./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3664001070

<...>
Warning: Permanently added '10.128.1.70' (ED25519) to the list of known hosts.
execve("./syz-executor3664001070", ["./syz-executor3664001070"], 0x7ffd38f0dcd0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555555b0000
brk(0x5555555b0d40)                     = 0x5555555b0d40
arch_prctl(ARCH_SET_FS, 0x5555555b03c0) = 0
set_tid_address(0x5555555b0690)         = 5053
set_robust_list(0x5555555b06a0, 24)     = 0
rseq(0x5555555b0ce0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3664001070", 4096) = 28
getrandom("\xbb\x07\x8a\x0d\xef\x72\x9b\xeb", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555555b0d40
brk(0x5555555d1d40)                     = 0x5555555d1d40
brk(0x5555555d2000)                     = 0x5555555d2000
mprotect(0x7f460676c000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./syzkaller.NeNlIK", 0700)       = 0
chmod("./syzkaller.NeNlIK", 0777)       = 0
chdir("./syzkaller.NeNlIK")             = 0
mkdir("./0", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5055 attached
 <unfinished ...>
[pid  5055] set_robust_list(0x5555555b06a0, 24 <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5055
[pid  5055] <... set_robust_list resumed>) = 0
[pid  5055] chdir("./0")                = 0
[pid  5055] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5055] setpgid(0, 0)               = 0
[pid  5055] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5055] write(3, "1000", 4)         = 4
[pid  5055] close(3)                    = 0
[pid  5055] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5055] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5055] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5055] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5055] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5055] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5055] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5055] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5056 attached
 <unfinished ...>
[pid  5056] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5055] <... clone3 resumed> => {parent_tid=[5056]}, 88) = 5056
[pid  5056] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5055] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5056] <... set_robust_list resumed>) = 0
[pid  5055] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5056] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5055] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5056] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5055] <... futex resumed>)        = 0
[pid  5055] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5056] <... memfd_create resumed>) = 3
[pid  5056] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5056] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5056] munmap(0x7f45fe200000, 138412032) = 0
[pid  5056] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5056] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5056] close(3)                    = 0
[pid  5056] close(4)                    = 0
[pid  5056] mkdir("./file0", 0777)      = 0
[pid  5056] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5056] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5056] chdir("./file0")            = 0
[pid  5056] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5056] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5055] <... futex resumed>)        = 0
[pid  5056] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5055] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5056] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5055] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5056] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5055] <... futex resumed>)        = 0
[pid  5055] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5055] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5056] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 4
[pid  5056] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5055] <... futex resumed>)        = 0
[pid  5056] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5055] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5056] <... futex resumed>)        = 0
[pid  5055] <... futex resumed>)        = 1
[pid  5055] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5056] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5055] <... futex resumed>)        = 0
[pid  5055] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5056] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5055] <... mmap resumed>)         = 0x7f4606666000
[pid  5055] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5055] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5055] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0} <unfinished ...>
[pid  5056] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5057 attached
) = 0
[pid  5057] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5056] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5057] <... rseq resumed>)         = 0
[pid  5057] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5055] <... clone3 resumed> => {parent_tid=[5057]}, 88) = 5057
[pid  5057] <... set_robust_list resumed>) = 0
[pid  5057] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5055] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5057] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5055] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5057] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5055] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5055] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5057] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5057] creat("./file1", 000)       = 5
[pid  5057] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5057] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5055] <... futex resumed>)        = 0
[pid  5055] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5056] <... futex resumed>)        = 0
[pid  5056] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5055] <... futex resumed>)        = 1
[pid  5056] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5055] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5056] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5055] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5055] exit_group(0)               = ?
[   46.813990][ T5056] loop0: detected capacity change from 0 to 64
[pid  5057] <... futex resumed>)        = ?
[pid  5056] <... futex resumed>)        = ?
[pid  5056] +++ exited with 0 +++
[pid  5057] +++ exited with 0 +++
[pid  5055] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5055, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs")                  = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./0/file0")                      = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./0")                            = 0
mkdir("./1", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5058 attached
, child_tidptr=0x5555555b0690) = 5058
[pid  5058] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5058] chdir("./1")                = 0
[pid  5058] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5058] setpgid(0, 0)               = 0
[pid  5058] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5058] write(3, "1000", 4)         = 4
[pid  5058] close(3)                    = 0
[pid  5058] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5058] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5058] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5058] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5058] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5058] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5058] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5058] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5059 attached
 => {parent_tid=[5059]}, 88) = 5059
[pid  5059] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5059] set_robust_list(0x7f46066a79a0, 24) = 0
[pid  5058] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5059] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5058] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5059] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5058] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5059] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5058] <... futex resumed>)        = 0
[pid  5058] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5059] <... memfd_create resumed>) = 3
[pid  5059] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5059] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5059] munmap(0x7f45fe200000, 138412032) = 0
[pid  5059] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5059] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5059] close(3)                    = 0
[pid  5059] close(4)                    = 0
[pid  5059] mkdir("./file0", 0777)      = 0
[pid  5059] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5059] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5059] chdir("./file0")            = 0
[pid  5059] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5059] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5058] <... futex resumed>)        = 0
[pid  5059] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5058] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5058] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5059] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5059] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5058] <... futex resumed>)        = 0
[pid  5059] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5058] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5059] <... open resumed>)         = 4
[pid  5058] <... futex resumed>)        = 0
[pid  5058] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5059] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5058] <... futex resumed>)        = 0
[pid  5059] <... futex resumed>)        = 1
[pid  5058] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5059] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5058] <... futex resumed>)        = 0
[   47.057054][ T5059] loop0: detected capacity change from 0 to 64
[pid  5058] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5059] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5058] <... futex resumed>)        = 0
[pid  5058] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5058] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5059] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5058] <... mprotect resumed>)     = 0
[pid  5059] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5058] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5058] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5060 attached
 <unfinished ...>
[pid  5060] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5058] <... clone3 resumed> => {parent_tid=[5060]}, 88) = 5060
[pid  5060] <... rseq resumed>)         = 0
[pid  5058] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5060] set_robust_list(0x7f46066869a0, 24) = 0
[pid  5058] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5060] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5058] <... futex resumed>)        = 0
[pid  5060] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5060] creat("./file1", 000 <unfinished ...>
[pid  5058] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5060] <... creat resumed>)        = 5
[pid  5060] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5058] <... futex resumed>)        = 0
[pid  5060] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5058] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5059] <... futex resumed>)        = 0
[pid  5058] <... futex resumed>)        = 1
[pid  5058] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5059] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5059] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5058] <... futex resumed>)        = 0
[pid  5059] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5058] exit_group(0 <unfinished ...>
[pid  5059] <... futex resumed>)        = ?
[pid  5060] <... futex resumed>)        = ?
[pid  5059] +++ exited with 0 +++
[pid  5058] <... exit_group resumed>)   = ?
[pid  5060] +++ exited with 0 +++
[pid  5058] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5058, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs")                  = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./1/file0")                      = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./1")                            = 0
mkdir("./2", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5061 attached
 <unfinished ...>
[pid  5061] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5061] chdir("./2")                = 0
[pid  5061] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5061] setpgid(0, 0)               = 0
[pid  5061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5061
[pid  5061] <... openat resumed>)       = 3
[pid  5061] write(3, "1000", 4)         = 4
[pid  5061] close(3)                    = 0
[pid  5061] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5061] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5061] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5061] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5061] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5061] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5061] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5061] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5062 attached
 <unfinished ...>
[pid  5062] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5061] <... clone3 resumed> => {parent_tid=[5062]}, 88) = 5062
[pid  5062] set_robust_list(0x7f46066a79a0, 24) = 0
[pid  5061] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5062] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5061] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5062] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5061] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5062] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5061] <... futex resumed>)        = 0
[pid  5061] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5062] <... memfd_create resumed>) = 3
[pid  5062] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5062] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5062] munmap(0x7f45fe200000, 138412032) = 0
[pid  5062] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5062] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5062] close(3)                    = 0
[pid  5062] close(4)                    = 0
[pid  5062] mkdir("./file0", 0777)      = 0
[pid  5062] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5062] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5062] chdir("./file0")            = 0
[pid  5062] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5062] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5061] <... futex resumed>)        = 0
[pid  5062] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5061] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5062] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5062] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5061] <... futex resumed>)        = 0
[pid  5061] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5062] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5062] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5061] <... futex resumed>)        = 0
[pid  5062] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5061] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5062] <... futex resumed>)        = 0
[pid  5062] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5061] <... futex resumed>)        = 1
[pid  5062] <... open resumed>)         = 4
[   47.303942][ T5062] loop0: detected capacity change from 0 to 64
[pid  5061] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5062] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5061] <... futex resumed>)        = 0
[pid  5062] <... futex resumed>)        = 1
[pid  5061] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5062] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5061] <... futex resumed>)        = 0
[pid  5061] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5061] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5062] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5061] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5062] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5061] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5062] <... futex resumed>)        = 0
[pid  5062] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5061] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5061] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5063 attached
 <unfinished ...>
[pid  5063] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5061] <... clone3 resumed> => {parent_tid=[5063]}, 88) = 5063
[pid  5063] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5061] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5063] <... set_robust_list resumed>) = 0
[pid  5061] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5063] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5061] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5063] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5061] <... futex resumed>)        = 0
[pid  5063] creat("./file1", 000 <unfinished ...>
[pid  5061] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5063] <... creat resumed>)        = 5
[pid  5063] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5063] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5061] <... futex resumed>)        = 0
[pid  5061] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5062] <... futex resumed>)        = 0
[pid  5061] <... futex resumed>)        = 1
[pid  5062] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5061] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5062] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5062] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5061] <... futex resumed>)        = 0
[pid  5062] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5061] exit_group(0 <unfinished ...>
[pid  5063] <... futex resumed>)        = ?
[pid  5062] <... futex resumed>)        = ?
[pid  5061] <... exit_group resumed>)   = ?
[pid  5063] +++ exited with 0 +++
[pid  5062] +++ exited with 0 +++
[pid  5061] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5061, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs")                  = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./2/file0")                      = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./2")                            = 0
mkdir("./3", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5064 attached
 <unfinished ...>
[pid  5064] set_robust_list(0x5555555b06a0, 24 <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5064
[pid  5064] <... set_robust_list resumed>) = 0
[pid  5064] chdir("./3")                = 0
[pid  5064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5064] setpgid(0, 0)               = 0
[pid  5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "1000", 4)         = 4
[pid  5064] close(3)                    = 0
[pid  5064] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5064] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5064] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5064] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5064] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5064] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5064] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5065 attached
 => {parent_tid=[5065]}, 88) = 5065
[pid  5064] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5064] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5064] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5065] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5065] set_robust_list(0x7f46066a79a0, 24) = 0
[pid  5065] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5065] memfd_create("syzkaller", 0) = 3
[pid  5065] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5065] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5065] munmap(0x7f45fe200000, 138412032) = 0
[pid  5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5065] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5065] close(3)                    = 0
[pid  5065] close(4)                    = 0
[pid  5065] mkdir("./file0", 0777)      = 0
[pid  5065] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5065] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5065] chdir("./file0")            = 0
[pid  5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5065] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5064] <... futex resumed>)        = 0
[pid  5064] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5064] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5065] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = -1 EINVAL (Invalid argument)
[pid  5065] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5064] <... futex resumed>)        = 0
[   47.516418][ T5065] loop0: detected capacity change from 0 to 64
[pid  5064] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5065] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 4
[pid  5064] <... futex resumed>)        = 0
[pid  5064] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5065] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5064] <... futex resumed>)        = 0
[pid  5065] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5064] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5064] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5064] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5065] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5064] <... mprotect resumed>)     = 0
[pid  5065] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5065] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5064] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5064] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5066 attached
 <unfinished ...>
[pid  5066] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5066] set_robust_list(0x7f46066869a0, 24) = 0
[pid  5064] <... clone3 resumed> => {parent_tid=[5066]}, 88) = 5066
[pid  5066] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5064] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5066] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5064] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5066] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5064] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5066] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5064] <... futex resumed>)        = 0
[pid  5066] creat("./file1", 000 <unfinished ...>
[pid  5064] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5066] <... creat resumed>)        = 5
[pid  5066] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5064] <... futex resumed>)        = 0
[pid  5066] <... futex resumed>)        = 1
[pid  5064] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5066] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5065] <... futex resumed>)        = 0
[pid  5064] <... futex resumed>)        = 1
[pid  5064] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5065] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5065] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5064] <... futex resumed>)        = 0
[pid  5064] exit_group(0 <unfinished ...>
[pid  5066] <... futex resumed>)        = ?
[pid  5065] <... futex resumed>)        = ?
[pid  5064] <... exit_group resumed>)   = ?
[pid  5066] +++ exited with 0 +++
[pid  5065] +++ exited with 0 +++
[pid  5064] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5064, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs")                  = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./3/file0")                      = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./3")                            = 0
mkdir("./4", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555555b0690) = 5067
./strace-static-x86_64: Process 5067 attached
[pid  5067] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5067] chdir("./4")                = 0
[pid  5067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5067] setpgid(0, 0)               = 0
[pid  5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5067] write(3, "1000", 4)         = 4
[pid  5067] close(3)                    = 0
[pid  5067] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5067] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5067] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5067] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5067] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5067] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5067] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5067] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5068 attached
 => {parent_tid=[5068]}, 88) = 5068
[pid  5068] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5068] set_robust_list(0x7f46066a79a0, 24) = 0
[pid  5068] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5068] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5067] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5067] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5068] <... futex resumed>)        = 0
[pid  5067] <... futex resumed>)        = 1
[pid  5068] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5067] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5068] <... memfd_create resumed>) = 3
[pid  5068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5068] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5068] munmap(0x7f45fe200000, 138412032) = 0
[pid  5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5068] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5068] close(3)                    = 0
[pid  5068] close(4)                    = 0
[pid  5068] mkdir("./file0", 0777)      = 0
[pid  5068] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5068] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5068] chdir("./file0")            = 0
[pid  5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5068] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5067] <... futex resumed>)        = 0
[pid  5067] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5068] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5067] <... futex resumed>)        = 0
[pid  5067] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5068] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5068] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5067] <... futex resumed>)        = 0
[pid  5068] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5067] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5068] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5067] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5068] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 4
[pid  5068] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5067] <... futex resumed>)        = 0
[pid  5067] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5068] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5067] <... futex resumed>)        = 0
[pid  5067] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5068] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5067] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[   47.805650][ T5068] loop0: detected capacity change from 0 to 64
[pid  5067] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5068] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5067] <... mprotect resumed>)     = 0
[pid  5068] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5067] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5067] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5069 attached
 <unfinished ...>
[pid  5069] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5067] <... clone3 resumed> => {parent_tid=[5069]}, 88) = 5069
[pid  5069] <... rseq resumed>)         = 0
[pid  5067] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5069] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5067] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5069] <... set_robust_list resumed>) = 0
[pid  5067] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5069] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5067] <... futex resumed>)        = 0
[pid  5069] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5067] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5069] creat("./file1", 000)       = 5
[pid  5069] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5067] <... futex resumed>)        = 0
[pid  5069] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5067] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5068] <... futex resumed>)        = 0
[pid  5067] <... futex resumed>)        = 1
[pid  5068] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5067] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5068] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5068] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5067] <... futex resumed>)        = 0
[pid  5068] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5067] exit_group(0 <unfinished ...>
[pid  5069] <... futex resumed>)        = ?
