=0x7f8edac4a990, exit_signal=0, stack=0x7f8edac2a000, stack_size=0x20300, tls=0x7f8edac4a6c0} => {parent_tid=[180]}, 88) = 180
[pid  5221] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5221] futex(0x7f8ee30d86e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5221] futex(0x7f8ee30d86ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5224 attached
 <unfinished ...>
[pid  5224] rseq(0x7f8edac4afe0, 0x20, 0, 0x53053053) = 0
[pid  5224] set_robust_list(0x7f8edac4a9a0, 24) = 0
[pid  5224] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5224] clone3({flags=CLONE_PTRACE|CLONE_SYSVSEM, exit_signal=SIGRT_1, stack=0x20000240, stack_size=0xa8, cgroup=5}, 88./strace-static-x86_64: Process 5225 attached
 <unfinished ...>
[pid  5225] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5224] <... clone3 resumed>)       = 181
[pid  5224] futex(0x7f8ee30d86ec, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5224] futex(0x7f8ee30d86e8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5221] <... futex resumed>)        = 0
[  105.803685][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.811379][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.821919][ T5223] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.829239][ T5223] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.836972][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.845149][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[pid  5223] <... write resumed>)        = 53248
[pid  5223] futex(0x7f8ee30d86dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  105.852585][ T5223] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.859898][ T5223] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.867874][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.875435][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.883090][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.890764][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.898937][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.906964][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.914820][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.922967][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.931215][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.938903][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.947133][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.954924][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.962559][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.962957][ T5225] ------------[ cut here ]------------
[  105.970658][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.975785][ T5225] WARNING: CPU: 1 PID: 5225 at fs/hfsplus/extents.c:346 hfsplus_free_extents+0x3d6/0x510
[  105.984428][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  105.992992][ T5225] Modules linked in:
[  105.993009][ T5225] CPU: 1 PID: 5225 Comm: syz-executor354 Not tainted 6.5.0-next-20230831-syzkaller #0
[  106.001325][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  106.004288][ T5225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[  106.014461][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  106.021130][ T5225] RIP: 0010:hfsplus_free_extents+0x3d6/0x510
[  106.021185][ T5225] Code: ca 2f ff 8b 44 24 04 85 c0 0f 84 34 fe ff ff e8 50 cf 2f ff 48 c7 c7 e0 b2 a7 8a e8 74 ee 12 ff e9 1e fe ff ff e8 3a cf 2f ff <0f> 0b e9 b7 fc ff ff e8 2e cf 2f ff 8b 14 24 8b 74 24 04 48 8b 7c
[  106.064297][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  106.064404][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  106.071608][ T5225] RSP: 0018:ffffc90003f9eed0 EFLAGS: 00010293
[  106.079566][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  106.085026][ T5225] RAX: 0000000000000000 RBX: ffff888019e4f2d8 RCX: 0000000000000000
[pid  5223] futex(0x7f8ee30d86d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5222] <... open resumed>)         = 4
[pid  5222] futex(0x7f8ee30d86cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5222] futex(0x7f8ee30d86c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5221] close(3)                    = 0
[pid  5221] close(4)                    = 0
[pid  5221] close(5)                    = 0
[pid  5221] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5221] close(7)                    = -1 EBADF (Bad file descriptor)
[  106.092915][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  106.100282][ T5225] RDX: ffff888017fed940 RSI: ffffffff82580fa6 RDI: 0000000000000001
[  106.108016][ T5222] hfsplus: request for non-existent node 16777216 in B*Tree
[  106.115589][ T5225] RBP: 000000000000014e R08: 0000000000000001 R09: 0000000000000000
[  106.125364][   T28] audit: type=1800 audit(1693646126.592:37): pid=5222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor354" name="file1" dev="loop0" ino=20 res=0 errno=0
[pid  5221] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5221] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5221] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5221] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5221] exit_group(0 <unfinished ...>
[pid  5222] <... futex resumed>)        = ?
[pid  5222] +++ exited with 0 +++
[pid  5224] <... futex resumed>)        = ?