[pid  5068] <... futex resumed>)        = ?
[pid  5067] <... exit_group resumed>)   = ?
[pid  5069] +++ exited with 0 +++
[pid  5068] +++ exited with 0 +++
[pid  5067] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5067, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs")                  = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./4/file0")                      = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./4")                            = 0
mkdir("./5", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5070 attached
 <unfinished ...>
[pid  5070] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5070] chdir("./5")                = 0
[pid  5070] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5070] setpgid(0, 0)               = 0
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5070
[pid  5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5070] write(3, "1000", 4)         = 4
[pid  5070] close(3)                    = 0
[pid  5070] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5070] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5070] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5070] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5070] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5070] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5070] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5070] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5071 attached
 <unfinished ...>
[pid  5071] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5070] <... clone3 resumed> => {parent_tid=[5071]}, 88) = 5071
[pid  5071] <... rseq resumed>)         = 0
[pid  5070] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5071] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5070] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5071] <... set_robust_list resumed>) = 0
[pid  5070] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5071] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5070] <... futex resumed>)        = 0
[pid  5071] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5070] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5071] memfd_create("syzkaller", 0) = 3
[pid  5071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5071] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5071] munmap(0x7f45fe200000, 138412032) = 0
[pid  5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5071] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5071] close(3)                    = 0
[pid  5071] close(4)                    = 0
[pid  5071] mkdir("./file0", 0777)      = 0
[pid  5071] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5071] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5071] chdir("./file0")            = 0
[pid  5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5071] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5070] <... futex resumed>)        = 0
[pid  5070] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5070] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5071] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = -1 EINVAL (Invalid argument)
[pid  5071] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5070] <... futex resumed>)        = 0
[pid  5070] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5070] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5071] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 4
[pid  5071] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5070] <... futex resumed>)        = 0
[pid  5070] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5070] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5070] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5071] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5070] <... mmap resumed>)         = 0x7f4606666000
[   48.096680][ T5071] loop0: detected capacity change from 0 to 64
[pid  5070] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5071] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5070] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5070] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0} <unfinished ...>
[pid  5071] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5072 attached
) = 0
[pid  5072] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5070] <... clone3 resumed> => {parent_tid=[5072]}, 88) = 5072
[pid  5072] <... rseq resumed>)         = 0
[pid  5071] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5070] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5072] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5070] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5072] <... set_robust_list resumed>) = 0
[pid  5070] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5072] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5070] <... futex resumed>)        = 0
[pid  5072] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5070] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5072] creat("./file1", 000)       = 5
[pid  5072] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5070] <... futex resumed>)        = 0
[pid  5072] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5070] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5071] <... futex resumed>)        = 0
[pid  5071] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5070] <... futex resumed>)        = 1
[pid  5071] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5070] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5071] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5070] <... futex resumed>)        = 0
[pid  5071] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5070] exit_group(0 <unfinished ...>
[pid  5072] <... futex resumed>)        = ?
[pid  5071] <... futex resumed>)        = ?
[pid  5070] <... exit_group resumed>)   = ?
[pid  5072] +++ exited with 0 +++
[pid  5071] +++ exited with 0 +++
[pid  5070] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5070, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./5/binderfs")                  = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./5/file0")                      = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./5")                            = 0
mkdir("./6", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5073 attached
 <unfinished ...>
[pid  5073] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5073] chdir("./6")                = 0
[pid  5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5073] setpgid(0, 0)               = 0
[pid  5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5073
[pid  5073] <... openat resumed>)       = 3
[pid  5073] write(3, "1000", 4)         = 4
[pid  5073] close(3)                    = 0
[pid  5073] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5073] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5073] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5073] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5073] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5073] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5073] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5073] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5074 attached
 => {parent_tid=[5074]}, 88) = 5074
[pid  5073] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5074] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5073] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5074] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5073] <... futex resumed>)        = 0
[pid  5074] <... set_robust_list resumed>) = 0
[pid  5073] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5074] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5074] memfd_create("syzkaller", 0) = 3
[pid  5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5074] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5074] munmap(0x7f45fe200000, 138412032) = 0
[pid  5074] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5074] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5074] close(3)                    = 0
[pid  5074] close(4)                    = 0
[pid  5074] mkdir("./file0", 0777)      = 0
[pid  5074] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5074] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5074] chdir("./file0")            = 0
[pid  5074] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5074] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5073] <... futex resumed>)        = 0
[pid  5073] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5073] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5074] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = -1 EINVAL (Invalid argument)
[pid  5074] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5073] <... futex resumed>)        = 0
[pid  5074] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5073] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5073] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5074] <... open resumed>)         = 4
[pid  5074] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5073] <... futex resumed>)        = 0
[pid  5073] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5073] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5074] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5073] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5073] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[   48.346779][ T5074] loop0: detected capacity change from 0 to 64
[pid  5073] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5074] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5073] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5073] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5075 attached
 <unfinished ...>
[pid  5074] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5073] <... clone3 resumed> => {parent_tid=[5075]}, 88) = 5075
[pid  5075] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5074] <... futex resumed>)        = 0
[pid  5073] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5075] <... rseq resumed>)         = 0
[pid  5074] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5073] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5075] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5073] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5075] <... set_robust_list resumed>) = 0
[pid  5073] <... futex resumed>)        = 0
[pid  5075] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5073] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5075] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5075] creat("./file1", 000)       = 5
[pid  5075] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5073] <... futex resumed>)        = 0
[pid  5073] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5074] <... futex resumed>)        = 0
[pid  5073] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5075] <... futex resumed>)        = 1
[pid  5074] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5075] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5074] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5074] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5074] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5073] <... futex resumed>)        = 0
[pid  5073] exit_group(0)               = ?
[pid  5075] <... futex resumed>)        = ?
[pid  5074] <... futex resumed>)        = ?
[pid  5075] +++ exited with 0 +++
[pid  5074] +++ exited with 0 +++
[pid  5073] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./6/binderfs")                  = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./6/file0")                      = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./6")                            = 0
mkdir("./7", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5076 attached
, child_tidptr=0x5555555b0690) = 5076
[pid  5076] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5076] chdir("./7")                = 0
[pid  5076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5076] setpgid(0, 0)               = 0
[pid  5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5076] write(3, "1000", 4)         = 4
[pid  5076] close(3)                    = 0
[pid  5076] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5076] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5076] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5076] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5076] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5076] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5076] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5076] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5077 attached
 <unfinished ...>
[pid  5077] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5076] <... clone3 resumed> => {parent_tid=[5077]}, 88) = 5077
[pid  5077] <... rseq resumed>)         = 0
[pid  5076] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5077] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5076] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5077] <... set_robust_list resumed>) = 0
[pid  5076] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5077] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5076] <... futex resumed>)        = 0
[pid  5077] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5077] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5076] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5077] <... memfd_create resumed>) = 3
[pid  5077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5077] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5077] munmap(0x7f45fe200000, 138412032) = 0
[pid  5077] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5077] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5077] close(3)                    = 0
[pid  5077] close(4)                    = 0
[pid  5077] mkdir("./file0", 0777)      = 0
[pid  5077] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5077] chdir("./file0")            = 0
[pid  5077] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5077] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5076] <... futex resumed>)        = 0
[pid  5077] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5076] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5077] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5076] <... futex resumed>)        = 0
[pid  5077] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5076] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5077] <... futex resumed>)        = 0
[pid  5076] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5077] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5076] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5077] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5076] <... futex resumed>)        = 0
[pid  5077] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5076] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5077] <... open resumed>)         = 4
[pid  5077] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5077] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5076] <... futex resumed>)        = 0
[pid  5076] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5077] <... futex resumed>)        = 0
[pid  5076] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5077] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5076] <... futex resumed>)        = 0
[   48.602547][ T5077] loop0: detected capacity change from 0 to 64
[pid  5076] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5077] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5076] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5077] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5076] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5077] <... futex resumed>)        = 0
[pid  5077] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5076] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5076] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5078 attached
 <unfinished ...>
[pid  5078] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5078] set_robust_list(0x7f46066869a0, 24) = 0
[pid  5076] <... clone3 resumed> => {parent_tid=[5078]}, 88) = 5078
[pid  5078] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5076] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5078] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5076] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5078] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5076] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5078] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5076] <... futex resumed>)        = 0
[pid  5078] creat("./file1", 000 <unfinished ...>
[pid  5076] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5078] <... creat resumed>)        = 5
[pid  5078] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5076] <... futex resumed>)        = 0
[pid  5078] <... futex resumed>)        = 1
[pid  5076] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5078] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5077] <... futex resumed>)        = 0
[pid  5076] <... futex resumed>)        = 1
[pid  5077] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5076] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5077] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5077] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5076] <... futex resumed>)        = 0
[pid  5077] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5076] exit_group(0 <unfinished ...>
[pid  5078] <... futex resumed>)        = ?
[pid  5077] <... futex resumed>)        = ?
[pid  5076] <... exit_group resumed>)   = ?
[pid  5078] +++ exited with 0 +++
[pid  5077] +++ exited with 0 +++
[pid  5076] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./7/binderfs")                  = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./7/file0")                      = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./7")                            = 0
mkdir("./8", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5079 attached
, child_tidptr=0x5555555b0690) = 5079
[pid  5079] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5079] chdir("./8")                = 0
[pid  5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5079] setpgid(0, 0)               = 0
[pid  5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5079] write(3, "1000", 4)         = 4
[pid  5079] close(3)                    = 0
[pid  5079] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5079] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5079] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5079] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5079] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5079] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5079] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5080 attached
 <unfinished ...>
[pid  5080] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5079] <... clone3 resumed> => {parent_tid=[5080]}, 88) = 5080
[pid  5080] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5079] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5080] <... set_robust_list resumed>) = 0
[pid  5079] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5080] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5079] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5080] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5079] <... futex resumed>)        = 0
[pid  5079] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5080] memfd_create("syzkaller", 0) = 3
[pid  5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5080] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5080] munmap(0x7f45fe200000, 138412032) = 0
[pid  5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5080] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5080] close(3)                    = 0
[pid  5080] close(4)                    = 0
[pid  5080] mkdir("./file0", 0777)      = 0
[pid  5080] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5080] chdir("./file0")            = 0
[pid  5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5080] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5080] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5079] <... futex resumed>)        = 0
[pid  5079] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5079] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5080] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5080] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = -1 EINVAL (Invalid argument)
[pid  5080] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5079] <... futex resumed>)        = 0
[pid  5079] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5079] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5080] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 4
[pid  5080] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5080] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5079] <... futex resumed>)        = 0
[   48.933860][ T5080] loop0: detected capacity change from 0 to 64
[pid  5079] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5080] <... futex resumed>)        = 0
[pid  5080] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5079] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5080] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5079] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5079] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5080] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5079] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5080] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5079] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5081 attached
 <unfinished ...>
[pid  5081] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5079] <... clone3 resumed> => {parent_tid=[5081]}, 88) = 5081
[pid  5081] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5079] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5081] <... set_robust_list resumed>) = 0
[pid  5079] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5081] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5079] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5081] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5081] creat("./file1", 000 <unfinished ...>
[pid  5079] <... futex resumed>)        = 0
[pid  5081] <... creat resumed>)        = 5
[pid  5079] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5081] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5079] <... futex resumed>)        = 0
[pid  5081] <... futex resumed>)        = 1
[pid  5079] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5081] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5080] <... futex resumed>)        = 0
[pid  5079] <... futex resumed>)        = 1
[pid  5080] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5079] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5080] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5080] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5079] <... futex resumed>)        = 0
[pid  5080] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5079] exit_group(0 <unfinished ...>
[pid  5081] <... futex resumed>)        = ?
[pid  5080] <... futex resumed>)        = ?
[pid  5081] +++ exited with 0 +++
[pid  5080] +++ exited with 0 +++
[pid  5079] <... exit_group resumed>)   = ?
[pid  5079] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./8/binderfs")                  = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./8/file0")                      = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./8")                            = 0
mkdir("./9", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5082 attached
 <unfinished ...>
[pid  5082] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5082] chdir("./9")                = 0
[pid  5082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5082] setpgid(0, 0 <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5082
[pid  5082] <... setpgid resumed>)      = 0
[pid  5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5082] write(3, "1000", 4)         = 4
[pid  5082] close(3)                    = 0
[pid  5082] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5082] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5082] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5082] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5082] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5082] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5082] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5082] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5083 attached
 <unfinished ...>
[pid  5083] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5082] <... clone3 resumed> => {parent_tid=[5083]}, 88) = 5083
[pid  5083] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5082] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5083] <... set_robust_list resumed>) = 0
[pid  5082] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5083] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5082] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5083] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5082] <... futex resumed>)        = 0
[pid  5083] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5082] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5083] <... memfd_create resumed>) = 3
[pid  5083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5083] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5083] munmap(0x7f45fe200000, 138412032) = 0
[pid  5083] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5083] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5083] close(3)                    = 0
[pid  5083] close(4)                    = 0
[pid  5083] mkdir("./file0", 0777)      = 0
[pid  5083] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5083] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5083] chdir("./file0")            = 0
[pid  5083] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5083] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[   49.216696][ T5083] loop0: detected capacity change from 0 to 64
[pid  5083] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5082] <... futex resumed>)        = 0
[pid  5082] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5083] <... futex resumed>)        = 0
[pid  5082] <... futex resumed>)        = 1
[pid  5083] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5082] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5083] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5083] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5082] <... futex resumed>)        = 0
[pid  5083] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5082] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5083] <... futex resumed>)        = 0
[pid  5083] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5082] <... futex resumed>)        = 1
[pid  5083] <... open resumed>)         = 4
[pid  5082] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5083] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5083] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5082] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5082] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5083] <... futex resumed>)        = 0
[pid  5082] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5083] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5082] <... futex resumed>)        = 0
[pid  5082] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5083] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5082] <... mmap resumed>)         = 0x7f4606666000
[pid  5082] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5082] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5083] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5082] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5083] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5082] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5084 attached
 <unfinished ...>
[pid  5084] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5082] <... clone3 resumed> => {parent_tid=[5084]}, 88) = 5084
[pid  5084] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5082] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5084] <... set_robust_list resumed>) = 0
[pid  5082] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5084] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5082] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5084] creat("./file1", 000 <unfinished ...>
[pid  5082] <... futex resumed>)        = 0
[pid  5084] <... creat resumed>)        = 5
[pid  5082] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5084] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5082] <... futex resumed>)        = 0
[pid  5084] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5082] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5083] <... futex resumed>)        = 0
[pid  5082] <... futex resumed>)        = 1
[pid  5083] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5082] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5083] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5083] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5082] <... futex resumed>)        = 0
[pid  5083] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5082] exit_group(0)               = ?