[pid  5224] +++ exited with 0 +++
[pid  5221] <... exit_group resumed>)   = ?
[pid  5223] <... futex resumed>)        = ?
[pid  5223] +++ exited with 0 +++
[pid  5221] +++ exited with 0 +++
[pid  5041] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=177, si_uid=0, si_status=0, si_utime=0, si_stime=43 /* 0.43 s */} ---
[pid  5041] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5041] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5041] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5041] getdents64(3, 0x5555572c5730 /* 4 entries */, 32768) = 112
[pid  5041] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5041] newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5041] unlink("./35/binderfs")     = 0
[  106.131216][ T5225] R10: 0000000000000001 R11: 0000000000000000 R12: 000000007bf79d01
[  106.158884][ T5225] R13: ffff888019e4f2cc R14: ffff88807aeea000 R15: ffff888019e4f400
[  106.168815][ T5225] FS:  00007f8edac4a6c0(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[  106.177849][ T5225] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  106.185324][ T5225] CR2: 00007f8ee30b950c CR3: 00000000173b9000 CR4: 00000000003506e0
[  106.193406][ T5225] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  106.204513][ T5225] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  106.212540][ T5225] Call Trace:
[  106.215835][ T5225]  <TASK>
[  106.218768][ T5225]  ? show_regs+0x8f/0xa0
[  106.223056][ T5225]  ? __warn+0xe6/0x380
[  106.227166][ T5225]  ? hfsplus_free_extents+0x3d6/0x510
[  106.232701][ T5225]  ? report_bug+0x3bc/0x580
[  106.237272][ T5225]  ? handle_bug+0x3c/0x70
[  106.241726][ T5225]  ? exc_invalid_op+0x17/0x40
[  106.246435][ T5225]  ? asm_exc_invalid_op+0x1a/0x20
[  106.251542][ T5225]  ? hfsplus_free_extents+0x3d6/0x510
[  106.256969][ T5225]  ? hfsplus_free_extents+0x3d6/0x510
[  106.262401][ T5225]  hfsplus_file_truncate+0xe7f/0x1120
[  106.267828][ T5225]  ? hfsplus_get_block+0x9e0/0x9e0
[  106.273021][ T5225]  ? rcu_is_watching+0x12/0xb0
[  106.277809][ T5225]  ? __mark_inode_dirty+0x297/0xd50
[  106.283062][ T5225]  hfsplus_write_begin+0x113/0x140
[  106.288238][ T5225]  cont_write_begin+0x336/0x730
[  106.293163][ T5225]  ? hfsplus_file_extend+0x1090/0x1090
[  106.298682][ T5225]  ? block_write_begin+0x490/0x490
[  106.303868][ T5225]  ? rcu_is_watching+0x12/0xb0
[  106.308659][ T5225]  ? lock_release+0x4bf/0x680
[  106.313399][ T5225]  ? lock_sync+0x190/0x190
[  106.317848][ T5225]  ? reacquire_held_locks+0x4b0/0x4b0
[  106.323272][ T5225]  hfsplus_write_begin+0x87/0x140
[  106.328334][ T5225]  ? hfsplus_file_extend+0x1090/0x1090
[  106.333853][ T5225]  generic_perform_write+0x278/0x600
[  106.339178][ T5225]  ? folio_add_wait_queue+0x1c0/0x1c0
[  106.344592][ T5225]  ? generic_write_checks+0x2b0/0x3f0
[  106.350013][ T5225]  __generic_file_write_iter+0x1f9/0x240
[  106.355711][ T5225]  generic_file_write_iter+0xe3/0x350
[  106.361148][ T5225]  __kernel_write_iter+0x261/0x7e0
[  106.366363][ T5225]  ? vfs_read+0x930/0x930
[  106.370701][ T5225]  ? get_dump_page+0x144/0x210
[  106.375538][ T5225]  ? __kernel_write+0xf6/0x140
[  106.380336][ T5225]  dump_user_range+0x299/0x790
[  106.385157][ T5225]  ? do_coredump+0x3fc0/0x3fc0
[  106.389969][ T5225]  ? dump_align+0xa3/0xc0
[  106.394447][ T5225]  ? notesize+0x90/0x90
[  106.398635][ T5225]  elf_core_dump+0x2721/0x38e0
[  106.403462][ T5225]  ? load_elf_phdrs+0x210/0x210
[  106.408345][ T5225]  ? kvmalloc_node+0x99/0x1a0
[  106.413093][ T5225]  ? kasan_save_stack+0x43/0x50
[  106.418001][ T5225]  ? kasan_save_stack+0x33/0x50
[  106.422930][ T5225]  ? kvmalloc_node+0x99/0x1a0
[  106.427670][ T5225]  ? do_coredump+0x2396/0x3fc0
[  106.432508][ T5225]  ? get_signal+0x244b/0x27b0
[  106.437220][ T5225]  ? arch_do_signal_or_restart+0x90/0x7f0
[  106.442999][ T5225]  ? exit_to_user_mode_prepare+0x11f/0x240
[  106.448843][ T5225]  ? 0xffffffffff600000
[  106.453164][ T5225]  ? preempt_count_sub+0x150/0x150
[  106.458327][ T5225]  ? do_coredump+0x2c96/0x3fc0
[  106.463153][ T5225]  do_coredump+0x2c96/0x3fc0
[  106.467792][ T5225]  ? dump_emit+0x330/0x330
[  106.472270][ T5225]  ? __switch_to+0x73d/0x1340
[  106.476991][ T5225]  ? __schedule+0xee9/0x59f0
[  106.481635][ T5225]  ? rcu_is_watching+0x12/0xb0
[  106.486470][ T5225]  ? lock_sync+0x190/0x190
[  106.490956][ T5225]  ? ptrace_stop.part.0+0x4b4/0x8f0
[  106.496457][ T5225]  ? rcu_is_watching+0x12/0xb0
[  106.501264][ T5225]  get_signal+0x244b/0x27b0
[  106.505808][ T5225]  ? exit_signals+0x920/0x920
[  106.510502][ T5225]  ? force_sig+0xf0/0xf0
[  106.514805][ T5225]  arch_do_signal_or_restart+0x90/0x7f0
[  106.520412][ T5225]  ? __bad_area_nosemaphore+0x325/0x6a0
[  106.526018][ T5225]  ? get_sigframe_size+0x20/0x20
[  106.531044][ T5225]  ? __bad_area_nosemaphore+0x325/0x6a0
[  106.536648][ T5225]  exit_to_user_mode_prepare+0x11f/0x240
[  106.542333][ T5225]  irqentry_exit_to_user_mode+0x9/0x40
[  106.547844][ T5225]  asm_exc_page_fault+0x26/0x30
[  106.552756][ T5225] RIP: 0033:0x0
[  106.556221][ T5225] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  106.563615][ T5225] RSP: 002b:00000000200002f0 EFLAGS: 00010217
[  106.569714][ T5225] RAX: 0000000000000000 RBX: 00007f8ee30d86e8 RCX: 00007f8ee304fe49
[  106.577732][ T5225] RDX: 00007f8edac4a120 RSI: 0000000000000058 RDI: 00007f8edac4a120
[  106.585742][ T5225] RBP: 00007f8ee30d86e0 R08: 00007ffe8cce5c27 R09: 0000000000042000
[  106.593755][ T5225] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8ee30a4810
[  106.601760][ T5225] R13: 0030656c69662f2e R14: 0073756c70736668 R15: 0031656c69662f2e
[  106.609744][ T5225]  </TASK>