[pid  5084] <... futex resumed>)        = ?
[pid  5083] <... futex resumed>)        = ?
[pid  5083] +++ exited with 0 +++
[pid  5084] +++ exited with 0 +++
[pid  5082] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./9/binderfs")                  = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./9/file0")                      = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./9")                            = 0
mkdir("./10", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5085 attached
, child_tidptr=0x5555555b0690) = 5085
[pid  5085] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5085] chdir("./10")               = 0
[pid  5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5085] setpgid(0, 0)               = 0
[pid  5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5085] write(3, "1000", 4)         = 4
[pid  5085] close(3)                    = 0
[pid  5085] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5085] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5085] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5085] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5085] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5085] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5085] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5085] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5086 attached
 => {parent_tid=[5086]}, 88) = 5086
[pid  5085] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5085] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5085] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5086] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5086] set_robust_list(0x7f46066a79a0, 24) = 0
[pid  5086] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5086] memfd_create("syzkaller", 0) = 3
[pid  5086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5086] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5086] munmap(0x7f45fe200000, 138412032) = 0
[pid  5086] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5086] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5086] close(3)                    = 0
[pid  5086] close(4)                    = 0
[pid  5086] mkdir("./file0", 0777)      = 0
[pid  5086] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5086] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5086] chdir("./file0")            = 0
[pid  5086] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5086] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5085] <... futex resumed>)        = 0
[pid  5085] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5085] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5086] <... futex resumed>)        = 1
[pid  5086] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = -1 EINVAL (Invalid argument)
[pid  5086] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5085] <... futex resumed>)        = 0
[pid  5085] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   49.442134][ T5086] loop0: detected capacity change from 0 to 64
[pid  5085] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5086] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 4
[pid  5086] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5085] <... futex resumed>)        = 0
[pid  5086] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5085] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5086] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5085] <... futex resumed>)        = 0
[pid  5086] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5085] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5086] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5085] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5085] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5086] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5085] <... mprotect resumed>)     = 0
[pid  5086] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5085] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5085] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5087 attached
 => {parent_tid=[5087]}, 88) = 5087
[pid  5085] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5087] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5085] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5087] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5085] <... futex resumed>)        = 0
[pid  5087] <... set_robust_list resumed>) = 0
[pid  5085] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5087] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5087] creat("./file1", 000)       = 5
[pid  5087] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5085] <... futex resumed>)        = 0
[pid  5087] <... futex resumed>)        = 1
[pid  5085] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5087] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5086] <... futex resumed>)        = 0
[pid  5085] <... futex resumed>)        = 1
[pid  5086] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5085] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5086] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5086] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5085] <... futex resumed>)        = 0
[pid  5086] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5085] exit_group(0 <unfinished ...>
[pid  5086] <... futex resumed>)        = ?
[pid  5086] +++ exited with 0 +++
[pid  5085] <... exit_group resumed>)   = ?
[pid  5087] <... futex resumed>)        = ?
[pid  5087] +++ exited with 0 +++
[pid  5085] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./10/binderfs")                 = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./10/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./10")                           = 0
mkdir("./11", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5088 attached
 <unfinished ...>
[pid  5088] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5088] chdir("./11")               = 0
[pid  5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5088] setpgid(0, 0 <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5088
[pid  5088] <... setpgid resumed>)      = 0
[pid  5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5088] write(3, "1000", 4)         = 4
[pid  5088] close(3)                    = 0
[pid  5088] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5088] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5088] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5088] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5088] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5088] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5088] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5088] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5089 attached
 => {parent_tid=[5089]}, 88) = 5089
[pid  5089] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5088] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5089] <... rseq resumed>)         = 0
[pid  5088] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5088] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5088] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5089] set_robust_list(0x7f46066a79a0, 24) = 0
[pid  5089] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5089] memfd_create("syzkaller", 0) = 3
[pid  5089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5089] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5089] munmap(0x7f45fe200000, 138412032) = 0
[pid  5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5089] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5089] close(3)                    = 0
[pid  5089] close(4)                    = 0
[pid  5089] mkdir("./file0", 0777)      = 0
[pid  5089] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5089] chdir("./file0")            = 0
[pid  5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5089] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5089] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5088] <... futex resumed>)        = 0
[pid  5088] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5089] <... futex resumed>)        = 0
[pid  5088] <... futex resumed>)        = 1
[pid  5089] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5088] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5089] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5089] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5088] <... futex resumed>)        = 0
[pid  5088] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5088] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5089] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 4
[pid  5089] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5088] <... futex resumed>)        = 0
[pid  5089] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5088] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5089] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5088] <... futex resumed>)        = 0
[pid  5088] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5088] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5089] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5088] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[   49.723898][ T5089] loop0: detected capacity change from 0 to 64
[pid  5088] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5089] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5088] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5089] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5088] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5090 attached
 <unfinished ...>
[pid  5090] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5088] <... clone3 resumed> => {parent_tid=[5090]}, 88) = 5090
[pid  5090] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5088] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5090] <... set_robust_list resumed>) = 0
[pid  5088] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5090] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5088] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5090] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5088] <... futex resumed>)        = 0
[pid  5090] creat("./file1", 000 <unfinished ...>
[pid  5088] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5090] <... creat resumed>)        = 5
[pid  5090] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5090] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5088] <... futex resumed>)        = 0
[pid  5088] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5089] <... futex resumed>)        = 0
[pid  5088] <... futex resumed>)        = 1
[pid  5089] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5088] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5089] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5089] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5088] <... futex resumed>)        = 0
[pid  5089] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5088] exit_group(0)               = ?
[pid  5090] <... futex resumed>)        = ?
[pid  5089] <... futex resumed>)        = ?
[pid  5090] +++ exited with 0 +++
[pid  5089] +++ exited with 0 +++
[pid  5088] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./11/binderfs")                 = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./11/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./11")                           = 0
mkdir("./12", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached
 <unfinished ...>
[pid  5091] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5091] chdir("./12")               = 0
[pid  5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5091] setpgid(0, 0)               = 0
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5091
[pid  5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5091] write(3, "1000", 4)         = 4
[pid  5091] close(3)                    = 0
[pid  5091] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5091] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5091] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5091] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5091] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5091] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5091] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5091] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5092 attached
 <unfinished ...>
[pid  5092] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5091] <... clone3 resumed> => {parent_tid=[5092]}, 88) = 5092
[pid  5092] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5091] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5092] <... set_robust_list resumed>) = 0
[pid  5091] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5092] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5091] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5092] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5092] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5091] <... futex resumed>)        = 0
[pid  5091] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5092] <... memfd_create resumed>) = 3
[pid  5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5092] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5092] munmap(0x7f45fe200000, 138412032) = 0
[pid  5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5092] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5092] close(3)                    = 0
[pid  5092] close(4)                    = 0
[pid  5092] mkdir("./file0", 0777)      = 0
[pid  5092] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5092] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5092] chdir("./file0")            = 0
[pid  5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5092] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5091] <... futex resumed>)        = 0
[pid  5091] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5091] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5092] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = -1 EINVAL (Invalid argument)
[pid  5092] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5091] <... futex resumed>)        = 0
[pid  5091] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5091] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5092] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 4
[pid  5092] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5091] <... futex resumed>)        = 0
[pid  5091] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   50.021845][ T5092] loop0: detected capacity change from 0 to 64
[pid  5091] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5092] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5091] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5091] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5092] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5092] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5091] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5092] <... futex resumed>)        = 0
[pid  5092] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5091] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5091] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5093 attached
 <unfinished ...>
[pid  5093] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5091] <... clone3 resumed> => {parent_tid=[5093]}, 88) = 5093
[pid  5093] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5091] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5093] <... set_robust_list resumed>) = 0
[pid  5091] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5093] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5091] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5093] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5091] <... futex resumed>)        = 0
[pid  5093] creat("./file1", 000 <unfinished ...>
[pid  5091] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5093] <... creat resumed>)        = 5
[pid  5093] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5091] <... futex resumed>)        = 0
[pid  5093] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5091] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5092] <... futex resumed>)        = 0
[pid  5091] <... futex resumed>)        = 1
[pid  5091] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5092] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5092] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5091] <... futex resumed>)        = 0
[pid  5092] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5091] exit_group(0)               = ?
[pid  5093] <... futex resumed>)        = ?
[pid  5092] <... futex resumed>)        = ?
[pid  5093] +++ exited with 0 +++
[pid  5092] +++ exited with 0 +++
[pid  5091] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./12/binderfs")                 = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./12/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./12")                           = 0
mkdir("./13", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5094 attached
 <unfinished ...>
[pid  5094] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5094] chdir("./13" <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5094
[pid  5094] <... chdir resumed>)        = 0
[pid  5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5094] setpgid(0, 0)               = 0
[pid  5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "1000", 4)         = 4
[pid  5094] close(3)                    = 0
[pid  5094] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5094] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5094] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5094] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5094] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5094] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5094] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5094] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5095 attached
 <unfinished ...>
[pid  5095] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5095] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5094] <... clone3 resumed> => {parent_tid=[5095]}, 88) = 5095
[pid  5095] <... set_robust_list resumed>) = 0
[pid  5095] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5095] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5094] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5094] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5095] <... futex resumed>)        = 0
[pid  5094] <... futex resumed>)        = 1
[pid  5094] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5095] memfd_create("syzkaller", 0) = 3
[pid  5095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5095] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5095] munmap(0x7f45fe200000, 138412032) = 0
[pid  5095] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5095] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5095] close(3)                    = 0
[pid  5095] close(4)                    = 0
[pid  5095] mkdir("./file0", 0777)      = 0
[pid  5095] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5095] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5095] chdir("./file0")            = 0
[pid  5095] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5095] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5094] <... futex resumed>)        = 0
[pid  5095] <... futex resumed>)        = 1
[pid  5094] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5095] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5094] <... futex resumed>)        = 0
[pid  5094] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5095] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5095] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5094] <... futex resumed>)        = 0
[pid  5095] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5094] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5095] <... futex resumed>)        = 0
[pid  5094] <... futex resumed>)        = 1
[pid  5095] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[   50.275730][ T5095] loop0: detected capacity change from 0 to 64
[pid  5094] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5095] <... open resumed>)         = 4
[pid  5095] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5094] <... futex resumed>)        = 0
[pid  5095] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5094] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5095] <... futex resumed>)        = 0
[pid  5094] <... futex resumed>)        = 1
[pid  5095] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5094] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5094] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5095] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5094] <... mmap resumed>)         = 0x7f4606666000
[pid  5095] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5094] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5095] <... futex resumed>)        = 0
[pid  5095] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5094] <... mprotect resumed>)     = 0
[pid  5094] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5094] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5096 attached
 <unfinished ...>
[pid  5096] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5094] <... clone3 resumed> => {parent_tid=[5096]}, 88) = 5096
[pid  5096] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5094] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5096] <... set_robust_list resumed>) = 0
[pid  5096] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5094] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5096] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5094] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5096] creat("./file1", 000 <unfinished ...>
[pid  5094] <... futex resumed>)        = 0
[pid  5096] <... creat resumed>)        = 5
[pid  5094] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5096] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5094] <... futex resumed>)        = 0
[pid  5096] <... futex resumed>)        = 1
[pid  5094] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5096] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5095] <... futex resumed>)        = 0
[pid  5094] <... futex resumed>)        = 1
[pid  5094] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5095] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5095] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5094] <... futex resumed>)        = 0
[pid  5095] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5094] exit_group(0 <unfinished ...>
[pid  5096] <... futex resumed>)        = ?
[pid  5095] <... futex resumed>)        = ?
[pid  5096] +++ exited with 0 +++
[pid  5095] +++ exited with 0 +++
[pid  5094] <... exit_group resumed>)   = ?
[pid  5094] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./13/binderfs")                 = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./13/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./13")                           = 0
mkdir("./14", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5097 attached
, child_tidptr=0x5555555b0690) = 5097
[pid  5097] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5097] chdir("./14")               = 0
[pid  5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5097] setpgid(0, 0)               = 0
[pid  5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5097] write(3, "1000", 4)         = 4
[pid  5097] close(3)                    = 0
[pid  5097] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5097] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5097] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5097] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5097] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5097] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5097] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5097] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5098 attached
 => {parent_tid=[5098]}, 88) = 5098
[pid  5098] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5097] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5098] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5097] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5098] <... set_robust_list resumed>) = 0
[pid  5097] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5098] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5097] <... futex resumed>)        = 0
[pid  5098] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5097] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5098] memfd_create("syzkaller", 0) = 3
[pid  5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5098] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5098] munmap(0x7f45fe200000, 138412032) = 0
[pid  5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5098] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5098] close(3)                    = 0
[pid  5098] close(4)                    = 0
[pid  5098] mkdir("./file0", 0777)      = 0
[pid  5098] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5098] chdir("./file0")            = 0
[pid  5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5098] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5098] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5097] <... futex resumed>)        = 0
[pid  5097] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5098] <... futex resumed>)        = 0
[pid  5097] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[   50.524285][ T5098] loop0: detected capacity change from 0 to 64
[pid  5098] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = -1 EINVAL (Invalid argument)
[pid  5098] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5097] <... futex resumed>)        = 0
[pid  5098] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5097] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5098] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5097] <... futex resumed>)        = 0
[pid  5097] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5098] <... open resumed>)         = 4
[pid  5098] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5097] <... futex resumed>)        = 0
[pid  5097] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5097] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5098] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5097] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5097] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5098] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5097] <... mprotect resumed>)     = 0
[pid  5098] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5097] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5098] <... futex resumed>)        = 0
[pid  5098] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5097] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5097] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5099 attached
 <unfinished ...>
[pid  5099] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5097] <... clone3 resumed> => {parent_tid=[5099]}, 88) = 5099
[pid  5099] <... rseq resumed>)         = 0
[pid  5097] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5099] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5097] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5099] <... set_robust_list resumed>) = 0
[pid  5097] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5099] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5097] <... futex resumed>)        = 0
[pid  5099] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5097] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5099] creat("./file1", 000)       = 5
[pid  5099] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5099] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5097] <... futex resumed>)        = 0
[pid  5097] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5097] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5098] <... futex resumed>)        = 0
[pid  5098] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5098] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5097] <... futex resumed>)        = 0
[pid  5098] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5097] exit_group(0)               = ?
[pid  5099] <... futex resumed>)        = ?
[pid  5098] <... futex resumed>)        = ?
[pid  5099] +++ exited with 0 +++
[pid  5098] +++ exited with 0 +++
[pid  5097] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./14/binderfs")                 = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./14/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./14")                           = 0
mkdir("./15", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5100 attached
 <unfinished ...>
[pid  5100] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5100] chdir("./15")               = 0
[pid  5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5100] setpgid(0, 0 <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5100
[pid  5100] <... setpgid resumed>)      = 0
[pid  5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5100] write(3, "1000", 4)         = 4
[pid  5100] close(3)                    = 0
[pid  5100] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5100] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5100] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5100] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5100] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5100] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5100] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5100] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5101 attached
 <unfinished ...>
[pid  5101] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5101] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5100] <... clone3 resumed> => {parent_tid=[5101]}, 88) = 5101
[pid  5101] <... set_robust_list resumed>) = 0
[pid  5101] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5100] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5101] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5100] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5100] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5101] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5100] <... futex resumed>)        = 0
[pid  5101] <... memfd_create resumed>) = 3
[pid  5100] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5101] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5101] munmap(0x7f45fe200000, 138412032) = 0
[pid  5101] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5101] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5101] close(3)                    = 0
[pid  5101] close(4)                    = 0
[pid  5101] mkdir("./file0", 0777)      = 0
[pid  5101] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5101] chdir("./file0")            = 0
[pid  5101] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5101] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5100] <... futex resumed>)        = 0
[pid  5101] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5100] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5101] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5101] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5100] <... futex resumed>)        = 0
[pid  5100] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5101] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5101] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5100] <... futex resumed>)        = 0
[pid  5101] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5100] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5101] <... futex resumed>)        = 0
[pid  5101] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5100] <... futex resumed>)        = 1
[pid  5100] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5101] <... open resumed>)         = 4
[pid  5101] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5100] <... futex resumed>)        = 0
[pid  5101] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5100] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5101] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5100] <... futex resumed>)        = 0
[pid  5101] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5100] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5101] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5100] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5101] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5100] <... mmap resumed>)         = 0x7f4606666000
[pid  5101] <... futex resumed>)        = 0
[pid  5100] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5101] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5100] <... mprotect resumed>)     = 0
[pid  5100] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5100] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5102 attached
 <unfinished ...>
[pid  5102] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5100] <... clone3 resumed> => {parent_tid=[5102]}, 88) = 5102
[pid  5102] <... rseq resumed>)         = 0
[pid  5100] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5102] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5100] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5102] <... set_robust_list resumed>) = 0
[pid  5100] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5102] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5100] <... futex resumed>)        = 0
[pid  5100] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5102] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5102] creat("./file1", 000)       = 5
[   50.805857][ T5101] loop0: detected capacity change from 0 to 64
[pid  5102] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5100] <... futex resumed>)        = 0
[pid  5102] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5100] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5101] <... futex resumed>)        = 0
[pid  5100] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5101] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5101] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5100] <... futex resumed>)        = 0
[pid  5101] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5100] exit_group(0 <unfinished ...>
[pid  5101] <... futex resumed>)        = ?
[pid  5100] <... exit_group resumed>)   = ?
[pid  5102] <... futex resumed>)        = ?
[pid  5101] +++ exited with 0 +++
[pid  5102] +++ exited with 0 +++
[pid  5100] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./15/binderfs")                 = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./15/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./15")                           = 0
mkdir("./16", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5103 attached
, child_tidptr=0x5555555b0690) = 5103
[pid  5103] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5103] chdir("./16")               = 0
[pid  5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5103] setpgid(0, 0)               = 0
[pid  5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5103] write(3, "1000", 4)         = 4
[pid  5103] close(3)                    = 0
[pid  5103] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5103] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5103] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5103] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5103] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5103] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5103] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5103] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5104 attached
 => {parent_tid=[5104]}, 88) = 5104
[pid  5103] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5104] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5103] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5104] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5103] <... futex resumed>)        = 0
[pid  5104] <... set_robust_list resumed>) = 0
[pid  5103] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5104] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5104] memfd_create("syzkaller", 0) = 3
[pid  5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5104] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5104] munmap(0x7f45fe200000, 138412032) = 0
[pid  5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5104] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5104] close(3)                    = 0
[pid  5104] close(4)                    = 0
[pid  5104] mkdir("./file0", 0777)      = 0
[pid  5104] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5104] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5104] chdir("./file0")            = 0
[pid  5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5104] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5103] <... futex resumed>)        = 0
[pid  5103] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5104] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5103] <... futex resumed>)        = 0
[pid  5103] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5104] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5104] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5103] <... futex resumed>)        = 0
[pid  5104] <... futex resumed>)        = 1
[pid  5103] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5104] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5103] <... futex resumed>)        = 0
[pid  5104] <... open resumed>)         = 4
[   51.025777][ T5104] loop0: detected capacity change from 0 to 64
[pid  5103] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5104] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5103] <... futex resumed>)        = 0
[pid  5103] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5104] <... futex resumed>)        = 1
[pid  5103] <... futex resumed>)        = 0
[pid  5104] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5103] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5103] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5103] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5104] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5103] <... mprotect resumed>)     = 0
[pid  5103] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5104] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5103] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5104] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5103] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5105 attached
 => {parent_tid=[5105]}, 88) = 5105
[pid  5105] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5103] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5105] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5103] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5105] <... set_robust_list resumed>) = 0
[pid  5103] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5105] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5103] <... futex resumed>)        = 0
[pid  5105] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5103] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5105] creat("./file1", 000)       = 5
[pid  5105] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5105] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5103] <... futex resumed>)        = 0
[pid  5103] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5104] <... futex resumed>)        = 0
[pid  5103] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5104] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5104] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5103] <... futex resumed>)        = 0
[pid  5103] exit_group(0)               = ?
[pid  5105] <... futex resumed>)        = ?
[pid  5104] +++ exited with 0 +++
[pid  5105] +++ exited with 0 +++
[pid  5103] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./16/binderfs")                 = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./16/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./16")                           = 0
mkdir("./17", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5106 attached
 <unfinished ...>
[pid  5106] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5106] chdir("./17" <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5106
[pid  5106] <... chdir resumed>)        = 0
[pid  5106] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5106] setpgid(0, 0)               = 0
[pid  5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5106] write(3, "1000", 4)         = 4
[pid  5106] close(3)                    = 0
[pid  5106] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5106] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5106] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5106] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5106] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5106] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5106] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5106] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5107 attached
 <unfinished ...>
[pid  5107] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5106] <... clone3 resumed> => {parent_tid=[5107]}, 88) = 5107
[pid  5107] <... rseq resumed>)         = 0
[pid  5106] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5107] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5106] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5107] <... set_robust_list resumed>) = 0
[pid  5106] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5107] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5106] <... futex resumed>)        = 0
[pid  5107] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5106] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5107] <... memfd_create resumed>) = 3
[pid  5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5107] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5107] munmap(0x7f45fe200000, 138412032) = 0
[pid  5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5107] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5107] close(3)                    = 0
[pid  5107] close(4)                    = 0
[pid  5107] mkdir("./file0", 0777)      = 0
[pid  5107] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5107] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5107] chdir("./file0")            = 0
[pid  5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5107] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5106] <... futex resumed>)        = 0
[pid  5107] <... futex resumed>)        = 1
[pid  5106] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5107] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5106] <... futex resumed>)        = 0
[pid  5106] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5107] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5107] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5106] <... futex resumed>)        = 0
[pid  5107] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5106] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5107] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5106] <... futex resumed>)        = 0
[pid  5107] <... open resumed>)         = 4
[pid  5106] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5107] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5106] <... futex resumed>)        = 0
[pid  5107] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5106] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5107] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5106] <... futex resumed>)        = 0
[pid  5107] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5106] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5107] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5106] <... futex resumed>)        = 0
[pid  5107] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5106] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5107] <... futex resumed>)        = 0
[pid  5106] <... mmap resumed>)         = 0x7f4606666000
[pid  5107] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5106] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5106] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5106] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5108 attached
 <unfinished ...>
[pid  5108] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5106] <... clone3 resumed> => {parent_tid=[5108]}, 88) = 5108
[pid  5108] <... rseq resumed>)         = 0
[pid  5106] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5108] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5106] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5108] <... set_robust_list resumed>) = 0
[pid  5106] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5108] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5106] <... futex resumed>)        = 0
[pid  5108] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5106] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5108] creat("./file1", 000)       = 5
[pid  5108] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5106] <... futex resumed>)        = 0
[pid  5108] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5106] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5107] <... futex resumed>)        = 0
[pid  5106] <... futex resumed>)        = 1
[pid  5107] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5106] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5107] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5106] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5107] <... futex resumed>)        = 0
[pid  5106] exit_group(0 <unfinished ...>
[pid  5107] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL) = ?
[pid  5106] <... exit_group resumed>)   = ?
[pid  5107] +++ exited with 0 +++
[pid  5108] <... futex resumed>)        = ?
[pid  5108] +++ exited with 0 +++
[pid  5106] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[   51.323651][ T5107] loop0: detected capacity change from 0 to 64
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./17/binderfs")                 = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./17/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./17")                           = 0
mkdir("./18", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5109 attached
 <unfinished ...>
[pid  5109] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5109] chdir("./18")               = 0
[pid  5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5109
[pid  5109] setpgid(0, 0)               = 0
[pid  5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5109] write(3, "1000", 4)         = 4
[pid  5109] close(3)                    = 0
[pid  5109] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5109] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5109] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5109] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5109] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5109] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5109] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0} => {parent_tid=[5110]}, 88) = 5110
./strace-static-x86_64: Process 5110 attached
[pid  5109] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5110] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5109] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5110] <... rseq resumed>)         = 0
[pid  5109] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5110] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5109] <... futex resumed>)        = 0
[pid  5110] <... set_robust_list resumed>) = 0
[pid  5109] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5110] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5110] memfd_create("syzkaller", 0) = 3
[pid  5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5110] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5110] munmap(0x7f45fe200000, 138412032) = 0
[pid  5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5110] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5110] close(3)                    = 0
[pid  5110] close(4)                    = 0
[pid  5110] mkdir("./file0", 0777)      = 0
[pid  5110] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5110] chdir("./file0")            = 0
[pid  5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5110] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5109] <... futex resumed>)        = 0
[pid  5110] <... futex resumed>)        = 1
[pid  5109] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5110] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5109] <... futex resumed>)        = 0
[pid  5110] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5109] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5110] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5109] <... futex resumed>)        = 0
[pid  5110] <... futex resumed>)        = 1
[pid  5109] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5110] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5109] <... futex resumed>)        = 0
[pid  5109] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5110] <... open resumed>)         = 4
[pid  5110] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5109] <... futex resumed>)        = 0
[pid  5110] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5109] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5110] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5109] <... futex resumed>)        = 0
[   51.494336][ T5110] loop0: detected capacity change from 0 to 64
[pid  5110] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5109] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5109] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5109] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5110] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5109] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5111 attached
 <unfinished ...>
[pid  5110] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5109] <... clone3 resumed> => {parent_tid=[5111]}, 88) = 5111
[pid  5111] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5110] <... futex resumed>)        = 0
[pid  5111] <... rseq resumed>)         = 0
[pid  5109] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5111] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5109] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5111] <... set_robust_list resumed>) = 0
[pid  5109] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5111] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5109] <... futex resumed>)        = 0
[pid  5111] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5111] creat("./file1", 000 <unfinished ...>
[pid  5109] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5111] <... creat resumed>)        = 5
[pid  5110] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5111] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5109] <... futex resumed>)        = 0
[pid  5111] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5109] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5110] <... futex resumed>)        = 0
[pid  5109] <... futex resumed>)        = 1
[pid  5110] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5109] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5110] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5110] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5109] <... futex resumed>)        = 0
[pid  5110] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5109] exit_group(0 <unfinished ...>
[pid  5110] <... futex resumed>)        = ?
[pid  5111] <... futex resumed>)        = ?
[pid  5109] <... exit_group resumed>)   = ?
[pid  5110] +++ exited with 0 +++
[pid  5111] +++ exited with 0 +++
[pid  5109] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./18/binderfs")                 = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./18/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./18")                           = 0
mkdir("./19", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5112 attached
, child_tidptr=0x5555555b0690) = 5112
[pid  5112] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5112] chdir("./19")               = 0
[pid  5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5112] setpgid(0, 0)               = 0
[pid  5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5112] write(3, "1000", 4)         = 4
[pid  5112] close(3)                    = 0
[pid  5112] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5112] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5112] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5112] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5112] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5112] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5112] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5112] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5113 attached
 <unfinished ...>
[pid  5113] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5112] <... clone3 resumed> => {parent_tid=[5113]}, 88) = 5113
[pid  5113] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5112] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5113] <... set_robust_list resumed>) = 0
[pid  5112] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5113] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5112] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5113] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5112] <... futex resumed>)        = 0
[pid  5112] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5113] memfd_create("syzkaller", 0) = 3
[pid  5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5113] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5113] munmap(0x7f45fe200000, 138412032) = 0
[pid  5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5113] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5113] close(3)                    = 0
[pid  5113] close(4)                    = 0
[pid  5113] mkdir("./file0", 0777)      = 0
[pid  5113] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5113] chdir("./file0")            = 0
[pid  5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5113] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5112] <... futex resumed>)        = 0
[pid  5112] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5113] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5112] <... futex resumed>)        = 0
[pid  5112] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5113] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5113] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5112] <... futex resumed>)        = 0
[pid  5113] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5112] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5113] <... futex resumed>)        = 0
[pid  5112] <... futex resumed>)        = 1
[pid  5113] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5112] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5113] <... open resumed>)         = 4
[pid  5113] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5112] <... futex resumed>)        = 0
[pid  5112] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5112] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5112] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5113] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5112] <... mmap resumed>)         = 0x7f4606666000
[pid  5112] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5112] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5113] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5112] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5112] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5114 attached
 <unfinished ...>
[pid  5114] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5112] <... clone3 resumed> => {parent_tid=[5114]}, 88) = 5114
[pid  5114] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5112] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5114] <... set_robust_list resumed>) = 0
[pid  5112] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5114] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5112] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5114] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5113] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5112] <... futex resumed>)        = 0
[pid  5114] creat("./file1", 000 <unfinished ...>
[pid  5113] <... futex resumed>)        = 0
[pid  5113] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5112] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5114] <... creat resumed>)        = 5
[pid  5114] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5114] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5112] <... futex resumed>)        = 0
[pid  5112] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5113] <... futex resumed>)        = 0
[pid  5112] <... futex resumed>)        = 1
[pid  5113] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5112] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5113] <... write resumed>)        = -1 ENOSPC (No space left on device)
[   51.786467][ T5113] loop0: detected capacity change from 0 to 64
[pid  5113] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5112] <... futex resumed>)        = 0
[pid  5112] exit_group(0 <unfinished ...>
[pid  5113] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5112] <... exit_group resumed>)   = ?
[pid  5113] <... futex resumed>)        = ?
[pid  5114] <... futex resumed>)        = ?