[  106.612812][ T5225] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  106.620131][ T5225] CPU: 1 PID: 5225 Comm: syz-executor354 Not tainted 6.5.0-next-20230831-syzkaller #0
[  106.629683][ T5225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[  106.639740][ T5225] Call Trace:
[  106.643022][ T5225]  <TASK>
[  106.645955][ T5225]  dump_stack_lvl+0xd9/0x1b0
[  106.650587][ T5225]  panic+0x6a6/0x750
[  106.654501][ T5225]  ? panic_smp_self_stop+0xa0/0xa0
[  106.659651][ T5225]  ? hfsplus_free_extents+0x3d6/0x510
[  106.665064][ T5225]  check_panic_on_warn+0xab/0xb0
[  106.670033][ T5225]  __warn+0xf2/0x380
[  106.673953][ T5225]  ? hfsplus_free_extents+0x3d6/0x510
[  106.679382][ T5225]  report_bug+0x3bc/0x580
[  106.684190][ T5225]  handle_bug+0x3c/0x70
[  106.688367][ T5225]  exc_invalid_op+0x17/0x40
[  106.692907][ T5225]  asm_exc_invalid_op+0x1a/0x20
[  106.697963][ T5225] RIP: 0010:hfsplus_free_extents+0x3d6/0x510
[  106.703977][ T5225] Code: ca 2f ff 8b 44 24 04 85 c0 0f 84 34 fe ff ff e8 50 cf 2f ff 48 c7 c7 e0 b2 a7 8a e8 74 ee 12 ff e9 1e fe ff ff e8 3a cf 2f ff <0f> 0b e9 b7 fc ff ff e8 2e cf 2f ff 8b 14 24 8b 74 24 04 48 8b 7c
[  106.723605][ T5225] RSP: 0018:ffffc90003f9eed0 EFLAGS: 00010293
[  106.729721][ T5225] RAX: 0000000000000000 RBX: ffff888019e4f2d8 RCX: 0000000000000000
[  106.737704][ T5225] RDX: ffff888017fed940 RSI: ffffffff82580fa6 RDI: 0000000000000001
[  106.745705][ T5225] RBP: 000000000000014e R08: 0000000000000001 R09: 0000000000000000
[  106.753705][ T5225] R10: 0000000000000001 R11: 0000000000000000 R12: 000000007bf79d01
[  106.761702][ T5225] R13: ffff888019e4f2cc R14: ffff88807aeea000 R15: ffff888019e4f400
[  106.769704][ T5225]  ? hfsplus_free_extents+0x3d6/0x510
[  106.775214][ T5225]  hfsplus_file_truncate+0xe7f/0x1120
[  106.780648][ T5225]  ? hfsplus_get_block+0x9e0/0x9e0
[  106.785827][ T5225]  ? rcu_is_watching+0x12/0xb0
[  106.790611][ T5225]  ? __mark_inode_dirty+0x297/0xd50
[  106.795839][ T5225]  hfsplus_write_begin+0x113/0x140
[  106.800985][ T5225]  cont_write_begin+0x336/0x730
[  106.805878][ T5225]  ? hfsplus_file_extend+0x1090/0x1090
[  106.811380][ T5225]  ? block_write_begin+0x490/0x490
[  106.816523][ T5225]  ? rcu_is_watching+0x12/0xb0
[  106.821305][ T5225]  ? lock_release+0x4bf/0x680
[  106.826043][ T5225]  ? lock_sync+0x190/0x190
[  106.830494][ T5225]  ? reacquire_held_locks+0x4b0/0x4b0
[  106.835900][ T5225]  hfsplus_write_begin+0x87/0x140
[  106.840962][ T5225]  ? hfsplus_file_extend+0x1090/0x1090
[  106.846471][ T5225]  generic_perform_write+0x278/0x600
[  106.851795][ T5225]  ? folio_add_wait_queue+0x1c0/0x1c0
[  106.857202][ T5225]  ? generic_write_checks+0x2b0/0x3f0
[  106.862603][ T5225]  __generic_file_write_iter+0x1f9/0x240
[  106.868267][ T5225]  generic_file_write_iter+0xe3/0x350