[pid  5114] +++ exited with 0 +++
[pid  5113] +++ exited with 0 +++
[pid  5112] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./19/binderfs")                 = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./19/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./19")                           = 0
mkdir("./20", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5115 attached
 <unfinished ...>
[pid  5115] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5115] chdir("./20")               = 0
[pid  5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5115] setpgid(0, 0)               = 0
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5115
[pid  5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5115] write(3, "1000", 4)         = 4
[pid  5115] close(3)                    = 0
[pid  5115] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5115] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5115] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5115] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5115] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5115] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5115] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5115] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5116 attached
 <unfinished ...>
[pid  5116] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5115] <... clone3 resumed> => {parent_tid=[5116]}, 88) = 5116
[pid  5116] <... rseq resumed>)         = 0
[pid  5115] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5116] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5115] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5116] <... set_robust_list resumed>) = 0
[pid  5115] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5116] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5115] <... futex resumed>)        = 0
[pid  5116] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5116] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5115] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5116] <... memfd_create resumed>) = 3
[pid  5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5116] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5116] munmap(0x7f45fe200000, 138412032) = 0
[pid  5116] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5116] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5116] close(3)                    = 0
[pid  5116] close(4)                    = 0
[pid  5116] mkdir("./file0", 0777)      = 0
[pid  5116] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5116] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5116] chdir("./file0")            = 0
[pid  5116] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[   52.037363][ T5116] loop0: detected capacity change from 0 to 64
[pid  5116] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5115] <... futex resumed>)        = 0
[pid  5116] <... futex resumed>)        = 1
[pid  5115] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5116] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5115] <... futex resumed>)        = 0
[pid  5115] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5116] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5116] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5115] <... futex resumed>)        = 0
[pid  5116] <... futex resumed>)        = 1
[pid  5115] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5116] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5115] <... futex resumed>)        = 0
[pid  5116] <... open resumed>)         = 4
[pid  5115] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5116] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5115] <... futex resumed>)        = 0
[pid  5116] <... futex resumed>)        = 1
[pid  5115] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5116] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5115] <... futex resumed>)        = 0
[pid  5115] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5115] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5115] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5116] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5115] <... mprotect resumed>)     = 0
[pid  5116] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5116] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5115] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5115] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5117 attached
 <unfinished ...>
[pid  5117] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5115] <... clone3 resumed> => {parent_tid=[5117]}, 88) = 5117
[pid  5117] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5115] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5117] <... set_robust_list resumed>) = 0
[pid  5117] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5115] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5117] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5115] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5117] creat("./file1", 000 <unfinished ...>
[pid  5115] <... futex resumed>)        = 0
[pid  5117] <... creat resumed>)        = 5
[pid  5115] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5117] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5115] <... futex resumed>)        = 0
[pid  5117] <... futex resumed>)        = 1
[pid  5115] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5117] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5116] <... futex resumed>)        = 0
[pid  5115] <... futex resumed>)        = 1
[pid  5116] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5115] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5116] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5116] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5115] <... futex resumed>)        = 0
[pid  5116] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5115] exit_group(0 <unfinished ...>
[pid  5117] <... futex resumed>)        = ?
[pid  5116] <... futex resumed>)        = ?
[pid  5115] <... exit_group resumed>)   = ?
[pid  5116] +++ exited with 0 +++
[pid  5117] +++ exited with 0 +++
[pid  5115] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./20/binderfs")                 = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./20/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./20")                           = 0
mkdir("./21", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5118 attached
 <unfinished ...>
[pid  5118] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5118] chdir("./21" <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5118
[pid  5118] <... chdir resumed>)        = 0
[pid  5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5118] setpgid(0, 0)               = 0
[pid  5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5118] write(3, "1000", 4)         = 4
[pid  5118] close(3)                    = 0
[pid  5118] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5118] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5118] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5118] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5118] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5118] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5118] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5118] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5119 attached
 <unfinished ...>
[pid  5119] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5118] <... clone3 resumed> => {parent_tid=[5119]}, 88) = 5119
[pid  5119] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5118] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5119] <... set_robust_list resumed>) = 0
[pid  5118] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5119] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5118] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5119] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5118] <... futex resumed>)        = 0
[pid  5119] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5118] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5119] <... memfd_create resumed>) = 3
[pid  5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5119] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5119] munmap(0x7f45fe200000, 138412032) = 0
[pid  5119] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5119] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5119] close(3)                    = 0
[pid  5119] close(4)                    = 0
[pid  5119] mkdir("./file0", 0777)      = 0
[pid  5119] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5119] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5119] chdir("./file0")            = 0
[pid  5119] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5119] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5118] <... futex resumed>)        = 0
[pid  5119] <... futex resumed>)        = 1
[pid  5118] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5119] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5118] <... futex resumed>)        = 0
[pid  5118] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5119] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5119] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5118] <... futex resumed>)        = 0
[pid  5119] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5118] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5119] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5118] <... futex resumed>)        = 0
[pid  5119] <... open resumed>)         = 4
[   52.287978][ T5119] loop0: detected capacity change from 0 to 64
[pid  5118] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5119] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5118] <... futex resumed>)        = 0
[pid  5118] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5118] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5119] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5118] <... futex resumed>)        = 0
[pid  5118] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5119] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5118] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5118] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5119] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5118] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5119] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5118] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5120 attached
 <unfinished ...>
[pid  5120] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5120] set_robust_list(0x7f46066869a0, 24) = 0
[pid  5120] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5118] <... clone3 resumed> => {parent_tid=[5120]}, 88) = 5120
[pid  5120] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5118] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5120] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5118] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5118] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5120] <... futex resumed>)        = 0
[pid  5120] creat("./file1", 000 <unfinished ...>
[pid  5118] <... futex resumed>)        = 1
[pid  5118] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5120] <... creat resumed>)        = 5
[pid  5120] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5118] <... futex resumed>)        = 0
[pid  5120] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5118] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5119] <... futex resumed>)        = 0
[pid  5118] <... futex resumed>)        = 1
[pid  5119] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5118] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5119] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5119] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5118] <... futex resumed>)        = 0
[pid  5119] <... futex resumed>)        = 1
[pid  5118] exit_group(0 <unfinished ...>
[pid  5119] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL) = ?
[pid  5119] +++ exited with 0 +++
[pid  5120] <... futex resumed>)        = ?
[pid  5118] <... exit_group resumed>)   = ?
[pid  5120] +++ exited with 0 +++
[pid  5118] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./21/binderfs")                 = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./21/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./21")                           = 0
mkdir("./22", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5121 attached
 <unfinished ...>
[pid  5121] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5121] chdir("./22")               = 0
[pid  5121] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5121] setpgid(0, 0 <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5121
[pid  5121] <... setpgid resumed>)      = 0
[pid  5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5121] write(3, "1000", 4)         = 4
[pid  5121] close(3)                    = 0
[pid  5121] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5121] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5121] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5121] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5121] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5121] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5121] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5121] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5122 attached
 <unfinished ...>
[pid  5122] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5121] <... clone3 resumed> => {parent_tid=[5122]}, 88) = 5122
[pid  5122] <... rseq resumed>)         = 0
[pid  5121] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5122] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5121] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5122] <... set_robust_list resumed>) = 0
[pid  5121] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5122] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5121] <... futex resumed>)        = 0
[pid  5122] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5121] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5122] memfd_create("syzkaller", 0) = 3
[pid  5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5122] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5122] munmap(0x7f45fe200000, 138412032) = 0
[pid  5122] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5122] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5122] close(3)                    = 0
[pid  5122] close(4)                    = 0
[pid  5122] mkdir("./file0", 0777)      = 0
[pid  5122] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5122] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5122] chdir("./file0")            = 0
[pid  5122] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5122] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5121] <... futex resumed>)        = 0
[pid  5122] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5121] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5122] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5121] <... futex resumed>)        = 0
[pid  5122] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5121] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5122] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5122] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5121] <... futex resumed>)        = 0
[pid  5122] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5121] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5122] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5121] <... futex resumed>)        = 0
[pid  5122] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5121] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5122] <... open resumed>)         = 4
[pid  5122] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5121] <... futex resumed>)        = 0
[pid  5122] <... futex resumed>)        = 1
[pid  5121] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5122] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5121] <... futex resumed>)        = 0
[   52.538878][ T5122] loop0: detected capacity change from 0 to 64
[pid  5121] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5121] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5122] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5121] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5122] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5121] <... mprotect resumed>)     = 0
[pid  5122] <... futex resumed>)        = 0
[pid  5122] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5121] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5121] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0} => {parent_tid=[5123]}, 88) = 5123
./strace-static-x86_64: Process 5123 attached
[pid  5121] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5121] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5121] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5123] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5123] set_robust_list(0x7f46066869a0, 24) = 0
[pid  5123] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5123] creat("./file1", 000)       = 5
[pid  5123] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5121] <... futex resumed>)        = 0
[pid  5123] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5121] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5122] <... futex resumed>)        = 0
[pid  5121] <... futex resumed>)        = 1
[pid  5122] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5121] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5122] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5122] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5121] <... futex resumed>)        = 0
[pid  5122] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5121] exit_group(0 <unfinished ...>
[pid  5123] <... futex resumed>)        = ?
[pid  5122] <... futex resumed>)        = ?
[pid  5121] <... exit_group resumed>)   = ?
[pid  5123] +++ exited with 0 +++
[pid  5122] +++ exited with 0 +++
[pid  5121] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./22/binderfs")                 = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./22/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./22")                           = 0
mkdir("./23", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5124 attached
, child_tidptr=0x5555555b0690) = 5124
[pid  5124] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5124] chdir("./23")               = 0
[pid  5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5124] setpgid(0, 0)               = 0
[pid  5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5124] write(3, "1000", 4)         = 4
[pid  5124] close(3)                    = 0
[pid  5124] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5124] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5124] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5124] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5124] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5124] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5124] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5125 attached
 => {parent_tid=[5125]}, 88) = 5125
[pid  5124] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5125] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5125] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5124] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5125] <... set_robust_list resumed>) = 0
[pid  5124] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5125] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5125] memfd_create("syzkaller", 0) = 3
[pid  5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5125] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5125] munmap(0x7f45fe200000, 138412032) = 0
[pid  5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5125] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5125] close(3)                    = 0
[pid  5125] close(4)                    = 0
[pid  5125] mkdir("./file0", 0777)      = 0
[pid  5125] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5125] chdir("./file0")            = 0
[pid  5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5125] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5125] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5124] <... futex resumed>)        = 0
[pid  5124] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5125] <... futex resumed>)        = 0
[pid  5124] <... futex resumed>)        = 1
[pid  5125] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5124] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5125] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5125] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5124] <... futex resumed>)        = 0
[pid  5125] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5124] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5125] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5124] <... futex resumed>)        = 0
[pid  5125] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5124] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5125] <... open resumed>)         = 4
[pid  5125] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5124] <... futex resumed>)        = 0
[pid  5125] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5124] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5125] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5124] <... futex resumed>)        = 0
[pid  5125] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5124] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5125] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5125] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5124] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5125] <... futex resumed>)        = 0
[   52.834658][ T5125] loop0: detected capacity change from 0 to 64
[pid  5124] <... mprotect resumed>)     = 0
[pid  5125] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5124] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5124] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5126 attached
 <unfinished ...>
[pid  5126] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5124] <... clone3 resumed> => {parent_tid=[5126]}, 88) = 5126
[pid  5124] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5124] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5126] <... rseq resumed>)         = 0
[pid  5126] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5124] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5126] <... set_robust_list resumed>) = 0
[pid  5126] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5126] creat("./file1", 000)       = 5
[pid  5126] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5126] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5124] <... futex resumed>)        = 0
[pid  5124] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5124] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5125] <... futex resumed>)        = 0
[pid  5125] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5125] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5124] <... futex resumed>)        = 0
[pid  5125] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5124] exit_group(0)               = ?
[pid  5126] <... futex resumed>)        = ?
[pid  5125] <... futex resumed>)        = ?
[pid  5126] +++ exited with 0 +++
[pid  5125] +++ exited with 0 +++
[pid  5124] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./23/binderfs")                 = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./23/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./23")                           = 0
mkdir("./24", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5127 attached
 <unfinished ...>
[pid  5127] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5127] chdir("./24")               = 0
[pid  5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5127] setpgid(0, 0 <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5127
[pid  5127] <... setpgid resumed>)      = 0
[pid  5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5127] write(3, "1000", 4)         = 4
[pid  5127] close(3)                    = 0
[pid  5127] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5127] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5127] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5127] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5127] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5127] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5127] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5127] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5128 attached
 <unfinished ...>
[pid  5128] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5127] <... clone3 resumed> => {parent_tid=[5128]}, 88) = 5128
[pid  5128] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5127] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5128] <... set_robust_list resumed>) = 0
[pid  5127] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5128] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5127] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5128] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5127] <... futex resumed>)        = 0
[pid  5128] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5127] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5128] <... memfd_create resumed>) = 3
[pid  5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5128] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5128] munmap(0x7f45fe200000, 138412032) = 0
[pid  5128] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5128] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5128] close(3)                    = 0
[pid  5128] close(4)                    = 0
[pid  5128] mkdir("./file0", 0777)      = 0
[pid  5128] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5128] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5128] chdir("./file0")            = 0
[pid  5128] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5128] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5128] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5127] <... futex resumed>)        = 0
[pid  5127] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5128] <... futex resumed>)        = 0
[pid  5127] <... futex resumed>)        = 1
[pid  5128] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[   53.115507][ T5128] loop0: detected capacity change from 0 to 64
[pid  5127] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5128] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5128] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5127] <... futex resumed>)        = 0
[pid  5128] <... futex resumed>)        = 1
[pid  5127] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5128] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5127] <... futex resumed>)        = 0
[pid  5128] <... open resumed>)         = 4
[pid  5127] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5128] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5127] <... futex resumed>)        = 0
[pid  5128] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5127] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5127] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5128] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5127] <... futex resumed>)        = 0
[pid  5128] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5127] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5128] <... futex resumed>)        = 0
[pid  5128] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5127] <... mmap resumed>)         = 0x7f4606666000
[pid  5127] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5127] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5127] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5129 attached
 => {parent_tid=[5129]}, 88) = 5129
[pid  5129] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5129] set_robust_list(0x7f46066869a0, 24) = 0
[pid  5129] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5127] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5129] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5127] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5129] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5127] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5129] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5127] <... futex resumed>)        = 0
[pid  5129] creat("./file1", 000 <unfinished ...>
[pid  5127] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5129] <... creat resumed>)        = 5
[pid  5129] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5129] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5127] <... futex resumed>)        = 0
[pid  5127] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5127] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5128] <... futex resumed>)        = 0
[pid  5128] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5128] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5127] <... futex resumed>)        = 0
[pid  5128] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5127] exit_group(0 <unfinished ...>
[pid  5128] <... futex resumed>)        = ?
[pid  5128] +++ exited with 0 +++
[pid  5127] <... exit_group resumed>)   = ?
[pid  5129] <... futex resumed>)        = ?
[pid  5129] +++ exited with 0 +++
[pid  5127] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./24/binderfs")                 = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./24/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./24")                           = 0
mkdir("./25", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5130 attached
 <unfinished ...>
[pid  5130] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5130] chdir("./25")               = 0
[pid  5130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5130] setpgid(0, 0)               = 0
[pid  5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5130
[pid  5130] <... openat resumed>)       = 3
[pid  5130] write(3, "1000", 4)         = 4
[pid  5130] close(3)                    = 0
[pid  5130] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5130] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5130] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5130] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5130] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5130] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5130] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5130] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5131 attached
 <unfinished ...>
[pid  5131] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5130] <... clone3 resumed> => {parent_tid=[5131]}, 88) = 5131
[pid  5131] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5130] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5131] <... set_robust_list resumed>) = 0
[pid  5130] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5131] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5130] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5131] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5130] <... futex resumed>)        = 0
[pid  5131] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5130] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5131] <... memfd_create resumed>) = 3
[pid  5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5131] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5131] munmap(0x7f45fe200000, 138412032) = 0
[pid  5131] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5131] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5131] close(3)                    = 0
[pid  5131] close(4)                    = 0
[pid  5131] mkdir("./file0", 0777)      = 0
[pid  5131] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5131] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5131] chdir("./file0")            = 0
[pid  5131] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5131] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5130] <... futex resumed>)        = 0
[pid  5131] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5130] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5130] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5131] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5131] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5130] <... futex resumed>)        = 0
[pid  5131] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5130] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5131] <... open resumed>)         = 4
[pid  5130] <... futex resumed>)        = 0
[   53.404913][ T5131] loop0: detected capacity change from 0 to 64
[pid  5130] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5131] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5130] <... futex resumed>)        = 0
[pid  5131] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5130] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5130] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5130] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5131] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5130] <... mmap resumed>)         = 0x7f4606666000
[pid  5130] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5131] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5130] <... mprotect resumed>)     = 0
[pid  5131] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5130] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5130] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5132 attached
 => {parent_tid=[5132]}, 88) = 5132
[pid  5130] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5130] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5132] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5130] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5132] set_robust_list(0x7f46066869a0, 24) = 0
[pid  5132] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5132] creat("./file1", 000)       = 5
[pid  5132] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5132] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5130] <... futex resumed>)        = 0
[pid  5130] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5131] <... futex resumed>)        = 0
[pid  5130] <... futex resumed>)        = 1
[pid  5130] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5131] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5131] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5130] <... futex resumed>)        = 0
[pid  5131] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5130] exit_group(0 <unfinished ...>
[pid  5132] <... futex resumed>)        = ?
[pid  5131] <... futex resumed>)        = ?
[pid  5130] <... exit_group resumed>)   = ?
[pid  5132] +++ exited with 0 +++
[pid  5131] +++ exited with 0 +++
[pid  5130] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./25/binderfs")                 = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./25/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./25")                           = 0
mkdir("./26", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5133 attached
, child_tidptr=0x5555555b0690) = 5133
[pid  5133] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5133] chdir("./26")               = 0
[pid  5133] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5133] setpgid(0, 0)               = 0
[pid  5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5133] write(3, "1000", 4)         = 4
[pid  5133] close(3)                    = 0
[pid  5133] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5133] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5133] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5133] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5133] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5133] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5133] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5133] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5134 attached
 <unfinished ...>
[pid  5134] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5133] <... clone3 resumed> => {parent_tid=[5134]}, 88) = 5134
[pid  5134] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5133] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5134] <... set_robust_list resumed>) = 0
[pid  5133] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5134] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5133] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5134] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5133] <... futex resumed>)        = 0
[pid  5134] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5133] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5134] <... memfd_create resumed>) = 3
[pid  5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5134] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5134] munmap(0x7f45fe200000, 138412032) = 0
[pid  5134] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5134] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5134] close(3)                    = 0
[pid  5134] close(4)                    = 0
[pid  5134] mkdir("./file0", 0777)      = 0
[pid  5134] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5134] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5134] chdir("./file0")            = 0
[pid  5134] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5134] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5133] <... futex resumed>)        = 0
[pid  5134] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5133] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   53.724647][ T5134] loop0: detected capacity change from 0 to 64
[pid  5133] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5134] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5134] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5133] <... futex resumed>)        = 0
[pid  5134] <... futex resumed>)        = 1
[pid  5133] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5134] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5133] <... futex resumed>)        = 0
[pid  5134] <... open resumed>)         = 4
[pid  5133] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5134] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5133] <... futex resumed>)        = 0
[pid  5134] <... futex resumed>)        = 1
[pid  5133] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5134] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5133] <... futex resumed>)        = 0
[pid  5133] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5133] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5134] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5133] <... mmap resumed>)         = 0x7f4606666000
[pid  5134] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5134] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5133] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5133] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5133] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5135 attached
 <unfinished ...>
[pid  5135] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5133] <... clone3 resumed> => {parent_tid=[5135]}, 88) = 5135
[pid  5135] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5133] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5135] <... set_robust_list resumed>) = 0
[pid  5135] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5133] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5135] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5133] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5135] creat("./file1", 000 <unfinished ...>
[pid  5133] <... futex resumed>)        = 0
[pid  5135] <... creat resumed>)        = 5
[pid  5133] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5135] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5135] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5133] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5133] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5134] <... futex resumed>)        = 0
[pid  5133] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5134] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5134] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5133] <... futex resumed>)        = 0
[pid  5134] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5133] exit_group(0 <unfinished ...>
[pid  5134] <... futex resumed>)        = ?
[pid  5135] <... futex resumed>)        = ?
[pid  5134] +++ exited with 0 +++
[pid  5133] <... exit_group resumed>)   = ?
[pid  5135] +++ exited with 0 +++
[pid  5133] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./26/binderfs")                 = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./26/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./26")                           = 0
mkdir("./27", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5136 attached
 <unfinished ...>
[pid  5136] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5136] chdir("./27" <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5136
[pid  5136] <... chdir resumed>)        = 0
[pid  5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5136] setpgid(0, 0)               = 0
[pid  5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5136] write(3, "1000", 4)         = 4
[pid  5136] close(3)                    = 0
[pid  5136] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5136] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5136] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5136] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5136] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5136] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5136] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5136] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5137 attached
 <unfinished ...>
[pid  5137] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5136] <... clone3 resumed> => {parent_tid=[5137]}, 88) = 5137
[pid  5137] <... rseq resumed>)         = 0
[pid  5136] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5137] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5136] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5137] <... set_robust_list resumed>) = 0
[pid  5136] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5137] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5136] <... futex resumed>)        = 0
[pid  5137] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5136] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5137] memfd_create("syzkaller", 0) = 3
[pid  5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5137] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5137] munmap(0x7f45fe200000, 138412032) = 0
[pid  5137] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5137] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5137] close(3)                    = 0
[pid  5137] close(4)                    = 0
[pid  5137] mkdir("./file0", 0777)      = 0
[pid  5137] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5137] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5137] chdir("./file0")            = 0
[pid  5137] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5137] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5136] <... futex resumed>)        = 0
[pid  5137] <... futex resumed>)        = 1
[pid  5136] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5137] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5136] <... futex resumed>)        = 0
[pid  5136] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5137] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5137] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5136] <... futex resumed>)        = 0
[pid  5137] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5136] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5137] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5136] <... futex resumed>)        = 0
[pid  5137] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5136] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5137] <... open resumed>)         = 4
[   54.025070][ T5137] loop0: detected capacity change from 0 to 64
[pid  5137] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5136] <... futex resumed>)        = 0
[pid  5137] <... futex resumed>)        = 1
[pid  5136] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5137] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5136] <... futex resumed>)        = 0
[pid  5136] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5136] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5137] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5136] <... mmap resumed>)         = 0x7f4606666000
[pid  5137] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5137] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5136] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5136] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5136] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5138 attached
 <unfinished ...>
[pid  5138] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5136] <... clone3 resumed> => {parent_tid=[5138]}, 88) = 5138
[pid  5138] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5136] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5138] <... set_robust_list resumed>) = 0
[pid  5136] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5138] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5136] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5138] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5136] <... futex resumed>)        = 0
[pid  5138] creat("./file1", 000 <unfinished ...>
[pid  5136] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5138] <... creat resumed>)        = 5
[pid  5138] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5136] <... futex resumed>)        = 0
[pid  5138] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5136] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5136] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5137] <... futex resumed>)        = 0
[pid  5137] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5137] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5136] <... futex resumed>)        = 0
[pid  5137] <... futex resumed>)        = 1
[pid  5137] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5136] exit_group(0 <unfinished ...>
[pid  5138] <... futex resumed>)        = ?
[pid  5137] <... futex resumed>)        = ?
[pid  5138] +++ exited with 0 +++
[pid  5137] +++ exited with 0 +++
[pid  5136] <... exit_group resumed>)   = ?
[pid  5136] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./27/binderfs")                 = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./27/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./27")                           = 0
mkdir("./28", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5139 attached
 <unfinished ...>
[pid  5139] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5139] chdir("./28")               = 0
[pid  5139] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5139
[pid  5139] setpgid(0, 0)               = 0
[pid  5139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5139] write(3, "1000", 4)         = 4
[pid  5139] close(3)                    = 0
[pid  5139] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5139] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5139] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5139] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5139] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5139] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5139] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5139] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5140 attached
 <unfinished ...>
[pid  5140] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5139] <... clone3 resumed> => {parent_tid=[5140]}, 88) = 5140
[pid  5140] <... rseq resumed>)         = 0
[pid  5140] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5139] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5140] <... set_robust_list resumed>) = 0
[pid  5139] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5140] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5139] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5140] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5139] <... futex resumed>)        = 0
[pid  5139] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5140] <... memfd_create resumed>) = 3
[pid  5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5140] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5140] munmap(0x7f45fe200000, 138412032) = 0
[pid  5140] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5140] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5140] close(3)                    = 0
[pid  5140] close(4)                    = 0
[pid  5140] mkdir("./file0", 0777)      = 0
[pid  5140] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5140] chdir("./file0")            = 0
[pid  5140] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5140] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5139] <... futex resumed>)        = 0
[pid  5140] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5139] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5139] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5140] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5140] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5139] <... futex resumed>)        = 0
[pid  5140] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5139] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5140] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5139] <... futex resumed>)        = 0
[pid  5140] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5139] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5140] <... open resumed>)         = 4
[   54.315634][ T5140] loop0: detected capacity change from 0 to 64
[pid  5140] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5139] <... futex resumed>)        = 0
[pid  5140] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5139] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5140] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5139] <... futex resumed>)        = 0
[pid  5139] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5139] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5140] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5139] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5140] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5139] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5140] <... futex resumed>)        = 0
[pid  5140] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5139] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5139] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5141 attached
 <unfinished ...>
[pid  5141] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5141] set_robust_list(0x7f46066869a0, 24) = 0
[pid  5139] <... clone3 resumed> => {parent_tid=[5141]}, 88) = 5141
[pid  5141] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5139] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5141] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5139] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5141] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5139] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5141] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5139] <... futex resumed>)        = 0
[pid  5141] creat("./file1", 000 <unfinished ...>
[pid  5139] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5141] <... creat resumed>)        = 5
[pid  5141] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5139] <... futex resumed>)        = 0
[pid  5141] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5139] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5140] <... futex resumed>)        = 0
[pid  5139] <... futex resumed>)        = 1
[pid  5139] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5140] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5140] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5139] <... futex resumed>)        = 0
[pid  5140] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5139] exit_group(0 <unfinished ...>
[pid  5141] <... futex resumed>)        = ?
[pid  5140] <... futex resumed>)        = ?
[pid  5141] +++ exited with 0 +++
[pid  5140] +++ exited with 0 +++
[pid  5139] <... exit_group resumed>)   = ?
[pid  5139] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5139, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./28/binderfs")                 = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./28/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./28")                           = 0
mkdir("./29", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5142 attached
 <unfinished ...>
[pid  5142] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5142] chdir("./29")               = 0
[pid  5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5142] setpgid(0, 0 <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5142
[pid  5142] <... setpgid resumed>)      = 0
[pid  5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5142] write(3, "1000", 4)         = 4
[pid  5142] close(3)                    = 0
[pid  5142] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5142] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5142] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5142] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5142] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5142] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5142] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5142] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5143 attached
 <unfinished ...>
[pid  5143] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5142] <... clone3 resumed> => {parent_tid=[5143]}, 88) = 5143
[pid  5143] <... rseq resumed>)         = 0
[pid  5142] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5143] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5142] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5143] <... set_robust_list resumed>) = 0
[pid  5142] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5143] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5142] <... futex resumed>)        = 0
[pid  5143] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5142] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5143] <... memfd_create resumed>) = 3
[pid  5143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5143] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5143] munmap(0x7f45fe200000, 138412032) = 0
[pid  5143] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5143] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5143] close(3)                    = 0
[pid  5143] close(4)                    = 0
[pid  5143] mkdir("./file0", 0777)      = 0
[pid  5143] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5143] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5143] chdir("./file0")            = 0
[pid  5143] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5143] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5142] <... futex resumed>)        = 0
[pid  5143] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5142] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5142] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5143] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5143] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5142] <... futex resumed>)        = 0
[pid  5143] <... futex resumed>)        = 1
[pid  5142] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5143] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5142] <... futex resumed>)        = 0
[pid  5143] <... open resumed>)         = 4
[pid  5142] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5143] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5142] <... futex resumed>)        = 0
[pid  5143] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5142] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5143] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5142] <... futex resumed>)        = 0
[pid  5143] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5142] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5142] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5143] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5142] <... mmap resumed>)         = 0x7f4606666000
[pid  5142] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5143] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5142] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5143] <... futex resumed>)        = 0
[pid  5143] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5142] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5142] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5144 attached
 <unfinished ...>
[pid  5144] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[   54.616499][ T5143] loop0: detected capacity change from 0 to 64
[pid  5142] <... clone3 resumed> => {parent_tid=[5144]}, 88) = 5144
[pid  5144] <... rseq resumed>)         = 0
[pid  5142] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5144] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5142] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5144] <... set_robust_list resumed>) = 0
[pid  5142] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5144] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5142] <... futex resumed>)        = 0
[pid  5144] creat("./file1", 000 <unfinished ...>
[pid  5142] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5144] <... creat resumed>)        = 5
[pid  5144] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5142] <... futex resumed>)        = 0
[pid  5144] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5142] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5143] <... futex resumed>)        = 0
[pid  5142] <... futex resumed>)        = 1
[pid  5143] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5142] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5143] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5143] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5143] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5142] <... futex resumed>)        = 0
[pid  5142] exit_group(0 <unfinished ...>
[pid  5144] <... futex resumed>)        = ?
[pid  5143] <... futex resumed>)        = ?
[pid  5142] <... exit_group resumed>)   = ?