[  106.873676][ T5225]  __kernel_write_iter+0x261/0x7e0
[  106.878820][ T5225]  ? vfs_read+0x930/0x930
[  106.883171][ T5225]  ? get_dump_page+0x144/0x210
[  106.887973][ T5225]  ? __kernel_write+0xf6/0x140
[  106.892767][ T5225]  dump_user_range+0x299/0x790
[  106.897565][ T5225]  ? do_coredump+0x3fc0/0x3fc0
[  106.902361][ T5225]  ? dump_align+0xa3/0xc0
[  106.906723][ T5225]  ? notesize+0x90/0x90
[  106.910909][ T5225]  elf_core_dump+0x2721/0x38e0
[  106.915709][ T5225]  ? load_elf_phdrs+0x210/0x210
[  106.920592][ T5225]  ? kvmalloc_node+0x99/0x1a0
[  106.925303][ T5225]  ? kasan_save_stack+0x43/0x50
[  106.930272][ T5225]  ? kasan_save_stack+0x33/0x50
[  106.935159][ T5225]  ? kvmalloc_node+0x99/0x1a0
[  106.939878][ T5225]  ? do_coredump+0x2396/0x3fc0
[  106.944672][ T5225]  ? get_signal+0x244b/0x27b0
[  106.949372][ T5225]  ? arch_do_signal_or_restart+0x90/0x7f0
[  106.955119][ T5225]  ? exit_to_user_mode_prepare+0x11f/0x240
[  106.960945][ T5225]  ? 0xffffffffff600000
[  106.965142][ T5225]  ? preempt_count_sub+0x150/0x150
[  106.970294][ T5225]  ? do_coredump+0x2c96/0x3fc0
[  106.975084][ T5225]  do_coredump+0x2c96/0x3fc0
[  106.979730][ T5225]  ? dump_emit+0x330/0x330
[  106.984171][ T5225]  ? __switch_to+0x73d/0x1340
[  106.988880][ T5225]  ? __schedule+0xee9/0x59f0
[  106.993502][ T5225]  ? rcu_is_watching+0x12/0xb0
[  106.998288][ T5225]  ? lock_sync+0x190/0x190
[  107.002732][ T5225]  ? ptrace_stop.part.0+0x4b4/0x8f0
[  107.007961][ T5225]  ? rcu_is_watching+0x12/0xb0
[  107.012917][ T5225]  get_signal+0x244b/0x27b0
[  107.017449][ T5225]  ? exit_signals+0x920/0x920
[  107.022149][ T5225]  ? force_sig+0xf0/0xf0
[  107.026415][ T5225]  arch_do_signal_or_restart+0x90/0x7f0
[  107.032018][ T5225]  ? __bad_area_nosemaphore+0x325/0x6a0
[  107.037583][ T5225]  ? get_sigframe_size+0x20/0x20
[  107.042550][ T5225]  ? __bad_area_nosemaphore+0x325/0x6a0
[  107.048132][ T5225]  exit_to_user_mode_prepare+0x11f/0x240
[  107.053786][ T5225]  irqentry_exit_to_user_mode+0x9/0x40
[  107.059273][ T5225]  asm_exc_page_fault+0x26/0x30
[  107.064149][ T5225] RIP: 0033:0x0
[  107.067621][ T5225] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  107.074994][ T5225] RSP: 002b:00000000200002f0 EFLAGS: 00010217
[  107.081079][ T5225] RAX: 0000000000000000 RBX: 00007f8ee30d86e8 RCX: 00007f8ee304fe49
[  107.089062][ T5225] RDX: 00007f8edac4a120 RSI: 0000000000000058 RDI: 00007f8edac4a120
[  107.097050][ T5225] RBP: 00007f8ee30d86e0 R08: 00007ffe8cce5c27 R09: 0000000000042000
[  107.105032][ T5225] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8ee30a4810
[  107.113019][ T5225] R13: 0030656c69662f2e R14: 0073756c70736668 R15: 0031656c69662f2e
[  107.121014][ T5225]  </TASK>
[  107.124290][ T5225] Kernel Offset: disabled
[  107.128620][ T5225] Rebooting in 86400 seconds..