[pid  5144] +++ exited with 0 +++
[pid  5143] +++ exited with 0 +++
[pid  5142] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./29/binderfs")                 = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./29/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./29")                           = 0
mkdir("./30", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5145 attached
 <unfinished ...>
[pid  5145] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5145] chdir("./30")               = 0
[pid  5145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5145] setpgid(0, 0)               = 0
[pid  5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5145
[pid  5145] <... openat resumed>)       = 3
[pid  5145] write(3, "1000", 4)         = 4
[pid  5145] close(3)                    = 0
[pid  5145] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5145] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5145] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5145] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5145] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5145] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5145] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5145] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5146 attached
 <unfinished ...>
[pid  5146] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5145] <... clone3 resumed> => {parent_tid=[5146]}, 88) = 5146
[pid  5146] <... rseq resumed>)         = 0
[pid  5145] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5146] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5145] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5146] <... set_robust_list resumed>) = 0
[pid  5145] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5146] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5145] <... futex resumed>)        = 0
[pid  5146] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5145] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5146] memfd_create("syzkaller", 0) = 3
[pid  5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5146] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5146] munmap(0x7f45fe200000, 138412032) = 0
[pid  5146] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5146] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5146] close(3)                    = 0
[pid  5146] close(4)                    = 0
[pid  5146] mkdir("./file0", 0777)      = 0
[pid  5146] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5146] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5146] chdir("./file0")            = 0
[pid  5146] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5146] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5145] <... futex resumed>)        = 0
[pid  5145] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5146] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5145] <... futex resumed>)        = 0
[pid  5145] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5146] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5146] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5145] <... futex resumed>)        = 0
[pid  5146] <... futex resumed>)        = 1
[pid  5145] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5146] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5145] <... futex resumed>)        = 0
[pid  5145] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5146] <... open resumed>)         = 4
[pid  5146] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5146] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5145] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5145] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5146] <... futex resumed>)        = 0
[pid  5146] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5145] <... futex resumed>)        = 1
[pid  5145] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5146] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5145] <... futex resumed>)        = 0
[pid  5146] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5146] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5145] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5145] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[   54.865203][ T5146] loop0: detected capacity change from 0 to 64
[pid  5145] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5145] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5147 attached
 <unfinished ...>
[pid  5147] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5145] <... clone3 resumed> => {parent_tid=[5147]}, 88) = 5147
[pid  5147] <... rseq resumed>)         = 0
[pid  5147] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5145] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5147] <... set_robust_list resumed>) = 0
[pid  5145] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5147] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5145] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5147] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5145] <... futex resumed>)        = 0
[pid  5147] creat("./file1", 000 <unfinished ...>
[pid  5145] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5147] <... creat resumed>)        = 5
[pid  5147] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5145] <... futex resumed>)        = 0
[pid  5147] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5145] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5146] <... futex resumed>)        = 0
[pid  5145] <... futex resumed>)        = 1
[pid  5146] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5145] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5146] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5146] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5145] <... futex resumed>)        = 0
[pid  5146] <... futex resumed>)        = 1
[pid  5145] exit_group(0 <unfinished ...>
[pid  5147] <... futex resumed>)        = ?
[pid  5145] <... exit_group resumed>)   = ?
[pid  5147] +++ exited with 0 +++
[pid  5146] +++ exited with 0 +++
[pid  5145] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5145, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./30/binderfs")                 = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./30/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./30")                           = 0
mkdir("./31", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5148 attached
, child_tidptr=0x5555555b0690) = 5148
[pid  5148] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5148] chdir("./31")               = 0
[pid  5148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5148] setpgid(0, 0)               = 0
[pid  5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5148] write(3, "1000", 4)         = 4
[pid  5148] close(3)                    = 0
[pid  5148] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5148] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5148] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5148] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5148] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5148] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5148] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5148] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5149 attached
 <unfinished ...>
[pid  5149] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5148] <... clone3 resumed> => {parent_tid=[5149]}, 88) = 5149
[pid  5149] <... rseq resumed>)         = 0
[pid  5149] set_robust_list(0x7f46066a79a0, 24) = 0
[pid  5149] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5148] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5149] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5148] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5149] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5148] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5149] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5148] <... futex resumed>)        = 0
[pid  5149] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5148] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5149] <... memfd_create resumed>) = 3
[pid  5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5149] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5149] munmap(0x7f45fe200000, 138412032) = 0
[pid  5149] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5149] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5149] close(3)                    = 0
[pid  5149] close(4)                    = 0
[pid  5149] mkdir("./file0", 0777)      = 0
[pid  5149] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5149] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5149] chdir("./file0")            = 0
[pid  5149] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5149] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5148] <... futex resumed>)        = 0
[pid  5148] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5148] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5149] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = -1 EINVAL (Invalid argument)
[pid  5149] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5148] <... futex resumed>)        = 0
[pid  5149] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5148] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5149] <... futex resumed>)        = 0
[pid  5148] <... futex resumed>)        = 1
[pid  5149] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5148] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5149] <... open resumed>)         = 4
[pid  5149] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5148] <... futex resumed>)        = 0
[pid  5149] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5148] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5149] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5148] <... futex resumed>)        = 0
[pid  5149] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5148] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5149] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5148] <... futex resumed>)        = 0
[pid  5149] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5148] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5149] <... futex resumed>)        = 0
[pid  5149] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5148] <... mmap resumed>)         = 0x7f4606666000
[pid  5148] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5148] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[   55.116615][ T5149] loop0: detected capacity change from 0 to 64
[pid  5148] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5150 attached
 <unfinished ...>
[pid  5150] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5150] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5148] <... clone3 resumed> => {parent_tid=[5150]}, 88) = 5150
[pid  5150] <... set_robust_list resumed>) = 0
[pid  5148] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5150] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5148] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5150] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5148] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5150] creat("./file1", 000 <unfinished ...>
[pid  5148] <... futex resumed>)        = 0
[pid  5150] <... creat resumed>)        = 5
[pid  5148] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5150] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5148] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5150] <... futex resumed>)        = 0
[pid  5148] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5150] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5149] <... futex resumed>)        = 0
[pid  5148] <... futex resumed>)        = 1
[pid  5149] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5148] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5149] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5149] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5148] <... futex resumed>)        = 0
[pid  5149] <... futex resumed>)        = 1
[pid  5148] exit_group(0 <unfinished ...>
[pid  5150] <... futex resumed>)        = ?
[pid  5148] <... exit_group resumed>)   = ?
[pid  5150] +++ exited with 0 +++
[pid  5149] +++ exited with 0 +++
[pid  5148] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./31/binderfs")                 = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./31/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./31")                           = 0
mkdir("./32", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5151 attached
 <unfinished ...>
[pid  5151] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5151] chdir("./32")               = 0
[pid  5151] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5151] setpgid(0, 0)               = 0
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5151
[pid  5151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5151] write(3, "1000", 4)         = 4
[pid  5151] close(3)                    = 0
[pid  5151] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5151] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5151] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5151] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5151] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5151] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5151] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5151] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5152 attached
 <unfinished ...>
[pid  5152] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5152] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5151] <... clone3 resumed> => {parent_tid=[5152]}, 88) = 5152
[pid  5152] <... set_robust_list resumed>) = 0
[pid  5151] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5152] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5151] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5152] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5151] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5152] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5151] <... futex resumed>)        = 0
[pid  5152] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5151] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5152] <... memfd_create resumed>) = 3
[pid  5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5152] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5152] munmap(0x7f45fe200000, 138412032) = 0
[pid  5152] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5152] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5152] close(3)                    = 0
[pid  5152] close(4)                    = 0
[pid  5152] mkdir("./file0", 0777)      = 0
[pid  5152] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5152] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5152] chdir("./file0")            = 0
[pid  5152] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5152] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5152] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5151] <... futex resumed>)        = 0
[pid  5151] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5152] <... futex resumed>)        = 0
[pid  5151] <... futex resumed>)        = 1
[pid  5152] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5151] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5152] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5152] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5151] <... futex resumed>)        = 0
[pid  5151] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5152] <... futex resumed>)        = 1
[pid  5151] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5152] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 4
[pid  5152] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5151] <... futex resumed>)        = 0
[pid  5151] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5151] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5151] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5151] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[   55.347248][ T5152] loop0: detected capacity change from 0 to 64
[pid  5151] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5152] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5151] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5151] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5153 attached
 <unfinished ...>
[pid  5152] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5153] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5152] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5153] <... rseq resumed>)         = 0
[pid  5152] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5151] <... clone3 resumed> => {parent_tid=[5153]}, 88) = 5153
[pid  5153] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5151] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5153] <... set_robust_list resumed>) = 0
[pid  5151] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5153] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5151] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5153] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5151] <... futex resumed>)        = 0
[pid  5153] creat("./file1", 000 <unfinished ...>
[pid  5151] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5153] <... creat resumed>)        = 5
[pid  5153] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5151] <... futex resumed>)        = 0
[pid  5153] <... futex resumed>)        = 1
[pid  5151] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5153] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5152] <... futex resumed>)        = 0
[pid  5151] <... futex resumed>)        = 1
[pid  5151] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5152] write(5, "#! ./bus\n", 9)   = -1 ENOSPC (No space left on device)
[pid  5152] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5152] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5151] <... futex resumed>)        = 0
[pid  5151] exit_group(0)               = ?
[pid  5153] <... futex resumed>)        = ?
[pid  5152] <... futex resumed>)        = ?
[pid  5153] +++ exited with 0 +++
[pid  5152] +++ exited with 0 +++
[pid  5151] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5151, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./32/binderfs")                 = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./32/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./32")                           = 0
mkdir("./33", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5154 attached
 <unfinished ...>
[pid  5154] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5154] chdir("./33")               = 0
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5154
[pid  5154] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5154] setpgid(0, 0)               = 0
[pid  5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5154] write(3, "1000", 4)         = 4
[pid  5154] close(3)                    = 0
[pid  5154] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5154] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5154] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5154] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5154] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5154] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5154] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5154] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5155 attached
 <unfinished ...>
[pid  5155] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5154] <... clone3 resumed> => {parent_tid=[5155]}, 88) = 5155
[pid  5155] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5154] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5155] <... set_robust_list resumed>) = 0
[pid  5154] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5155] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5154] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5155] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5154] <... futex resumed>)        = 0
[pid  5155] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5154] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5155] <... memfd_create resumed>) = 3
[pid  5155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5155] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5155] munmap(0x7f45fe200000, 138412032) = 0
[pid  5155] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5155] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5155] close(3)                    = 0
[pid  5155] close(4)                    = 0
[pid  5155] mkdir("./file0", 0777)      = 0
[pid  5155] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5155] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5155] chdir("./file0")            = 0
[pid  5155] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5155] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5154] <... futex resumed>)        = 0
[pid  5155] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5154] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5155] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5154] <... futex resumed>)        = 0
[pid  5155] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[   55.645277][ T5155] loop0: detected capacity change from 0 to 64
[pid  5154] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5155] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5155] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5154] <... futex resumed>)        = 0
[pid  5155] <... futex resumed>)        = 1
[pid  5154] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5155] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5154] <... futex resumed>)        = 0
[pid  5155] <... open resumed>)         = 4
[pid  5154] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5155] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5154] <... futex resumed>)        = 0
[pid  5155] <... futex resumed>)        = 1
[pid  5154] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5155] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5154] <... futex resumed>)        = 0
[pid  5154] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5154] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5155] <... write resumed>)        = -1 EINVAL (Invalid argument)
[pid  5154] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5155] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5154] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5155] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5154] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5154] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5156 attached
 => {parent_tid=[5156]}, 88) = 5156
[pid  5156] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5156] set_robust_list(0x7f46066869a0, 24) = 0
[pid  5156] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5156] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5154] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5154] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5156] <... futex resumed>)        = 0
[pid  5154] <... futex resumed>)        = 1
[pid  5156] creat("./file1", 000 <unfinished ...>
[pid  5154] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5156] <... creat resumed>)        = 5
[pid  5156] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5156] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5154] <... futex resumed>)        = 0
[pid  5154] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5155] <... futex resumed>)        = 0
[pid  5154] <... futex resumed>)        = 1
[pid  5155] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5154] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5155] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5155] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5154] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5155] <... futex resumed>)        = 0
[pid  5155] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5154] exit_group(0 <unfinished ...>
[pid  5155] <... futex resumed>)        = ?
[pid  5154] <... exit_group resumed>)   = ?
[pid  5156] <... futex resumed>)        = ?
[pid  5155] +++ exited with 0 +++
[pid  5156] +++ exited with 0 +++
[pid  5154] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./33/binderfs")                 = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./33/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./33")                           = 0
mkdir("./34", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555555b0690) = 5157
./strace-static-x86_64: Process 5157 attached
[pid  5157] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5157] chdir("./34")               = 0
[pid  5157] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5157] setpgid(0, 0)               = 0
[pid  5157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5157] write(3, "1000", 4)         = 4
[pid  5157] close(3)                    = 0
[pid  5157] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5157] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5157] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5157] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5157] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5157] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5157] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5157] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5158 attached
 <unfinished ...>
[pid  5158] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053) = 0
[pid  5158] set_robust_list(0x7f46066a79a0, 24) = 0
[pid  5158] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5157] <... clone3 resumed> => {parent_tid=[5158]}, 88) = 5158
[pid  5158] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5157] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5158] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5157] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5157] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5158] <... futex resumed>)        = 0
[pid  5157] <... futex resumed>)        = 1
[pid  5158] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5157] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5158] <... memfd_create resumed>) = 3
[pid  5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5158] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5158] munmap(0x7f45fe200000, 138412032) = 0
[pid  5158] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5158] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5158] close(3)                    = 0
[pid  5158] close(4)                    = 0
[pid  5158] mkdir("./file0", 0777)      = 0
[pid  5158] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5158] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5158] chdir("./file0")            = 0
[pid  5158] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5158] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5157] <... futex resumed>)        = 0
[pid  5157] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5158] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5157] <... futex resumed>)        = 0
[pid  5157] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5158] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5158] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5157] <... futex resumed>)        = 0
[pid  5157] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5158] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid  5157] <... futex resumed>)        = 0
[pid  5158] <... open resumed>)         = 4
[pid  5157] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5158] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5157] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5158] <... futex resumed>)        = 0
[pid  5157] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5158] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = -1 EINVAL (Invalid argument)
[pid  5157] <... futex resumed>)        = 0
[pid  5158] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5157] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5158] <... futex resumed>)        = 0
[pid  5157] <... futex resumed>)        = 0
[pid  5158] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5157] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5157] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5157] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5157] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0}./strace-static-x86_64: Process 5159 attached
 <unfinished ...>
[pid  5159] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5157] <... clone3 resumed> => {parent_tid=[5159]}, 88) = 5159
[pid  5159] <... rseq resumed>)         = 0
[pid  5159] set_robust_list(0x7f46066869a0, 24 <unfinished ...>
[pid  5157] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5159] <... set_robust_list resumed>) = 0
[pid  5157] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5159] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5157] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5159] creat("./file1", 000 <unfinished ...>
[pid  5157] <... futex resumed>)        = 0
[pid  5157] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5159] <... creat resumed>)        = 5
[pid  5159] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5157] <... futex resumed>)        = 0
[pid  5159] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5157] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5158] <... futex resumed>)        = 0
[pid  5158] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5157] <... futex resumed>)        = 1
[pid  5157] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5158] <... write resumed>)        = -1 ENOSPC (No space left on device)
[pid  5158] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5157] <... futex resumed>)        = 0
[pid  5158] futex(0x7f46067726c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5157] exit_group(0 <unfinished ...>
[pid  5159] <... futex resumed>)        = ?
[pid  5158] <... futex resumed>)        = ?
[pid  5159] +++ exited with 0 +++
[pid  5158] +++ exited with 0 +++
[pid  5157] <... exit_group resumed>)   = ?
[pid  5157] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5157, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555555b1730 /* 4 entries */, 32768) = 112
[   55.977882][ T5158] loop0: detected capacity change from 0 to 64
umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./34/binderfs")                 = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555555b9770 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555555b9770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./34/file0")                     = 0
getdents64(3, 0x5555555b1730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./34")                           = 0
mkdir("./35", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5160 attached
 <unfinished ...>
[pid  5160] set_robust_list(0x5555555b06a0, 24) = 0
[pid  5160] chdir("./35" <unfinished ...>
[pid  5053] <... clone resumed>, child_tidptr=0x5555555b0690) = 5160
[pid  5160] <... chdir resumed>)        = 0
[pid  5160] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5160] setpgid(0, 0)               = 0
[pid  5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5160] write(3, "1000", 4)         = 4
[pid  5160] close(3)                    = 0
[pid  5160] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5160] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5160] rt_sigaction(SIGRT_1, {sa_handler=0x7f4606710ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f46067021a0}, NULL, 8) = 0
[pid  5160] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5160] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606687000
[pid  5160] mprotect(0x7f4606688000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5160] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5160] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f46066a7990, parent_tid=0x7f46066a7990, exit_signal=0, stack=0x7f4606687000, stack_size=0x20300, tls=0x7f46066a76c0}./strace-static-x86_64: Process 5161 attached
 <unfinished ...>
[pid  5161] rseq(0x7f46066a7fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5160] <... clone3 resumed> => {parent_tid=[5161]}, 88) = 5161
[pid  5161] <... rseq resumed>)         = 0
[pid  5160] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5161] set_robust_list(0x7f46066a79a0, 24 <unfinished ...>
[pid  5160] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5161] <... set_robust_list resumed>) = 0
[pid  5160] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5161] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[pid  5161] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5160] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5161] memfd_create("syzkaller", 0) = 3
[pid  5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45fe200000
[pid  5161] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  5161] munmap(0x7f45fe200000, 138412032) = 0
[pid  5161] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5161] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5161] close(3)                    = 0
[pid  5161] close(4)                    = 0
[pid  5161] mkdir("./file0", 0777)      = 0
[pid  5161] mount("/dev/loop0", "./file0", "bfs", MS_STRICTATIME, "01777777777777777777777") = 0
[pid  5161] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5161] chdir("./file0")            = 0
[pid  5161] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5161] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[pid  5161] <... futex resumed>)        = 1
[pid  5160] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5161] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[pid  5160] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5161] <... open resumed>)         = -1 EINVAL (Invalid argument)
[pid  5161] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[pid  5160] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5160] futex(0x7f46067726cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5161] <... futex resumed>)        = 1
[pid  5161] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 4
[   56.134739][ T5161] loop0: detected capacity change from 0 to 64
[pid  5161] futex(0x7f46067726cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[pid  5160] futex(0x7f46067726c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5160] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5160] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4606666000
[pid  5160] mprotect(0x7f4606667000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5160] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5160] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4606686990, parent_tid=0x7f4606686990, exit_signal=0, stack=0x7f4606666000, stack_size=0x20300, tls=0x7f46066866c0} => {parent_tid=[5162]}, 88) = 5162
[pid  5160] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5160] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5160] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5162 attached
 <unfinished ...>
[pid  5162] rseq(0x7f4606686fe0, 0x20, 0, 0x53053053) = 0
[pid  5162] set_robust_list(0x7f46066869a0, 24) = 0
[pid  5162] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5161] <... futex resumed>)        = 1
[pid  5162] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5162] creat("./file1", 000 <unfinished ...>
[pid  5161] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid  5162] <... creat resumed>)        = 5
[pid  5162] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[pid  5162] <... futex resumed>)        = 1
[pid  5160] futex(0x7f46067726d8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5162] write(5, "#! ./bus\n", 9 <unfinished ...>
[pid  5160] futex(0x7f46067726dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5162] <... write resumed>)        = 9
[pid  5162] futex(0x7f46067726dc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5162] futex(0x7f46067726d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5160] <... futex resumed>)        = 0
[   56.203260][ T5161] ------------[ cut here ]------------
[   56.208766][ T5161] WARNING: CPU: 0 PID: 5161 at fs/buffer.c:1176 mark_buffer_dirty+0x37b/0x3f0
[   56.217661][ T5161] Modules linked in:
[   56.221795][ T5161] CPU: 0 PID: 5161 Comm: syz-executor366 Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0
[   56.231868][ T5161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   56.241931][ T5161] RIP: 0010:mark_buffer_dirty+0x37b/0x3f0
[   56.247634][ T5161] Code: 87 ff e8 e8 5c 87 ff 48 89 ef e8 30 b8 e6 ff 5b 5d e9 d9 5c 87 ff e8 d4 5c 87 ff 90 0f 0b 90 e9 0c fe ff ff e8 c6 5c 87 ff 90 <0f> 0b 90 e9 b1 fc ff ff e8 b8 5c 87 ff 90 0f 0b 90 e9 ce fc ff ff
[   56.267369][ T5161] RSP: 0018:ffffc900044b7948 EFLAGS: 00010293
[   56.273456][ T5161] RAX: 0000000000000000 RBX: ffff88807c70f7c0 RCX: ffffffff8200b08b
[   56.281449][ T5161] RDX: ffff888022079dc0 RSI: ffffffff8200b3da RDI: 0000000000000001
[   56.289417][ T5161] RBP: ffff88807c70f100 R08: 0000000000000001 R09: 0000000000000000
[   56.297405][ T5161] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000009
[   56.305392][ T5161] R13: dffffc0000000000 R14: ffff888079c7a000 R15: ffffed100f38f42c
[   56.313377][ T5161] FS:  00007f46066a76c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   56.322342][ T5161] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   56.328959][ T5161] CR2: 0000000020001442 CR3: 00000000137d9000 CR4: 0000000000350ef0
[   56.336943][ T5161] Call Trace:
[   56.340214][ T5161]  <TASK>
[   56.343175][ T5161]  ? show_regs+0x8f/0xa0
[   56.347437][ T5161]  ? __warn+0xe6/0x390
[   56.351538][ T5161]  ? mark_buffer_dirty+0x37b/0x3f0
[   56.356683][ T5161]  ? report_bug+0x3bc/0x580
[   56.361248][ T5161]  ? handle_bug+0x3d/0x70
[   56.365581][ T5161]  ? exc_invalid_op+0x17/0x40
[   56.370237][ T5161]  ? asm_exc_invalid_op+0x1a/0x20
[   56.375272][ T5161]  ? mark_buffer_dirty+0x2b/0x3f0
[   56.380302][ T5161]  ? mark_buffer_dirty+0x37a/0x3f0
[   56.385427][ T5161]  ? mark_buffer_dirty+0x37b/0x3f0
[   56.390558][ T5161]  ? mark_buffer_dirty+0x37a/0x3f0
[   56.395719][ T5161]  bfs_get_block+0x3e5/0xeb0
[   56.400321][ T5161]  ? bfs_write_begin+0xd0/0xd0
[   56.405110][ T5161]  __block_write_begin_int+0x4fb/0x16e0
[   56.410694][ T5161]  ? bfs_write_begin+0xd0/0xd0
[   56.415501][ T5161]  ? invalidate_bh_lrus_cpu+0x170/0x170
[   56.421074][ T5161]  block_write_begin+0xb1/0x490
[   56.425907][ T5161]  ? bfs_write_begin+0xd0/0xd0
[   56.430654][ T5161]  bfs_write_begin+0x31/0xd0
[   56.435256][ T5161]  generic_perform_write+0x278/0x600
[   56.440542][ T5161]  ? folio_add_wait_queue+0x1c0/0x1c0
[   56.445924][ T5161]  ? generic_write_checks+0x2b0/0x3f0
[   56.451320][ T5161]  __generic_file_write_iter+0x1f9/0x240
[   56.456937][ T5161]  generic_file_write_iter+0xe3/0x350
[   56.462532][ T5161]  vfs_write+0x64f/0xdf0
[   56.466777][ T5161]  ? kernel_write+0x6c0/0x6c0
[   56.471478][ T5161]  ? mutex_trylock+0x130/0x130
[   56.476269][ T5161]  ? __fget_files+0x256/0x400
[   56.480991][ T5161]  ksys_write+0x12f/0x250
[   56.485327][ T5161]  ? __ia32_sys_read+0xb0/0xb0
[   56.490071][ T5161]  ? _raw_spin_unlock_irq+0x2e/0x50
[   56.495282][ T5161]  ? ptrace_notify+0xf4/0x130
[   56.499963][ T5161]  do_syscall_64+0xd3/0x250
[   56.504480][ T5161]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   56.510385][ T5161] RIP: 0033:0x7f46066eabd9
[   56.514819][ T5161] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   56.534449][ T5161] RSP: 002b:00007f46066a7218 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   56.543054][ T5161] RAX: ffffffffffffffda RBX: 00007f46067726c8 RCX: 00007f46066eabd9
[   56.551125][ T5161] RDX: 000000000208e24b RSI: 0000000020000440 RDI: 0000000000000004
[   56.559099][ T5161] RBP: 00007f46067726c0 R08: 0000000000000000 R09: 0000000000000000
[   56.567075][ T5161] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f460673f0c0
[   56.575056][ T5161] R13: 00007f460673f06b R14: 0030656c69662f2e R15: 0031656c69662f2e
[   56.583041][ T5161]  </TASK>
[   56.586053][ T5161] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   56.593313][ T5161] CPU: 0 PID: 5161 Comm: syz-executor366 Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0
[   56.603351][ T5161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   56.613386][ T5161] Call Trace:
[   56.616649][ T5161]  <TASK>
[   56.619558][ T5161]  dump_stack_lvl+0xd9/0x1b0
[   56.624137][ T5161]  panic+0x6dc/0x790
[   56.628038][ T5161]  ? panic_smp_self_stop+0xa0/0xa0
[   56.633131][ T5161]  ? show_trace_log_lvl+0x363/0x4f0
[   56.638314][ T5161]  ? check_panic_on_warn+0x1f/0xb0
[   56.643414][ T5161]  ? mark_buffer_dirty+0x37b/0x3f0
[   56.648518][ T5161]  check_panic_on_warn+0xab/0xb0
[   56.653447][ T5161]  __warn+0xf2/0x390
[   56.657331][ T5161]  ? mark_buffer_dirty+0x37b/0x3f0
[   56.662434][ T5161]  report_bug+0x3bc/0x580
[   56.666762][ T5161]  handle_bug+0x3d/0x70
[   56.670908][ T5161]  exc_invalid_op+0x17/0x40
[   56.675398][ T5161]  asm_exc_invalid_op+0x1a/0x20
[   56.680243][ T5161] RIP: 0010:mark_buffer_dirty+0x37b/0x3f0
[   56.685957][ T5161] Code: 87 ff e8 e8 5c 87 ff 48 89 ef e8 30 b8 e6 ff 5b 5d e9 d9 5c 87 ff e8 d4 5c 87 ff 90 0f 0b 90 e9 0c fe ff ff e8 c6 5c 87 ff 90 <0f> 0b 90 e9 b1 fc ff ff e8 b8 5c 87 ff 90 0f 0b 90 e9 ce fc ff ff
[   56.705553][ T5161] RSP: 0018:ffffc900044b7948 EFLAGS: 00010293
[   56.711607][ T5161] RAX: 0000000000000000 RBX: ffff88807c70f7c0 RCX: ffffffff8200b08b
[   56.719560][ T5161] RDX: ffff888022079dc0 RSI: ffffffff8200b3da RDI: 0000000000000001
[   56.727516][ T5161] RBP: ffff88807c70f100 R08: 0000000000000001 R09: 0000000000000000
[   56.735471][ T5161] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000009
[   56.743425][ T5161] R13: dffffc0000000000 R14: ffff888079c7a000 R15: ffffed100f38f42c
[   56.751386][ T5161]  ? mark_buffer_dirty+0x2b/0x3f0
[   56.756402][ T5161]  ? mark_buffer_dirty+0x37a/0x3f0
[   56.761508][ T5161]  ? mark_buffer_dirty+0x37a/0x3f0
[   56.766610][ T5161]  bfs_get_block+0x3e5/0xeb0
[   56.771197][ T5161]  ? bfs_write_begin+0xd0/0xd0
[   56.775955][ T5161]  __block_write_begin_int+0x4fb/0x16e0
[   56.781492][ T5161]  ? bfs_write_begin+0xd0/0xd0
[   56.786248][ T5161]  ? invalidate_bh_lrus_cpu+0x170/0x170
[   56.791786][ T5161]  block_write_begin+0xb1/0x490
[   56.796626][ T5161]  ? bfs_write_begin+0xd0/0xd0
[   56.801383][ T5161]  bfs_write_begin+0x31/0xd0
[   56.805967][ T5161]  generic_perform_write+0x278/0x600
[   56.811246][ T5161]  ? folio_add_wait_queue+0x1c0/0x1c0
[   56.816603][ T5161]  ? generic_write_checks+0x2b0/0x3f0
[   56.821968][ T5161]  __generic_file_write_iter+0x1f9/0x240
[   56.827588][ T5161]  generic_file_write_iter+0xe3/0x350
[   56.832951][ T5161]  vfs_write+0x64f/0xdf0
[   56.837185][ T5161]  ? kernel_write+0x6c0/0x6c0
[   56.841848][ T5161]  ? mutex_trylock+0x130/0x130
[   56.846602][ T5161]  ? __fget_files+0x256/0x400
[   56.851271][ T5161]  ksys_write+0x12f/0x250
[   56.855592][ T5161]  ? __ia32_sys_read+0xb0/0xb0
[   56.860342][ T5161]  ? _raw_spin_unlock_irq+0x2e/0x50
[   56.865537][ T5161]  ? ptrace_notify+0xf4/0x130
[   56.870202][ T5161]  do_syscall_64+0xd3/0x250
[   56.874694][ T5161]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   56.880576][ T5161] RIP: 0033:0x7f46066eabd9
[   56.884974][ T5161] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   56.904567][ T5161] RSP: 002b:00007f46066a7218 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   56.912965][ T5161] RAX: ffffffffffffffda RBX: 00007f46067726c8 RCX: 00007f46066eabd9
[   56.920920][ T5161] RDX: 000000000208e24b RSI: 0000000020000440 RDI: 0000000000000004
[   56.928877][ T5161] RBP: 00007f46067726c0 R08: 0000000000000000 R09: 0000000000000000
[   56.936830][ T5161] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f460673f0c0
[   56.944785][ T5161] R13: 00007f460673f06b R14: 0030656c69662f2e R15: 0031656c69662f2e
[   56.952748][ T5161]  </TASK>
[   56.955980][ T5161] Kernel Offset: disabled
[   56.960279][ T5161] Rebooting in 86400 seconds..